1. Vulnerabilities in IBM Products (1674922, 1678131, 1678132,
1678663, 1679983, 7014224, MIGR-5095985)
[08/08/2014] Vulnerabilities were identified in the IBM WebSphere MQ, IBM
Rational Automation Framework, IBM WebSphere MQ Internet Pass-Thru, IBM
WebSphere MQ and IBM Systems Director. An attacker could obtain sensitive
information and cause a denial of service condition. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21674922
URL:www.ibm.com/support/docview.wss?uid=swg21678131
URL:www.ibm.com/support/docview.wss?uid=swg21678132
URL:www.ibm.com/support/docview.wss?uid=swg21678663
URL:www.ibm.com/support/docview.wss?uid=swg21679983
URL:www.ibm.com/support/docview.wss?uid=swg27014224
URL:www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095985
2. Vulnerabilities in Iridium Pilot and OpenPort
(VU#578598)
[08/08/2014] Vulnerabilities were identified in the Iridium Pilot and
OpenPort. An attacker could gain elevated privileges and execute arbitrary code.
These vulnerabilities affect multiple versions of the mentioned
product.
URL:www.kb.cert.org/vuls/id/578598
3. Vulnerabilities in Cobham Products (VU#179732, VU#269991,
VU#460687, VU#882207)
[08/08/2014] Vulnerabilities were identified in the Cobham thraneLINK
protocol, Cobham Sailor 900 and 6000 series satellite terminals, Cobham Aviator
700D and 700E series satellite terminals. An attacker could execute arbitrary
code and gain full control of the affected
devices.
URL:www.kb.cert.org/vuls/id/179732
URL:www.kb.cert.org/vuls/id/269991
URL:www.kb.cert.org/vuls/id/460687
URL:www.kb.cert.org/vuls/id/882207
4. Vulnerabilities in EDK2
(VU#552286)
[08/08/2014] Vulnerabilities were identified in the EDK2. An attacker
could cause a buffer overflow, execute arbitrary code, bypass security
restrictions and cause a denial of service condition. These vulnerabilities
affect multiple versions of the mentioned
product.
URL:www.kb.cert.org/vuls/id/552286
5. Vulnerability in Ignite Realtime Smack API
(95138)
[08/08/2014]
Vulnerability was identified in the Ignite
Realtime Smack API. An attacker could perform spoofing attacks. This
vulnerability affects versions prior to 4.0.2 of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95138
6. Vulnerability in WordPress
(95154)
[08/08/2014]
Vulnerability was identified in the WordPress.
An attacker could cause a denial of service condition. This vulnerability
affects versions prior to 3.9.2 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95154
7. Vulnerabilities in GNU GCC (95119,
95120)
[08/08/2014]
Vulnerabilities were identified in the GNU GCC.
An attacker could bypass security restrictions, execute arbitrary code and cause
a denial of service condition. These vulnerabilities affect version 4.8.0 of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/95119
URL:xforce.iss.net/xforce/xfdb/95120
8. Vulnerability in librsync
(95117)
[08/08/2014]
Vulnerability was identified in the librsync. An
attacker could cause a denial of service condition. The affected version was not
specified.
URL:xforce.iss.net/xforce/xfdb/95117
9. Security Updates in Oracle Linux (ELSA-2014-1004,
ELSA-2014-1012)
[08/08/2014] Oracle has
released security update packages for fixing the vulnerability identified in the
yum-updatesd, php53 and php packages for Oracle Linux 5 and 6. An attacker could
perform spoofing attacks, obtain sensitive information, cause a denial of
service condition and compromise a vulnerable
system.
URL:linux.oracle.com/errata/ELSA-2014-1004.html
URL:linux.oracle.com/errata/ELSA-2014-1012.html
10.
Security Updates in Mandriva
(MDVSA-2014:155, MDVSA-2014:156)
[08/08/2014] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the kernel packages for version MBS1 of Mandriva GNU/Linux. Due to multiple
errors, an attacker could gain elevated privileges, obtain sensitive information
and cause a denial of service
condition.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:155/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:156/
11.
