1. Vulnerabilities in Apple TV
(HT205795)
[26/02/2016]
Vulnerabilities were identified in the Apple TV
. An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect versions prior
to 7.2.1 of the mentioned product. Security patches are available to resolve
these
vulnerabilities.
URL:support.apple.com/en-us/HT205795
URL:www.hkcert.org/my_url/en/alert/16022601
URL:www.us-cert.gov/ncas/current-activity/2016/02/25/Apple-Releases-Security-Update-Apple-TV
2. Vulnerability in Cisco FirePOWER Management Center
(cisco-sa-20160224-fmc)
[26/02/2016] Vulnerability was identified in the Cisco FirePOWER
Management Center. An attacker could bypass security restrictions and obtain
sensitive information. This vulnerability affects multiple firmware versions of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-fmc
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110999
3. Vulnerability ManageEngine Firewall Analyzer
(111009)
[26/02/2016]
Vulnerability was identified in the ManageEngine
Firewall Analyzer. An attacker could bypass security restrictions, execute
arbitrary code and perform cross-site scripting attacks. This vulnerability
affects versions prior to 12.0 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111009
4. Vulnerabilities in Drupal core
(SA-CORE-2016-001)
[26/02/2016] Vulnerabilities were identified in the Drupal core. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code and compromise the system. These
vulnerabilities affect multiple versions of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:www.drupal.org/SA-CORE-2016-001
URL:www.us-cert.gov/ncas/current-activity/2016/02/24/Drupal-Releases-Security-Updates
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111018
5. Vulnerabilities in libxml2 (111012,
111013)
[26/02/2016]
Vulnerabilities were identified in the libxml2.
An attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. These vulnerabilities affect
version 2.9.3 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111012
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111013
6. Vulnerability in Squid
(111004)
[26/02/2016]
Vulnerability was identified in the Squid. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. This vulnerability affects
multiple versions of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111004
7. Security Updates in Debian (DSA-3491-1, DSA-3492-1,
DSA-3493-1)
[26/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the icedove, gajim and xerces-c packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3491
URL:www.debian.org/security/2016/dsa-3492
URL:www.debian.org/security/2016/dsa-3493
8. Security Updates in Gentoo Linux (GLSA
201602-02)
[26/02/2016]
Gentoo has released security update packages for
fixing the vulnerabilities identified in the glibc packages for multiple
versions of Gentoo Linux. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:security.gentoo.org/glsa/201602-02
9. Security Updates in SUSE (openSUSE-SU-2016:0578-1,
SUSE-SU-2016:0585-1)
[26/02/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the postgresql94 and Linux Kernel packages of openSUSE Leap 42.1 and SUSE Linux
Enterprise 11 and 12. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00057.html
10.
Information Updates on Microsoft Security
Bulletin (3136082)
[25/02/2016] Microsoft
has updated information on the Security Bulletin for Microsoft Windows.
KB3136082 corrected the Updates Replaced for Windows Server 2012 and Windows
Server 2012 R2 to 3124001 in
MS16-005.
URL:technet.microsoft.com/en-us/library/security/MS16-018
11.
Vulnerability in Cisco ACE 4710
Application Control Engine (cisco-sa-20160224-ace)
[25/02/2016] Vulnerability was identified in the Cisco ACE 4710
Application Control Engine. An attacker could bypass security restrictions, gain
elevated privileges, execute arbitrary code and compromise the system. This
vulnerability affects multiple firmware versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-ace
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110989
12.
Vulnerabilities in F5 Products
(sol13304944, sol05428062, sol19157044)
[25/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, BIG-IQ Cloud, BIG-IQ
Device, BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management, BIG-IQ Cloud
and Orchestration, LineRate and Traffix SDC. An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the system. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/13/sol13304944.html
URL:support.f5.com/kb/en-us/solutions/public/k/05/sol05428062.html
URL:support.f5.com/kb/en-us/solutions/public/k/19/sol19157044.html
13.
Vulnerability in Wireless keyboard/mouse
devices (VU#981271)
[25/02/2016] Vulnerability was identified in the Wireless keyboard and
mouse devices from multiple vendors use proprietary wireless protocols. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple firmware versions of the mentioned products.
Security patches are available to resolve this vulnerability for Logitech's
devices.
URL:www.kb.cert.org/vuls/id/981271
14. Vulnerabilities in TYPO3 (TYPO3-CORE-SA-2016-005,
TYPO3-CORE-SA-2016-006, TYPO3-CORE-SA-2016-007)
[25/02/2016] Vulnerabilities were identified in the TYPO3. An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code and perform cross-site scripting attacks. These vulnerabilities
affect multiple versions of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-005/
URL:typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-006/
URL:typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-007/
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110920
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110921
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110922
15.
