PT-2016-6248 · Graphicsmagick +6 · Graphicsmagick +6

Name of the Vulnerable Software and Affected Versions: GraphicsMagick versions prior to 1.3.24 ImageMagick affected versions not specified Description: The issue allows remote attackers to execute arbitrary code via a | pipe character at the start of a filename, specifically through the OpenBlob...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-2847: Limit the per-user amount of pages allocated in pipes bsc970948. - CVE-2016-3136: mctu232: add sanity checking in probe bnc970955. - CVE-2016-2188: iowarrio...

Ubuntu: Security Advisory (USN-2967-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities

USN-2968-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kerne...

USN-2968-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

USN-2968-1 linux vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

USN-2967-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. CVE-2013-4312 Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not...

OracleVM 3.3 : kernel-uek (OVMSA-2016-0046)

The remote OracleVM system is missing necessary patches to address critical security updates : - skbuff: skbsegment: orphan frags before copying Dongli Zhang - RDS/IB: VRPC DELAY / OSS RECONNECT CAUSES 5 MINUTE STALL ON PORT FAILURE Venkat Venkatsubra Orabug: 22888920 - mlx4core: Introduce...

CVE-2016-2847

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service memory consumption by creating many pipes with non-default sizes...

DEBIAN-CVE-2016-2847

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service memory consumption by creating many pipes with non-default sizes...

DEBIAN-CVE-2016-0774

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux RHEL 7.1 do not properly consider the side effects of failed...

. NET Remoting remote code execution vulnerability explore-exploit warning-the black bar safety net

This is an article on . NET Remoting the security of the Coptic text, in the article will use a simple RCE exploit and provide the right case will be described. This paper mainly has the following content: 1. The . NET Remoting technology made a brief introduction 2. Use VS 编写 一 个 简单 的 .NET...

Security update for samba (important)

This update fixes these security vulnerabilities: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain controller netlogon member computer...

openSUSE Security Update : samba (openSUSE-2016-462) (Badlock)

"samba was updated to version 4.2.4 to fix 14 security issues. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. -...

Security update for samba (important)

samba was updated to version 4.2.4 to fix 14 security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111...

SUSE-SU-2016:1045-1 Security update for Linux Kernel Live Patch 10

This update for the Linux Kernel 3.12.51-52.34.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. bsc967773 - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kerne...

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:1024-1) (Badlock)

samba was updated to fix seven security issues. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...

SUSE SLES11 Security Update : samba (SUSE-SU-2016:1023-1) (Badlock)

samba was updated to fix seven security issues. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...

SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:1022-1) (Badlock)

"Samba was updated to the 4.2.x codestream, bringing some new features and security fixes bsc973832, FATE320709. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgrad...

SUSE SLES11 Security Update : samba (SUSE-SU-2016:1028-1) (Badlock)

samba was updated to fix seven security issues. These security issues were fixed : - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...