Security Updates in Red Hat Products
(RHSA-2014:1031-1, RHSA-2014:1032-1, RHSA-2014:1033-1, RHSA-2014:1034-1,
RHSA-2014:1036-1)
[08/08/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the 389-ds-base, redhat-ds-base, java-1.6.0-ibm, tomcat and java-1.5.0-ibm
packages for Red Hat Enterprise Linux 5, 6 and 7, and Red Hat Directory Server
8. Due to multiple errors, an attacker could bypass security restrictions and
obtain sensitive
information.
URL:rhn.redhat.com/errata/RHSA-2014-1031.html
URL:rhn.redhat.com/errata/RHSA-2014-1032.html
URL:rhn.redhat.com/errata/RHSA-2014-1033.html
URL:rhn.redhat.com/errata/RHSA-2014-1034.html
URL:rhn.redhat.com/errata/RHSA-2014-1036.html
12.
Security Updates in SUSE
(SUSE-SU-2014:0969-1)
[08/08/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the mod_security packages for openSUSE 11.4. Due to multiple errors, an attacker
could bypass security restrictions, crash the system, obtain sensitive
information and cause a denial of service
condition.
URL:lists.opensuse.org/opensuse-security-announce/2014-08/msg00004.html
13.
Security Updates in Ubuntu GNU/Linux
(USN-2308-1)
[08/08/2014] Ubuntu has
released security update package for fixing the vulnerability identified in the
openssl packages for version 10.04 LTS, 12.04 LTS and 14.04 LTS of Ubuntu
GNU/Linux. An attacker could bypass security restrictions, cause a denial of
service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2308-1/
14. Vulnerabilities in Cisco Products
(cisco-sa-20140806-energywise)
[07/08/2014] Vulnerabilities were identified in the Cisco IOS, Cisco IOS
XE, Cisco Enterprise Content Delivery System (ECDS), Cisco Unified
Communications Manager and Cisco Unity Connection. An attacker could bypass
security restrictions, gain elevated privileges, obtain sensitive information,
execute arbitrary code and cause a denial of service condition. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140806-energywise
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2003-1567
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3332
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3333
URL:www.hkcert.org/my_url/en/alert/14080701
URL:www.us-cert.gov/ncas/current-activity/2014/08/06/CISCO-Releases-Advisory-Cisco-IOS-and-Cisco-IOS-XE
15.
Vulnerabilities in IBM Products (1678139,
1678353, 1679287, 1680333, 1680490, 1680546, 1680714, 1680716, 1680754,
MIGR-5095982, MIGR-5096059, MIGR-5096060)
[07/08/2014] Vulnerabilities were identified in the IBM Rational
Functional Tester, IBM Rational Business Developer, IBM Rational Reporting for
Development Intelligence, IBM WebSphere Real Time, IBM Rational Synergy, IBM
Campaign, IBM Contact Optimization, IBM Distributed Marketing, IBM Interact, IBM
Leads, IBM Predictive Insight, IBM WebSphere Application Server Community
Edition, IBM BladeCenter Advanced Management Module and IBM Systems Director
Storage Control. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise a vulnerable system. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21678139
URL:www.ibm.com/support/docview.wss?uid=swg21678353
URL:www.ibm.com/support/docview.wss?uid=swg21679287
URL:www.ibm.com/support/docview.wss?uid=swg21680333
URL:www.ibm.com/support/docview.wss?uid=swg21680490
URL:www.ibm.com/support/docview.wss?uid=swg21680546
URL:www.ibm.com/support/docview.wss?uid=swg21680714
URL:www.ibm.com/support/docview.wss?uid=swg21680716
URL:www.ibm.com/support/docview.wss?uid=swg21680754
URL:www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095982
URL:www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096059
URL:www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096060
URL:secunia.com/advisories/59664/
URL:secunia.com/advisories/59680/
URL:secunia.com/advisories/60534/
URL:secunia.com/advisories/60547/
URL:secunia.com/advisories/60550/
URL:secunia.com/advisories/60568/
URL:secunia.com/advisories/60591/
URL:secunia.com/advisories/60627/
URL:secunia.com/advisories/60644/
URL:secunia.com/advisories/60655/
URL:secunia.com/advisories/60656/
URL:secunia.com/advisories/60658/
URL:secunia.com/advisories/60659/
URL:secunia.com/advisories/60660/
URL:secunia.com/advisories/60663/
16.