Vulnerability in Extra User Details
plugin for WordPress (110992)
[25/02/2016] Vulnerability was identified in the Extra User Details plugin
for WordPress. An attacker could bypass security restrictions and gain elevated
privileges. This vulnerability affects versions prior to 0.4.2.1 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110992
16.
Security Updates in Oracle Linux
(ELSA-2016-3521)
[25/02/2016] Oracle has
released security update packages for fixing the vulnerability identified in the
openssh packages for Oracle Linux 5. An attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:linux.oracle.com/errata/ELSA-2016-3521.html
17.
Security Updates in Debian (DSA-3489-1,
DSA-3490-1)
[25/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the lighttpd and websvn packages for multiple versions of Debian GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code and perform cross-site scripting
attacks.
URL:www.debian.org/security/2016/dsa-3489
URL:www.debian.org/security/2016/dsa-3490
18.
Security Updates in Mageia
(MGASA-2016-0063, MGASA-2016-0064, MGASA-2016-0065, MGASA-2016-0066,
MGASA-2016-0067, MGASA-2016-0068, MGASA-2016-0069, MGASA-2016-0070,
MGASA-2016-0071, MGASA-2016-0072, MGASA-2016-0073, MGASA-2016-0074,
MGASA-2016-0075, MGASA-2016-0076, MGASA-2016-0077, MGASA-2016-0078,
MGASA-2016-0079, MGASA-2016-0080, MGASA-2016-0081,
MGASA-2016-0082)
[25/02/2016] Mageia has
released security update packages for fixing the vulnerabilities identified in
the cpio, libxmp, nginx, python-pillow, claws-mail, cacti, gtk+2.0, eom, thunar,
libgcrypt, pinpoint, eog, gambas3, gnome-photos, firefox, firefox-l10n,
graphite2, thunderbird, thunderbird-l10n, glibc, nodejs, 389-ds-base and libssh
packages for multiple versions of Mageia. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:advisories.mageia.org/MGASA-2016-0063.html
URL:advisories.mageia.org/MGASA-2016-0064.html
URL:advisories.mageia.org/MGASA-2016-0065.html
URL:advisories.mageia.org/MGASA-2016-0066.html
URL:advisories.mageia.org/MGASA-2016-0067.html
URL:advisories.mageia.org/MGASA-2016-0068.html
URL:advisories.mageia.org/MGASA-2016-0069.html
URL:advisories.mageia.org/MGASA-2016-0070.html
URL:advisories.mageia.org/MGASA-2016-0071.html
URL:advisories.mageia.org/MGASA-2016-0072.html
URL:advisories.mageia.org/MGASA-2016-0073.html
URL:advisories.mageia.org/MGASA-2016-0074.html
URL:advisories.mageia.org/MGASA-2016-0075.html
URL:advisories.mageia.org/MGASA-2016-0076.html
URL:advisories.mageia.org/MGASA-2016-0077.html
URL:advisories.mageia.org/MGASA-2016-0078.html
URL:advisories.mageia.org/MGASA-2016-0079.html
URL:advisories.mageia.org/MGASA-2016-0080.html
URL:advisories.mageia.org/MGASA-2016-0081.html
URL:advisories.mageia.org/MGASA-2016-0082.html
19. Security Updates in
Red Hat Enterprise Linux (RHSA-2016:0296-1)
[25/02/2016] Red Hat
has released security update packages for fixing the vulnerability identified in
the rh-ror41-rubygem-actionpack, rh-ror41-rubygem-actionview,
rh-ror41-rubygem-activemodel and rh-ror41-rubygem-activerecord packages for Red
Hat Software Collections for Red Hat Enterprise Linux 6 and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0296.html
20.
Security Updates in SUSE
(SUSE-SU-2016:0554-1, SUSE-SU-2016:0555-1,
SUSE-SU-2016:0564-1)
[25/02/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox and postgresql94 packages of SUSE Linux Enterprise 11 and 12.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00053.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00055.html
21.
Security Updates in Ubuntu GNU/Linux
(USN-2913-1, USN-2913-2, USN-2913-3, USN-2913-4)
[25/02/2016] Ubuntu has released security update packages for fixing the
vulnerabilities identified in the ca-certificates, glib-networking, openssl and
gnutls26 packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2913-1/
URL:www.ubuntu.com/usn/usn-2913-2/
URL:www.ubuntu.com/usn/usn-2913-3/
URL:www.ubuntu.com/usn/usn-2913-4/
22.
Vulnerability in Microsoft Enhanced
Mitigation Experience Toolkit
[24/02/2016] Vulnerability was identified in the Microsoft Enhanced
Mitigation Experience Toolkit (EMET). An attacker could bypass or disable EMET
to take control of an affected system. This vulnerability affects versions prior
to 5.5 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:www.us-cert.gov/ncas/current-activity/2016/02/23/Microsoft-Releases-Update-EMET
23.
