1. Vulnerabilities in IBM Multi-Enterprise Integration Gateway
(1681379)
[22/08/2014]
Vulnerabilities were identified in the IBM
Multi-Enterprise Integration Gateway. An attacker could obtain sensitive
information. These vulnerabilities affect versions 1.0 and 1.0.0.1 of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21681379
2. Vulnerability in Symantec products
(SYM14-014)
[22/08/2014] Vulnerability was identified in the Symantec PGP Desktop and
Symantec Encryption Desktop. An attacker could cause a denial of service
condition. This vulnerability affects versions prior to 10.3.2 Maintenance Pack
3 of the mentioned products. Security patches are available to resolve this
vulnerability.
URL:www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2014&suid=20140821_00
URL:xforce.iss.net/xforce/xfdb/95406
3. Vulnerability in PHP
(95405)
[22/08/2014]
Vulnerability was identified in the PHP. An
attacker could cause a buffer overflow, execute arbitrary code and crash the
system. This vulnerability affects versions 5.3 and 5.4.0 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95405
4. Vulnerability in Lua
(95390)
[22/08/2014]
Vulnerability was identified in the Lua. An
attacker could cause a buffer overflow, execute arbitrary code and crash the
system. This vulnerability affects versions prior to 5.2.2 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95390
5. Vulnerability in SaltStack
(95392)
[22/08/2014]
Vulnerability was identified in the SaltStack.
An attacker could gain elevated privileges and launch a symlink attack. This
vulnerability affects versions prior to 2014.1.10 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95392
6. Security Updates in openSUSE (openSUSE-SU-2014:1045-1,
openSUSE-SU-2014:1047-1)
[22/08/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the apache2 and apache2-mod_security2 packages for openSUSE 12.3 and 13.1. Due
to multiple errors, an attacker could cause a denial of service condition and
bypass security
restrictions.
URL:lists.opensuse.org/opensuse-updates/2014-08/msg00032.html
URL:lists.opensuse.org/opensuse-updates/2014-08/msg00034.html
7. Security Updates in Debian (DSA-2940-1,
DSA-3008-1)
[22/08/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the libstruts1.2-java and php5 packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2014/dsa-2940
URL:www.debian.org/security/2014/dsa-3008
8. Security Updates in Red Hat Products
(RHSA-2014:1084-1, RHSA-2014:1087-1,
RHSA-2014:1088-1)
[22/08/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the openstack-nova package for Red Hat Enterprise Linux OpenStack Platform
4.0, and the Red Hat JBoss Web Server 2.1.0 for Red Hat Enterprise Linux 5 and
6. Due to multiple errors, an attacker could bypass security restrictions, gain
elevated privileges, cause a buffer overflow, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2014-1084.html
URL:rhn.redhat.com/errata/RHSA-2014-1087.html
URL:rhn.redhat.com/errata/RHSA-2014-1088.html
9. Security Updates in Ubuntu GNU/Linux (USN-2311-2,
USN-2321-1, USN-2322-1, USN-2323-1, USN-2324-1,
USN-2325-1)
[22/08/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
ceilometer, neutron, glance, horizon, keystone and nova packages for version
14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker could obtain
sensitive information, cause a denial of service condition, crash the system,
conduct cross-site scripting attacks and gain elevated
privileges.
URL:www.ubuntu.com/usn/usn-2311-2/
URL:www.ubuntu.com/usn/usn-2321-1/
URL:www.ubuntu.com/usn/usn-2322-1/
URL:www.ubuntu.com/usn/usn-2323-1/
URL:www.ubuntu.com/usn/usn-2324-1/
URL:www.ubuntu.com/usn/usn-2325-1/
10.
Information Updates on Microsoft Security
Bulletin (MS14-049)
[21/08/2014] Microsoft
has updated information on the Security Bulletin for Microsoft Windows. MS14-049
was revised to add prerequisite information for customers running Windows Server
2003 who install updates
manually.
URL:technet.microsoft.com/library/security/ms14-049
11.
