8850 matches found
Important: openldap, compat-openldap
Issue Overview: A flaw was found in the way the OpenLDAP server daemon slapd parsed certain Basic Encoding Rules BER data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. CVE-2015-6908 Affected Packages: openldap, compat-openldap Issue Correction: Run yum upda...
Low: libunwind
Issue Overview: An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Affected Packages: libunwind Issue Correction: Run yum update libunwind or yum update --advisory ALAS-2015-600 to update your...
Important: jakarta-taglibs-standard
Issue Overview: It was found that the Java Standard Tag Library JSTL allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution. Affected Packages:...
Low: grep
Issue Overview: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code wi...
Important: libXfont
Issue Overview: An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. CVE-2015-1802...
Medium: nss-softokn
Issue Overview: A flaw was found in the way NSS verified certain ECDSA Elliptic Curve Digital Signature Algorithm signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. Affected Packages: nss-softokn Issue Correction: Run yum update nss-softokn...
Critical: bind
Issue Overview: As discussed upstream https://kb.isc.org/article/AA-01287/0, parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query whic...
Medium: sqlite
Issue Overview: A flaw was found in the way SQLite handled dequoting of collation-sequence names. A local attacker could submit a specially crafted COLLATE statement that would crash the SQLite process, or have other unspecified impacts. CVE-2015-3414 It was found that SQLite's sqlite3VdbeExec...
Medium: pam
Issue Overview: It was discovered that the unixrunhelperbinary function of PAM's unixpam module could write to a blocking pipe, possibly causing the function to become unresponsive. An attacker able to supply large passwords to the unixpam module could use this flaw to enumerate valid user...
Medium: net-snmp
Issue Overview: It was discovered that the snmppduparse function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user...
Low: ntp
Issue Overview: As discussed upstream http://support.ntp.org/bin/view/Main/SecurityNoticeJune2015NTPSecurityVulnerabi, a flaw was found in the way ntpd processed certain remote configuration packets. Note that remote configuration is disabled by default in NTP. CVE-2015-5146 It was found that the...
Medium: openssh
Issue Overview: The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid ...
Important: java-1.6.0-openjdk
Issue Overview: Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-473...
Medium: subversion, mod_dav_svn
Issue Overview: The moddavsvn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service memory consumption via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes. CVE-2015-0202 An assertion failure flaw was found in the way...
Medium: golang, docker
Issue Overview: As discussed upstream -- http://seclists.org/oss-sec/2015/q3/294 and http://seclists.org/oss-sec/2015/q3/237 -- the Go project received notification of an HTTP request smuggling vulnerability in the net/http library. Invalid headers are parsed as valid headers like "Content Length...
Medium: httpd24
Issue Overview: It was discovered that in httpd 2.4, the internal API function apsomeauthrequired could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied...
Medium: httpd
Issue Overview: Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly...
Medium: mailman
Issue Overview: It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. CVE-2015-2775 It was found that mailman stored private email messages in a world-readable...
Medium: freeradius
Issue Overview: A stack-based buffer overflow was found in the way the FreeRADIUS rlmpap module handled long password hashes. An attacker able to make radiusd process a malformed password hash could cause the daemon to crash. Affected Packages: freeradius Issue Correction: Run yum update freeradi...
Medium: wireshark
Issue Overview: Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564,...
Medium: php54
Issue Overview: PHP process crashes when processing an invalid file with the "phar" extension. CVE-2015-5589 As discussed upstream https://bugs.php.net/bug.php?id=69669, mysqlnd is vulnerable to the attack described in https://www.duosecurity.com/blog/backronym-mysql-vulnerability. CVE-2015-3152...
Medium: php55
Issue Overview: PHP process crashes when processing an invalid file with the "phar" extension. CVE-2015-5589 As discussed upstream https://bugs.php.net/bug.php?id=69669, mysqlnd is vulnerable to the attack described in https://www.duosecurity.com/blog/backronym-mysql-vulnerability. CVE-2015-3152...
Medium: php56
Issue Overview: PHP process crashes when processing an invalid file with the "phar" extension. CVE-2015-5589 As discussed upstream https://bugs.php.net/bug.php?id=69669, mysqlnd is vulnerable to the attack described in https://www.duosecurity.com/blog/backronym-mysql-vulnerability. CVE-2015-3152...
Medium: libgcrypt
Issue Overview: Fix a side-channel attack on data-dependent timing variations in modular exponentiation, which can potentially lead to an information leak. CVE-2015-0837 Fix a side-channel attack which can potentially lead to an information leak. CVE-2014-3591 Libgcrypt before 1.5.4, as used in...
