1. Vulnerabilities in Cisco Products
[27/02/2015] Vulnerabilities were identified in the Cisco IOS Software,
Cisco IOS XE Software, Cisco Prime LAN Management Solution (LMS), Cisco Security
Manager, Cisco Application Networking Manager (ANM) and Cisco Application
Control Engine (ACE). An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, perform cross-site scripting and
cross-site request forgery attacks, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple firmware versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2188
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0594
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0632
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0651
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101213
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101214
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101215
2. Vulnerability in Huawei Products
(Huawei-SA-20150226-01-Glibc)
[27/02/2015] Vulnerability was identified in multiple Huawei products. An
attacker could bypass security restrictions and execute arbitrary code. This
vulnerability affects multiple firmware versions of the mentioned products.
Security patches are available to resolve this
vulnerability.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-415364.htm
3. Security Updates in Oracle Linux
(ELSA-2015-3010)
[27/02/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the openssl package for Oracle Linux 5. Due to multiple errors, an attacker
could bypass security restrictions and obtain sensitive
information.
URL:linux.oracle.com/errata/ELSA-2015-3010.html
4. Security Updates in Debian (DSA-3175-1,
DSA-3176-1)
[27/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the kfreebsd-9 and request-tracker4 packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, perform
session hijacking attacks, cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3175
URL:www.debian.org/security/2015/dsa-3176
5. Security Updates in Mageia (MGASA-2015-0085,
MGASA-2015-0086, MGASA-2015-0087, MGASA-2015-0088, MGASA-2015-0089,
MGASA-2015-0090)
[27/02/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the sympa, cabextract, apache-poi, e2fsprogs, nspr, nss, firefox, firefox-l10n,
thunderbird and thunderbird-l10n packages for multiple versions of Mageia. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0085.html
URL:advisories.mageia.org/MGASA-2015-0086.html
URL:advisories.mageia.org/MGASA-2015-0087.html
URL:advisories.mageia.org/MGASA-2015-0088.html
URL:advisories.mageia.org/MGASA-2015-0089.html
6. Security Updates in Slackware (SSA:2015-056-01,
SSA:2015-056-02)
[27/02/2015] Slackware
has released security update packages for fixing the vulnerabilities identified
in the mozilla-firefox and mozilla-thunderbird packages for multiple versions of
Slackware Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
application.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.356077
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360452
7. Security Updates in SUSE
(openSUSE-SU-2015:0382-1)
[27/02/2015] SUSE has
released security update packages for fixing the vulnerability identified in the
snack package of openSUSE 13.1 and 13.2. An attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00034.html
8. Security Updates in Ubuntu GNU/Linux (USN-2511-1,
USN-2512-1, USN-2513-1, USN-2514-1, USN-2515-1, USN-2516-1, USN-2517-1,
USN-2518-1, USN-2519-1, USN-2520-1)
[27/02/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the linux, linux-ec2, linux-ti-omap4, linux-lts-trusty, linux-lts-utopic,
eglibc, glibc and cups packages for versions 10.04 LTS, 12.04 LTS, 14.04 LTS and
14.10 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2511-1/
URL:www.ubuntu.com/usn/usn-2512-1/
URL:www.ubuntu.com/usn/usn-2513-1/
URL:www.ubuntu.com/usn/usn-2514-1/
URL:www.ubuntu.com/usn/usn-2515-1/
URL:www.ubuntu.com/usn/usn-2516-1/
URL:www.ubuntu.com/usn/usn-2517-1/
URL:www.ubuntu.com/usn/usn-2518-1/
URL:www.ubuntu.com/usn/usn-2519-1/
URL:www.ubuntu.com/usn/usn-2520-1/
9. Security Updates in Oracle Linux (ELSA-2015-0265,
ELSA-2015-0266)
[26/02/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the firefox and thunderbird packages for Oracle Linux 5, 6 and 7. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-0265.html
URL:linux.oracle.com/errata/ELSA-2015-0266.html
10.
Security Updates in Debian (DSA-3172-1,
DSA-3173-1, DSA-3174-1)
[26/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the cups, libgtk2-perl and iceweasel packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3172
URL:www.debian.org/security/2015/dsa-3173
URL:www.debian.org/security/2015/dsa-3174
11.
Security Updates in FreeBSD
(FreeBSD-SA-15:04.igmp, FreeBSD-SA-15:05.bind)
[26/02/2015] FreeBSD
has released security update packages for fixing the vulnerabilities identified
in the igmp and bind packages for multiple versions of FreeBSD. Due to multiple
errors, an attacker could bypass security restrictions, cause a denial of
service condition and crash the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:05.bind.asc
12.
