8694 matches found
Medium: nss
Issue Overview: A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct...
Important: java-1.8.0-openjdk
Issue Overview: An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass...
Medium: bind
Issue Overview: Specific APL RR data could cause a server to exit due to an INSIST failure in apl42.c when performing certain string formatting operations. CVE-2015-8704 CVE-2015-8705 was also issued today for bind, but the Amazon Linux AMI's version of bind is not impacted by that CVE. Affected...
Medium: kernel
Issue Overview: Perception Point Research identified http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/ a use-after-free vulnerability, representing a local privilege escalation vulnerability in the Linux kernel. Their post contains a...
Medium: realmd
Issue Overview: A flaw was found in the way realmd parsed certain input when writing configuration into the sssd.conf or smb.conf file. A remote attacker could use this flaw to inject arbitrary configurations into these files via a newline character in an LDAP response. Affected Packages: realmd...
Medium: samba
Issue Overview: A missing access control flaw was found in Samba. A remote, authenticated attacker could use this flaw to view the current snapshot on a Samba share, despite not having DIRECTORYLIST access rights. An access flaw was found in the way Samba verified symbolic links when creating new...
Medium: libldb
Issue Overview: A denial of service flaw was found in the ldbwildcardcompare function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb for example the AD LDAP server in Samba, would cause that application to consume an excessiv...
Medium: dhcp
Issue Overview: ISC DHCP 4.x before 4.1-ESV-R12-P1 and 4.2.x and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service application crash via an invalid length field in a UDP IPv4 packet. Affected Packages: dhcp Issue Correction: Run yum update dhcp or yum update --advisory...
Medium: php56, php55
Issue Overview: The imagerotate function lacked validation of the background color variable, an integer which represents an index of the color palette. A number larger than the length of the color palette could be used in the function, reading beyond the memory of the color palette and causing an...
Low: sssd
Issue Overview: It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a...
Low: grep
Issue Overview: A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory. Affected...
Low: ruby19, ruby20, ruby21, ruby22
Issue Overview: DL::dlopen could open a library with tainted library name even if $SAFE 0. Affected Packages: ruby19, ruby20, ruby21, ruby22 Issue Correction: Run yum update ruby19 or yum update --advisory ALAS-2016-632 to update your system. Run yum update ruby20 or yum update --advisory...
Medium: openssh
Issue Overview: An information leak flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to leak portions of memory possibly including private SSH keys of a successfully authenticated OpenSSH client. A buffer overflow fla...
Critical: bind
Issue Overview: An error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this...
Important: python-pygments
Issue Overview: An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of...
Low: xfsprogs
Issue Overview: It was discovered that the xfsmetadump tool of the xfsprogs suite did not fully adhere to the standards of obfuscation described in its man page. In case a user with the necessary privileges used xfsmetadump and relied on the advertised obfuscation, the generated data could contai...
Medium: openssh
Issue Overview: A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as...
Important: apache-commons-collections
Issue Overview: It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the...
Medium: openssl
Issue Overview: A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. CVE-2015-3194...
Medium: libpng
Issue Overview: It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead ...
Medium: perl-HTML-Scrubber
Issue Overview: Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment. Affected Packages: perl-HTML-Scrubber Issue Correction: Run yum updat...
Medium: libxml2
Issue Overview: A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory. The...
Medium: krb5
Issue Overview: A flaw was found in the OTP kdcpreauth module of MIT Kerberos. A remote attacker could use this flaw to bypass the requirespreauth flag on a client principal and obtain a ciphertext encrypted in the principal's long-term key. This ciphertext could be used to conduct an off-line...
Medium: git
Issue Overview: A flaw was found in the way the git-remote-ext helper processed certain URLs. If a user had Git configured to automatically clone submodules from untrusted repositories, an attacker could inject commands into the URL of a submodule, allowing them to execute arbitrary code on the...
Medium: postgresql8
Issue Overview: A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. CVE-2015-5288 Affected Packages: postgresql8 Issue Correction: Run yum update postgresql8 o...
Medium: binutils
Issue Overview: A directory traversal flaw was found in the strip and objcopy utilities. A specially crafted file could cause strip or objdump to overwrite an arbitrary file writable by the user running either of these utilities. A buffer overflow flaw was found in the way various binutils...
Medium: autofs
Issue Overview: It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system...
Low: perl-IPTables-Parse
Issue Overview: A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to. Affected Packages:...
Medium: tigervnc
Issue Overview: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way TigerVNC handled screen sizes. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the client. A NULL pointer dereference flaw was...
Important: glibc
Issue Overview: A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw t...
Medium: python26
Issue Overview: An integer overflow flaw was found in the way the buffer function handled its offset and size arguments. An attacker able to control those arguments could use this flaw to disclose portions of the application memory or cause it to crash. It was discovered that multiple Python...
Important: java-1.6.0-openjdk
Issue Overview: Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883,...
Medium: kernel
Issue Overview: A denial of service vulnerability was discovered in the keyring function's garbage collector in the Linux kernel. The flaw allowed any local user account to trigger a kernel panic. CVE-2015-7872 Affected Packages: kernel Issue Correction: Run yum update kernel or yum update...
Medium: libpng
Issue Overview: Multiple buffer overflows in the pngsetPLTE and pnggetPLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19, allowing remote attackers to cause a denial of service application crash or...
Important: ganglia
Issue Overview: Ganglia-web auth can be bypassed using boolean serialization CVE-2015-6816. Affected Packages: ganglia Issue Correction: Run yum update ganglia or yum update --advisory ALAS-2015-612 to update your system. New Packages: i686: ganglia-gmetad-3.7.2-2.19.amzn1.i686 ...
Critical: nspr, nss-util, nss, jss
Issue Overview: Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and...
Medium: postgresql92, postgresql93, postgresql94
Issue Overview: Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service server crash via unspecified vectors, which are not properly handled in 1 json or 2 jsonb values. CVE-2015-5289 The...
Medium: kernel
Issue Overview: A race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. CVE-2015-7613 Linux kerne...
Important: ntp
Issue Overview: It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable...
Important: java-1.8.0-openjdk
Issue Overview: Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883,...
Important: libwmf
Issue Overview: It was discovered that libwmf did not correctly process certain WMF Windows Metafiles with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code...
Critical: java-1.7.0-openjdk
Issue Overview: Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883,...
Medium: php56
Issue Overview: As reported upstream https://bugs.php.net/bug.php?id=69720, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object...
Medium: php55
Issue Overview: As reported upstream https://bugs.php.net/bug.php?id=69720, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object...
Low: libunwind
Issue Overview: An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Affected Packages: libunwind Issue Correction: Run yum update libunwind or yum update --advisory ALAS-2015-600 to update your...
Important: openldap, compat-openldap
Issue Overview: A flaw was found in the way the OpenLDAP server daemon slapd parsed certain Basic Encoding Rules BER data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. CVE-2015-6908 Affected Packages: openldap, compat-openldap Issue Correction: Run yum upda...
Important: libXfont
Issue Overview: An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. CVE-2015-1802...
Important: jakarta-taglibs-standard
Issue Overview: It was found that the Java Standard Tag Library JSTL allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution. Affected Packages:...
Low: grep
Issue Overview: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code wi...
Medium: nss-softokn
Issue Overview: A flaw was found in the way NSS verified certain ECDSA Elliptic Curve Digital Signature Algorithm signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. Affected Packages: nss-softokn Issue Correction: Run yum update nss-softokn...