1. Vulnerability
in HP Loadrunner Virtual Table Server (c04900820)
[27/11/2015] Vulnerability was identified in the HP Loadrunner Virtual
Table Server. An attacker could bypass security restrictions and execute
arbitrary code on the system. This vulnerability affects versions 11.52, 12.00,
12.01, 12.02 and 12.50 of the mentioned products. Security patches are available
to resolve this
vulnerability.
URL:h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04900820
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108317
2. Vulnerability in EMC Isilon OneFS
(108318)
[27/11/2015]
Vulnerability was identified in the EMC Isilon
OneFS. An attacker could bypass security restrictions, gain elevated privileges,
execute arbitrary code and compromise the system. This vulnerability affects
multiple versions of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108318
3. Vulnerabilities in Huawei Products
(Huawei-SA-20151126-01-VCN500, Huawei-SA-20151126-02-VCN500,
Huawei-SA-20151126-03-VCN500, Huawei-SA-20151126-04-VCN500,
HW-463102)
[27/11/2015]
Vulnerabilities were identified in the Huawei
VCN500, Huawei home gateway, WiMAX, and CPE products. An attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, perform SQL Injection and replay attacks, cause a denial
of service condition and crash the system. These vulnerabilities affect multiple
firmware versions of the mentioned products. Security patches are available to
resolve these vulnerabilities identified in the Huawei
VCN500.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-463067.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-463070.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-463072.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-463084.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-463102.htm
4. Vulnerability in Xen
(XSA-163)
[27/11/2015]
Vulnerability was identified in the Xen. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, cause a denial of service condition and crash the system.
This vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:xenbits.xen.org/xsa/advisory-163.html
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108301
5. Security Updates in Oracle Linux (ELSA-2015-2172,
ELSA-2015-2505)
[27/11/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the glibc, abrt and libreport packages for Oracle Linux 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-2172.html
URL:linux.oracle.com/errata/ELSA-2015-2505.html
6. Security Updates in Debian (DSA-3405-1, DSA-3406-1,
DSA-3407-1)
[27/11/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the smokeping, nspr and dpkg packages for multiple versions of Debian GNU/Linux.
Due to multiple errors, an attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3405
URL:www.debian.org/security/2015/dsa-3406
URL:www.debian.org/security/2015/dsa-3407
7. Security Updates in Mageia (MGASA-2015-0455,
MGASA-2015-0456, MGASA-2015-0457, MGASA-2015-0458,
MGASA-2015-0459)
[27/11/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the libsndfile, python-pygments, libxml2, python-m2crypto and tigervnc packages
for multiple versions of Mageia. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0455.html
URL:advisories.mageia.org/MGASA-2015-0456.html
URL:advisories.mageia.org/MGASA-2015-0457.html
URL:advisories.mageia.org/MGASA-2015-0458.html
URL:advisories.mageia.org/MGASA-2015-0459.html
8. Security Updates in Red Hat Enterprise Linux
(RHSA-2015:2519-1, RHSA-2015:2520-1)
[27/11/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the thunderbird and ntp packages for Red Hat Enterprise Linux 5, 6 and 7. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-2519.html
URL:rhn.redhat.com/errata/RHSA-2015-2520.html
9. Security Updates in SUSE (openSUSE-SU-2015:2099-1,
openSUSE-SU-2015:2100-1, SUSE-SU-2015:2108-1)
[27/11/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the libpng12, libpng16 and Linux Kernel packages of openSUSE 13.1 and 13.2, and
SUSE Linux Enterprise 11. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html
10.
Security Updates in Ubuntu GNU/Linux
(USN-2820-1)
[27/11/2015] Ubuntu has
released security update packages for fixing the vulnerability identified in the
dpkg packages for versions 12.04 LTS, 14.04 LTS, 15.04 and 15.10. An attacker
could bypass security restrictions, execute arbitrary code, cause a denial of
service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2820-1/
11. Vulnerabilities in Cisco Products
(cisco-sa-20151125-asr5000, cisco-sa-20151125-ci)
[26/11/2015] Vulnerabilities were identified in the Cisco Aggregation
Services Router (ASR) 5000 Series and various routers, access points, switches,
firewalls products. An attacker could cause a denial of service condition and
obtain sensitive information. These vulnerabilities affect multiple versions of
the mentioned
products.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-asr5000
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci
12.
