CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

Oracle MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities

Binary data 700185.prm...

Oracle MySQL 5.6.x < 5.6.37 Multiple Vulnerabilities

Binary data 700186.prm...

Fedora 26 : community-mysql (2017-ee93493bea)

Update to version 5.7.19 Replication tests in the testsuite enabled, they don't fail anymore Resolves: 1462688; /run 1406172; random failures of the testsuite 1417880, 1417883, 1417885, 1417887, 1417890, 1417891, 1417893, 1417894, 1417896; replication tests CVE fixes: 1472716 CVE-2017-3633,...

Fedora 25 : community-mysql (2017-7c039552fa)

Update to version 5.7.19 Replication tests in the testsuite enabled, they don't fail anymore Resolves: 1462688; /run 1406172; random failures of the testsuite 1417880, 1417883, 1417885, 1417887, 1417890, 1417891, 1417893, 1417894, 1417896; replication tests CVE fixes: 1472716 CVE-2017-3633,...

vCenter Server Appliance - Backup/Restore Recommendations

Native File-Based Backup and Restore Recommended vCenter Server Appliance Data Integrity Best Practices recommends using the native file-based backup and restore operations to protect the vCenter Server Appliance. Review: VMware vSphere User Guide: Considerations and Limitations for File-Based...

CVE-2017-3647

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2017-3649

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

Design/Logic Flaw

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

Debian DLA-1046-1 : lucene-solr security update

lucene-solr handler supports an HTTP API /replication?command=filecontent&file= which is vulnerable to path traversal attack. Specifically, this API does not perform any validation of the user specified filename parameter. This can allow an attacker to download any file readable to Solr server...

One or More Networks Mapped to the same cloud network

Challenge A Replication job targeting Cloud Hosts completes with the following warning: One or more source networks were possibly mapped onto the same cloud network. Simultaneous partial failovers of VMs residing on those networks may result in issues. Cause This warning is displayed when the...

MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities (RPM Check) (July 2017 CPU) (October 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the UDF component that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3529 - An unspecified...

[SECURITY] Fedora 26 Update: heimdal-7.4.0-1.fc26

Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec rfc1510 and successors including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2017-17016)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which the MySQL Server component is a server component. A security vulnerability exists in the Server: Replication subcomponent of the MySQL Server component of Oracle MySQL. A remotely authorized...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2017-17015)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which the MySQL Server component is a server component. A security vulnerability exists in the Server: Replication subcomponent of the MySQL Server component of Oracle MySQL. A remotely authorized...

UBUNTU-CVE-2017-3647

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

MySQL 5.6.x < 5.6.37 Multiple Vulnerabilities (July 2017 CPU) (October 2017 CPU)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.37. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Memcached component that allows an unauthenticated, remote attacker to impact integrity and availability. CVE-2017-3633 - Multiple...

MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities (Jul 2017 CPU) (Oct 2017 CPU) (Jul 2019 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the UDF component that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3529 - An unspecified...

Oracle Mysql Security Updates (jul2017-3236622) 04 - Linux

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; ifdescription...