BSA-2017-333

Security Advisory ID : BSA-2017-333 Component : zlib Revision : 1.0: Interim inftrees.cinzlib1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Affected Products Product| Current Assessment ---|--- Brocade Virtual Web Application...

BSA-2017-338

Security Advisory ID : BSA-2017-338 Component : N/A Revision : 1.0: Final A ransomware calledWannaCryinfected computers in several countries. Computers that became infected had not been patched. Microsoft released a security bulletin on March 14th, 2017, titled Microsoft Security Bulletin MS17-01...

BSA-2017-296

Security Advisory ID : BSA-2017-296 Component : NTP Revision : 2.0: Interim Stack-based buffer overflow in thereslistfunction inntpqin NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a longflagstrvariable in a restriction list response. Affected...

BSA-2017-313

Security Advisory ID : BSA-2017-313 Component : modcgid module in the Apache HTTP Server before 2.4.10 Revision : 2.0: Interim A flaw was found inmodcgid. If a server usingmodcgidhosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang...

BSA-2017-279

Security Advisory ID : BSA-2017-279 Component : JBOSS Revision : 2.0: Interim The Management Console in Red Hat Enterprise Application Platform before 6.4.4 andWildFlyformerlyJBossApplication Server does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduc...

BSA-2017-308

Security Advisory ID : BSA-2017-308 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded,JRockitcomponent of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111;JRockit:...

BSA-2017-307

Security Advisory ID : BSA-2017-307 Component : libc Revision : 2.0: Interim Integer overflow in thestrxfrmfunction in the GNU C Library akaglibcor libc6 before 2.21 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a long string, which...

BSA-2017-309

Security Advisory ID : BSA-2017-309 Component : Java Revision : 2.0: Interim Vulnerability in the Java SE, Java SE Embedded,JRockitcomponent of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111;JRockit: R28.3.12...

BSA-2017-270

Security Advisory ID : BSA-2017-270 Component : OpenSSH Revision : 2.0: Interim Theverifyhostkeyfunction insshconnect.cin the client inOpenSSH6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptableHostCertificate. Affected Products...

BSA-2017-272

Security Advisory ID : BSA-2017-272 Component : OpenSSH Revision : 2.0: Final Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. Affected...

BSA-2017-281

Security Advisory ID : BSA-2017-281 Component : OpenSSL Revision : 3.0: Final Thedoaproutchfunction in crypto/bio/bprint.cin OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service...

BSA-2017-274

Security Advisory ID : BSA-2017-274 Component : Authfile.c in sshd in OpenSSH before 7.4 Revision : 3.0: Final authfile.cinsshdinOpenSSHbefore 7.4 does not properly consider the effects ofreallocon buffer contents, which might allow local users to obtain sensitive private-key information by...

BSA-2017-275

Security Advisory ID : BSA-2017-275 Component : OpenSSH Revision : 2.0: Final The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges ...

BSA-2017-288

Security Advisory ID : BSA-2017-288 Component : NTP Revision : 1.0: Interim There is a potential for a buffer overflow in the legacy Datum Programmable Time Serverrefclockdriver. Here the packets are processed from the /dev/datum device and handled indatumptsreceive. Since an attacker would be...

BSA-2017-271

Security Advisory ID : BSA-2017-271 Component : MD5 Algorithm Revision : 1.0: Interim The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature...

BSA-2017-293

Security Advisory ID : BSA-2017-293 Component : NTP Revision : 1.0: Interim The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes. Affected Products Brocade is investigating i...

BSA-2017-310

Security Advisory ID : BSA-2017-310 Component : Linux Kernel Revision : 1.0: Interim udp.cin the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of arecvsystem call with the MSGPEEK flag...

BSA-2017-306

Security Advisory ID : BSA-2017-306 Component : Apache Tomcat Revision : 1.0: Interim While investigating bug 60718, it was noticed that some calls to application listeners did not use the appropriate facade object. When running an untrusted application under aSecurityManager, it was therefore...

BSA-2017-295

Security Advisory ID : BSA-2017-295 Component : NTP Revision : 1.0: Interim The mx4200send function in the legacy MX4200refclockin NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of thesnprintffunction, which allows local users to execute arbitrary code via...

BSA-2017-304

Security Advisory ID : BSA-2017-304 Component : Linux Kernel Revision : 1.0: Interim The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memo...

BSA-2017-286

Security Advisory ID : BSA-2017-286 Component : Apache Revision : 1.0: Interim Apache HTTP Server, prior to release 2.4.25, accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTA...

BSA-2017-277

Security Advisory ID : BSA-2017-277 Component : Apache Struts Revision : 1.0: Interim The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a cmd= string in a crafted...

BSA-2017-305

Security Advisory ID : BSA-2017-305 Component : Apache Tomcat Revision : 1.0: Interim The handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOWUPDATE before allowing the application to write more data...

BSA-2017-294

Security Advisory ID : BSA-2017-294 Component : NTP Revision : 1.0: Interim Multiple buffer overflows in thectlput functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. Affected Products Brocade is investigating i...

BSA-2017-291

Security Advisory ID : BSA-2017-291 Component : NTP Revision : 1.0: Interim NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPIDLLS environment variable. Affected Products Brocade is investigating its product lines to...

BSA-2017-289

Security Advisory ID : BSA-2017-289 Component : NTP Revision : 1.0: Interim A vulnerability found in the NTP server allows an authenticated remote attacker to crash the daemon by sending an invalid setting viathe :configdirective. Theunpeeroption expects a number or an address as an argument. In...