Vulnerability in Novell eDirectory
(5189092)
[07/08/2014]
Vulnerability was identified in the Novell
eDirectory. An attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary code. This vulnerability affects versions
prior to 8.8 Support Pack 7 Patch 6 of the mentioned product. Security patches
are available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=kk-3xDZMc9c~
17.
Vulnerability in Huawei HiLink
(Huawei-SA-20140806-01-HiLink)
[07/08/2014] Vulnerability was identified in the Huawei HiLink E3236 and
E3276. An attacker could bypass security restrictions, execute arbitrary code
and perform cross-site request forgery attacks. This vulnerability affects
multiple versions of the mentioned products. Security patches are available to
resolve this
vulnerability.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-360246.htm
18.
Vulnerabilities in
OpenSSL
[07/08/2014]
Vulnerabilities were identified in the OpenSSL.
An attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code and cause a denial of service condition. These
vulnerabilities affect multiple versions of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:www.openssl.org/news/secadv_20140806.txt
19.
Vulnerability in
PHP
[07/08/2014] Vulnerability was identified in the PHP. An attacker
could cause a denial of service condition. This vulnerability affects versions
5.4 and 5.5 of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:bugs.php.net/bug.php?id=67705
URL:secunia.com/advisories/59709/
20.
Security Updates in Oracle Linux
(ELSA-2014-1009)
[07/08/2014] Oracle has
released security update packages for fixing the vulnerability identified in the
samba4 packages for Oracle Linux 6. An attacker could bypass security
restrictions and compromise a vulnerable
system.
URL:linux.oracle.com/errata/ELSA-2014-1009.html
URL:secunia.com/advisories/59891/
21.
Security Updates in Mandriva
(MDVSA-2014:149, MDVSA-2014:150, MDVSA-2014:151, MDVSA-2014:152, MDVSA-2014:153,
MDVSA-2014:154)
[07/08/2014] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the php, tor, cups, glibc, mediawiki and readline packages for version MBS1
of Mandriva GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, gain elevated privileges, obtain sensitive information, execute
arbitrary code and cause a denial of service
condition.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:149/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:150/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:151/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:152/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:153/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014:154/
22.
Security Updates in Red Hat Products
(RHSA-2014:1011-1, RHSA-2014:1012-1, RHSA-2014:1013-1,
RHSA-2014:1019-1)
[07/08/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the resteasy-base, php53 and php packages for Red Hat Enterprise Linux 5, 6
and 7, the Red Hat JBoss Enterprise Application Platform 6.3.0 packages for Red
Hat Enterprise Linux 5. Due to multiple errors, an attacker could bypass
security restrictions, gain elevated privileges, obtain sensitive information,
execute arbitrary code, cause a denial of service condition, crash the system
and compromise a vulnerable
system.
URL:rhn.redhat.com/errata/RHSA-2014-1011.html
URL:rhn.redhat.com/errata/RHSA-2014-1012.html
URL:rhn.redhat.com/errata/RHSA-2014-1013.html
URL:rhn.redhat.com/errata/RHSA-2014-1019.html
23.
Security Updates in SUSE
(SUSE-SU-2014:0967-1)
[07/08/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Apache Web Server package for SUSE Linux Enterprise 11. Due to multiple
errors, an attacker could bypass security restrictions and cause a denial of
service
condition.
URL:lists.opensuse.org/opensuse-security-announce/2014-08/msg00003.html
24.
