1. Vulnerabilities in OpenSSL
(secadv_20140605)
[06/06/2014] Vulnerabilities were identified in the OpenSSL. An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code, cause a denial of service condition and compromise a vulnerable
system. These vulnerabilities affect versions prior to 0.9.8za, 1.0.0m or 1.0.1h
of the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.openssl.org/news/secadv_20140605.txt
URL:www.hkcert.org/my_url/en/alert/14060601
URL:www.kb.cert.org/vuls/id/978508
URL:www.us-cert.gov/ncas/current-activity/2014/06/05/OpenSSL-Releases-Security-Advisory
URL:xforce.iss.net/xforce/xfdb/93586
URL:xforce.iss.net/xforce/xfdb/93587
URL:xforce.iss.net/xforce/xfdb/93588
URL:xforce.iss.net/xforce/xfdb/93589
URL:secunia.com/advisories/58403/
2. Vulnerabilities in Cisco Products
(cisco-sa-20140605-openssl)
[06/06/2014] Vulnerabilities were identified in multiple Cisco products.
An attacker could bypass security restrictions, perform a man-in-the-middle
attack, cause a denial of service condition, obtain sensitive information and
execute arbitrary code. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl
3. Vulnerabilities in IBM Products (1663324, 1672078,
1672080, 1674754)
[06/06/2014] Vulnerabilities were identified in the IBM Tivoli Composite
Application Manager for Transactions, IBM InfoSphere Streams, IBM Tivoli
Identity Manager, IBM Security Identity Manager and IBM Security QRadar. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, perform cross-site request forgery attacks, execute
arbitrary code, cause a denial of service condition and compromise a vulnerable
system. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21663324
URL:www.ibm.com/support/docview.wss?uid=swg21672078
URL:www.ibm.com/support/docview.wss?uid=swg21672080
URL:www.ibm.com/support/docview.wss?uid=swg21674754
URL:secunia.com/advisories/59070/
URL:secunia.com/advisories/59074/
URL:secunia.com/advisories/59080/
URL:secunia.com/advisories/59082/
4. Vulnerability in Linux Kernel
(93593)
[06/06/2014]
Vulnerability was identified in the Linux
Kernel. An attacker could gain elevated privileges. The affected version was not
specified. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/93593
5. Vulnerabilities in Oracle Linux (ELSA-2014-0595,
ELSA-2014-0596)
[06/06/2014] Vulnerabilities were identified in the gnutls and libtasn1
packages for Oracle Linux 6. An attacker could cause a denial of service
condition and compromise a vulnerable system. These vulnerabilities affect
multiple versions of the mentioned product. Security patches are available to
resolve these
vulnerabilities.
URL:linux.oracle.com/errata/ELSA-2014-0595.html
URL:linux.oracle.com/errata/ELSA-2014-0596.html
URL:secunia.com/advisories/58591/
URL:secunia.com/advisories/58601/
6. Security Updates in Debian (DSA-2949-1, DSA-2950-1,
DSA-2951-1)
[06/06/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the linux kernel, openssl and mupdf packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code and cause a
denial of service
condition.
URL:www.debian.org/security/2014/dsa-2949
URL:www.debian.org/security/2014/dsa-2950
URL:www.debian.org/security/2014/dsa-2951
7. Security Updates in Red Hat Products
(RHSA-2014-0624-1, RHSA-2014-0625-1, RHSA-2014-0626-1, RHSA-2014-0627-1,
RHSA-2014-0628-1, RHSA-2014-0629-1)
[06/06/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the openssl, openssl097a, openssl098e and rhev-hypervisor6 packages for Red
Hat Enterprise Linux 4, 5 and 6, Red Hat Storage 2.1 and Red Hat Enterprise
Virtualization 3. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
application.
URL:rhn.redhat.com/errata/RHSA-2014-0624.html
URL:rhn.redhat.com/errata/RHSA-2014-0625.html
URL:rhn.redhat.com/errata/RHSA-2014-0626.html
URL:rhn.redhat.com/errata/RHSA-2014-0627.html
URL:rhn.redhat.com/errata/RHSA-2014-0628.html
URL:rhn.redhat.com/errata/RHSA-2014-0629.html
8. Security Updates in SUSE (SUSE-SU-2014:0759-1,
SUSE-SU-2014:0761-1)
[06/06/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the openssl package for SUSE Linux Enterprise 11. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
application.
