1. Vulnerabilities in HP System Management Homepage
(c05045763)
[18/03/2016] Vulnerabilities were identified in the HP System Management
Homepage. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. These vulnerabilities affect
versions prior to 7.5.4 of the mentioned product. Security patches are available
to resolve these
vulnerabilities.
URL:h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05045763
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111543
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111544
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111545
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111546
2. Vulnerabilities in Symantec Endpoint Protection
(SYM16-003)
[18/03/2016] Vulnerabilities were identified in the Symantec Endpoint
Protection Manager and Client. An attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges and execute arbitrary
code. These vulnerabilities affect versions prior to 12.1-RU6-MP4 of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160317_00
URL:www.us-cert.gov/ncas/current-activity/2016/03/17/Symantec-Releases-Security-Update
3. Vulnerability in Novell Messenger
(5238163)
[18/03/2016]
Vulnerability was identified in the Novell
Messenger. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
compromise the system. This vulnerability affects versions prior to 3.0 Support
Pack 3 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=cAaN50isaQQ~
4. Vulnerability in ABB Panel Builder 800
(ICSA-16-077-01)
[18/03/2016] Vulnerability was identified in the ABB Panel Builder 800. An
attacker could bypass security restrictions and execute arbitrary code on the
system. This vulnerability affects versions prior to 6.0 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-077-01
5. Vulnerability in FreeBSD kernel
(111527)
[18/03/2016]
Vulnerability was identified in the FreeBSD
kernel. An attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the system. This vulnerability
affects versions prior to 10.2.0 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111527
6. Vulnerabilities in GIT (111523,
111524)
[18/03/2016]
Vulnerabilities were identified in the GIT. An
attacker could bypass security restrictions and execute arbitrary code on the
system. These vulnerabilities affect versions prior to 2.8.0-rc3 of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111523
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111524
7. Vulnerabilities in PHP (111540, 111541,
111542)
[18/03/2016]
Vulnerabilities were identified in the PHP. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system. These vulnerabilities affect versions prior to 5.6.13, 5.5.29 or 5.4.45
of the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111540
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111541
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111542
8. Security Updates in Slackware
(SSA:2016-077-01)
[18/03/2016] Slackware
has released security update packages for fixing the vulnerabilities identified
in the mozilla-firefox packages for multiple versions of Slackware Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.356369
9. Security Updates in SUSE (openSUSE-SU-2016:0802-1,
openSUSE-SU-2016:0803-1)
[18/03/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the git and cgit packages of openSUSE 13.2 and Leap 42.1. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00061.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00062.html
10.
Security Updates in Ubuntu GNU/Linux
(USN-2935-3)
[18/03/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the pam packages for version 12.04 LTS. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.ubuntu.com/usn/usn-2935-3/
11. Vulnerabilities in Apache Struts (S2-028, S2-029,
S2-030)
[17/03/2016]
Vulnerabilities were identified in the Apache
Struts. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cross-site scripting (XSS)
attacks. These vulnerabilities affect versions prior to 2.3.25 of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:struts.apache.org/docs/s2-028.html
URL:struts.apache.org/docs/s2-029.html
URL:struts.apache.org/docs/s2-030.html
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111513
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111514
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111515
12.
Vulnerability in HP ArcSight ESM and ESM
Express (c05048753)
[17/03/2016] Vulnerability was identified in the HP ArcSight ESM and ESM
Express. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects multiple versions of the mentioned
products. Security patches are available to resolve this
vulnerability.
URL:h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048753
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111522
13.
Vulnerabilities in VMware Products
(VMSA-2016-0003)
[17/03/2016] Vulnerabilities were identified in the VMware vRealize
Automation and vRealize Business Advanced and Enterprise. An attacker could
bypass security restrictions, execute arbitrary code and perform cross-site
scripting (XSS) attacks. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www.vmware.com/security/advisories/VMSA-2016-0003.html
URL:www.us-cert.gov/ncas/current-activity/2016/03/16/VMware-Releases-Security-Updates-0
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111517
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111518
14.
Vulnerability in Siemens SIMATIC S7-1200
(ICSA-16-075-01)
[17/03/2016] Vulnerability was identified in the Siemens SIMATIC S7-1200.
An attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. This vulnerability affects
firmware versions prior to V4.0 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-075-01
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111516
15.
