1. Vulnerability
in Cisco Prime Infrastructure (cisco-sa-20160302-cpi)
[04/03/2016] Vulnerability was identified in the Cisco Prime
Infrastructure. An attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the system. This
vulnerability affects multiple firmware versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-cpi
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111226
2. Vulnerabilities in Google
Chrome
[04/03/2016]
Vulnerabilities were identified in the Google
Chrome. An attacker could bypass security restrictions and execute arbitrary
code. These vulnerabilities affect versions prior to 49.0.2623.75 of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:googlechromereleases.blogspot.hk/2016/03/stable-channel-update.html
URL:www.us-cert.gov/ncas/current-activity/2016/03/02/Google-Releases-Security-Update-Chrome
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111213
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111214
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111215
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111216
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111217
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111218
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111219
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111220
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111221
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111222
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111222
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111224
3. Vulnerabilities in Drupal (111195, 111198, 111199,
111204, 111205, 111206, 111211)
[04/03/2016] Vulnerabilities were identified in multiple modules for
Drupal. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. These vulnerabilities affect
multiple versions of the mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111195
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111198
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111199
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111204
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111205
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111206
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111211
4. Vulnerability in Linux Kernel
(111230)
[04/03/2016]
Vulnerability was identified in the Linux
Kernel. An attacker could bypass security restrictions, cause a denial of
service condition and crash the system. This vulnerability affects version 4.2
of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111230
5. Security Updates in Debian (DSA-3426-1,
DSA-3502-1)
[04/03/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the ctdb and roundup packages for multiple versions of Debian GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3426
URL:www.debian.org/security/2016/dsa-3502
6. Security Updates in Mageia
(MGASA-2016-0094)
[04/03/2016] Mageia has
released security update packages for fixing the vulnerabilities identified in
the talloc, tdb, tevent, ldb and samba packages for multiple versions of Mageia.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2016-0094.html
7. Security Updates in Red Hat Enterprise Linux
(RHSA-2016-0354-1)
[04/03/2016] Red Hat
has released security update packages for fixing the vulnerability identified in
the openstack-glance packages for Red Hat Enterprise Linux OpenStack Platform
5.0 (Icehouse) for RHEL 7. An attacker could bypass security restrictions and
execute arbitrary
code.
URL:rhn.redhat.com/errata/RHSA-2016-0354.html
8. Security Updates in SUSE (openSUSE-SU-2016:0640-1,
SUSE-SU-2016:0641-1)
[04/03/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the libopenssl0_9_8 and openssl packages of openSUSE 13.2 and Leap 42.1, and
SUSE Linux Enterprise 12. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html
9. Security Updates in Slackware (SSA:2016-062-01,
SSA:2016-062-02, SSA:2016-062-03)
[04/03/2016] Slackware
has released security update packages for fixing the vulnerabilities identified
in the mailx, openssl and php packages for multiple versions of Slackware Linux.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.377230
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.510514
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.778601
10.
Security Updates in Ubuntu GNU/Linux
(USN-2918-1, USN-2919-1)
[04/03/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the pixman and jasper packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due
to multiple errors, an attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2918-1/
URL:www.ubuntu.com/usn/usn-2919-1/
11.
Vulnerability in Apache Wicket
(111178)
[03/03/2016]
Vulnerability was identified in the Apache
Wicket. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cross-site scripting attacks.
This vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111178
12.
Vulnerabilities in Cisco Products
(cisco-sa-20160302-cpi1, cisco-sa-20160302-cucdm, cisco-sa-20160302-FireSIGHT,
cisco-sa-20160302-FireSIGHT1, cisco-sa-20160302-n3k, cisco-sa-20160302-n5ksnmp,
cisco-sa-20160302-netstack, cisco-sa-20160302-openssl, cisco-sa-20160302-psc,
cisco-sa-20160302-wsa)
[03/03/2016] Vulnerabilities were identified in multiple Cisco products.
An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect multiple
firmware versions of the mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-cpi1
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-cucdm
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-FireSIGHT
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-FireSIGHT1
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n3k
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n5ksnmp
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-netstack
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-psc
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa
URL:www.hkcert.org/my_url/en/alert/16030301
URL:www.us-cert.gov/ncas/current-activity/2016/03/02/Cisco-Releases-Security-Updates
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111181
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111182
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111183
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111184
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111190
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111191
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111192
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111193
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111194
13.
