1. Vulnerability
in IBM HTTP Server (1965419)
[11/09/2015] Vulnerability was identified in the IBM HTTP Server. An
attacker could bypass security restrictions, gain elevated privileges and
execute arbitrary code on the system. This vulnerability affects multiple
versions of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:www.ibm.com/support/docview.wss?uid=swg21965419
URL:www.hkcert.org/my_url/en/alert/15091001
2. Vulnerability in Auto-Exchanger
(106270)
[11/09/2015]
Vulnerability was identified in the
Auto-Exchanger. An attacker could bypass security restrictions, execute
arbitrary code and perform cross-site request forgery attacks. This
vulnerability affects version 5.1.0 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106270
3. Vulnerabilities in Synology Products (106282, 106283,
106285)
[11/09/2015]
Vulnerabilities were identified in Synology
Video Station and Synology Download Station. An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, perform cross-site scripting attacks and compromise the system.
These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106282
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106283
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106285
4. Vulnerability in SAP NetWeaver AS ABAP
(106277)
[11/09/2015]
Vulnerability was identified in the SAP
NetWeaver AS ABAP. An attacker could bypass security restrictions, obtain
sensitive information and execute arbitrary code on the system. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106277
5. Vulnerabilities in Yokogawa Products
(ICSA-15-253-01)
[11/09/2015] Vulnerabilities were identified in multiple Yokogawa
Products. An attacker could bypass security restrictions, execute arbitrary
code, cause a denial of service condition and compromise the system. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-253-01
6. Vulnerability in OpenLDAP
[11/09/2015] Vulnerability was identified in the OpenLDAP. An attacker
could bypass security restrictions, execute arbitrary code, cause a denial of
service condition and crash the system. This vulnerability affects versions
2.4.42 and prior of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:www.hkcert.org/my_url/en/alert/15091101
7. Security Updates in Debian
(DSA-3355-1)
[11/09/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the libvdpau packages for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges and execute arbitrary
code.
URL:www.debian.org/security/2015/dsa-3355
8. Security Updates in SUSE
(SUSE-SU-2015:1528-1)
[11/09/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox and mozilla-nss packages of SUSE Linux Enterprise 11. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
9. Security Updates in Ubuntu GNU/Linux
(USN-2739-1)
[11/09/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the freetype packages for versions 12.04 LTS, 14.04 LTS and 15.04 of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, cause a denial of service condition
and crash the
system.
URL:www.ubuntu.com/usn/usn-2739-1/
10. Information Updates on Microsoft Security Bulletin
(3078662)
[10/09/2015]
Microsoft has updated information on the
Security Bulletin for Microsoft Windows. MS15-080 was revised to add an Update
FAQ that explains why customers running Office 2010 on Windows Vista and later
versions of Windows are not being offered the 3054846
update.
URL:technet.microsoft.com/en-us/library/security/MS15-080
11.
Vulnerabilities in Cisco
Products
[10/09/2015]
Vulnerabilities were identified in the Cisco
Email Security Appliance, Cisco Web Security Appliance. An attacker could bypass
security restrictions, cause a denial of service condition and crash the system.
These vulnerabilities affect multiple firmware versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40844
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40846
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40896
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106263
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106253
12.
Vulnerability in HP UCMDB
(c04790231)
[10/09/2015] Vulnerability was identified in the HP UCMDB. An attacker
could bypass security restrictions and obtain sensitive information. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04790231
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106262
13.
Vulnerabilities in F5 Products (SOL17242,
SOL17248, SOL17251, SOL17253)
[10/09/2015] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, BIG-IQ Cloud, BIG-IQ
Device, BIG-IQ Security, BIG-IQ ADC and Traffix SDC. An attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17242.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17248.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17251.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html
14.
Vulnerabilities in Huawei Products
(Huawei-SA-20150909-02-U1900, Huawei-SA-20150909-01-mDNS,
Huawei-SA-20150909-02-FusionAccess,
Huawei-SA-20150909-01-U1900)
[10/09/2015] Vulnerabilities were identified in Huawei eSpace U1900 switch
series, mDNS module in Huawei WLAN AC products and Huawei FusionAccess. An
attacker could bypass security restrictions, obtain sensitive information, cause
a denial of service condition and crash the system. These vulnerabilities affect
multiple firmware versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-453506.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-453516.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-453537.htm
URL:www.huawei.com/ilink/en/security/psirt/security-bulletins/security-advisories/HW_453512
15.
