1. Vulnerability
in Microsoft Windows (3097966)
[25/09/2015] Vulnerability was identified in the Microsoft Windows. An
attacker could bypass security restrictions and perform spoofing attacks. This
vulnerability affects multiple versions of the mentioned products. Security
patches are available to resolve this
vulnerability.
URL:technet.microsoft.com/library/security/3097966.aspx
2. Vulnerabilities in F5 Products (SOL17307,
SOL17309)
[25/09/2015]
Vulnerabilities were identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
DNS, BIG-IP Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP
PSM, BIG-IP WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, FirePass,
BIG-IQ Cloud, BIG-IQ Device, BIG-IQ Security, BIG-IQ ADC and Traffix SDC. An
attacker could bypass security restrictions, cause a denial of service condition
and crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/17000/300/sol17307.html?ref=rss
URL:support.f5.com/kb/en-us/solutions/public/17000/300/sol17309.html?ref=rss
3. Vulnerability in Endress+Hauser Fieldcare/CodeWrights
HART Comm DTM (ICSA-15-267-01)
[25/09/2015] Vulnerability was identified in the Endress+Hauser
Fieldcare/CodeWrights HART Comm DTM. An attacker could bypass security
restrictions and perform code injection attacks. This vulnerability affects
multiple versions of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-267-01
4. Vulnerability in EasyIO-30P-SF controllers
(ICSA-15-237-02, ICSA-15-237-02-Supplement)
[25/09/2015] Vulnerability was identified in the EasyIO-30P-SF
controllers. An attacker could bypass security restrictions and compromise the
system. This vulnerability affects multiple firmware versions of the mentioned
product in OEM Manufactures. Security patches are available to resolve this
vulnerability.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-237-02
URL:ics-cert.us-cert.gov/advisories/ICSA-15-237-02-Supplement
5. Vulnerability in HTTP cookies
(VU#804060)
[25/09/2015] Vulnerability was identified in the HTTP cookies. An attacker
could bypass security restrictions and obtain sensitive information. This
vulnerability affects multiple vendors' browser of the mentioned
product.
URL:www.kb.cert.org/vuls/id/804060
6. Vulnerability in iTop (106612)
[25/09/2015] Vulnerability was identified in the iTop. An attacker could
bypass security restrictions, obtain sensitive information and perform
cross-site scripting attacks. This vulnerability affects versions prior to
2.2.0-2459 of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106612
7. Vulnerability in Open-Xchange Server 6 and OX AppSuite
(106611)
[25/09/2015]
Vulnerability was identified in the Open-Xchange
Server 6 and OX AppSuite. An attacker could bypass security restrictions, obtain
sensitive information and perform cross-site scripting attacks. This
vulnerability affects multiple versions of the mentioned products. Security
patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106611
8. Security Updates in Gentoo Linux (GLSA 201509-01, GLSA
201509-02, GLSA 201509-03, GLSA 201509-04, GLSA 201509-05, GLSA
201509-06)
[25/09/2015]
Gentoo has released security update packages for
fixing the vulnerabilities identified in the ntp, curl, cacti, libtasn1,
networkmanager and git packages for multiple versions of Gentoo Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:security.gentoo.org/glsa/201509-01
URL:security.gentoo.org/glsa/201509-02
URL:security.gentoo.org/glsa/201509-03
URL:security.gentoo.org/glsa/201509-04
URL:security.gentoo.org/glsa/201509-05
URL:security.gentoo.org/glsa/201509-06
9. Security Updates in Red Hat Enterprise Linux
(RHSA-2015:1834-2)
[25/09/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the firefox packages for Red Hat Enterprise Linux 5, 6, and 7. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1834.html
10.
Security Updates in Ubuntu GNU/Linux
(USN-2743-3, USN-2744-1, USN-2745-1, USN-2746-1)
[25/09/2015] Ubuntu has released security update packages for fixing the
vulnerabilities identified in the unity-firefox-extension, webapps-greasemonkey,
webaccounts-browser-extension, apport, qemu, qemu-kvm and simplestreams packages
for versions 12.04 LTS, 14.04 LTS and 15.04 of Ubuntu GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2743-3/
URL:www.ubuntu.com/usn/usn-2744-1/
URL:www.ubuntu.com/usn/usn-2745-1/
URL:www.ubuntu.com/usn/usn-2746-1/
11.