URL:lists.opensuse.org/opensuse-security-announce/2014-06/msg00004.html
URL:lists.opensuse.org/opensuse-security-announce/2014-06/msg00005.html
9. Security Updates in Ubuntu GNU/Linux (usn-2232-1,
usn-2233-1, usn-2234-1, usn-2235-1, usn-2236-1, usn-2237-1, usn-2238-1,
usn-2239-1, usn-2240-1, usn-2241-1)
[06/06/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openssl, linux, linux-ec2, linux-ti-omap4, linux-lts-quantal,
linux-lts-raring and linux-lts-saucy packages for versions 10.04 LTS, 12.04 LTS,
13.10 and 14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.ubuntu.com/usn/usn-2232-1/
URL:www.ubuntu.com/usn/usn-2233-1/
URL:www.ubuntu.com/usn/usn-2234-1/
URL:www.ubuntu.com/usn/usn-2235-1/
URL:www.ubuntu.com/usn/usn-2236-1/
URL:www.ubuntu.com/usn/usn-2237-1/
URL:www.ubuntu.com/usn/usn-2238-1/
URL:www.ubuntu.com/usn/usn-2239-1/
URL:www.ubuntu.com/usn/usn-2240-1/
URL:www.ubuntu.com/usn/usn-2241-1/
10.
Information Updates on Microsoft Security
Bulletin (2893294)
[05/06/2014] Microsoft
has updated information on the Security Bulletin for Microsoft Windows. MS13-098
was updated the Known Issues entry in the Knowledge Base Article section from
"None" to
"Yes".
URL:technet.microsoft.com/library/security/ms13-098
11.
Vulnerabilities in IBM Products
(T1020893, T1020894, T1020895, T1020896, 1654970, 1654973, 1659489, 1671340,
1671958, 1672822, 1672835, 1672887, 1673098, 1673101, 1673410, 1673715, 1673847,
1674113, 1674310, 1674435, 1674493, 1674613)
[05/06/2014] Vulnerabilities were identified in the IBM Platform Symphony,
IBM Platform Cluster Manager, IBM Platform HPC, IBM Platform Application Center,
IBM Smart Analytics System, IBM Cognos BI Server, IBM Tivoli Application
Dependency Discovery Manager, IBM Endpoint Manager for Remote Control, IBM
Tivoli Endpoint Manager for Remote Control, IBM Cognos Express, IBM Tivoli
Monitoring, IBM Sterling Connect:Direct for UNIX, IBM Social Media Analytics,
IBM Rational Application Developer, IBM WebSphere Lombardi Edition, IBM Business
Process Manager, IBM Algo One, IBM Content Navigator and IBM Virtual I/O Server.
An attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and compromise a
vulnerable system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=isg3T1020893
URL:www.ibm.com/support/docview.wss?uid=isg3T1020894
URL:www.ibm.com/support/docview.wss?uid=isg3T1020895
URL:www.ibm.com/support/docview.wss?uid=isg3T1020896
URL:www.ibm.com/support/docview.wss?uid=swg21654970
URL:www.ibm.com/support/docview.wss?uid=swg21654973
URL:www.ibm.com/support/docview.wss?uid=swg21659489
URL:www.ibm.com/support/docview.wss?uid=swg21671340
URL:www.ibm.com/support/docview.wss?uid=swg21671958
URL:www.ibm.com/support/docview.wss?uid=swg21672822
URL:www.ibm.com/support/docview.wss?uid=swg21672835
URL:www.ibm.com/support/docview.wss?uid=swg21672887
URL:www.ibm.com/support/docview.wss?uid=swg21673098
URL:www.ibm.com/support/docview.wss?uid=swg21673101
URL:www.ibm.com/support/docview.wss?uid=swg21673410
URL:www.ibm.com/support/docview.wss?uid=swg21673715
URL:www.ibm.com/support/docview.wss?uid=swg21673847
URL:www.ibm.com/support/docview.wss?uid=swg21674113
URL:www.ibm.com/support/docview.wss?uid=swg21674310
URL:www.ibm.com/support/docview.wss?uid=swg21674435
URL:www.ibm.com/support/docview.wss?uid=swg21674493
URL:www.ibm.com/support/docview.wss?uid=swg21674613
URL:www14.software.ibm.com/webapp/set2/sas/f/vios/home.html#advise
URL:secunia.com/advisories/58520/
URL:secunia.com/advisories/58563/
URL:secunia.com/advisories/58636/
URL:secunia.com/advisories/58720/
URL:secunia.com/advisories/58746/
URL:secunia.com/advisories/58749/
URL:secunia.com/advisories/58750/
URL:secunia.com/advisories/58824/
URL:secunia.com/advisories/58845/
URL:secunia.com/advisories/58882/
URL:secunia.com/advisories/58900/
URL:secunia.com/advisories/58950/
URL:secunia.com/advisories/58968/
URL:secunia.com/advisories/58995/
URL:secunia.com/advisories/58997/
URL:secunia.com/advisories/59001/
URL:secunia.com/advisories/59003/
12.
