K23180157: libxml2 vulnerability CVE-2017-7376

Security Advisory Description Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. CVE-2017-7376 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...

Access Control Bypass

puppet-tripleo is is vulnerable to access control bypass. It happens because it does not prevent the creation of TCP/UDP rules with empty port values, allowing the attacker to use these open ports to gain access to unauthorized resources...

CVE-2016-9599

puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. If SSL is enabled, a malicious user could use these open ports to gain access to unauthorized resources...

Buffer overflow

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects...

CVE-2017-7376

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects...

CVE-2017-7376

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects...

Debian: Security Advisory (DLA-1060-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1060-1 : libxml2 security update

CVE-2017-0663 Invalid casting of different structs could enable an attacker to remotely execute some code within the context of an unprivileged process. CVE-2017-7376 Incorrect limit used for port values. For Debian 7 'Wheezy', these problems have been fixed in version 2.8.0+dfsg1-7+wheezy9. We...

[SECURITY] [DLA 1060-1] libxml2 security update

Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy9 CVE ID : CVE-2017-0663 CVE-2017-7376 CVE-2017-0663 Invalid casting of different structs could enable an attacker to remotely execute some code within the context of an unprivileged process. CVE-2017-7376 Incorrect limit used for port values. For...

UBUNTU-CVE-2017-7376

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects...

Mozilla: FTP response codes can cause use of uninitialized values for ports (MFSA 2017-06)

Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

Mozilla: FTP response codes can cause use of uninitialized values for ports (MFSA 2017-06)

Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

CVE-2016-9599

puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. If SSL is enabled, a malicious user could use these open ports to gain access to unauthorized resources...