Medium: tigervnc
Issue Overview: A heap-based buffer overflow was found in the way vncviewer rendered certain screen images from a vnc server. If a user could be tricked into connecting to a malicious vnc server, it may cause the vncviewer to crash, or could possibly execute arbitrary code with the permissions of...
Medium: gnutls
Issue Overview: It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whethe...
Low: gnupg2
Issue Overview: It was reported https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html that gnupg2 keyring DB code did not reject packets which don't belong into a keyring, which may lead to invalid read of sizeof int. Affected Packages: gnupg2...
Critical: bind
Issue Overview: As reported upstream https://kb.isc.org/article/AA-01272/0, an error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit...
Important: usermode, libuser
Issue Overview: It was found that libuser, as used in the chfn userhelper functionality, does not properly filter out newline characters, which allows an authenticated local attacker to corrupt the /etc/passwd file and cause denial-of-service against the system. CVE-2015-3245 A flaw was found in...
Important: java-1.8.0-openjdk
Issue Overview: Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-473...
Critical: java-1.7.0-openjdk
Issue Overview: Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-473...
Medium: openssh
Issue Overview: It was reported that when forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh1 coupled with "fail open" behavior in...
Important: bind
Issue Overview: A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. Affected...
Medium: kernel
Issue Overview: It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O...
Medium: 389-ds-base
Issue Overview: It was reported https://fedorahosted.org/389/ticket/48194 that nsSSL3Ciphers preference is not enforced server side, this allows for a potential downgrade attack to take place. Affected Packages: 389-ds-base Issue Correction: Run yum update 389-ds-base or yum update --advisory...
Medium: nss, nss-util
Issue Overview: A flaw was found in the way the TLS protocol composes the Diffie-Hellman DH key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. CVE-2015-4000 Please note th...
Critical: openssl
Issue Overview: During certificate verfification, OpenSSL starting from version 1.0.1n and 1.0.2b will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain chec...
Medium: postgresql8
Issue Overview: A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. CVE-2015-3165 It was discovered that PostgreSQ...
Medium: php56
Issue Overview: Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326. All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream...
Medium: php55
Issue Overview: Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326. All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream...
Medium: tcpdump
Issue Overview: Integer signedness error in the mobilityoptprint function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service out-of-bounds read and crash or possibly execute arbitrary code via a negative length value. CVE-2015-0261 The...
Medium: cups
Issue Overview: A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operations, allowing a replacement configuration file to be uploaded which in...
Medium: fuse
Issue Overview: It was discovered that fusermount failed to properly sanitize its environment before executing mount and umount commands. A local user could possibly use this flaw to escalate their privileges on the system. Affected Packages: fuse Issue Correction: Run yum update fuse or yum upda...
Medium: php54
Issue Overview: Upstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library CVE-2015-3414, CVE-2015-3415, CVE-2015-3416. All PHP 5.4 users are encouraged to upgrade to this version. Please see the upstream relea...
Medium: php-ZendFramework
Issue Overview: Upstream reported http://framework.zend.com/security/advisory/ZF2015-04 a vulnerability in the Zend\Mail component in Zend Framework 2, specifically in how it handles headers. Headers are not correctly filtered for newlines, allowing the ability to send additional, unrelated heade...
Medium: mod_dav_svn, subversion
Issue Overview: A NULL pointer dereference flaw was found in the way the moddavsvn module handled certain requests for URIs that trigger a lookup of a virtual transaction name. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing...
Medium: python27
Issue Overview: It was discovered that multiple Python standard library modules implementing network protocols such as httplib or smtplib failed to restrict sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of...
Medium: libtiff
Issue Overview: Use of uninitialized memory was reported in in libtiff. Affected Packages: libtiff Issue Correction: Run yum update libtiff or yum update --advisory ALAS-2015-553 to update your system. New Packages: i686: libtiff-4.0.3-20.20.amzn1.i686 ...
Medium: t1utils
Issue Overview: A buffer overflow flaw was found in the way t1utils processed, for example, certain PFB Printer Font Binary files. An attacker could use this flaw to potentially execute arbitrary code by tricking a user into processing a specially crafted PFB file with t1utils. Affected Packages:...
Medium: curl
Issue Overview: As discussed upstream http://curl.haxx.se/docs/adv20150617A.html, libcurl can wrongly send HTTP credentials when re-using connections. CVE-2015-3236 Also discussed upstream http://curl.haxx.se/docs/adv20150617B.html, libcurl can get tricked by a malicious SMB server to send off da...