Vulnerabilities in Huawei Products
(Huawei-SA-20151125-01- FusionCompute, Huawei-SA-20151125-01-TE,
Huawei-SA-20151125-01-VCM)
[26/11/2015] Vulnerabilities were identified in the Huawei FusionCompute,
Huawei TE series and Huawei Video Content Management (VCM) system. An attacker
could obtain sensitive information, cause service disruption and gain elevated
privileges. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-462904.htm
URL:www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-462952.htm
URL:www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-462985.htm
13.
Vulnerability in embedded devices using
non-unique X.509 certificates and SSH host keys
(VU#566724)
[26/11/2015] Vulnerability was identified in the embedded devices using
non-unique X.509 certificates and SSH host keys. An attacker could obtain
sensitive information. This vulnerability affects multiple versions of embedded
devices of various
vendors.
URL:www.kb.cert.org/vuls/id/566724
14. Security Updates in Debian (DSA-3403-1,
DSA-3404-1)
[26/11/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the libcommons-collections3-java and python-django packages for multiple
versions of Debian GNU/Linux. Due to multiple errors, an attacker could obtain
sensitive
information.
URL:www.debian.org/security/2015/dsa-3403
URL:www.debian.org/security/2015/dsa-3404
15.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:2518-1)
[26/11/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.5.0-ibm packages for Red Hat Enterprise Linux 5 and 6. An attacker
could bypass security restrictions and cause buffer
overflow.
URL:rhn.redhat.com/errata/RHSA-2015-2518.html
16.
Security Updates in Ubuntu GNU/Linux
(USN-2818-1)
[26/11/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openjdk-7 package for versions 14.04 LTS, 15.04 and 15.10. An attacker could
obtain sensitive information and execute arbitrary
code.
URL:www.ubuntu.com/usn/usn-2818-1/
17. Security Updates in Slackware
(SSA:2015-328-01)
[26/11/2015] Slackware
has released security update packages for fixing the vulnerability identified in
the pcre package for multiple versions of Slackware Linux. An attacker could
execute arbitrary code and cause a denial of service
condition.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.339015
18.
Vulnerability in Cisco Adaptive Security
Appliance Software (cisco-sa-20151123-asa)
[25/11/2015] Vulnerability was identified in the Cisco Adaptive Security
Appliance (ASA) Software. An attacker could bypass security restrictions,
execute arbitrary code, cause a denial of service condition and crash the
system. This vulnerability affects version 8.4 of the mentioned products.
Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-asa
19.
Vulnerabilities in Dell Products
(VU#870761, VU#925497)
[25/11/2015] Vulnerabilities were identified in the Dell Foundation
Services and Dell System Detect. An attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect multiple
versions of the mentioned
products.
URL:www.kb.cert.org/vuls/id/870761
URL:www.kb.cert.org/vuls/id/925497
URL:www.hkcert.org/my_url/en/alert/15112501
URL:www.us-cert.gov/ncas/current-activity/2015/11/24/Dell-Computers-Contain-CA-Root-Certificate-Vulnerability
20.
Vulnerabilities in Huawei Products
(Huawei-SA-20151124-01-HomeGateway,
Huawei-SA-20151124-01-smartphone)
[25/11/2015] Vulnerabilities were identified in the Huawei home gateway
and Huawei mobile phone products. An attacker could bypass security
restrictions, obtain sensitive information and execute arbitrary code. These
vulnerabilities affect multiple firmware versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-462908.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-462918.htm
21.
Vulnerabilities in Moxa OnCell Central
Manager (ICSA-15-328-01)
[25/11/2015] Vulnerabilities were identified in the Moxa OnCell Central
Manager. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and compromise the system. These
vulnerabilities affect versions prior to 2.2 of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-328-01
22.
Security Updates in Debian
(DSA-3402-1)
[25/11/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the symfony packages for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary code on the
system.
URL:www.debian.org/security/2015/dsa-3402
23.
Security Updates in SUSE
(SUSE-SU-2015:2081-1, SUSE-SU-2015:2084-1, SUSE-SU-2015:2085-1,
SUSE-SU-2015:2086-1, SUSE-SU-2015:2087-1, SUSE-SU-2015:2089-1,
SUSE-SU-2015:2090-1, SUSE-SU-2015:2091-1)
[25/11/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Mozilla Firefox and Linux Kernel Live Patch packages of SUSE Linux
Enterprise 10 and 12. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html
24.