Vulnerabilities in Huawei products
(huawei-sa-20160301-01-http-en,
huawei-sa-20160302-01-utps-en)
[03/03/2016] Vulnerabilities were identified in multiple Huawei products.
An attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. These vulnerabilities affect
multiple firmware versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:www.huawei.com/en/psirt/security-advisories/huawei-sa-20160301-01-http-en
URL:www.huawei.com/en/psirt/security-advisories/huawei-sa-20160302-01-utps-en
14.
Vulnerabilities in Django (111179,
111180)
[03/03/2016]
Vulnerabilities were identified in the Django.
An attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code and perform cross-site scripting attacks. These
vulnerabilities affect versions prior to 1.9.3 or 1.8.10 of the mentioned
product. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111179
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111180
15.
Vulnerabilities in Linux Kernel (111185,
111186)
[03/03/2016]
Vulnerabilities were identified in the Linux
Kernel. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. These vulnerabilities affect
multiple versions of the mentioned product. Security patches are available to
resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111185
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111186
16.
Security Updates in Oracle Linux
(ELSA-2016-0301, ELSA-2016-0346, ELSA-2016-0347)
[03/03/2016] Oracle has released security update packages for fixing the
vulnerability identified in the postgresql packages for Oracle Linux 6 and 7. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2016-0346.html
URL:linux.oracle.com/errata/ELSA-2016-0347.html
17.
Security Updates in Mageia
(MGASA-2016-0084, MGASA-2016-0085, MGASA-2016-0086, MGASA-2016-0087,
MGASA-2016-0088, MGASA-2016-0089, MGASA-2016-0090, MGASA-2016-0091,
MGASA-2016-0092, MGASA-2016-0093)
[03/03/2016] Mageia has
released security update packages for fixing the vulnerabilities identified in
the xdelta3, postgresql9.3, postgresql9.4, asterisk, drupal, xerces-c,
perl-FCGI, tomcat, tomcat-native, wireshark, phpmyadmin and openssl packages for
multiple versions of Mageia. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2016-0084.html
URL:advisories.mageia.org/MGASA-2016-0085.html
URL:advisories.mageia.org/MGASA-2016-0086.html
URL:advisories.mageia.org/MGASA-2016-0087.html
URL:advisories.mageia.org/MGASA-2016-0088.html
URL:advisories.mageia.org/MGASA-2016-0089.html
URL:advisories.mageia.org/MGASA-2016-0090.html
URL:advisories.mageia.org/MGASA-2016-0091.html
URL:advisories.mageia.org/MGASA-2016-0092.html
URL:advisories.mageia.org/MGASA-2016-0093.html
18.
Security Updates in SUSE
(openSUSE-SU-2016:0627-1, openSUSE-SU-2016:0628-1, SUSE-SU-2016:0631-1,
SUSE-SU-2016:0636-1, openSUSE-SU-2016:0637-1,
openSUSE-SU-2016:0638-1)
[03/03/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the openssl, compat-openssl097g and java-1_7_0-ibm packages of openSUSE 13.1,
13.2, Leap 42.1 and Evergreen 11.4, and SUSE Linux Enterprise 11. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00008.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html
19.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016-0346-1)
[03/03/2016] Red Hat
has released security update packages for fixing the vulnerability identified in
the postgresql packages for Red Hat Enterprise Linux 7. An attacker could bypass
security restrictions, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0346.html
20.
Security Updates in Ubuntu GNU/Linux
(USN-2916-1)
[03/03/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the perl packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple
errors, an attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2916-1/
21. Vulnerabilities in IBM Notes
(1975365)
[02/03/2016]
Vulnerabilities were identified in the IBM
Notes. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21975365
22.
Vulnerability in McAfee VirusScan
Enterprise (SB10151)
[02/03/2016] Vulnerability was identified in the McAfee VirusScan
Enterprise. An attacker could bypass security restrictions and execute arbitrary
code on the system. This vulnerability affects version 8.8.0 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:kc.mcafee.com/corporate/index?page=content&id=SB10151
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111147
23.
Vulnerability in Schneider Electric
Application Server (ICSA-16-061-01)
[02/03/2016] Vulnerability was identified in the Schneider Electric
Application Server. An attacker could bypass security restrictions, cause a
denial of service condition and crash the system. This vulnerability affects
versions V1.7 and prior of the mentioned product. Security patches are available
to resolve this
vulnerability.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-061-01
24.