Vulnerability in F5 ARX Series Products
(SOL15300)
[05/06/2014]
Vulnerability was identified in the bundled
Apache HTTP Server in F5 ARX Series products. An attacker could cause a denial
of service condition. This vulnerability affects versions 6.0.0 through 6.4.0 of
the mentioned
product.
URL:support.f5.com/kb/en-us/solutions/public/15000/300/sol15300.html
URL:secunia.com/advisories/58335/
13.
Vulnerability in F-Secure Products
(FSC-2014-5)
[05/06/2014] Vulnerability was identified in F-Secure Client Security,
F-Secure E-mail and Server Security, F-Secure Internet Security, F-Secure
Protection Service for Business Email and Server Security, F-Secure Safe
Anywhere PC and F-Secure Server Security. An attacker could obtain sensitive
information. This vulnerability affects multiple versions of the mentioned
products. Security patches are available to resolve this
vulnerability.
URL:www.f-secure.com/en/web/labs_global/fsc-2014-5
URL:secunia.com/advisories/58840
14.
Vulnerabilities in Huawei Campus Products
(Huawei-SA-20140604-01-Campus)
[05/06/2014] Vulnerabilities were identified in the Huawei Campus Series
Switches. An attacker could cause a denial of service condition. These
vulnerabilities affect firmware versions V200R003C00SPC300 and V200R003C00SPC500
of the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-343206.htm
15.
Vulnerability in WordPress
(93554)
[05/06/2014]
Vulnerability was identified in the Query
Interface Plugin for Wordpress. An attacker could bypass security restrictions.
This vulnerability affects versions prior to 1.2 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/93554
16.
Vulnerabilities in Rocket Servergraph
(93555, 93556, 93557)
[05/06/2014] Vulnerabilities were identified in the Rocket Servergraph. An
attacker could gain elevated privileges, execute arbitrary code and cause a
denial of service condition. The affected version was not
specified.
URL:xforce.iss.net/xforce/xfdb/93555
URL:xforce.iss.net/xforce/xfdb/93556
URL:xforce.iss.net/xforce/xfdb/93557
17.
Vulnerabilities in Oracle Linux
(ELSA-2014-0594, ELSA-2014-0597)
[05/06/2014] Vulnerabilities were identified in the gnutls and squid
packages for Oracle Linux 5 and 6. An attacker could cause a denial of service
condition. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:linux.oracle.com/errata/ELSA-2014-0594.html
URL:linux.oracle.com/errata/ELSA-2014-0597.html
URL:secunia.com/advisories/58738/
URL:secunia.com/advisories/59021/
18.
Security Updates in Debian (DSA-2945-1,
DSA-2946-1, DSA-2947-1, DSA-2948-1)
[05/06/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the chkrootkit, python-gnupg, libav and python-bottle packages for multiple
versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, gain elevated privileges, execute arbitrary code and
compromise the
system.