Vulnerability in Xen
(XSA-171)
[17/03/2016]
Vulnerability was identified in the Xen. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the system. This vulnerability affects multiple versions of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:xenbits.xen.org/xsa/advisory-171.html
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111520
16.
Security Updates in Oracle Linux
(ELSA-2016-0450, ELSA-2016-0450-1, ELSA-2016-0458, ELSA-2016-0459,
ELSA-2016-0460)
[17/03/2016] Oracle has
released security update packages for fixing the vulnerabilities identified in
the kernel, bind97, bind and thunderbird packages for Oracle Linux 5, 6 and 7.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2016-0450.html
URL:linux.oracle.com/errata/ELSA-2016-0450-1.html
URL:linux.oracle.com/errata/ELSA-2016-0458.html
URL:linux.oracle.com/errata/ELSA-2016-0459.html
URL:linux.oracle.com/errata/ELSA-2016-0460.html
17.
Security Updates in Debian
(DSA-3518-1)
[17/03/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the spip packages for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions and execute arbitrary
code.
URL:www.debian.org/security/2016/dsa-3518
18.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0458-1, RHSA-2016:0459-1,
RHSA-2016:0460-1)
[17/03/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the bind97, bind and thunderbird packages for Red Hat Enterprise Linux 5, 6
and 7. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0458.html
URL:rhn.redhat.com/errata/RHSA-2016-0459.html
URL:rhn.redhat.com/errata/RHSA-2016-0460.html
19.
Security Updates in Mageia
(MGASA-2016-0111, MGASA-2016-0112, MGASA-2016-0113, MGASA-2016-0114,
MGASA-2016-0115)
[17/03/2016] Mageia has
released security update packages for fixing the vulnerabilities identified in
the shotwell, halibut, putty, dropbear, rootcerts, nss, thunderbird and
thunderbird-l10n packages for multiple versions of Mageia. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2016-0111.html
URL:advisories.mageia.org/MGASA-2016-0112.html
URL:advisories.mageia.org/MGASA-2016-0113.html
URL:advisories.mageia.org/MGASA-2016-0114.html
URL:advisories.mageia.org/MGASA-2016-0115.html
20.
Security Updates in SUSE
(SUSE-SU-2016:0785-1, SUSE-SU-2016:0786-1, openSUSE-SU-2016:0788-1,
openSUSE-SU-2016:0790-1, openSUSE-SU-2016:0791-1, SUSE-SU-2016:0796-1,
SUSE-SU-2016:0798-1)
[17/03/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Linux Kernel, sles12-docker-image, bsh2, rubygem-actionview-4_2, graphite2
and git packages of SUSE Linux Enterprise 11 and 12, openSUSE 13.2 and Leap
42.1. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00054.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00055.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00056.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00057.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00059.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00060.html
21.
Security Updates in Ubuntu GNU/Linux
(USN-2930-3, USN-2935-1, USN-2935-2)
[17/03/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the linux-raspi2 and pam packages for versions 12.04 LTS, 14.04 LTS and 15.10.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2930-3/
URL:www.ubuntu.com/usn/usn-2935-1/
URL:www.ubuntu.com/usn/usn-2935-2/
22.
Vulnerabilities in HP ArcSight ESM and
ESM Express (c05048452)
[16/03/2016] Vulnerabilities were identified in the HP ArcSight ESM and
ESM Express. An attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary code on the system. These vulnerabilities
affects multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05048452
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111476
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111477
23.
Security Updates in Oracle Linux
(ELSA-2016-0448, ELSA-2016-0449)
[16/03/2016] Oracle has
released security update packages for fixing the vulnerabilities identified in
the samba and samba4 packages for Oracle Linux 6 and 7. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2016-0448.html
URL:linux.oracle.com/errata/ELSA-2016-0449.html
24.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0447-1, RHSA-2016:0448-1, RHSA-2016:0449-1, RHSA-2016:0450-1,
RHSA-2016:0454-1, RHSA-2016:0455-1)
[16/03/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the samba, samba4, kernel, ror40-rubygem-actionpack,
ror40-rubygem-activerecord, ruby193-rubygem-actionpack and
ruby193-rubygem-activerecord packages for Red Hat Enterprise Linux 5, 6 and 7,
Red Hat Gluster Storage 3.1 for Red Hat Enterprise Linux 6 and 7, Red Hat
Software Collections 1 for RHEL 6 and 7. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0447.html
URL:rhn.redhat.com/errata/RHSA-2016-0448.html
URL:rhn.redhat.com/errata/RHSA-2016-0449.html
URL:rhn.redhat.com/errata/RHSA-2016-0450.html
URL:rhn.redhat.com/errata/RHSA-2016-0454.html
URL:rhn.redhat.com/errata/RHSA-2016-0455.html
25.