Vulnerability in Cisco Nexus 2000 Series
Fabric Extender (cisco-sa-20160223-nx2000)
[24/02/2016] Vulnerability was identified in the Cisco Nexus 2000 Series
Fabric Extender. An attacker could gain elevated privileges. The affected
version was not
specified.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160223-nx2000
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110912
24.
Vulnerability in Linux
Kernel
[24/02/2016]
Vulnerability was identified in the Linux
Kernel. An attacker could cause a denial of service condition and execute
arbitrary code. This vulnerability affects multiple versions of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:www.hkcert.org/my_url/en/alert/16022401
25.
Security Updates in Slackware
(SSA:2016-054-01, SSA:2016-054-02, SSA:2016-054-03,
SSA:2016-054-04)
[24/02/2016] Slackware
has released security update packages for fixing the vulnerabilities identified
in the bind, glibc, libgcrypt and ntp packages for multiple versions of
Slackware Linux. Due to multiple errors, an attacker could cause a denial of
service condition, cause a stack-based buffer overflow, obtain sensitive
information and conduct impersonation
attacks.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.520528
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.569827
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519149
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.546478
26.
Security Updates in Debian (DSA-3487-1,
DSA-3488-1)
[24/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the libssh2 and libssh packages for multiple versions of Debian GNU/Linux. Due
to multiple errors, an attacker could obtain sensitive
information.
URL:www.debian.org/security/2016/dsa-3487
URL:www.debian.org/security/2016/dsa-3488
27.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0286-1)
[24/02/2016] Red Hat
has released security update packages for fixing the vulnerability identified in
the chromium-browser packages for Red Hat Enterprise Linux 6. An attacker could
execute arbitrary code, crash the system and obtain sensitive
information.
URL:rhn.redhat.com/errata/RHSA-2016-0286.html
28.
Security Updates in Ubuntu GNU/Linux
(USN-2903-2, USN-2905-1, USN-2912-1)
[24/02/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the nss, oxide-qt and libssh packages for versions 12.04 LTS, 14.04 LTS and
15.10. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2903-2/
URL:www.ubuntu.com/usn/usn-2905-1/
URL:www.ubuntu.com/usn/usn-2912-1/
29.
Vulnerabilities in Apache
Tomcat
[23/02/2016]
Vulnerabilities were identified in the Apache
Tomcat. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
compromise the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:tomcat.apache.org/security-6.html
URL:tomcat.apache.org/security-7.html
URL:tomcat.apache.org/security-8.html
URL:tomcat.apache.org/security-9.html
URL:www.hkcert.org/my_url/en/alert/16022301
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110854
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110855
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110856
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110857
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110858
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110859
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110860
30.
Vulnerabilities in BlackBerry Enterprise
Service (BSRT-2016-001)
[23/02/2016] Vulnerabilities were identified in the BlackBerry Enterprise
Service. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, perform code injection and cross-site
scripting attacks. These vulnerabilities affect versions prior to BES12 version
12.4 of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:support.blackberry.com/kb/articleDetail?articleNumber=000038033
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110861
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110862
31.
Vulnerability in Avast! Antivirus
(110863)
[23/02/2016]
Vulnerability was identified in the Avast!
Antivirus. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise the system. This vulnerability
affect versions prior to 11.1.2253 of the mentioned product. Security patches
are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110863
32.
Vulnerabilities in F5 Products
(sol01324833, sol05046514, sol06288381, sol21230183, sol32790144, sol71245322,
sol74363721)
[23/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, FirePass, BIG-IQ Cloud,
BIG-IQ Device, BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management,
BIG-IQ Cloud and Orchestration, LineRate and Traffix SDC. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/01/sol01324833.html
URL:support.f5.com/kb/en-us/solutions/public/k/05/sol05046514.html
URL:support.f5.com/kb/en-us/solutions/public/k/06/sol06288381.html
URL:support.f5.com/kb/en-us/solutions/public/k/21/sol21230183.html
URL:support.f5.com/kb/en-us/solutions/public/k/32/sol32790144.html
URL:support.f5.com/kb/en-us/solutions/public/k/71/sol71245322.html
URL:support.f5.com/kb/en-us/solutions/public/k/74/sol74363721.html
33.
Vulnerability in LINE
(110851)
[23/02/2016]
Vulnerability was identified in the LINE for
Windows and LINE for Mac OS. An attacker could bypass security restrictions,
execute arbitrary code, cause a denial of service condition and crash the
system. This vulnerability affect multiple versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110851
34.