Vulnerability in Apache Axis and Axis2
(AXIS-2905)
[21/08/2014] Vulnerability was identified in the Apache Axis and Axis2. An
attacker could bypass security restrictions, execute arbitrary code and perform
spoofing attacks. This vulnerability affects version 1.4 of Apache Axis, and
version 1.6.2 of Apache Axis2. Security patches are available to resolve this
vulnerability.
URL:issues.apache.org/jira/browse/AXIS-2905
URL:xforce.iss.net/xforce/xfdb/95377
12.
Vulnerabilities in IBM Products (1680826,
1681649, 1681651, 1680403)
[21/08/2014] Vulnerabilities were identified in the IBM Network Intrusion
Prevention System, IBM InfoSphere Master Data Management - Collaborative Edition
and IBM InfoSphere Master Data Management Server for Product Information
Management. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise a vulnerable system. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21680826
URL:www.ibm.com/support/docview.wss?uid=swg21681649
URL:www.ibm.com/support/docview.wss?uid=swg21681651
URL:www.ibm.com/support/docview.wss?uid=swg21680403
13.
Vulnerabilities in EMC RSA Archer GRC
(95360, 95361)
[21/08/2014] Vulnerabilities were identified in the EMC RSA Archer GRC. An
attacker could bypass security restrictions, execute arbitrary code, perform
code injection and cross-site scripting attacks. These vulnerabilities affect
versions prior to 5.5 SP1 of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/95360
URL:xforce.iss.net/xforce/xfdb/95361
14.
Vulnerability in Huawei Campus Switches
(Huawei-SA-20140820-01-Campus Switch)
[21/08/2014] Vulnerability was identified in the Huawei Campus Switches
S9300/S9300E/S7700/S9700. An attacker could obtain sensitive information. This
vulnerability affects multiple firmware versions of the mentioned products.
Security patches are available to resolve this
vulnerability.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-362701.htm
URL:xforce.iss.net/xforce/xfdb/95379
15.
Vulnerability in C++ Builder and
Embarcadero Delphi (CORE-2014-0004)
[21/08/2014] Vulnerability was identified in the C++ Builder and
Embarcadero Delphi. An attacker could execute arbitrary code, cause a denial of
service condition and crash the system. This vulnerability affects multiple
versions of the mentioned products. Security patches are available to resolve
this
vulnerability.
URL:www.coresecurity.com/advisories/delphi-and-c-builder-vcl-library-buffer-overflow
URL:xforce.iss.net/xforce/xfdb/95380
16.
Vulnerability in Panda Security Products
(95382)
[21/08/2014]
Vulnerability was identified in the Panda
Antivirus, Panda Global Protection and Panda Internet Security. An attacker
could execute arbitrary code, gain elevated privileges, cause a denial of
service condition and crash the system. This vulnerability affects multiple
versions of the mentioned products. Security patches are available to resolve
this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95382
17.
Vulnerability in ESET Personal Firewall
(95381)
[21/08/2014]
Vulnerability was identified in the ESET
Endpoint Security, ESET Firewall Module and ESET Smart Security. An attacker
could execute arbitrary code, gain elevated privileges, cause a denial of
service condition and crash the system. This vulnerability affects multiple
versions of the mentioned products. Security patches are available to resolve
this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95381
18.
Vulnerabilities in Mathias Kettner
check_mk (95383, 95384, 95385)
[21/08/2014] Vulnerabilities were identified in the Mathias Kettner
check_mk. An attacker could execute arbitrary code and perform cross-site
scripting attacks. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/95383
URL:xforce.iss.net/xforce/xfdb/95384
URL:xforce.iss.net/xforce/xfdb/95385
19.
Security Updates in Debian
(DSA-3007-1)
[21/08/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the cacti package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, execute arbitrary code,
perform cross-site scripting and code injection
attacks.
URL:www.debian.org/security/2014/dsa-3007
20.