Security Updates in Ubuntu GNU/Linux
(USN-2307-1)
[07/08/2014] Ubuntu has
released security update package for fixing the vulnerability identified in the
gpgme1.0 package for version 10.04 LTS, 12.04 LTS and 14.04 LTS of Ubuntu
GNU/Linux. An attacker could bypass security restrictions, execute arbitrary
code, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2307-1/
25. Vulnerability in Cisco Nexus 9000 Series
Switches
[06/08/2014]
Vulnerability was identified in the Cisco Nexus
9000 Series Switches. An attacker could bypass security restrictions and perform
code injection attacks. This vulnerability affects multiple OS versions of the
mentioned products. Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3330
26.
Vulnerabilities in IBM Products (1680440,
1680537)
[06/08/2014]
Vulnerabilities were identified in the IBM
Security Access Manager For Mobile and IBM Security AppScan. An attacker could
bypass security restrictions, execute arbitrary code, perform cross-site
scripting and man-in-the-middle attacks. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21680440
URL:www.ibm.com/support/docview.wss?uid=swg21680537
URL:secunia.com/advisories/60543/
URL:secunia.com/advisories/60562/
27.
Vulnerability in Synology Diskstation
Manager for NAS servers
[06/08/2014] Vulnerability was identified in the Synology Diskstation
Manager (DSM) for NAS servers. An attacker could bypass security restrictions
and execute arbitrary code. This vulnerability affects multiple versions of the
mentioned products. Security patches are available to resolve this
vulnerability.
URL:forum.synology.com/enu/viewtopic.php?f=108&t=88770
URL:www.hkcert.org/my_url/en/alert/14080601
28.
Security Updates in Debian
(DSA-2997-1)
[06/08/2014] Debian has
released security update packages for fixing the vulnerability identified in the
reportbug packages for multiple versions of Debian GNU/Linux. An attacker could
execute arbitrary code and gain elevated
privileges.
URL:www.debian.org/security/2014/dsa-2997
29.
Security Updates in Red Hat Products
(RHSA-2014:1004-1, RHSA-2014:1008-1,
RHSA-2014:1009-1)
[06/08/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the yum-updatesd, samba and samba4 packages for Red Hat Enterprise Linux 4, 5
and 6. Due to multiple errors, an attacker could bypass security restrictions,
gain elevated privileges and execute arbitrary
code.
URL:rhn.redhat.com/errata/RHSA-2014-1004.html
URL:rhn.redhat.com/errata/RHSA-2014-1008.html
URL:rhn.redhat.com/errata/RHSA-2014-1009.html
30.
Security Updates in SUSE
(SUSE-SU-2014:0843-1)
[06/08/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the ruby package for SUSE Linux Enterprise 11. Due to multiple errors, an
attacker could bypass security restrictions and cause a denial of service
condition.
URL:www.suse.com/support/update/announcement/2014/suse-su-20140843-1.html
URL:secunia.com/advisories/59841/
31.
Security Updates in Ubuntu GNU/Linux
(USN-2306-2)
[06/08/2014] Ubuntu has
released security update package for fixing the vulnerabilities identified in
the eglibc package for version 10.04 LTS of Ubuntu GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions and cause a denial of
service
condition.
URL:www.ubuntu.com/usn/usn-2306-2/
32.
