Amazon Linux AMI : httpd24 (ALAS-2017-785)

The following security-related issues were fixed : Padding oracle vulnerability in Apache modsessioncrypto CVE-2016-0736 DoS vulnerability in modauthdigest CVE-2016-2161 Apache HTTP request parsing whitespace defects CVE-2016-8743 C Tenable Network Security, Inc. The descriptive text and package...

Amazon Linux AMI : kernel (ALAS-2017-786)

The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device,...

Amazon Linux AMI : docker (ALAS-2017-783)

It was discovered that runC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization, which can lead to...

Amazon Linux AMI : ghostscript (ALAS-2017-784)

It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrie...

Amazon Linux AMI : sudo (ALAS-2017-780)

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system or popen C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use this flaw to execute...

Amazon Linux AMI : ntp (ALAS-2017-781)

The following security-related issues were resolved : CVE-2016-7426 : Client rate limiting and server responses CVE-2016-7429 : Attack on interface selection CVE-2016-7433 : Broken initial sync calculations regression CVE-2016-9310 : Mode 6 unauthenticated trap information disclosure and DDoS...

Amazon Linux AMI : vim (ALAS-2016-779)

A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim. modelines are disabled by default for root, and enabled by defau...

Amazon Linux AMI : tomcat6 (ALAS-2016-776)

CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Amazon Linux AMI : expat (ALAS-2016-775)

CVE-2016-0718 : Out-of-bounds read flaw An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute...

Amazon Linux AMI : tomcat7 (ALAS-2016-777)

CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Amazon Linux AMI : nss-util / nss,nss-softokn (ALAS-2016-774)

CVE-2016-2834 nss: Multiple security flaws MFSA 2016-61 Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the...

Amazon Linux AMI : tomcat8 (ALAS-2016-778)

CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Amazon Linux AMI : kernel (ALAS-2016-772)

CVE-2016-8645 kernel: a BUG statement can be hit in net/ipv4/tcpinput.c It was discovered that the Linux kernel since 3.6-rc1 with net.ipv4.tcpfastopen; set to 1 can hit BUG statement in tcpcollapse function after making a number of certain syscalls leading to a possible system crash. CVE-2016-86...

Amazon Linux AMI : poppler (ALAS-2016-769)

A heap-buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler to crash or, potentially, execute arbitrary code when opened. C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

Amazon Linux AMI : php-ZendFramework (ALAS-2016-767)

The implementation of ORDER BY and GROUP BY in ZendDbSelect was discovered to be vulnerable to SQL injection. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2016-767. include'compat.inc'; if...

Amazon Linux AMI : bind (ALAS-2016-768)

A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. C Tenable Network Security, Inc. The descriptive text and package...

Amazon Linux AMI : openssh (ALAS-2016-770)

It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pamenv PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root. C Tenab...

Amazon Linux AMI : memcached (ALAS-2016-761)

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. CVE-2016-8704 , CVE-2016-8705 An integer...

Amazon Linux AMI : policycoreutils (ALAS-2016-765)

It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent bash, escaping the sandbox. C Tenable Network...

Amazon Linux AMI : cloud-init (ALAS-2016-763)

It was discovered that cloud-init in the Amazon Linux AMI wrote IAM role credentials from the instance metadata service to files readable by the root user in /var/lib/cloud. An application with root privileges, a container with access to the relevant files, or a root user of an AMI derived from a...