Fedora 26 : systemd (2017-6f8fcff58c)

systemd-detect-virt QEMU CPUID logic update - Fix cryptsetup devices disappearing when used for btrfs - Fix rfkill on some thinkpads - Extend dbus timeouts to handle slow dbus daemon startup - Fix systemd-resolved DOS with crafted NSEC packets LP1725351 - Backport /etc/crypttab netdev feature...

Systemd Denial of Service Vulnerability

systemd is a system and service manager for the Linux operating system. A denial of service vulnerability exists in systemd 223-235. The vulnerability arises because a remote DNS server can respond with a customized DNS NSEC resource record, which triggers an infinite loop in the...

USN-3466-1: systemd vulnerability

Karim Hossen & Thomas Imbert and Nelson William Gamazo Sanchez independently discovered that systemd-resolved incorrectly handled certain DNS responses. A remote attacker could possibly use this issue to cause systemd to temporarily stop responding, resulting in a denial of service...

Design/Logic Flaw

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dnspacketreadtypewindow function of the 'systemd-resolved' service and cause a DoS of the affected service...

CVE-2017-15908

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dnspacketreadtypewindow function of the 'systemd-resolved' service and cause a DoS of the affected service...

CVE-2017-15908

CVE-2017-15908 affects systemd 223–235 where a remote DNS server can reply with a crafted DNS NSEC RR to trigger an infinite loop in dns_packet_read_type_window() of systemd-resolved, causing DoS. Public advisories (Ubuntu USN-3558-1) reference CVE-2017-15908; related OpenVAS/Nessus entries docum...

CVE-2017-15908

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dnspacketreadtypewindow function of the 'systemd-resolved' service and cause a DoS of the affected service...

UBUNTU-CVE-2017-15908

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dnspacketreadtypewindow function of the 'systemd-resolved' service and cause a DoS of the affected service...

Informatica: [marketplace.informatica.com] - Stored XSS

The researcher has identified and reported a Stored XSS in Informatica website and helped us in resolving the issue...

HackerOne: resolved bugs in a program are public despite the program settings

Summary: when navigating to https://hackerone.com/YOURPROGRAMHANDLE/displayoptions and unchecking the Reports resolved checkbox, the resolved bugs number won't be public at the program page, but going to https://hackerone.com/directory?query=YOURPROGRAMHANDLE , the number of the resolved bug will...

forumattivo.it XSS vulnerability

Open Bug Bounty ID: OBB-299288 Description| Value ---|--- Affected Website:| forumattivo.it Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

Security Update for Microsoft Office Web Apps Server 2013 (KB3213562) farm-deployment

A security vulnerability exists in Microsoft Office Web Apps Server 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Legal Robot: Logic issue in email change process

Same issue as 266017, however due to a clerical error, report 266017 was processed first, awarded a bounty, and closed as Resolved. It is therefore only fair to award the same bounty to @gujjuboy10x00 and close this report as Resolved. @gujjuboy10x00, we apologize for the error and have awarded a...

BSA-2017-370

Security Advisory ID : BSA-2017-370 Component : Systemd Revision : 2.0: Interim In systemd through 233, certain sizes passed to dnspacketnew in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP...

WordPress Podlove Podcast Publisher 2.5.3 SQL Injection Vulnerability

Exploit for php platform in category web applications Advisory Title: WordPress Podlove Podcast Publisher Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Podlove Podcast Publisher plugin Language: PHP Version: 2.5.3 and below Vendor Status...

Fedora 26 : systemd (2017-956e27bdd6)

A fix for an out-of-bounds write in systemd-resolved after a crafted DNS packet CVE-2017-9445. No need to reboot or log out. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...

Systemd resolved dns_packet_new Heap Buffer Overflow (CVE-2017-9445)

A heap buffer overflow vulnerability exists in the dnspacketnew function of systemd-resolved. This vulnerability is due to the allocation of a heap buffer of insufficient size when handling DNS responses. A malicious DNS server can exploit this vulnerability by sending a crafted DNS response...

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:1773-1)

This update for systemd fixes the following issues: Security issue fixed : - CVE-2017-9217: resolved: Fix NULL pointer p-question dereferencing that could lead to resolved aborting bsc1040614 The update also fixed several non-security bugs : - core/mount: Use the '-c' flag to not canonicalize pat...

The vulnerability of the `dns_packet_new` function in the system service of the `system-resolved` module of the Systemmd daemon in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the dnspacketnew function in the system service of the system-resolved manager in the Linux operating system is due to an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to cause the system-resolved service to...

Fedora 25 : systemd (2017-29d909f5ec)

A fix for an out-of-bounds write in systemd-resolved after a crafted DNS packet CVE-2017-9445. No need to reboot or log out. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...