Vulnerabilities in IBM Products (1673581,
1675956, 1676186, 1676198, 1678883, 1678892, 1679144, 1679192, 1679610, 1679682,
1679852, 1679976, 1680334, 1680366, 1680658, 1680698, 1680715, 1680750,
1680848)
[05/08/2014]
Vulnerabilities were identified in the IBM
Rational Quality Manager, IBM Rational Team Concert, IBM Rational Requirements
Composer, IBM Rational DOORS Next Generation, IBM Rational Engineering Lifecycle
Manager, IBM Rational Rhapsody Design Manager, IBM Rational Software Architect
Design Manager, IBM Rational Developer for System z, IBM Tivoli Application
Dependency Discovery Manager, IBM Content Collector for Email, IBM Rational Team
Concert, IBM WebSphere eXtreme Scale Version, IBM Tivoli Network Manager IP
Edition, IBM Docs, IBM Business Process Manager, IBM SDK, IBM InfoSphere
Guardium Data Redaction, IBM Tivoli Business Service Manager, IBM Tivoli
Netcool/OMNIbus_GUI, IBM Distributed Marketing, IBM WebSphere DataPower XC10
Appliance and IBM Connections. An attacker could bypass security restrictions,
gain elevated privileges, obtain sensitive information, execute arbitrary code,
perform cross-site scripting attacks, cause a denial of service condition and
compromise a vulnerable system. These vulnerabilities affect multiple versions
of the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21673581
URL:www.ibm.com/support/docview.wss?uid=swg21675956
URL:www.ibm.com/support/docview.wss?uid=swg21676186
URL:www.ibm.com/support/docview.wss?uid=swg21676198
URL:www.ibm.com/support/docview.wss?uid=swg21678883
URL:www.ibm.com/support/docview.wss?uid=swg21678892
URL:www.ibm.com/support/docview.wss?uid=swg21679144
URL:www.ibm.com/support/docview.wss?uid=swg21679192
URL:www.ibm.com/support/docview.wss?uid=swg21679610
URL:www.ibm.com/support/docview.wss?uid=swg21679682
URL:www.ibm.com/support/docview.wss?uid=swg21679852
URL:www.ibm.com/support/docview.wss?uid=swg21679976
URL:www.ibm.com/support/docview.wss?uid=swg21680334
URL:www.ibm.com/support/docview.wss?uid=swg21680366
URL:www.ibm.com/support/docview.wss?uid=swg21680658
URL:www.ibm.com/support/docview.wss?uid=swg21680698
URL:www.ibm.com/support/docview.wss?uid=swg21680715
URL:www.ibm.com/support/docview.wss?uid=swg21680750
URL:www.ibm.com/support/docview.wss?uid=swg21680848
URL:www.hkcert.org/my_url/en/alert/14080501
URL:secunia.com/advisories/59660/
URL:secunia.com/advisories/59679/
URL:secunia.com/advisories/59681/
URL:secunia.com/advisories/59683/
URL:secunia.com/advisories/60538/
URL:secunia.com/advisories/60549/
URL:secunia.com/advisories/60574/
URL:secunia.com/advisories/60575/
URL:secunia.com/advisories/60580/
URL:secunia.com/advisories/60594/
URL:secunia.com/advisories/60614/
URL:secunia.com/advisories/60619/
URL:secunia.com/advisories/60622/
URL:secunia.com/advisories/60623/
URL:secunia.com/advisories/60625/
URL:secunia.com/advisories/60631/
URL:secunia.com/advisories/60666/
33.
Vulnerabilities in Novell Products
(5187310, 5187330, 5187390, 5187391, 5187410, 5187430, 5187450, 5187510,
5187530, 5187531, 5187532, 5187533, 5188030, 5188050, 5188190, 5188790, 5188810,
5189091, 5189250)
[05/08/2014] Vulnerabilities were identified in the Novell Identity
Manager, Novell Identity Manager Roles Based Provisioning Module, Novell NetIQ
eDirectory, Novell Client 2 SP3 for Windows, Novell iPrint Appliance, Novell
NetIQ Sentinel Log Manager, Novell Messenger, Novell eDirectory and Novell NetIQ
Identity Assurance Solution Client. An attacker could bypass security
restrictions, gain elevated privileges, obtain sensitive information, execute
arbitrary code, cause a denial of service condition and crash the system. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=2zVeFSiHUtI~
URL:download.novell.com/Download?buildid=4A2ah857Bgs~
URL:download.novell.com/Download?buildid=4bBKN2Ek76Q~
URL:download.novell.com/Download?buildid=5XLmBl54_Rg~
URL:download.novell.com/Download?buildid=6_QDR8MKvFQ~
URL:download.novell.com/Download?buildid=c1XRCuRSy-8~
URL:download.novell.com/Download?buildid=CLWJNCtPI_U~
URL:download.novell.com/Download?buildid=Gdv7rveQBiE~
URL:download.novell.com/Download?buildid=JGUz3yrynuE~
URL:download.novell.com/Download?buildid=lEL_Xm13SbE~
URL:download.novell.com/Download?buildid=LPl8JVNYPmk~
URL:download.novell.com/Download?buildid=MsOUtQILyLA~
URL:download.novell.com/Download?buildid=MzoS_HY0LYw~
URL:download.novell.com/Download?buildid=OXteBss0i-k~
URL:download.novell.com/Download?buildid=QH01IUZGcs8~
URL:download.novell.com/Download?buildid=v3pQ2Ai0khw~
URL:download.novell.com/Download?buildid=wldDBGgzzng~
URL:download.novell.com/Download?buildid=xVAUBQahnSc~
URL:download.novell.com/Download?buildid=ZuVlZaBiK4g~
34.