Vulnerability in Allen Bradley
CompactLogix controller platform (ICSA-16-061-02)
[02/03/2016] Vulnerability was identified in the Allen Bradley
CompactLogix controller platform. An attacker could bypass security
restrictions, cause a denial of service condition and crash the system. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-061-02
25.
Vulnerability in
OpenSSL
[02/03/2016]
Vulnerability was identified in the OpenSSL. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system. This vulnerability affects versions prior to 1.0.1s
or 1.0.2g of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:www.openssl.org/news/secadv/20160301.txt
URL:www.hkcert.org/my_url/en/alert/16030201
URL:www.kb.cert.org/vuls/id/583776
URL:www.us-cert.gov/ncas/current-activity/2016/03/01/OpenSSL-Releases-Security-Advisory
URL:www.us-cert.gov/ncas/current-activity/2016/03/01/SSLv2-DROWN-Attack
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111139
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111140
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111141
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111142
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111143
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111144
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111145
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111146
26.
Security Updates in Oracle Linux
(ELSA-2016-0301, ELSA-2016-0302, ELSA-2016-3523)
[02/03/2016] Oracle has released security update packages for fixing the
vulnerabilities identified in the openssl packages for Oracle Linux 5, 6 and 7.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2016-0301.html
URL:linux.oracle.com/errata/ELSA-2016-0302.html
URL:linux.oracle.com/errata/ELSA-2016-3523.html
27.
Security Updates in Debian (DSA-3500-1,
DSA-3501-1)
[02/03/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the openssl and perl packages for multiple versions of Debian GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3500
URL:www.debian.org/security/2016/dsa-3501
28.
Security Updates in SUSE
(SUSE-SU-2016:0617-1, SUSE-SU-2016:0620-1, SUSE-SU-2016:0621-1,
SUSE-SU-2016:0624-1)
[02/03/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the openssl packages of SUSE Linux Enterprise 11 and 12. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html
URL:lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html
29.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016-0301-1, RHSA-2016-0302-1, RHSA-2016-0303-1, RHSA-2016-0328-1,
RHSA-2016-0329-1)
[02/03/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the openssl and openstack-swift packages for Red Hat Enterprise Linux 5, 6
and 7, Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 6 and 7.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0301.html
URL:rhn.redhat.com/errata/RHSA-2016-0302.html
URL:rhn.redhat.com/errata/RHSA-2016-0303.html
URL:rhn.redhat.com/errata/RHSA-2016-0328.html
URL:rhn.redhat.com/errata/RHSA-2016-0329.html
30.
Security Updates in Ubuntu GNU/Linux
(USN-2914-1, USN-2915-1)
[02/03/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openssl and python-django packages for versions 12.04 LTS, 14.04 LTS and
15.10. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2914-1/
URL:www.ubuntu.com/usn/usn-2915-1/
31.
Vulnerability in Cisco Videoscape
Distribution Suite for Internet Streaming
(cisco-sa-20160226-vds-is)
[01/03/2016] Vulnerability was identified in the Cisco Videoscape
Distribution Suite for Internet Streaming (VDS-IS). An attacker could bypass
security restrictions, cause a denial of service condition and crash the system.
This vulnerability affects multiple firmware versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160226-vds-is
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111081
32.
Vulnerability in IBM Tivoli Monitoring
(1973559)
[01/03/2016]
Vulnerability was identified in the IBM Tivoli
Monitoring. An attacker could bypass security restrictions, obtain sensitive
information and gain elevated privileges. This vulnerability affects versions
prior to 6.2.3 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:www-01.ibm.com/support/docview.wss?uid=swg21973559
URL:exchange.xforce.ibmcloud.com/vulnerabilities/107454
33.
Vulnerabilities in F5 Products
(sol00329831)
[01/03/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device,
BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management, BIG-IQ Cloud and
Orchestration, and Traffix SDC. An attacker could bypass security restrictions
and execute arbitrary code. These vulnerabilities affect multiple versions of
the mentioned
products.
URL:support.f5.com/kb/en-us/solutions/public/k/00/sol00329831.html
34.
Vulnerability in Comodo Anti-Virus
(111083)
[01/03/2016]
Vulnerability was identified in the Comodo
Anti-Virus. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise the system. This vulnerability
affects multiple versions of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111083
35.