Information Updates on Microsoft Security
Bulletin (3089669)
[24/09/2015] Microsoft
has updated information on the Security Bulletin for Microsoft Windows. MS15-98
was revised to correct the severity and impact for
CVE-2015-2514.
URL:technet.microsoft.com/en-us/library/security/MS15-098
12.
Vulnerabilities in Cisco Products
(cisco-sa-20150923-fhs, cisco-sa-20150923-iosxe,
cisco-sa-20150923-sshpk)
[24/09/2015] Vulnerabilities were identified in the Cisco IOS and IOS XE
Software, Cisco TelePresence Video Communication Server and Cisco AnyConnect
Secure Mobility Client. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the system. These vulnerabilities
affect multiple firmware versions of the mentioned products. Security patches
are available to resolve these vulnerabilities identified in Cisco IOS and IOS
XE
Software.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-iosxe
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-sshpk
URL:tools.cisco.com/security/center/viewAlert.x?alertId=41128
URL:tools.cisco.com/security/center/viewAlert.x?alertId=41135
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106560
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106561
13.
Vulnerability in F5 Products
(SOL17313)
[24/09/2015]
Vulnerability was identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP WebAccelerator and
BIG-IP WOM. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects multiple versions of the mentioned
products. Security patches are available to resolve this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/17000/300/sol17313.html
14.
Vulnerabilities in Huawei FusionServer
Products (Huawei-SA-20150923-01-FusionServer)
[24/09/2015] Vulnerabilities were identified in the Huawei FusionServer
Products. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges and execute arbitrary code. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-454418.htm
15.
Vulnerability in SAP BusinessObjects
(106559)
[24/09/2015]
Vulnerability was identified in the SAP
BusinessObjects. An attacker could bypass security restrictions, cause a denial
of service condition and crash the system. This vulnerability affects versions
4.0 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106559
16.
Vulnerability in OpenStack Glance
(106562)
[24/09/2015]
Vulnerability was identified in the OpenStack
Glance. An attacker could bypass security restrictions and execute arbitrary
code. This vulnerability affects multiple versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106562
17.
Security Updates in Debian (DSA-3365-1,
DSA-3366-1)
[24/09/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the iceweasel and rpcbind packages for multiple versions of Debian GNU/Linux.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.debian.org/security/2015/dsa-3365
URL:www.debian.org/security/2015/dsa-3366
18.
Security Updates in Mageia
(MGASA-2015-0379, MGASA-2015-0380, MGASA-2015-0381,
MGASA-2015-0382)
[24/09/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the flash-player-plugin, shutter, moodle, firefox, and firefox-l10n packages for
multiple versions of Mageia. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0379.html
URL:advisories.mageia.org/MGASA-2015-0380.html
URL:advisories.mageia.org/MGASA-2015-0381.html
URL:advisories.mageia.org/MGASA-2015-0382.html
19.
Security Updates in Slackware
(SSA:2015-265-01)
[24/09/2015] Slackware
has released security update packages for fixing the vulnerabilities identified
in the mozilla-firefox packages for multiple versions of Slackware Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.355935
20.
Security Updates in SUSE
(SUSE-SU-2015:1592-1, openSUSE-SU-2015:1595-1, openSUSE-SU-2015:1597-1,
SUSE-SU-2015:1611-1, SUSE-SU-2015:1614-1, openSUSE-SU-2015:1616-1,
SUSE-SU-2015:1618-1)
[24/09/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Linux Kernel, icedtea-web, bind and flash-player packages of SUSE Linux
Enterprise 11 and 12, openSUSE 13.1 and 13.2. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00020.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html
21.
