Amazon Linux AMI : glibc (ALAS-2012-109)

Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFYSOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort. C...

Amazon Linux AMI : kernel (ALAS-2012-118)

The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket. C Tenable Network...

Amazon Linux AMI : perl (ALAS-2013-177)

A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Amazon Linux AMI : openjpeg (ALAS-2012-111)

An input validation flaw, leading to a heap-based buffer overflow, was found in the way OpenJPEG handled the tile number and size in an image tile header. A remote attacker could provide a specially crafted image file that, when decoded using an application linked against OpenJPEG, would cause th...

Amazon Linux AMI : pam (ALAS-2013-160)

A stack-based buffer overflow flaw was found in the way the pamenv module parsed users' '/.pamenvironment' files. If an application's PAM configuration contained 'userreadenv=1' this is not the default, a local attacker could use this flaw to crash the application or, possibly, escalate their...

Amazon Linux AMI : sudo (ALAS-2012-110)

A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on...

Amazon Linux AMI : kernel (ALAS-2011-22)

The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service CPU consumption via a crafted application that makes epollcreate and epollctl system calls. Buffer overflow in the...

Amazon Linux AMI : openssl (ALAS-2012-62)

A NULL pointer dereference flaw was found in the way OpenSSL parsed Secure/Multipurpose Internet Mail Extensions S/MIME messages. An attacker could use this flaw to crash an application that uses OpenSSL to decrypt or verify S/MIME messages. CVE-2012-1165 A flaw was found in the PKCS7 and...

Amazon Linux AMI : texlive (ALAS-2012-48)

TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code : Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially crafted font file was...

Amazon Linux AMI : kernel / nvidia (ALAS-2013-154)

The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service guest crash by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption. C Tenable Network...

Amazon Linux AMI : php (ALAS-2012-116)

Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an 'overflow.' C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Amazon Linux AMI : libtiff (ALAS-2012-106)

libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code...

Amazon Linux AMI : rsyslog (ALAS-2012-105)

A numeric truncation error, leading to a heap-based buffer overflow, was found in the way the rsyslog imfile module processed text files containing long lines. An attacker could use this flaw to crash the rsyslogd daemon or, possibly, execute arbitrary code with the privileges of rsyslogd, if the...

Amazon Linux AMI : mysql51 (ALAS-2013-152)

This update fixes several vulnerabilities in the MySQL database server. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2013-152. include"compat.inc"; if description scriptid69711;...

Amazon Linux AMI : freetype (ALAS-2013-150)

A flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format BDF fonts. If a user loaded a specially crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code wit...

Amazon Linux AMI : php (ALAS-2011-07)

The MITRE CVE database describes these CVEs as : Revert isa behavior to php = 5.3.6 and add a new new option allowstring for the new behavior accept string and raise autoload if needed Use-after-free vulnerability in the substrreplace function in PHP 5.3.6 and earlier allows context-dependent...

Amazon Linux AMI : kernel (ALAS-2012-133)

An integer overflow flaw was found in the i915gemdoexecbuffer function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. CVE-2012-2384 , Moderate A memory leak flaw was found in the w...

Amazon Linux AMI : php (ALAS-2013-211)

A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xmlparseintostruct function to parse untrusted XML content, an attacker able to supply specially crafted XML could use this flaw to crash the application or, possibly, execute arbitra...

Amazon Linux AMI : python27 (ALAS-2012-81)

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an XML-RPC POST request that contains a smaller amount of data than specified...

Amazon Linux AMI : kernel (ALAS-2012-58)

The ExecShield feature does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries. C Tenable Network Security,...