Security Updates in Gentoo Linux (GLSA
201502-14, GLSA 201502-15)
[26/02/2015] Gentoo has
released security update packages for fixing the vulnerabilities identified in
the grep and samba packages for multiple versions of Gentoo Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.gentoo.org/security/en/glsa/glsa-201502-14.xml
URL:www.gentoo.org/security/en/glsa/glsa-201502-15.xml
13.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0266-1)
[26/02/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the thunderbird package for Red Hat Enterprise Linux 5 and 6. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0266.html
14.
Security Updates in SUSE
(SUSE-SU-2015:0371-1, openSUSE-SU-2015:0375-1, SUSE-SU-2015:0343-2,
SUSE-SU-2015:0376-1)
[26/02/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the samba, java-1_6_0-ibm and java-1_5_0-ibm packages of SUSE Linux Enterprise
10 and 11, openSUSE 13.1 and 13.2, and SUSE Manager 1.7. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00032.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
15.
Security Updates in Ubuntu GNU/Linux
(USN-2505-1)
[26/02/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the firefox package for version 12.04 LTS, 14.04 LTS, 14.10 of Ubuntu GNU/Linux.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2505-1/
16. Vulnerabilities in Mozilla Products (MFSA 2015-11,
MFSA 2015-12, MFSA 2015-13, MFSA 2015-14, MFSA 2015-15, MFSA 2015-16, MFSA
2015-17, MFSA 2015-18, MFSA 2015-19, MFSA 2015-20, MFSA 2015-21, MFSA 2015-22,
MFSA 2015-23, MFSA 2015-24, MFSA 2015-25, MFSA 2015-26, MFSA
2015-27)
[25/02/2015]
Vulnerabilities were identified in Mozilla
Firefox, Firefox ESR and Thunderbird. An attacker could bypass security
restriction, execute arbitrary code, obtain sensitive information, gain elevated
privilege, execute arbitrary code, cause a denial of service condition and crash
the application. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:www.mozilla.org/en-US/security/advisories/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-11/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-12/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-13/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-14/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-15/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-16/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-17/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-18/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-19/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-20/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-21/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-22/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-23/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-24/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-25/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-26/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-27/
URL:www.mozilla.org/en-US/security/known-vulnerabilities/firefox/
URL:www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
URL:www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
URL:www.us-cert.gov/ncas/current-activity/2015/02/24/Mozilla-Releases-Security-Updates-Firefox-Firefox-ESR-and
17.
Vulnerability in Cisco Unified Computing
System
[25/02/2015]
Vulnerability was identified in the Cisco
Unified Computing System. An attacker could bypass security restrictions,
execute arbitrary code and cause a denial of service condition. This
vulnerability affects multiple firmware versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0633
18.
Security Updates in Debian
(DSA-3170-1)
[25/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the linux package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.debian.org/security/2015/dsa-3170
19.
Security Updates in Mageia
(MGASA-2015-0083, MGASA-2015-0084)
[25/02/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the freetype2 and samba packages for multiple versions of Mageia. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:advisories.mageia.org/MGASA-2015-0083.html
URL:advisories.mageia.org/MGASA-2015-0084.html
20.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0263-1, RHSA-2015:0264-1,
RHSA-2015:0265-1)
[25/02/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.6.0-ibm package for Red Hat Satellite 5.6 and 5.7, and firefox
package for Red Hat Enterprise Linux 5, 6 and 7. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0263.html
URL:rhn.redhat.com/errata/RHSA-2015-0264.html
URL:rhn.redhat.com/errata/RHSA-2015-0265.html
21.
Security Updates in SUSE
(SUSE-SU-2015:0365-1)
[25/02/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the php5 package of SUSE Linux Enterprise 12. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html
22.
Security Updates in Ubuntu GNU/Linux
(USN-2510-1)
[25/02/2015] Ubuntu has
released security update packages for fixing the vulnerability identified in the
freetype package for version 10.04 LTS, 12.04 LTS, 14.04 LTS, 14.10 of Ubuntu
GNU/Linux. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.ubuntu.com/usn/usn-2510-1/
23. Vulnerability in Samba
[24/02/2015] Vulnerability was identified in the Samba. An attacker could
bypass security restrictions, gain elevated privileges and execute arbitrary
code. This vulnerability affects versions prior to 3.6.25, 4.0.25, 4.1.17 or
4.2.0rc5 of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:www.samba.org/samba/security/CVE-2015-0240
URL:www.hkcert.org/my_url/en/alert/15022402
24.