Vulnerabilities in Mozilla Firefox (MFSA
2015-96, MFSA 2015-97, MFSA 2015-98, MFSA 2015-99, MFSA 2015-100, MFSA 2015-101,
MFSA 2015-102, MFSA 2015-103, MFSA 2015-104, MFSA 2015-105, MFSA 2015-106, MFSA
2015-107, MFSA 2015-108, MFSA 2015-109, MFSA 2015-110, MFSA 2015-111, MFSA
2015-112, MFSA 2015-113, MFSA 2015-114)
[23/09/2015] Vulnerabilities were identified in the Mozilla Firefox and
Firefox ESR. An attacker could gain elevated privileges, execute arbitrary code,
bypass security restrictions, obtain sensitive information, cause a buffer
overflow, crash the system and perform spoofing attack. These vulnerabilities
affect multiple versions of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-96/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-97/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-98/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-99/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-100/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-101/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-102/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-103/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-104/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-105/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-106/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-107/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-108/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-109/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-110/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-111/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-112/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-113/
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-114/
URL:www.hkcert.org/my_url/en/alert/15092301
URL:www.us-cert.gov/ncas/current-activity/2015/09/22/Mozilla-Releases-Security-Updates-Firefox
22.
Vulnerability in Cisco
Spark
[23/09/2015]
Vulnerability was identified in the Cisco Spark.
An attacker could obtain sensitive information. This vulnerability affects
version 2015-07-04 of the mentioned
product.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=41127
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106491
23.
Vulnerability in SAP NetWeaver
(106492)
[23/09/2015]
Vulnerability was identified in the SAP
NetWeaver. An attacker could execute arbitrary code and cause a denial of
service condition. This vulnerability affects versions prior to 7.01 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106492
24.
Vulnerabilities in Resource Data
Management Data Manager (ICSA-15-265-01)
[23/09/2015] Vulnerabilities were identified in the Resource Data
Management Data Manager. An attacker could gain elevated privileges and perform
cross-site request forgery attack. These vulnerabilities affect versions prior
to 2.2 of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-265-01
25.
Vulnerabilities in IBC Solar Products
(ICSA-15-265-02)
[23/09/2015] Vulnerabilities were identified in the IBC Solar ServeMaster
TLP+ and Danfoss TLX Pro+. An attacker could obtain sensitive information and
perform cross-site scripting attacks. These vulnerabilities affect multiple
versions of the mentioned
products.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-265-02
26.
Vulnerabilities in
Moodle
[23/09/2015]
Vulnerabilities were identified in the Moodle.
An attacker could perform cross-site scripting attack, execute arbitrary code,
bypass security restrictions and obtain sensitive information. These
vulnerabilities affect multiple versions of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:www.hkcert.org/my_url/en/alert/15092201
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106484
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106485
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106486
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106487
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106488
27.
Vulnerability in Xen
(XSA-142)
[23/09/2015]
Vulnerability was identified in the Xen. An
attacker could bypass security restrictions. This vulnerability affects multiple
versions of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:xenbits.xen.org/xsa/advisory-142.html
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106493
28.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1814-1)
[23/09/2015] Red Hat
has released security update packages for fixing the vulnerability identified in
the Adobe Flash Player package for Red Hat Enterprise Linux 5 and 6. An attacker
could execute arbitrary code, obtain sensitive information and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1814.html
29.
Security Updates in Ubuntu GNU/Linux
(USN-2743-1, USN-2743-2)
[23/09/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the firefox and ubufox packages for versions 12.04 LTS, 14.04 LTS and 15.04 of
Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and perform spoofing
attack.
URL:www.ubuntu.com/usn/usn-2743-1/
URL:www.ubuntu.com/usn/usn-2743-2/
30.
Security Updates in Oracle Linux
(ELSA-2015-1833, ELSA-2015-1834)
[23/09/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the qemu-kvm and firefox packages for Oracle Linux 5, 6 and 7. Due to multiple
errors, an attacker could gain elevated privileges, execute arbitrary code,
bypass security restrictions, obtain sensitive information, cause a buffer
overflow, crash the system and perform spoofing
attack.
URL:linux.oracle.com/errata/ELSA-2015-1833.html
URL:linux.oracle.com/errata/ELSA-2015-1834.html
31.
Vulnerabilities in Adobe Flash Player
(APSB15-23)
[22/09/2015] Vulnerabilities were identified in the Adobe Flash Player. An
attacker could bypass security restrictions, execute arbitrary code and
compromise the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:helpx.adobe.com/security/products/flash-player/apsb15-23.html
URL:www.us-cert.gov/ncas/current-activity/2015/09/21/Adobe-Releases-Security-Update-Flash-Player
URL:technet.microsoft.com/en-us/library/security/2755801
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106437
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106438
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106439
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106440
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106441
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106442
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106443
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106444
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106445
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106446
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106447
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106448
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106449
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106450
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106451
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106452
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106453
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106454
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106455
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106456
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106457
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106458
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106459
32.