Security Updates in Red Hat Products
(RHSA-2014:1078-1, RHSA-2014:1082-1,
RHSA-2014:1083-1)
[21/08/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the openstack-neutron package for Red Hat Enterprise Linux OpenStack Platform
4.0, the thermostat1-httpcomponents-client package for Red Hat Software
Collections 1, and the kernel-rt package for Red Hat Enterprise MRG v2. Due to
multiple errors, an attacker could bypass security restrictions, gain elevated
privileges, obtain sensitive information, execute arbitrary code, cause a denial
of service condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2014-1078.html
URL:rhn.redhat.com/errata/RHSA-2014-1082.html
URL:rhn.redhat.com/errata/RHSA-2014-1083.html
21.
Security Updates in Ubuntu GNU/Linux
(USN-2319-1, USN-2320-1)
[21/08/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openjdk-7 and oxide-qt packages for version 14.04 LTS of Ubuntu GNU/Linux.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code and
cause a denial of service
condition.
URL:www.ubuntu.com/usn/usn-2319-1/
URL:www.ubuntu.com/usn/usn-2320-1/
22.
Vulnerability in Apache
OFBiz
[20/08/2014]
Vulnerability was identified in the Apache Open
For Business Project (OFBiz). An attacker could bypass security restrictions,
execute arbitrary code and perform cross-site scripting attacks. This
vulnerability affects versions prior to 11.04.05 or 12.04.04 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:ofbiz.apache.org/
URL:xforce.iss.net/xforce/xfdb/95356
23.
Vulnerabilities in Cisco
Products
[20/08/2014]
Vulnerabilities were identified in the Cisco ASR
5000 Series Software and Cisco WebEx MeetMeNow. An attacker could bypass
security restrictions, obtain sensitive information and cause a denial of
service condition. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3340
URL:xforce.iss.net/xforce/xfdb/95357
URL:xforce.iss.net/xforce/xfdb/95358
24.
Vulnerabilities in IBM Products (1677691,
1680603, 1681528)
[20/08/2014] Vulnerabilities were identified in the IBM Enterprise
Records, IBM Rational Build Forge and IBM UrbanCode. An attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code and
cause a denial of service condition. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21677691
URL:www.ibm.com/support/docview.wss?uid=swg21680603
URL:www.ibm.com/support/docview.wss?uid=swg21681528
25.
Vulnerability in Ruby on
Rails
[20/08/2014]
Vulnerability was identified in the Ruby on
Rails. An attacker could bypass security restrictions and execute arbitrary
code. This vulnerability affects multiple versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:weblog.rubyonrails.org/2014/8/18/Rails_4_0_9_and_4_1_5_have_been_released/
URL:xforce.iss.net/xforce/xfdb/95333
26.
Vulnerability in OpenStack Glance
(95359)
[20/08/2014]
Vulnerability was identified in the OpenStack
Glance. An attacker could cause a denial of service condition. This
vulnerability affects versions 2013.2 and 2013.2.3 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95359
27.
Security Updates in Oracle
Solaris
[20/08/2014]
Oracle has released security update packages for
fixing the vulnerabilities identified in the International Components for
Unicode (ICU), Libxml2, OpenStack Identity (Keystone), Wireshark, OpenStack
Horizon and Samba packages for Oracle Solaris 10, 11.1 and 11.2. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, perform
cross-site scripting attacks, cause a denial of service condition and crash the
system.
URL:blogs.oracle.com/sunsecurity/entry/cve_2013_0900_race_conditions
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0191_denial_of
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3520_privilege_escalation
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_4020_numeric_errors
URL:blogs.oracle.com/sunsecurity/entry/multiple_cross_site_scripting_xss1
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1
28.
Security Updates in Red Hat Products
(RHSA-2014:1075-1, RHSA-2014:1076-1)
[20/08/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the qemu-kvm package for Red Hat Enterprise Linux 6 and the qemu-kvm-rhev
package for Red Hat Enterprise Virtualization 3. Due to multiple errors, an
attacker could bypass security restrictions, gain elevated privileges and
execute arbitrary
code.
URL:rhn.redhat.com/errata/RHSA-2014-1075.html
URL:rhn.redhat.com/errata/RHSA-2014-1076.html
29.