Vulnerability in TYPO3 CMS
(TYPO3-CORE-SA-2015-001)
[24/02/2015] Vulnerability was identified in the TYPO3 CMS. An attacker
could bypass security restrictions. This vulnerability affects multiple versions
of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-001/
25.
Security Updates in Oracle Linux
(ELSA-2015-0249, ELSA-2015-0250, ELSA-2015-0251,
ELSA-2015-0252)
[24/02/2015] Oracle has
released security update packages for fixing the vulnerability identified in the
samba3x, samba4 and samba packages for Oracle Linux 5, 6 and 7. An attacker
could bypass security restrictions, gain elevated privileges and execute
arbitrary
code.
URL:linux.oracle.com/errata/ELSA-2015-0249.html
URL:linux.oracle.com/errata/ELSA-2015-0250.html
URL:linux.oracle.com/errata/ELSA-2015-0251.html
URL:linux.oracle.com/errata/ELSA-2015-0252.html
26.
Security Updates in Debian (DSA-3164-1,
DSA-3165-1, DSA-3166-1, DSA-3168-1, DSA-3169-1,
DSA-3171-1)
[24/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the typo3-src, xdg-utils, e2fsprogs, ruby-redcloth, eglibc and samba packages
for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker
could bypass security restrictions, gain elevated privileges, execute arbitrary
code, perform cross-site scripting and code injection attacks, cause a denial of
service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3164
URL:www.debian.org/security/2015/dsa-3165
URL:www.debian.org/security/2015/dsa-3166
URL:www.debian.org/security/2015/dsa-3168
URL:www.debian.org/security/2015/dsa-3169
URL:www.debian.org/security/2015/dsa-3171
27.
Security Updates in Mageia
(MGASA-2015-0074, MGASA-2015-0075, MGASA-2015-0076, MGASA-2015-0077,
MGASA-2015-0078, MGASA-2015-0079, MGASA-2015-0080, MGASA-2015-0081,
MGASA-2015-0082)
[24/02/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the ruby-sprockets, kernel-linus, kernel-tmb, kernel-rt, kernel-vserver, sudo,
cpio, tomcat and bind packages for multiple versions of Mageia. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0074.html
URL:advisories.mageia.org/MGASA-2015-0075.html
URL:advisories.mageia.org/MGASA-2015-0076.html
URL:advisories.mageia.org/MGASA-2015-0077.html
URL:advisories.mageia.org/MGASA-2015-0078.html
URL:advisories.mageia.org/MGASA-2015-0079.html
URL:advisories.mageia.org/MGASA-2015-0080.html
URL:advisories.mageia.org/MGASA-2015-0081.html
URL:advisories.mageia.org/MGASA-2015-0082.html
28.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0249-1, RHSA-2015:0250-1, RHSA-2015:0251-1, RHSA-2015:0252-1,
RHSA-2015:0253-1, RHSA-2015:0254-1, RHSA-2015:0255-1,
RHSA-2015:0256-1)
[24/02/2015] Red Hat
has released security update packages for fixing the vulnerability identified in
the samba3x, samba4 and samba packages for Red Hat Enterprise Linux 5, 6, 7, and
Red Hat Storage Server 3.0. An attacker could bypass security restrictions, gain
elevated privileges and execute arbitrary
code.
URL:rhn.redhat.com/errata/RHSA-2015-0249.html
URL:rhn.redhat.com/errata/RHSA-2015-0250.html
URL:rhn.redhat.com/errata/RHSA-2015-0251.html
URL:rhn.redhat.com/errata/RHSA-2015-0252.html
URL:rhn.redhat.com/errata/RHSA-2015-0253.html
URL:rhn.redhat.com/errata/RHSA-2015-0254.html
URL:rhn.redhat.com/errata/RHSA-2015-0255.html
URL:rhn.redhat.com/errata/RHSA-2015-0256.html
29.
Security Updates in SUSE
(SUSE-SU-2015:0353-1)
[24/02/2015] SUSE has
released security update packages for fixing the vulnerability identified in the
samba packages of SUSE Linux Enterprise 12. An attacker could bypass security
restrictions, gain elevated privileges and execute arbitrary
code.
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html
30.
Security Updates in Ubuntu GNU/Linux
(USN-2507-1, USN-2508-1)
[24/02/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the e2fsprogs and samba packages for version 10.04 LTS, 12.04 LTS, 14.04 LTS,
14.10 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2507-1/
URL:www.ubuntu.com/usn/usn-2508-1/
31.