Vulnerability in Symantec Endpoint
Protection (SYM14-013)
[05/08/2014] Vulnerability was identified in the Symantec Endpoint
Protection Client and Symantec Endpoint Protection Small Business Edition. An
attacker could bypass security restrictions and gain elevated privileges. This
vulnerability affects multiple versions of Symantec Endpoint Protection Client
and version 12.0 of the Symantec Endpoint Protection Small Business Edition.
Security patches are available to resolve this
vulnerability.
URL:www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140804_00
URL:www.kb.cert.org/vuls/id/252068
URL:www.us-cert.gov/ncas/current-activity/2014/08/04/Local-Privilege-Escalation-Vulnerability-Symantec-Endpoint
35.
Security Updates in Gentoo Linux (GLSA
201408-01)
[05/08/2014]
Gentoo has released security update packages for
fixing the vulnerability identified in the Zend Framework package for multiple
versions of Gentoo Linux. An attacker could execute arbitrary code and perform
code injection
attacks.
URL:www.gentoo.org/security/en/glsa/glsa-201408-01.xml
36.
Security Updates in Red Hat Products
(RHSA-2014:1002-1)
[05/08/2014] Red Hat
has released security update packages for fixing the vulnerability identified in
the rhevm package for Red Hat Enterprise Virtualization 3.4. An attacker could
obtain sensitive
information.
URL:rhn.redhat.com/errata/RHSA-2014-1002.html
37.
Security Updates in SUSE
(SUSE-SU-2014:0961-1)
[05/08/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the openjdk package for SUSE Linux Enterprise 11. Due to multiple errors, an
attacker could bypass security restrictions, gain elevated privileges, obtain
sensitive information, execute arbitrary code, perform cross-site scripting
attacks, cause a denial of service condition and compromise a vulnerable
system.
URL:lists.opensuse.org/opensuse-security-announce/2014-08/msg00002.html
38.
Security Updates in Ubuntu GNU/Linux
(USN-2306-1)
[05/08/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the eglibc package for versions 10.04 LTS, 12.04 LTS and 14.04 LTS of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions and cause a denial of service
condition.
URL:www.ubuntu.com/usn/usn-2306-1/
39.
Vulnerability in HP Enterprise Maps
(c04390793)
[04/08/2014] Vulnerability was identified in the HP Enterprise Maps. An
attacker could obtain sensitive information. This vulnerability affects version
1 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04390793
URL:secunia.com/advisories/59403
40.
Vulnerabilities in IBM Products (1679144,
1680194, 1680230, 1680230, 1680574)
[04/08/2014] Vulnerabilities were identified in the IBM Content Collector
for Email, IBM WebSphere Portal and IBM InfoSphere Optim Data Growth Solution
for Siebel CRM. An attacker could bypass security restrictions, gain elevated
privileges, obtain sensitive information, execute arbitrary code and perform
cross-site scripting attacks. These vulnerabilities affect multiple versions of
the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21679144
URL:www.ibm.com/support/docview.wss?uid=swg21680194
URL:www.ibm.com/support/docview.wss?uid=swg21680230
URL:www.ibm.com/support/docview.wss?uid=swg21680230
URL:www.ibm.com/support/docview.wss?uid=swg21680574
URL:xforce.iss.net/xforce/xfdb/87639
URL:xforce.iss.net/xforce/xfdb/94456
URL:secunia.com/advisories/60597/
URL:secunia.com/advisories/60604/
URL:secunia.com/advisories/60612/
41.