Vulnerabilities in Apple watchOS
(HT205213)
[22/09/2015]
Vulnerabilities were identified in the Apple
watchOS. An attacker could bypass security restrictions, execute arbitrary code
and compromise the system. These vulnerabilities affect versions prior to 2 of
the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:support.apple.com/zh-hk/HT205213
33.
Vulnerability in Cisco Wireless LAN
Controller
[22/09/2015]
Vulnerability was identified in the Cisco
Wireless LAN Controller. An attacker could bypass security restrictions, cause a
denial of service condition and crash the system. This vulnerability affects
multiple firmware versions of the mentioned
products.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=41102
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106434
34.
Vulnerability in HP Software Update
(c04801217)
[22/09/2015] Vulnerability was identified in the HP Software Update. An
attacker could bypass security restrictions and gain elevated privileges on the
system. This vulnerability affects versions prior to 5.005.002.002 of the
mentioned products. Security patches are available to resolve this
vulnerability.
URL:h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04801217
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106433
35.
Vulnerabilities in IBM Products
(T1022637, S1005366)
[22/09/2015] Vulnerabilities were identified in the IBM Spectrum Scale and
IBM GPFS. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges and execute arbitrary code. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=isg3T1022637
URL:www.ibm.com/support/docview.wss?uid=ssg1S1005366
36.
Vulnerabilities in Web Reference Database
(VU#374092)
[22/09/2015] Vulnerabilities were identified in the Web Reference
Database. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. These vulnerabilities affect
versions 0.9.6 and possibly earlier of the mentioned
product.
URL:www.kb.cert.org/vuls/id/374092
37. Security Updates in Debian
(DSA-3364-1)
[22/09/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the linux packages for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:www.debian.org/security/2015/dsa-3364
38.
Security Updates in SUSE
(SUSE-SU-2015:1581-1)
[22/09/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the openssh packages of SUSE Linux Enterprise 11. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code and cause a denial of service
condition.
URL:lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
39.
Vulnerabilities in Cisco
Products
[21/09/2015]
Vulnerabilities were identified in the Cisco IOS
Software, Cisco Unity Connection, Cisco Secure Access Control Server and Cisco
ASR 9000 Routers. An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the system. These vulnerabilities affect multiple firmware
versions of the mentioned products. Security patches are available to resolve
these vulnerabilities except the Cisco Unity Connection and Cisco Secure Access
Control
Server.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=41060
URL:tools.cisco.com/security/center/viewAlert.x?alertId=41074
URL:tools.cisco.com/security/center/viewAlert.x?alertId=41087
URL:tools.cisco.com/security/center/viewAlert.x?alertId=41101
40.
Vulnerabilities in Huawei Products
(Huawei-SA-20150919-01-RC4,
Huawei-SA-20150919-01-OpenSSL)
[21/09/2015] Vulnerabilities were identified in multiple Huawei Products.
An attacker could bypass security restrictions and obtain sensitive information.
These vulnerabilities affect multiple firmware versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm
URL:www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454058.htm
41.
Vulnerability in Avira Management Console
(106411)
[21/09/2015]
Vulnerability was identified in the Avira
Management Console. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code and
compromise the system. The affected version was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106411
42.
Security Updates in Debian (DSA-3361-1,
DSA-3362-1, DSA-3363-1)
[21/09/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the qemu, qemu-kvm and owncloud-client packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.debian.org/security/2015/dsa-3361
URL:www.debian.org/security/2015/dsa-3362
URL:www.debian.org/security/2015/dsa-3363
43.
Security Updates in Mageia
(MGASA-2015-0378)
[21/09/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the owncloud packages for multiple versions of Mageia. Due to multiple errors,
an attacker could bypass security restrictions and obtain sensitive
information.
URL:advisories.mageia.org/MGASA-2015-0378.html
No comments:
Post a Comment