Vulnerability in BIND
(AA-01235)
[23/02/2015]
Vulnerability was identified in the BIND. An
attacker could cause a denial of service condition and crash the system. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:kb.isc.org/article/AA-01235
URL:www.us-cert.gov/ncas/current-activity/2015/02/18/ISC-Releases-Security-Updates-BIND
URL:xforce.iss.net/xforce/xfdb/100968
32.
Vulnerabilities in Cisco Products
(cisco-sa-20150220-ipv6)
[23/02/2015] Vulnerabilities were identified in the Cisco IOS XR Software,
Cisco Desktop Collaboration Experience DX650 Software, Cisco Wireless LAN
Controller (WLC), Cisco Web Security Appliance (WSA), Cisco Email Security
Appliance (ESA), Cisco Content Security Management Appliance (SMA), Cisco Hosted
Collaboration Solution and Intrusion Prevention System (IPS). An attacker could
bypass security restrictions, execute arbitrary code, perform code injection and
cross-site scripting attacks, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0584
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0622
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0623
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0624
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0626
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0628
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631
URL:xforce.iss.net/xforce/xfdb/100969
URL:xforce.iss.net/xforce/xfdb/100970
URL:xforce.iss.net/xforce/xfdb/100971
URL:xforce.iss.net/xforce/xfdb/100991
33.
Vulnerability in Lenovo Notebook
products
[23/02/2015]
Vulnerability was identified in the Lenovo
Notebook products. An attacker could spoof HTTPS traffic. This vulnerability
affects all Lenovo Notebook products shipped between September 2014 and February
2015 that have Superfish VisualDiscovery installed. Removal instructions are
available to resolve this
vulnerability.
URL:support.lenovo.com/us/en/product_security/superfish
URL:support.lenovo.com/us/en/product_security/superfish_uninstall
URL:www.us-cert.gov/ncas/alerts/TA15-051A
34.
Vulnerabilities in Novell Products
(5197651, 5197654, 5197655, 5197970, 5198730,
5201370)
[23/02/2015]
Vulnerabilities were identified in the Novell
Identity Manager and Novell Vibe. An attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=CN5WxfiN2Ek~
URL:download.novell.com/Download?buildid=EaNhJs2Offs~
URL:download.novell.com/Download?buildid=FeB0mK1i9NU~
URL:download.novell.com/Download?buildid=SlL2oPhB-LU~
URL:download.novell.com/Download?buildid=vNsTfMo9g-4~
URL:download.novell.com/Download?buildid=X7DYbkPceZk~
35.
Vulnerability in Komodia Redirector
(VU#529496)
[23/02/2015] Vulnerability was identified in the Komodia Redirector. An
attacker could bypass security restrictions, execute arbitrary code and perform
spoofing attacks. This vulnerability affects multiple versions of the mentioned
product.
URL:www.kb.cert.org/vuls/id/529496
URL:www.us-cert.gov/ncas/current-activity/2015/02/20/Lenovo-Computers-Vulnerable-HTTPS-Spoofing
36.
Vulnerability in noVNC
(100956)
[23/02/2015]
Vulnerability was identified in the noVNC. An
attacker could bypass security restrictions, execute arbitrary code and
compromise the system. This vulnerability affects versions prior to 0.5.1 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/100956
37.
Vulnerability in Squid
(100998)
[23/02/2015]
Vulnerability was identified in the Squid. An
attacker could bypass security restrictions, execute arbitrary code and
compromise the system. This vulnerability affects versions prior to 3.1.10 of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/100998
38.
Security Updates in Debian (DSA-3162-1,
DSA-3163-1, DSA-3167-1)
[23/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the bind9, libreoffice and sudo packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code, cause a denial
of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3162
URL:www.debian.org/security/2015/dsa-3163
URL:www.debian.org/security/2015/dsa-3167
39.
Security Updates in SUSE
(SUSE-SU-2015:0322-1, SUSE-SU-2015:0336-1, SUSE-SU-2015:0343-1,
SUSE-SU-2015:0344-1, SUSE-SU-2015:0345-1)
[23/02/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the xntp, java-1_7_0-openjdk, java-1_7_0-ibm and java-1_6_0-ibm packages of SUSE
Linux Enterprise 10 and 11. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00023.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00025.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
40.
Security Updates in Ubuntu GNU/Linux
(USN-2503-1, USN-2504-1)
[23/02/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the bind9 and nss packages for version 10.04 LTS, 12.04 LTS, 14.04 LTS, 14.10 of
Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2503-1/
URL:www.ubuntu.com/usn/usn-2504-1/
No comments:
Post a Comment