Vulnerabilities in D-Link Products
(SAP10034)
[04/08/2014]
Vulnerabilities were identified in the D-link
DWR-113 and D-Link AP 3200. An attacker could bypass security restrictions,
obtain sensitive information, perform cross-site request forgery attacks and
cause a denial of service condition. These vulnerabilities affect firmware
versions prior to 2.03b02 of the D-link DWR-113. Security patches are available
to resolve the vulnerability in the D-link
DWR-113.
URL:securityadvisories.dlink.com/security/publication.aspx?name=SAP10034
URL:xforce.iss.net/xforce/xfdb/95022
URL:xforce.iss.net/xforce/xfdb/95040
42.
Vulnerability in
Samba
[04/08/2014]
Vulnerability was identified in the Samba. An
attacker could gain elevated privileges, execute arbitrary code and cause a
denial of service condition. This vulnerability affects versions prior to 4.0.21
or 4.1.11 of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:www.samba.org/samba/security/CVE-2014-3560
URL:www.hkcert.org/my_url/en/alert/14080402
43.
Vulnerability in A Page Flip Book Plugin
for WordPress (95015)
[04/08/2014] Vulnerability was identified in the A Page Flip Book Plugin
for WordPress. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform code injection attacks. This
vulnerability affects version 3.0 of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/95015
44.
Vulnerability in GnuPG Made
Easy
[04/08/2014]
Vulnerability was identified in the GnuPG Made
Easy. An attacker could execute arbitrary code, cause a denial of service
condition and crash the system. This vulnerability affects versions prior to
1.4.4 or 1.5.1 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77
URL:xforce.iss.net/xforce/xfdb/95045
45.
Vulnerability in dhcpcd
(95013)
[04/08/2014]
Vulnerability was identified in the dhcpcd. An
attacker could cause a denial of service condition. This vulnerability affects
versions prior to 6.4.3 of the mentioned product. Security patches are available
to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95013
46.
Vulnerability in V8
(95057)
[04/08/2014]
Vulnerability was identified in the V8 shipped
with Node.js. An attacker could cause a denial of service condition. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/95057
47.
Security Updates in Debian (DSA-2995-1,
DSA-2996-1)
[04/08/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the lzo2 and icedove packages for multiple versions of Debian GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2014/dsa-2995
URL:www.debian.org/security/2014/dsa-2996
48.
Security Updates in Slackware
(SSA:2014-213-01, SSA:2014-213-02)
[04/08/2014] Slackware
has released security update packages for fixing the vulnerabilities identified
in the samba and dhcpcd packages for multiple versions of Slackware Linux. Due
to multiple errors, an attacker could bypass security restrictions, gain
elevated privileges, obtain sensitive information, execute arbitrary code and
cause a denial of service
condition.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.365215
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.462420
49.
Security Updates in SUSE
(openSUSE-SU-2014:0957-1, SUSE-SU-2014:0960-1)
[04/08/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the kernel package for openSUSE 12.3, and the Mozilla Firefox package for SUSE
Linux Enterprise 10 and 11. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2014-08/msg00000.html
URL:lists.opensuse.org/opensuse-security-announce/2014-08/msg00001.html
50.
Security Updates in Ubuntu GNU/Linux
(USN-2305-1)
[04/08/2014] Ubuntu has
released security update packages for fixing the vulnerability identified in the
samba package for version 14.04 LTS of Ubuntu GNU/Linux. An attacker could gain
elevated privileges and execute arbitrary
code.
URL:www.ubuntu.com/usn/usn-2305-1/
No comments:
Post a Comment