Security Updates in Debian (DSA-3479-1,
DSA-3486-1)
[23/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the graphite2 and chromium-browser packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3479
URL:www.debian.org/security/2016/dsa-3486
35.
Security Updates in SUSE
(openSUSE-SU-2016:0537-1, SUSE-SU-2016:0539-1)
[23/02/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the kernel and postgresql93 packages of openSUSE 13.2 and SUSE Linux Enterprise
12. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00051.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
36.
Security Updates in Ubuntu GNU/Linux
(USN-2906-1, USN-2907-1, USN-2907-2, USN-2908-1, USN-2908-2, USN-2908-3,
USN-2909-1, USN-2910-1, USN-2911-1, USN-2911-2)
[23/02/2016] Ubuntu has released security update packages for fixing the
vulnerabilities identified in the cpio, linux, linux-lts-trusty, linux-lts-wily,
linux-raspi2, linux-lts-utopic, linux-lts-vivid and linux-ti-omap4 packages for
versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.ubuntu.com/usn/usn-2906-1/
URL:www.ubuntu.com/usn/usn-2907-1/
URL:www.ubuntu.com/usn/usn-2907-2/
URL:www.ubuntu.com/usn/usn-2908-1/
URL:www.ubuntu.com/usn/usn-2908-2/
URL:www.ubuntu.com/usn/usn-2908-3/
URL:www.ubuntu.com/usn/usn-2909-1/
URL:www.ubuntu.com/usn/usn-2910-1/
URL:www.ubuntu.com/usn/usn-2911-1/
URL:www.ubuntu.com/usn/usn-2911-2/
37.
Vulnerability in Cisco ASR 5000 Series
devices (cisco-sa-20160218-asr)
[22/02/2016] Vulnerability was identified in the Cisco ASR 5000 Series
devices. An attacker could bypass security restrictions and gain elevated
privileges. This vulnerability affect versions prior to 19.3.M0.62771 and prior
to 20.0.M0.62768 of the mentioned product running StarOS. Security patches are
available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-asr
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110803
38.
Vulnerabilities in Novell Identity
Manager (5233670, 5233690)
[22/02/2016] Vulnerabilities were identified in the Novell Identity
Manager. An attacker could bypass security restrictions and compromise the
system. These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=E9m024HXLHw~
URL:download.novell.com/Download?buildid=RYH_EkORvU4~
39.
Vulnerabilities in F5 Products
(sol11785283, sol40131068, sol50413110, sol59503294, sol62655427,
sol75253136)
[22/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, BIG-IQ Cloud, BIG-IQ
Device, BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management, BIG-IQ Cloud
and Orchestration. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the system. These vulnerabilities affect
multiple versions of the mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/11/sol11785283.html
URL:support.f5.com/kb/en-us/solutions/public/k/40/sol40131068.html
URL:support.f5.com/kb/en-us/solutions/public/k/50/sol50413110.html
URL:support.f5.com/kb/en-us/solutions/public/k/59/sol59503294.html
URL:support.f5.com/kb/en-us/solutions/public/k/62/sol62655427.html
URL:support.f5.com/kb/en-us/solutions/public/k/75/sol75253136.html
40.
Vulnerability in SAP 3D Visual Enterprise
Viewer (110808)
[22/02/2016] Vulnerability was identified in the SAP 3D Visual Enterprise
Viewer. An attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the system. The affected version
was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110808
41.
Security Updates in Debian (DSA-3483-1,
DSA-3484-1, DSA-3485-1)
[22/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the cpio, xdelta3 and didiwiki packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.debian.org/security/2016/dsa-3483
URL:www.debian.org/security/2016/dsa-3484
URL:www.debian.org/security/2016/dsa-3485
42.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0277-1)
[22/02/2016] Red Hat
has released security update packages for fixing the vulnerability identified in
the rhev-hypervisor packages for Red Hat Enterprise Virtualization 3. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0277.html
43.
Security Updates in SUSE
(openSUSE-SU-2016:0511-1, openSUSE-SU-2016:0512-1, openSUSE-SU-2016:0520-1,
openSUSE-SU-2016:0521-1, openSUSE-SU-2016:0525-1, openSUSE-SU-2016:0529-1,
openSUSE-SU-2016:0531-1, openSUSE-SU-2016:0536-1)
[22/02/2016] SUSE has released security update packages for fixing the
vulnerabilities identified in the glibc, chromium, obs-service-download_files,
obs-service-extract_file, obs-service-recompress, obs-service-source_validator,
obs-service-verify_file, postgresql93 and qemu packages of openSUSE Evergreen
11.4, openSUSE 13.1, 13.2 and Leap 42.1, and SUSE Package Hub for SUSE Linux
Enterprise 12. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00045.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00046.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00047.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00048.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00050.html
No comments:
Post a Comment