Vulnerabilities in EMC RSA Identity
Management and Governance (106258, 106259)
[10/09/2015] Vulnerabilities were identified in the EMC RSA Identity
Management and Governance. An attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code and perform cross-site
scripting attacks. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106258
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106259
16.
Security Updates in SUSE
(SUSE-SU-2015:1519-1)
[10/09/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the qemu packages of SUSE Linux Enterprise 12. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html
17.
Security Updates in Ubuntu GNU/Linux
(USN-2737-1, USN-2738-1)
[10/09/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the linux-lts-vivid and linux packages for versions 14.04 LTS and 15.04 of
Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code, cause a denial
of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2737-1/
URL:www.ubuntu.com/usn/usn-2738-1/
18.
Vulnerabilities in Microsoft Products
(3072595, 3083992, 3087918, 3089250, 3089548, 3089656, 3089657, 3089662,
3089664, 3089665, 3089669, 3089952, 3091287)
[09/09/2015] Vulnerabilities were identified in the Microsoft Internet
Explorer, Edge, Active Directory, Windows, Office, Lync, .NET Framework,
Exchange Server and Skype for Business Server. An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the system.
These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:technet.microsoft.com/en-us/library/security/ms15-sep.aspx
URL:technet.microsoft.com/library/security/3083992.aspx
URL:technet.microsoft.com/library/security/ms15-094
URL:technet.microsoft.com/library/security/ms15-095
URL:technet.microsoft.com/library/security/ms15-096
URL:technet.microsoft.com/library/security/ms15-097
URL:technet.microsoft.com/library/security/ms15-098
URL:technet.microsoft.com/library/security/ms15-099
URL:technet.microsoft.com/library/security/ms15-100
URL:technet.microsoft.com/library/security/ms15-101
URL:technet.microsoft.com/library/security/ms15-102
URL:technet.microsoft.com/library/security/ms15-103
URL:technet.microsoft.com/library/security/ms15-104
URL:technet.microsoft.com/library/security/ms15-105
URL:www.hkcert.org/my_url/en/alert/15090901
URL:www.hkcert.org/my_url/en/alert/15090902
URL:www.hkcert.org/my_url/en/alert/15090903
URL:www.hkcert.org/my_url/en/alert/15090904
URL:www.hkcert.org/my_url/en/alert/15090905
URL:www.hkcert.org/my_url/en/alert/15090906
URL:www.hkcert.org/my_url/en/alert/15090907
URL:www.hkcert.org/my_url/en/alert/15090908
URL:www.hkcert.org/my_url/en/alert/15090909
URL:www.hkcert.org/my_url/en/alert/15090910
URL:www.hkcert.org/my_url/en/alert/15090911
URL:www.hkcert.org/my_url/en/alert/15090912
URL:www.us-cert.gov/ncas/current-activity/2015/09/08/Microsoft-Releases-September-2015-Security-Bulletin
19.
Information Updates on Microsoft Security
Bulletin (3073921)
[09/09/2015] Microsoft
has updated information on the Security Bulletin for Microsoft Windows. MS15-083
was re-released for affected editions of Windows Vista and Windows Server 2008.
Customers running Windows Vista or Windows Server 2008 who previously installed
the update should reinstall the update to be fully protected from the
vulnerability.
URL:technet.microsoft.com/en-us/library/security/MS15-083
20.
Vulnerabilities in Adobe Shockwave Player
(APSB15-22)
[09/09/2015] Vulnerabilities were identified in the Adobe Shockwave
Player. An attacker could bypass security restrictions and execute arbitrary
code on the system. These vulnerabilities affect versions prior to 12.2.0.162 of
the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:helpx.adobe.com/security/products/shockwave/apsb15-22.html
URL:www.hkcert.org/my_url/en/alert/15090913
URL:www.us-cert.gov/ncas/current-activity/2015/09/08/Adobe-Releases-Security-Update-Shockwave-Player
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106205
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106206
21.