Security Updates in Ubuntu GNU/Linux
(USN-2816-1, USN-2817-1)
[25/11/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the python-django and icedtea-web packages for versions 12.04 LTS, 14.04 LTS,
15.04 and 15.10. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges and execute
arbitrary
code.
URL:www.ubuntu.com/usn/usn-2816-1/
URL:www.ubuntu.com/usn/usn-2817-1/
25.
Vulnerabilities in Apache Cordova Android
(108200, 108201)
[24/11/2015] Vulnerabilities were identified in the Apache Cordova
Android. An attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary code on the system. These vulnerabilities
affect multiple versions prior to 4.1.1 of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108200
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108201
26.
Vulnerabilities in Cisco Products
(cisco-sa-20151123-fire, cisco-sa-20151123-vts)
[24/11/2015] Vulnerabilities were identified in the Cisco Firepower 9000
and Cisco Virtual Topology System (VTS) devices. An attacker could bypass
security restrictions, execute arbitrary code, perform code injection attacks,
cause a denial of service condition and crash the system. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-fire
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts
27.
Vulnerabilities in IBM Products (1969225,
1970676)
[24/11/2015]
Vulnerabilities were identified in the IBM Java
Security Components and IBM Sterling B2B Integrator Queue Watcher. An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code and perform cross-site scripting attacks. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21969225
URL:www.ibm.com/support/docview.wss?uid=swg21970676
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106309
URL:exchange.xforce.ibmcloud.com/vulnerabilities/107860
28.
Vulnerabilities in Novell Sentinel
(5228410)
[24/11/2015]
Vulnerabilities were identified in the Novell
Sentinel. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=Hf9VJbUu3WM~
29.
Vulnerability in Lenovo SHAREit
(108198)
[24/11/2015]
Vulnerability was identified in the Lenovo
SHAREit. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cross-site scripting attacks.
This vulnerability affects version 2.3.80 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108198
30.
Vulnerabilities in CSL DualCom Product
(VU#428280)
[24/11/2015] Vulnerabilities were identified in the CSL DualCom GPRS
CS2300-R alarm signaling boards. An attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code, cause a denial of service
condition and crash the system. These vulnerabilities affect multiple firmware
versions of the mentioned
product.
URL:www.kb.cert.org/vuls/id/428280
31. Vulnerability in NetWin SurgeFTP
(108197)
[24/11/2015]
Vulnerability was identified in the NetWin
SurgeFTP. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cross-site scripting attacks.
This vulnerability affects version 23d6 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108197
32.
Security Updates in Oracle Linux
(ELSA-2015-2079, ELSA-2015-2088, ELSA-2015-2101, ELSA-2015-2108, ELSA-2015-2111,
ELSA-2015-2131, ELSA-2015-2140, ELSA-2015-2151, ELSA-2015-2154, ELSA-2015-2155,
ELSA-2015-2159, ELSA-2015-2180, ELSA-2015-2231, ELSA-2015-2237, ELSA-2015-241,
ELSA-2015-2248, ELSA-2015-2345, ELSA-2015-2360, ELSA-2015-2369, ELSA-2015-2379,
ELSA-2015-2393, ELSA-2015-2401, ELSA-2015-2417, ELSA-2015-2455,
ELSA-2015-2504)
[24/11/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the binutils, openssh, python, cpio, grep, openldap, libssh2, xfsprogs, krb5,
file, curl, rubygem-bundler, rubygem-thor, ntp, rest, chrony, netcf, net-snmp,
cups-filters, openhpi, squid, wireshark, grub2, autofs, unbound and libreport
packages for Oracle Linux 5, 6 and 7. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-2079.html
URL:linux.oracle.com/errata/ELSA-2015-2088.html
URL:linux.oracle.com/errata/ELSA-2015-2101.html
URL:linux.oracle.com/errata/ELSA-2015-2108.html
URL:linux.oracle.com/errata/ELSA-2015-2111.html
URL:linux.oracle.com/errata/ELSA-2015-2131.html
URL:linux.oracle.com/errata/ELSA-2015-2140.html
URL:linux.oracle.com/errata/ELSA-2015-2151.html
URL:linux.oracle.com/errata/ELSA-2015-2154.html
URL:linux.oracle.com/errata/ELSA-2015-2155.html
URL:linux.oracle.com/errata/ELSA-2015-2159.html
URL:linux.oracle.com/errata/ELSA-2015-2180.html
URL:linux.oracle.com/errata/ELSA-2015-2231.html
URL:linux.oracle.com/errata/ELSA-2015-2237.html
URL:linux.oracle.com/errata/ELSA-2015-2241.html
URL:linux.oracle.com/errata/ELSA-2015-2248.html
URL:linux.oracle.com/errata/ELSA-2015-2345.html
URL:linux.oracle.com/errata/ELSA-2015-2360.html
URL:linux.oracle.com/errata/ELSA-2015-2369.html
URL:linux.oracle.com/errata/ELSA-2015-2378.html
URL:linux.oracle.com/errata/ELSA-2015-2393.html
URL:linux.oracle.com/errata/ELSA-2015-2401.html
URL:linux.oracle.com/errata/ELSA-2015-2417.html
URL:linux.oracle.com/errata/ELSA-2015-2455.html
URL:linux.oracle.com/errata/ELSA-2015-2504.html
33.