Vulnerabilities in Apache HttpComponents
(95327, 95328)
[19/08/2014] Vulnerabilities were identified in the Apache HttpComponents.
An attacker could bypass security restrictions, obtain sensitive information and
execute arbitrary code. These vulnerabilities affect versions prior to 4.3.5 of
the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/95327
URL:xforce.iss.net/xforce/xfdb/95328
30.
Vulnerability in Cisco NX-OS
Software
[19/08/2014]
Vulnerability was identified in the Cisco NX-OS
Software. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects multiple versions of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3341
URL:xforce.iss.net/xforce/xfdb/95329
31.
Vulnerability in HP Operations Agent
(c04394554)
[19/08/2014] Vulnerability was identified in the HP Operations Agent. An
attacker could bypass security restrictions and gain elevated privileges. This
vulnerability affects versions prior to v11.00 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04394554
32.
Vulnerabilities in IBM Products (1670854,
1681047)
[19/08/2014]
Vulnerabilities were identified in the IBM
Monitoring Agent for UNIX OS, IBM Universal Agent and IBM WebSphere Cast Iron.
An attacker could bypass security restrictions, gain elevated privileges and
obtain sensitive information. These vulnerabilities affect multiple versions of
the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21670854
URL:www.ibm.com/support/docview.wss?uid=swg21681047
33.
Vulnerability in VMTurbo Operations
Manager (95319)
[19/08/2014] Vulnerability was identified in the VMTurbo Operations
Manager. An attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary code. This vulnerability affects versions 4.5
and 4.6 of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/95319
34.
Vulnerability in Drupal Notify Module
(DRUPAL-SA-CONTRIB-2014-078)
[19/08/2014] Vulnerability was identified in the Drupal Notify Module. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects versions prior to 7.x-1.1 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.drupal.org/node/2320741
URL:www.hkcert.org/my_url/en/alert/14081901
35.
Vulnerability in Web Encryption Extension
(WEE-2014-7)
[19/08/2014] Vulnerability was identified in the Web Encryption Extension.
An attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code and compromise a vulnerable system. This vulnerability
affects versions prior to 3.0 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:senderek.ie/archive/2014/WEE-security-advisory-2014-7.php
36.
Vulnerability in Disqus comment system
plugin for WordPress (95316)
[19/08/2014] Vulnerability was identified in the Disqus comment system
plugin for WordPress. An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, perform cross-site scripting
attacks and cause a denial of service condition. This vulnerability affects
versions prior to 2.7.6 of the mentioned product. Security patches are available
to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95316
37.
Vulnerability in FreeNAS
(95326)
[19/08/2014]
Vulnerability was identified in the FreeNAS. An
attacker could bypass security restrictions, obtain sensitive information and
execute arbitrary code. This vulnerability affects versions 9.2.1.7 of the
mentioned
product.
URL:xforce.iss.net/xforce/xfdb/95326
38.
Security Updates in Debian
(DSA-3006-1)
[19/08/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the xen package for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, obtain sensitive information, cause a denial of
service condition and crash the
system.
URL:www.debian.org/security/2014/dsa-3006
39.
Security Updates in Red Hat Products
(RHSA-2014:1073-1)
[19/08/2014] Red Hat
has released security update packages for fixing the vulnerability identified in
the nss, nss-util and nss-softokn packages for Red Hat Enterprise Linux 7. An
attacker could bypass security
restrictions.
URL:rhn.redhat.com/errata/RHSA-2014-1073.html
40.
Security Updates in SUSE
(SUSE-SU-2014:1035-1)
[19/08/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the flash-player packages for SUSE Linux Enterprise 11. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information and
execute arbitrary
code.
URL:lists.opensuse.org/opensuse-security-announce/2014-08/msg00011.html
41.
Security Updates in Ubuntu GNU/Linux
(USN-2232-4, USN-2317-1, USN-2318-1)
[19/08/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openssl, linux-lts-trusty and linux packages for versions 10.04 LTS, 12.04
LTS and 14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code and cause a denial of service
condition.