Security Updates in Slackware
(SSA:2016-075-01, SSA:2016-075-02)
[16/03/2016] Slackware
has released security update packages for fixing the vulnerabilities identified
in the git and seamonkey packages for multiple versions of Slackware Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.416864
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.499727
26.
Security Updates in SUSE
(SUSE-SU-2016:0745-1, SUSE-SU-2016:0746-1, SUSE-SU-2016:0747-1,
SUSE-SU-2016:0748-1, SUSE-SU-2016:0749-1, SUSE-SU-2016:0750-1,
SUSE-SU-2016:0751-1, SUSE-SU-2016:0752-1, SUSE-SU-2016:0753-1,
SUSE-SU-2016:0754-1, SUSE-SU-2016:0755-1, SUSE-SU-2016:0756-1,
SUSE-SU-2016:0757-1, SUSE-SU-2016:0759-1, SUSE-SU-2016:0769-1,
SUSE-SU-2016:0770-1, SUSE-SU-2016:0776-1, SUSE-SU-2016:0777-1,
SUSE-SU-2016:0778-1, SUSE-SU-2016:0779-1,
SUSE-SU-2016:0780-1)
[16/03/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the kernel, sles12sp1-docker-image, bind, tomcat, java-1_6_0-ibm,
mozillaFirefox, mozilla-nspr, mozilla-nss, sles11sp4-docker-image and graphite2
packages of SUSE Linux Enterprise 10, 11 and 12. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00036.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00042.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00048.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00049.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00051.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html
27.
Security Updates in Ubuntu GNU/Linux
(USN-2933-1)
[16/03/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the exim4 packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple
errors, an attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2933-1/
28. Vulnerability in Juniper Products
(JSA10722)
[15/03/2016]
Vulnerability was identified in the Juniper
ScreenOS, STRM/JSA Series and WLC Wireless LAN Controller. An attacker could
obtain sensitive information. This vulnerability affects multiple versions of
the mentioned
products.
URL:kb.juniper.net/InfoCenter/index?page=content&id=JSA10722
29.
Vulnerabilities in Linux Kernel (111452,
111453, 111454, 111459)
[15/03/2016] Vulnerabilities were identified in the Linux Kernel. An
attacker could cause a denial of service condition and crash the system. These
vulnerabilities affects multiple versions of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111452
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111453
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111454
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111459
30.
Vulnerabilities in PHP (111456,
111457)
[15/03/2016]
Vulnerabilities were identified in the PHP. An
attacker could execute arbitrary code. These vulnerabilities affects version
5.5.32 of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111456
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111457
31.
Vulnerabilities in extensions for TYPO3
(111445, 111446)
[15/03/2016] Vulnerabilities were identified in the Another simple gallery
and phpMyAdmin extensions for TYPO3. An attacker could perform code injection
and cross-site scripting attacks. These vulnerabilities affects multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111445
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111446
32.
Security Updates in Debian (DSA-3516-1,
DSA-3517-1)
[15/03/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the wireshark and exim4 packages for multiple versions of Debian GNU/Linux. Due
to multiple errors, an attacker could cause a denial of service condition and
gain elevated
privileges.
URL:www.debian.org/security/2016/dsa-3516
URL:www.debian.org/security/2016/dsa-3517
33.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0364-2, RHSA-2016:0365-2, RHSA-2016:0366-2, RHSA-2016:0440-1,
RHSA-2016:0441-1, RHSA-2016:0442-1)
[15/03/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the openstack-nova and OpenStack Orchestration packages for Red Hat
Enterprise Linux OpenStack Platform 5.0 and 6.0 for RHEL 6 and 7. Due to
multiple errors, an attacker obtain sensitive information and cause a denial of
service
condition.