Security Updates in Debian
(DSA-3401-1)
[24/11/2015] Debian has
released security update packages for fixing the vulnerability identified in the
openjdk-7 packages for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, obtain sensitive information and execute arbitrary
code on the
system.
URL:www.debian.org/security/2015/dsa-3401
34.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:2504-1, RHSA-2015:2505-1, RHSA-2015:2506-1, RHSA-2015:2507-1,
RHSA-2015:2508-1, RHSA-2015:2509-1)
[24/11/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the libreport, abrt, java-1.7.1-ibm, java-1.7.0-ibm, java-1.6.0-ibm and
java-1.8.0-ibm packages for Red Hat Enterprise Linux 5, 6 and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-2504.html
URL:rhn.redhat.com/errata/RHSA-2015-2505.html
URL:rhn.redhat.com/errata/RHSA-2015-2506.html
URL:rhn.redhat.com/errata/RHSA-2015-2507.html
URL:rhn.redhat.com/errata/RHSA-2015-2508.html
URL:rhn.redhat.com/errata/RHSA-2015-2509.html
35.
Vulnerabilities in Cisco Products
(cisco-sa-20151120-ns, cisco-sa-20151120-tvcs)
[23/11/2015] Vulnerabilities were identified in the Cisco Networking
Services and Cisco TelePresence Video Communication Server (VCS). An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code and perform cross-site request forgery attacks. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-ns
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-tvcs
36.
Vulnerabilities in F5 Traffix SDC
(SOL05534090, SOL14132811, SOL93203055)
[23/11/2015] Vulnerabilities were identified in the F5 Traffix SDC. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. These vulnerabilities affect
multiple versions of the mentioned product. Security patches are available to
resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/05/sol05534090.html
URL:support.f5.com/kb/en-us/solutions/public/k/14/sol14132811.html
URL:support.f5.com/kb/en-us/solutions/public/k/93/sol93203055.html
37.
Vulnerabilities in Arris cable modems
(VU#419568)
[23/11/2015] Vulnerabilities were identified in the Arris cable modems. An
attacker could bypass security restrictions, execute arbitrary code, perform
cross-site scripting and cross-site request forgery attacks. These
vulnerabilities affect multiple firmware versions of the mentioned
product.
URL:www.kb.cert.org/vuls/id/419568
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108188
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108189
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108190
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108191
38.
Security Updates in Debian
(DSA-3400-1)
[23/11/2015] Debian has
released security update packages for fixing the vulnerability identified in the
lxc packages for multiple versions of Debian GNU/Linux. An attacker could bypass
security restrictions, obtain sensitive information and execute arbitrary code
on the
system.
URL:www.debian.org/security/2015/dsa-3400
39.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:2500-1)
[23/11/2015] Red Hat
has released security update packages for fixing the vulnerability identified in
the Apache commons-collections library for Red Hat JBoss Enterprise Application
Platform 6.4 packages for Red Hat Enterprise Linux 5, 6 and 7. An attacker could
bypass security restrictions, gain elevated privileges and execute arbitrary
code on the
system.
URL:rhn.redhat.com/errata/RHSA-2015-2500.html
No comments:
Post a Comment