Vulnerabilities in Cisco
Products
[09/09/2015]
Vulnerabilities were identified in the Cisco
Application Visibility and Control software, Cisco Security Management Appliance
and Cisco Sourcefire User Agent. An attacker could bypass security restrictions,
cause a denial of service condition and crash the system. These vulnerabilities
affect multiple firmware versions of the mentioned products. Security patches
are available to resolve these vulnerabilities in Cisco Application Visibility
and Control software and Cisco Sourcefire User
Agent.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40845
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40847
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106207
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106209
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106219
22.
Vulnerabilities in F5 Products (SOL17155,
SOL17199, SOL17235, SOL17237, SOL17238, SOL17239, SOL17241, SOL17244, SOL17245,
SOL17246)
[09/09/2015]
Vulnerabilities were identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
DNS, BIG-IP Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP
PSM, BIG-IP WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, BIG-IQ Cloud,
BIG-IQ Device, BIG-IQ Security, BIG-IQ ADC and Traffix SDC. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17155.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17199.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17235.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17237.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17238.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17239.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17241.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17244.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17245.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17246.html
23.
Vulnerabilities in Advantech WebAccess
(ICSA-15-251-01)
[09/09/2015] Vulnerabilities were identified in the Advantech WebAccess.
An attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. These vulnerabilities affect
version 8.0 and prior of the mentioned
product.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-251-01
24.
Vulnerabilities in Seagate and LaCie
wireless storage Products (VU#903500)
[09/09/2015] Vulnerabilities were identified in Seagate and LaCie wireless
storage Products. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the system. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these vulnerabilities identified in the Seagate
products.
URL:www.kb.cert.org/vuls/id/903500
25.
Security Updates in Oracle Linux
(ELSA-2015-1741, ELSA-2015-1742)
[09/09/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the haproxy and subversion packages for Oracle Linux 7. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2015-1741.html
URL:linux.oracle.com/errata/ELSA-2015-1742.html
26.
Security Updates in Debian
(DSA-3354-1)
[09/09/2015] Debian has
released security update packages for fixing the vulnerability identified in the
spice packages for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3354
27.
Security Updates in Mageia
(MGASA-2015-0335, MGASA-2015-0336, MGASA-2015-0337, MGASA-2015-0338,
MGASA-2015-0339, MGASA-2015-0340, MGASA-2015-0341, MGASA-2015-0342,
MGASA-2015-0343, MGASA-2015-0344, MGASA-2015-0345, MGASA-2015-0346,
MGASA-2015-0347, MGASA-2015-0348, MGASA-2015-0349, MGASA-2015-0350,
MGASA-2015-0351, MGASA-2015-0352, MGASA-2015-0353, MGASA-2015-0354,
MGASA-2015-0355, MGASA-2015-0356, MGASA-2015-0357,
MGASA-2015-0358)
[09/09/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the squashfs-tools, hplip, openafs, lighttpd, freeimage, jsoup, bind, iceape,
pcre, webmin, ruby-RubyGems, ruby-rack, squid, ntp, libidn, xmltooling,
opensaml, struts, util-linux, vorbis-tools, screen, pure-ftpd,
chromium-browser-stable, php and libxml2 packages for multiple versions of
Mageia. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0335.html
URL:advisories.mageia.org/MGASA-2015-0336.html
URL:advisories.mageia.org/MGASA-2015-0337.html
URL:advisories.mageia.org/MGASA-2015-0338.html
URL:advisories.mageia.org/MGASA-2015-0339.html
URL:advisories.mageia.org/MGASA-2015-0340.html
URL:advisories.mageia.org/MGASA-2015-0341.html
URL:advisories.mageia.org/MGASA-2015-0342.html
URL:advisories.mageia.org/MGASA-2015-0343.html
URL:advisories.mageia.org/MGASA-2015-0344.html
URL:advisories.mageia.org/MGASA-2015-0345.html
URL:advisories.mageia.org/MGASA-2015-0346.html
URL:advisories.mageia.org/MGASA-2015-0347.html
URL:advisories.mageia.org/MGASA-2015-0348.html
URL:advisories.mageia.org/MGASA-2015-0349.html
URL:advisories.mageia.org/MGASA-2015-0350.html
URL:advisories.mageia.org/MGASA-2015-0351.html
URL:advisories.mageia.org/MGASA-2015-0352.html
URL:advisories.mageia.org/MGASA-2015-0353.html
URL:advisories.mageia.org/MGASA-2015-0354.html
URL:advisories.mageia.org/MGASA-2015-0355.html
URL:advisories.mageia.org/MGASA-2015-0356.html
URL:advisories.mageia.org/MGASA-2015-0357.html
URL:advisories.mageia.org/MGASA-2015-0358.html
28.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1741-1, RHSA-2015:1742-1)
[09/09/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the haproxy and subversion packages for Red Hat Enterprise 6 and 7. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1741.html
URL:rhn.redhat.com/errata/RHSA-2015-1742.html
29.
