Debian DLA-1046-1 : lucene-solr security update

lucene-solr handler supports an HTTP API /replication?command=filecontent&file= which is vulnerable to path traversal attack. Specifically, this API does not perform any validation of the user specified filename parameter. This can allow an attacker to download any file readable to Solr server...

One or More Networks Mapped to the same cloud network

Challenge A Replication job targeting Cloud Hosts completes with the following warning: One or more source networks were possibly mapped onto the same cloud network. Simultaneous partial failovers of VMs residing on those networks may result in issues. Cause This warning is displayed when the...

MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities (RPM Check) (July 2017 CPU) (October 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the UDF component that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3529 - An unspecified...

[SECURITY] Fedora 26 Update: heimdal-7.4.0-1.fc26

Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec rfc1510 and successors including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2017-17015)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which the MySQL Server component is a server component. A security vulnerability exists in the Server: Replication subcomponent of the MySQL Server component of Oracle MySQL. A remotely authorized...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2017-17016)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which the MySQL Server component is a server component. A security vulnerability exists in the Server: Replication subcomponent of the MySQL Server component of Oracle MySQL. A remotely authorized...

Oracle Mysql Security Updates (jul2017-3236622) 04 - Linux

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; ifdescription...

MySQL 5.6.x < 5.6.37 Multiple Vulnerabilities (July 2017 CPU) (October 2017 CPU)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.37. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Memcached component that allows an unauthenticated, remote attacker to impact integrity and availability. CVE-2017-3633 - Multiple...

UBUNTU-CVE-2017-3649

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

UBUNTU-CVE-2017-3647

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities (Jul 2017 CPU) (Oct 2017 CPU) (Jul 2019 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the UDF component that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3529 - An unspecified...

phpMyAdmin Denial of Service Vulnerability (CNVD-2017-24410)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. A security vulnerability exists in the replication status in phpMyAdmin. An attacker can exploit this vulnerability to cause a denial of service by using a specially crafted form name...

DEBIAN-CVE-2017-1000018

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...

CVE-2017-1000018

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...

CVE-2017-1000018

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...

Design/Logic Flaw

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...

CVE-2017-1000018

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...

UBUNTU-CVE-2017-1000018

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...

Fedora 26 : php-pear-CAS (2017-2f3096ba16)

Changes in version 1.3.5 - Security Fixes : - Fix possible authentication bypass in validateCAS20 228 Gregory Boddin - Bug Fixes : - Fix file permissions non-executable 177 Remi Collet - Fixed translations Greek and Japanese 192 ikari7789 - Fix errors under phpdbg 204 MasonM - Fix logout...

CVE-2017-1000018

phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name...