URL:www.debian.org/security/2014/dsa-2945
URL:www.debian.org/security/2014/dsa-2946
URL:www.debian.org/security/2014/dsa-2947
URL:www.debian.org/security/2014/dsa-2948
19.
Security Updates in Gentoo Linux (GLSA
201406-04, GLSA 201406-05)
[05/06/2014] Gentoo has
released security update packages for fixing the vulnerabilities identified in
the systemtap and mutt packages for multiple versions of Gentoo Linux. Due to
multiple errors, an attacker could cause a denial of service condition and
execute arbitrary
code.
URL:www.gentoo.org/security/en/glsa/glsa-201406-04.xml
URL:www.gentoo.org/security/en/glsa/glsa-201406-05.xml
20.
Security Updates in SUSE
(SUSE-SU-2014:0758-1)
[05/06/2014] SUSE has
released security update packages for fixing the vulnerability identified in the
gnutls package for SUSE Linux Enterprise 11. An attacker could bypass security
restrictions and cause a denial of service
condition.
URL:lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html
21.
Security Updates in Ubuntu GNU/Linux
(usn-2230-1)
[05/06/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the chkrootkit package for versions 10.04 LTS, 12.04 LTS, 13.10 and 14.04 LTS of
Ubuntu GNU/Linux. An attacker could gain elevated privileges and execute
arbitrary code.
URL:www.ubuntu.com/usn/usn-2230-1/
22.
Vulnerabilities in McAfee Network Data
Loss Prevention (SB10074)
[04/06/2014] Vulnerabilities were identified in the McAfee Network Data
Loss Prevention. An attacker could bypass certain security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and compromise a vulnerable system. These vulnerabilities affect
versions prior to 9.3.2 (RTW) of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:kc.mcafee.com/corporate/index?page=content&id=SB10074
URL:www.hkcert.org/my_url/en/alert/14060402
23.
Vulnerabilities in Google Compute Engine
VMs (93536)
[04/06/2014] Vulnerabilities were identified in the Google Compute Engine
VMs. An attacker could cause a denial of service condition. The affected version
was not
specified.
URL:xforce.iss.net/xforce/xfdb/93536
24.
Vulnerability in GNU libtasn1 (93535,
93538, 93539)
[04/06/2014] Vulnerability was identified in the GNU libtasn1. An attacker
could cause a denial of service condition and crash the application. This
vulnerability affects versions prior to 3.6 of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/93535
URL:xforce.iss.net/xforce/xfdb/93538
URL:xforce.iss.net/xforce/xfdb/93539
25.
Vulnerability in WordPress
(93549)
[04/06/2014]
Vulnerability was identified in the
DZS-VideoGallery Plugin for WordPress. An attacker could obtain sensitive
information and perform cross-site scripting attacks. The affected version was
not
specified.
URL:xforce.iss.net/xforce/xfdb/93549
26.
Security Updates in Red Hat Products
(RHSA-2014:0593-1, RHSA-2014:0594-1, RHSA-2014:0595-1, RHSA-2014:0596-1,
RHSA-2014:0597-1)
[04/06/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the kernel, gnutls, libtasn1 and squid packages for Red Hat Enterprise Linux
5 and 6. Due to multiple errors, an attacker could bypass security restrictions,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and crash the
application.
URL:rhn.redhat.com/errata/RHSA-2014-0593.html
URL:rhn.redhat.com/errata/RHSA-2014-0594.html
URL:rhn.redhat.com/errata/RHSA-2014-0595.html
URL:rhn.redhat.com/errata/RHSA-2014-0596.html
URL:rhn.redhat.com/errata/RHSA-2014-0597.html
27.
Vulnerabilities in Microsoft
Windows
[03/06/2014]
Vulnerabilities were identified in the Microsoft
Windows. An attacker could bypass security restrictions, cause a denial of
service condition and crash the system. These vulnerabilities affect versions 8
Enterprise, 8.1 Professional and possibly other versions of the mentioned
product.
URL:www.hkcert.org/my_url/en/alert/14060301
URL:secunia.com/advisories/58891/
28.
