3375 matches found
Scientific Linux Security Update : 389-ds-base on SL7.x x86_64 (20170905)
Security Fixes : - A flaw was found in the way 389-ds-base handled authentication attempts against locked accounts. A remote attacker could potentially use this flaw to continue password brute-forcing attacks against LDAP accounts, thereby bypassing the protection offered by the directory server'...
Moderate: Red Hat Security Advisory: 389-ds-base security and bug fix update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Amazon Linux AMI : mysql56 (ALAS-2017-888)
Server: Charsets unspecified vulnerability CPU Jul 2017 : Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Charsets. Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows...
Apache Solr Inter-Node Communication Vulnerability (SOLR-10031) - Linux
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readabl...
Path traversal
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...
DEBIAN-CVE-2017-3163
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...
CVE-2017-3163
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...
CVE-2017-3163
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...
CVE-2017-3163
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...
UBUNTU-CVE-2017-3163
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...
CVE-2017-3163
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...
CVE-2017-3163
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...
CVE-2017-3163
CVE-2017-3163 affects Apache Solr when using the Index Replication feature. The vulnerability arises because Solr did not validate the file name in the HTTP API used to pull index files from a master/leader, enabling path traversal and exposing files readable by the Solr server process. Affected ...
Oracle MySQL 5.6.x < 5.6.37 Multiple Vulnerabilities
Binary data 700186.prm...
Oracle MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities
Binary data 700185.prm...
Fedora 25 : community-mysql (2017-7c039552fa)
Update to version 5.7.19 Replication tests in the testsuite enabled, they don't fail anymore Resolves: 1462688; /run 1406172; random failures of the testsuite 1417880, 1417883, 1417885, 1417887, 1417890, 1417891, 1417893, 1417894, 1417896; replication tests CVE fixes: 1472716 CVE-2017-3633,...
Fedora 26 : community-mysql (2017-ee93493bea)
Update to version 5.7.19 Replication tests in the testsuite enabled, they don't fail anymore Resolves: 1462688; /run 1406172; random failures of the testsuite 1417880, 1417883, 1417885, 1417887, 1417890, 1417891, 1417893, 1417894, 1417896; replication tests CVE fixes: 1472716 CVE-2017-3633,...
vCenter Server Appliance - Backup/Restore Recommendations
Native File-Based Backup and Restore Recommended vCenter Server Appliance Data Integrity Best Practices recommends using the native file-based backup and restore operations to protect the vCenter Server Appliance. Review: VMware vSphere User Guide: Considerations and Limitations for File-Based...
CVE-2017-3649
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...
CVE-2017-3647
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...