Security Updates in SUSE
(SUSE-SU-2015:1509-1)
[09/09/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the java-1_6_0-ibm packages of SUSE Linux Enterprise 11. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00014.html
30.
Security Updates in Ubuntu GNU/Linux
(USN-2735-1, USN-2736-1)
[09/09/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the oxide-qt and spice packages for versions 14.04 LTS and 15.04 of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2735-1/
URL:www.ubuntu.com/usn/usn-2736-1/
31.
Vulnerability in Webroot SecureAnywhere
Mobile Protection (106189)
[08/09/2015] Vulnerability was identified in the Webroot SecureAnywhere
Mobile Protection for iOS mobile application. An attacker could bypass security
restrictions and obtain sensitive information. This vulnerability affects
versions prior to 1.5.1 of the mentioned product. Security patches are available
to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106189
32.
Security Updates in Debian
(DSA-3353-1)
[08/09/2015] Debian has
released security update packages for fixing the vulnerability identified in the
openslp-dfsg packages for multiple versions of Debian GNU/Linux. An attacker
could bypass security restrictions, cause a denial of service condition and
crash the
system.
URL:www.debian.org/security/2015/dsa-3353
33.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1740-1)
[08/09/2015] Red Hat
has released security update packages for fixing the vulnerability identified in
the qemu-kvm-rhev packages for Red Hat Enterprise Virtualization 3. An attacker
could bypass security restrictions and obtain sensitive
information.
URL:rhn.redhat.com/errata/RHSA-2015-1740.html
34.
Security Updates in SUSE
(SUSE-SU-2015:1504-1)
[08/09/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox packages of SUSE Linux Enterprise 11. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00013.html
35.
Vulnerability in Apache Struts
(S2-025)
[07/09/2015]
Vulnerability was identified in the Apache
Struts. An attacker could bypass security restrictions, execute arbitrary code
and perform cross-site scripting attacks. This vulnerability affects versions
prior to 2.3.20 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:struts.apache.org/docs/s2-025.html
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106172
36.
Vulnerabilities in F5 Products (SOL16728,
SOL17181, SOL17227)
[07/09/2015] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device,
BIG-IQ Security and BIG-IQ ADC. An attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the system. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html
URL:support.f5.com/kb/en-us/solutions/public/17000/100/sol17181.html
URL:support.f5.com/kb/en-us/solutions/public/17000/200/sol17227.html
37.
Vulnerability in Avaya One-X Agent
(106136)
[07/09/2015]
Vulnerability was identified in the Avaya One-X
Agent. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects version 2.5.50022.0 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106136
38.
Security Updates in Debian (DSA-3351-1,
DSA-3352-1)
[07/09/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the chromium-browser and screen packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.debian.org/security/2015/dsa-3351
URL:www.debian.org/security/2015/dsa-3352
39.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1623-2)
[07/09/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the kernel packages for Red Hat Enterprise Linux 6. Due to multiple errors,
an attacker could bypass security restrictions, cause a denial of service
condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1623.html
40.
Security Updates in SUSE
(SUSE-SU-2015:1487-1, SUSE-SU-2015:1488-1, SUSE-SU-2015:1489-1,
SUSE-SU-2015:1490-1, SUSE-SU-2015:1491-1,
SUSE-SU-2015:1496-1)
[07/09/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Linux Kernel and bind packages of SUSE Linux Enterprise 11 and 12. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00012.html
No comments:
Post a Comment