Vulnerabilities in IBM Products (1671201,
1671261, 1671748, 1673224, 1674016, 1674017, 1674075, 1674191,
1674379)
[03/06/2014]
Vulnerabilities were identified in the IBM
Sametime Meeting Server, IBM Web Experience Factory, IBM WebSphere Dashboard
Framework, IBM Lotus Widget Factory, IBM InfoSphere Information Server, IBM
InfoSphere Data Click, IBM WebSphere Partner Gateway Advanced/Enterprise
Edition, IBM WebSphere Partner Gateway Express, IBM InfoSphere Guardium Database
Activity Monitoring, IBM WebSphere Sensor Events and IBM Tivoli Integrated
Portal. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
compromise a vulnerable system. These vulnerabilities affect multiple versions
of the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21671201
URL:www.ibm.com/support/docview.wss?uid=swg21671261
URL:www.ibm.com/support/docview.wss?uid=swg21671748
URL:www.ibm.com/support/docview.wss?uid=swg21673224
URL:www.ibm.com/support/docview.wss?uid=swg21674016
URL:www.ibm.com/support/docview.wss?uid=swg21674017
URL:www.ibm.com/support/docview.wss?uid=swg21674075
URL:www.ibm.com/support/docview.wss?uid=swg21674191
URL:www.ibm.com/support/docview.wss?uid=swg21674379
URL:secunia.com/advisories/58647/
URL:secunia.com/advisories/58662/
URL:secunia.com/advisories/58670/
URL:secunia.com/advisories/58864/
URL:secunia.com/advisories/58865/
URL:secunia.com/advisories/58866/
URL:secunia.com/advisories/58905/
URL:secunia.com/advisories/58929/
29.
Vulnerability in Dell Products
(VU#124908)
[03/06/2014] Vulnerability was identified in the Dell ML6000 and Quantum
Scalar i500 tape backup system. An attacker could bypass certain security
restrictions, execute arbitrary code and perform code injection attacks. This
vulnerability affects multiple firmware versions of the mentioned products.
Security patches are available to resolve this
vulnerability.
URL:www.kb.cert.org/vuls/id/124908
URL:xforce.iss.net/xforce/xfdb/93496
30.
Vulnerability in Huawei Devices
(VU#325636)
[03/06/2014] Vulnerability was identified in the Huawei E303 wireless
broadband devices. An attacker could perform cross-site request forgery attacks.
This vulnerability affects firmware version 22.157.18.00.858 of the mentioned
products.
URL:www.kb.cert.org/vuls/id/325636
URL:xforce.iss.net/xforce/xfdb/93495
31.
Vulnerabilities in VMware Products
(VMSA-2014-0005)
[03/06/2014] Vulnerabilities were identified in the VMware Workstation,
VMware Player, VMware Fusion, VMware ESXi and VMware vCenter Server Appliance.
An attacker could bypass certain security restrictions, gain elevated
privileges, execute arbitrary code and cause a denial of service condition.
These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these vulnerabilities of VMware
Workstation, Player, Fusion and
ESXi.
URL:www.vmware.com/security/advisories/VMSA-2014-0005.html
URL:xforce.iss.net/xforce/xfdb/93498
URL:xforce.iss.net/xforce/xfdb/93497
32.
Vulnerability in webEdition CMS
(93471)
[03/06/2014]
Vulnerability was identified in the webEdition
CMS. An attacker could bypass certain security restrictions and execute
arbitrary code. This vulnerability affects version 6.1.0.2 of the mentioned
products. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/93471
33.
Vulnerabilities in
PHP
[03/06/2014] Vulnerabilities were identified in the PHP. An
attacker could bypass certain security restrictions and cause a denial of
service condition. These vulnerabilities affect versions prior to 5.4.29 and
5.5.13 of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:www.php.net/ChangeLog-5.php#5.4.29
URL:www.php.net/ChangeLog-5.php#5.5.13
URL:secunia.com/advisories/58804/
34.
Vulnerability in GnuTLS
(GNUTLS-SA-2014-3)
[03/06/2014] Vulnerability was identified in the GnuTLS. An attacker could
bypass certain security restrictions, execute arbitrary code, cause a denial of
service condition and compromise the application. This vulnerability affects
versions prior to 3.1.25, prior to 3.2.15, and prior to 3.3.4 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:www.gnutls.org/security.html#GNUTLS-SA-2014-3
URL:www.hkcert.org/my_url/en/alert/14060302
URL:secunia.com/advisories/58340/
35.