BSA-2017-284

Security Advisory ID : BSA-2017-284 Component : Apache Brooklyn 0.9.0 and all prior versions Revision : 1.0: Interim No information. Affected Products Brocade is investigating its product lines to determine which products may be affected by this vulnerability and the impact on each affected produ...

BSA-2017-292

Security Advisory ID : BSA-2017-292 Component : NTP Revision : 1.0: Interim Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line. Affected Products Brocade is...

BSA-2017-280

Security Advisory ID : BSA-2017-280 Component : JBOSS Revision : 1.0: Interim The Web Console in Red Hat Enterprise Application Platform EAP before 6.4.4 andWildFlyformerlyJBossApplication Server allows remote attackers to cause a denial of service memory consumption via a large request header...

BSA-2017-283

Security Advisory ID : BSA-2017-283 Component : Apache Brooklyn 0.9.0 and all prior versions Revision : 1.0: Interim Apache Brooklyn’s REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the...

BSA-2017-285

Security Advisory ID : BSA-2017-285 Component : Linux Kernel Revision : 1.0: Interim A race condition flaw was found in the NHLDC Linux kernel driver when accessingnhdlc.tbuflist that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on thettydevice could us...

BSA-2017-273

Security Advisory ID : BSA-2017-273 Component : sshd in OpenSSH Revision : 3.1 sshdinOpenSSHbefore 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related toserverloop.c. Affected...

allows remote attackers to cause a denial of service (CVE-2017-6464)

Security Advisory ID : BSA-2017-287 Component : NTP Revision : 1.0: Interim NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service ntpdcrash via a malformed mode configuration directive. Affected Products Brocade is investigating its product lines to...

BSA-2017-208

Security Advisory ID : BSA-2017-208 Component : FOS Revision : 2.0: Interim A privilege escalation vulnerability in BrocadeFibreChannel SAN products running Brocade Fabric OS FOS releases earlier than v7.4.1d and v8.0.1b could allow an authenticated, attacker to elevate the privileges of user...

BSA-2017-265

Security Advisory ID : BSA-2017-265 Component : Linux Kernel Revision : 2.0: Interim Thedccprcvstateprocessfunction in net/dccp/input.cin the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cau...

BSA-2017-253

Security Advisory ID : BSA-2017-253 Component : OpenSSH Revision : 2.0: Interim sshdinOpenSSHbefore 6.6 does not properly support wildcards onAcceptEnvlines insshdconfig, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard...

BSA-2017-254

Security Advisory ID : BSA-2017-254 Component : Open SSH Revision : 2.0: Final Themmnewkeysfromblobfunction inmonitorwrap.cinsshdinOpenSSH6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to...

BSA-2017-255

Security Advisory ID : BSA-2017-255 Component : OpenSSH Revision : 2.0: Final Thekbdintnextdevicefunction in auth2-chall.c insshdinOpenSSHthrough 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to...

BSA-2017-315

Security Advisory ID : BSA-2017-315 Component : Management Module Revision : 1.0: Interim Improperly checks for unusual or exceptional conditions when the Management Module is continuously scanned on port 22 may allow attackers to cause a denial of service crash and reload of the management modul...

BSA-2017-268

Security Advisory ID : BSA-2017-268 Component : Linux Kernel Revision : 1.0: Interim Use-after-free vulnerability in mm/percpu.cin the Linux kernel through 4.6 allows local users to cause a denial of service BUG or possibly have unspecified other impact via crafted use of themmapandbpfsystem call...

BSA-2017-249

Security Advisory ID : BSA-2017-249 Component : SSL TLS Revision : 1.0: Interim It was found using the OSS-FUZZfuzzerinfrastructure that decoding a specially crafted X.509 certificate with Proxy Certificate Information extension present could lead to a double free. This issue was fixed...

BSA-2017-250

Security Advisory ID : BSA-2017-250 Component : SSL TLS Revision : 1.0: Interim It was found using the OSS-FUZZfuzzerinfrastructure that decoding a specially craftedOpenPGPcertificate could lead to heap and stack overflows. This issue was fixed inGnuTLS3.3.26 and 3.5.8. Affected Products Brocade ...

BSA-2017-264

Security Advisory ID : BSA-2017-264 Component : OpenSSL Revision : 1.0: Interim During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake or vice-versa then this can cause OpenSSL to crash dependent onciphersuite. Both clients and...

BSA-2017-267

Security Advisory ID : BSA-2017-267 Component : NTP Revision : 1.0: Interim Thecronjobscript bundled withntppackage is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as root during the dailycronjobsall operations on...

BSA-2017-260

Security Advisory ID : BSA-2017-260 Component : DH Parameters Revision : 1.0: Interim There is a carry propagating bug in the x8664 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult t...

BSA-2017-269

Security Advisory ID : BSA-2017-269 Component : OpenSSH Revision : 1.0: Interim The default configuration forOpenSSHenablesAllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such asAnonCVS. Affected Products...

BSA-2017-266

Security Advisory ID : BSA-2017-266 Component : FOS Revision : 1.0: Interim Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated bySlowloris. Affected Products Brocade is investigating its product lines to...

BSA-2017-259

Security Advisory ID : BSA-2017-259 Component : Weak ciphers such as RC4-MD5 Revision : 1.0: Interim If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually...

BSA-2017-257

Security Advisory ID : BSA-2017-257 Component : NTP Revision : 1.0: Interim It was discovered thatntpdas a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to anntpdclient that would effectively disable...

BSA-2017-258

Security Advisory ID : BSA-2017-258 Component : ECDHE Parameters Revision : 1.0: Interim If a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointerleading to a client crash. This could be exploited in a...