URL:www.ubuntu.com/usn/usn-2232-4/
URL:www.ubuntu.com/usn/usn-2317-1/
URL:www.ubuntu.com/usn/usn-2318-1/
42.
Information Updates on Microsoft Security
Bulletin (MS14-045)
[18/08/2014] Microsoft
has updated information on the Security Bulletin for Microsoft Windows. MS14-045
was revised to remove Download Center links for Microsoft security update
2982791. Microsoft recommends that customers uninstall this
update.
URL:technet.microsoft.com/library/security/ms14-045
43.
Vulnerabilities in IBM Products (IT01111,
1237631, 1677387, 1678204, 1679713, 1679726, 1680234, 1680418, 1680703, 1681213,
1681256)
[18/08/2014]
Vulnerabilities were identified in the IBM
WebSphere DataPower SOA Appliances, IBM SmartCloud Provisioning, IBM Business
Process Manager, IBM WebSphere Lombardi Edition, IBM Rational Software
Architect, IBM WebSphere Application Server, IBM Sterling B2B Integrator, IBM
Sterling File Gateway and IBM Curam Social Program Management. An attacker could
bypass security restrictions, obtain sensitive information, execute arbitrary
code, perform cross-site scripting attacks and cause a denial of service
condition. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg1IT01111
URL:www.ibm.com/support/docview.wss?uid=swg21237631
URL:www.ibm.com/support/docview.wss?uid=swg21677387
URL:www.ibm.com/support/docview.wss?uid=swg21678204
URL:www.ibm.com/support/docview.wss?uid=swg21679713
URL:www.ibm.com/support/docview.wss?uid=swg21679726
URL:www.ibm.com/support/docview.wss?uid=swg21680234
URL:www.ibm.com/support/docview.wss?uid=swg21680418
URL:www.ibm.com/support/docview.wss?uid=swg21680703
URL:www.ibm.com/support/docview.wss?uid=swg21681213
URL:www.ibm.com/support/docview.wss?uid=swg21681256
URL:xforce.iss.net/xforce/xfdb/94112
44.
Vulnerability in Novell Open Enterprise
Server (7014420)
[18/08/2014] Vulnerability was identified in the Novell Open Enterprise
Server 11. An attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary code. This vulnerability affects versions
prior to OES11 SP2 - 9413 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:www.novell.com/support/kb/doc.php?id=7014420
45.
Vulnerabilities in Disqus comment system
plugin for WordPress (95288, 95289)
[18/08/2014] Vulnerabilities were identified in the Disqus comment system
plugin for WordPress. An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code. perform cross-site scripting
attacks and cause a denial of service condition. These vulnerabilities affect
version 2.7.5 of the mentioned product. Security patches are available to
resolve these
vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/95288
URL:xforce.iss.net/xforce/xfdb/95289
46.
Security Updates in Oracle Linux
(ELSA-2014-1053)
[18/08/2014] Oracle has
released security update packages for fixing the vulnerabilities identified in
the openssl packages for Oracle Linux 5. An attacker could obtain sensitive
information, execute arbitrary code and cause a denial of service
condition.
URL:linux.oracle.com/errata/ELSA-2014-1053.html
47.
Security Updates in Gentoo Linux (GLSA
201408-07)
[18/08/2014]
Gentoo has released security update packages for
fixing the vulnerabilities identified in the modplug package for multiple
versions of Gentoo Linux. Due to multiple errors, an attacker could bypass
security restrictions, gain elevated privileges, execute arbitrary code and
cause a denial of service
condition.
URL:www.gentoo.org/security/en/glsa/glsa-201408-07.xml
48.
Security Updates in SUSE
(SUSE-SU-2014:1028-1, openSUSE-SU-2014:1029-1)
[18/08/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the krb5 package for SUSE Linux Enterprise 11, the flash-player packages for
openSUSE 11.4. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code and
compromise a vulnerable
system.
URL:lists.opensuse.org/opensuse-security-announce/2014-08/msg00009.html
URL:lists.opensuse.org/opensuse-security-announce/2014-08/msg00010.html
No comments:
Post a Comment