Vulnerability in
Samba
[03/06/2014]
Vulnerability was identified in the Samba. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects versions prior to 4.1.8 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.samba.org/samba/security/CVE-2014-0178
URL:xforce.iss.net/xforce/xfdb/93455
36.
Vulnerability in
WordPress
[03/06/2014]
Vulnerability was identified in the Query
Interface plugin for WordPress. An attacker could bypass security restrictions
and execute arbitrary code. This vulnerability affects versions prior to 1.2 of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=907243%40query-interface&old=899114%40query-interface
URL:secunia.com/advisories/58380/
37.
Vulnerabilities in
OpenVZ
[03/06/2014]
Vulnerabilities were identified in the OpenVZ.
An attacker could bypass security restrictions, gain elevated privileges,
execute arbitrary code and compromise a vulnerable system. These vulnerabilities
affect versions prior to 042stab090.2 of the mentioned product. Security patches
are available to resolve these
vulnerabilities.
URL:wiki.openvz.org/Download/kernel/rhel6/042stab090.2
URL:secunia.com/advisories/58926/
38.
Security Updates in Debian (DSA-2939-1,
DSA-2941-1, DSA-2942-1, DSA-2943-1, DSA-2944-1)
[03/06/2014] Debian has released security update packages for fixing the
vulnerabilities identified in the chromium-browser, lxml, typo3-src, php5 and
gnutls26 for multiple versions of Debian GNU/Linux. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, perform cross-site scripting
attacks, cause a denial of service condition and crash the
application.
URL:www.debian.org/security/2014/dsa-2939
URL:www.debian.org/security/2014/dsa-2941
URL:www.debian.org/security/2014/dsa-2942
URL:www.debian.org/security/2014/dsa-2943
URL:www.debian.org/security/2014/dsa-2944
URL:secunia.com/advisories/58920/
39.
Security Updates in Gentoo Linux (GLSA
201406-01, GLSA 201406-02, GLSA 201406-03)
[03/06/2014] Gentoo has
released security update packages for fixing the vulnerabilities identified in
the dbus, libarchive and fail2ban packages for multiple versions of Gentoo
Linux. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and crash the
application.
URL:www.gentoo.org/security/en/glsa/glsa-201406-01.xml
URL:www.gentoo.org/security/en/glsa/glsa-201406-02.xml
URL:www.gentoo.org/security/en/glsa/glsa-201406-03.xml
40.
Security Updates in Red Hat Products
(RHSA-2014:0591-1)
[03/06/2014] Red Hat
has released security update packages for fixing the vulnerability identified in
the JBoss Enterprise Application Platform for Red Hat Enterprise Linux 4, 5, and
6. An attacker could bypass security restrictions and execute arbitrary
code.
URL:rhn.redhat.com/errata/RHSA-2014-0591.html
41.
Security Updates in Slackware
(SSA:2014-152-01)
[03/06/2014] Slackware
has released security update packages for fixing the vulnerabilities identified
in the mariadb package for version 14.1 of Slackware Linux. An attacker could
bypass security restriction, obtain sensitive information, gain elevated
privileges, execute arbitrary code and cause a denial of service
condition.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.379108
42.
Security Updates in SUSE
(SUSE-SU-2014:0728-3)
[03/06/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the IBM Java 6 packages for SUSE Linux Enterprise Server 11. An attacker could
bypass security restrictions, gain elevated privileges, execute arbitrary code
and cause a denial of service
condition.
URL:lists.opensuse.org/opensuse-security-announce/2014-06/msg00001.html
43.
Security Updates in Ubuntu GNU/Linux
(usn-2229-1)
[03/06/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the gnutls26 package for versions 10.04LTS, 12.04 LTS, 13.10 and 14.04 LTS of
Ubuntu GNU/Linux. An attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the
application.
URL:www.ubuntu.com/usn/usn-2229-1/
No comments:
Post a Comment