URL:rhn.redhat.com/errata/RHSA-2016-0364.html
URL:rhn.redhat.com/errata/RHSA-2016-0365.html
URL:rhn.redhat.com/errata/RHSA-2016-0366.html
URL:rhn.redhat.com/errata/RHSA-2016-0440.html
URL:rhn.redhat.com/errata/RHSA-2016-0441.html
URL:rhn.redhat.com/errata/RHSA-2016-0442.html
34.
Security Updates in Ubuntu GNU/Linux
(USN-2927-1, USN-2928-1, USN-2928-2, USN-2929-1, USN-2929-2, USN-2930-1,
USN-2930-2, USN-2931-1, USN-2932-1)
[15/03/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the graphite2 and Linux kernel packages for versions 12.04 LTS, 14.04 LTS and
15.10. Due to multiple errors, an attacker could obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2927-1/
URL:www.ubuntu.com/usn/usn-2928-1/
URL:www.ubuntu.com/usn/usn-2928-2/
URL:www.ubuntu.com/usn/usn-2929-1/
URL:www.ubuntu.com/usn/usn-2929-2/
URL:www.ubuntu.com/usn/usn-2930-1/
URL:www.ubuntu.com/usn/usn-2930-2/
URL:www.ubuntu.com/usn/usn-2931-1/
URL:www.ubuntu.com/usn/usn-2932-1/
35.
Vulnerabilities in Cisco Products
(cisco-sa-20160310-prime-lms, cisco-sa-20160311-gsr)
[14/03/2016] Vulnerabilities were identified in the Cisco Prime LAN
Management Solution (LMS) and Cisco Gigabit Switch Router (GSR) 12000 Series
Routers. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160310-prime-lms
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111443
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111444
36.
Vulnerability in Schneider Electric
Telvent RTU (ICSA-16-070-01)
[14/03/2016] Vulnerability was identified in the Schneider Electric
Telvent RTU. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects multiple firmware versions of the
mentioned
product.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-070-01
37.
Vulnerability in DTE Energy Insight
(VU#713312)
[14/03/2016] Vulnerability was identified in the DTE Energy Insight. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects versions prior to 1.7.8 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.kb.cert.org/vuls/id/713312
38.
Security Updates in Debian (DSA-3514-1,
DSA-3515-1)
[14/03/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the samba and graphite2 packages for multiple versions of Debian GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.debian.org/security/2016/dsa-3514
URL:www.debian.org/security/2016/dsa-3515
39.
Security Updates in Mageia
(MGASA-2016-0103, MGASA-2016-0104, MGASA-2016-0105, MGASA-2016-0106,
MGASA-2016-0107, MGASA-2016-0108, MGASA-2016-0109,
MGASA-2016-0110)
[14/03/2016] Mageia has
released security update packages for fixing the vulnerabilities identified in
the libvirt, pigz, nspr, nss, firefox, firefox-l10n, samba, bind, openssh,
flash-player-plugin, php, timezone and php-timezonedb packages for multiple
versions of Mageia. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2016-0103.html
URL:advisories.mageia.org/MGASA-2016-0104.html
URL:advisories.mageia.org/MGASA-2016-0105.html
URL:advisories.mageia.org/MGASA-2016-0106.html
URL:advisories.mageia.org/MGASA-2016-0107.html
URL:advisories.mageia.org/MGASA-2016-0108.html
URL:advisories.mageia.org/MGASA-2016-0109.html
URL:advisories.mageia.org/MGASA-2016-0110.html
40.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0438-1)
[14/03/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the Adobe Flash Player packages for Red Hat Enterprise Linux 5 and 6. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0438.html
41.
Security Updates in SUSE
(SUSE-SU-2016:0715-1, SUSE-SU-2016:0716-1, openSUSE-SU-2016:0719-1,
openSUSE-SU-2016:0720-1, openSUSE-SU-2016:0721-1, SUSE-SU-2016:0727-1,
openSUSE-SU-2016:0729-1, openSUSE-SU-2016:0731-1, openSUSE-SU-2016:0732-1,
openSUSE-SU-2016:0733-1, openSUSE-SU-2016:0734-1)
[14/03/2016] SUSE has released security update packages for fixing the
vulnerabilities identified in the flash-player, openssl, exim, MozillaFirefox,
mozilla-nspr, mozilla-nss, Chromium, libotr and libotr2 packages of SUSE Linux
Enterprise 11 and 12, openSUSE Leap 42.1, 13.1 and 13.2. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00030.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html
No comments:
Post a Comment