Vulnerability Content Delivery Networks
(VU#938151)
[01/03/2016] Vulnerability was identified in the Content Delivery Networks
(CDNs). An attacker could bypass security restrictions, cause a denial of
service condition and crash the system. The Content Delivery Networks (CDNs) are
implementing their own counter-measures to this
attack.
URL:www.kb.cert.org/vuls/id/938151
36. Vulnerability in IKE/IKEv2 protocol
(VU#419128)
[01/03/2016] Vulnerability was identified in the IKE/IKEv2 protocol. An
attacker could bypass security restrictions, cause a denial of service condition
and crash the system. This vulnerability affects ALL products running IKE/IKEv2
protocol.
URL:www.kb.cert.org/vuls/id/419128
37.
Vulnerabilities in Kernel util-linux
(111088, 111089)
[01/03/2016] Vulnerabilities were identified in the Kernel util-linux. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, cause a denial of service condition and crash the system.
These vulnerabilities affect version 2.24.2-1 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111088
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111089
38.
Vulnerabilities in
Wireshark
[01/03/2016]
Vulnerabilities were identified in the
Wireshark. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, cause a denial of service condition and
crash the system. These vulnerabilities affect versions prior to 1.12.10 or
2.0.2 of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:www.hkcert.org/my_url/en/alert/16022901
39.
Security Updates in Debian (DSA-3495-1,
DSA-3498-1, DSA-3499-1)
[01/03/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the xymon, drupal7 and pillow packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3495
URL:www.debian.org/security/2016/dsa-3498
URL:www.debian.org/security/2016/dsa-3499
40.
Security Updates in Gentoo Linux (GLSA
201602-03)
[01/03/2016]
Gentoo has released security update packages for
fixing the vulnerabilities identified in the libwmf packages for multiple
versions of Gentoo Linux. An attacker could bypass security restrictions,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:security.gentoo.org/glsa/201602-03
41.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016-0308-1, RHSA-2016-0309-1)
[01/03/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the rabbitmq-server and openstack-glance packages for Red Hat Enterprise
Linux OpenStack Platform 6.0 (Juno) for Red Hat Enterprise Linux 7. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code and
compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0308.html
URL:rhn.redhat.com/errata/RHSA-2016-0309.html
42.
Vulnerability Apache Xerces-C XML Parser
library (111028)
[29/02/2016] Vulnerability was identified in the Apache Xerces-C XML
Parser library. An attacker could bypass security restrictions, cause a denial
of service condition and crash the system. This vulnerability affects version
3.1.1 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111028
43.
Vulnerabilities in F5 Products
(sol21057235, sol43552605)
[29/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device,
BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management and BIG-IQ Cloud and
Orchestration. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and crash the system. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/21/sol21057235.html
URL:support.f5.com/kb/en-us/solutions/public/k/43/sol43552605.html
44.
Vulnerability in Novell Access Governance
(5236850)
[29/02/2016]
Vulnerability was identified in the Novell
Access Governance. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise the system. This vulnerability
affects multiple versions of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=Tft9udlb11s~
45.
Vulnerability in Zimbra
(111036)
[29/02/2016]
Vulnerability was identified in the Zimbra. An
attacker could bypass security restrictions and execute arbitrary code on the
system. This vulnerability affects versions prior to 8.5 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111036
46.
Vulnerabilities in CloudBees Jenkins
(111067, 111068, 111069, 111070, 111071)
[29/02/2016] Vulnerabilities were identified in the CloudBees Jenkins. An
attacker could bypass security restrictions, obtain sensitive information and
execute arbitrary code on the system. These vulnerabilities affect version 1.6
of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111067
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111068
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111069
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111070
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111071
47.
Security Updates in Debian (DSA-3494-1,
DSA-3496-1, DSA-3497-1)
[29/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the cacti, php-horde-core and php-horde packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code and perform cross-site scripting
attacks.
URL:www.debian.org/security/2016/dsa-3494
URL:www.debian.org/security/2016/dsa-3496
URL:www.debian.org/security/2016/dsa-3497
48.
Security Updates in Mageia
(MGASA-2016-0083)
[29/02/2016] Mageia has
released security update packages for fixing the vulnerabilities identified in
the vlc packages for multiple versions of Mageia. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the
system.
URL:advisories.mageia.org/MGASA-2016-0083.html
49.
Security Updates in Slackware
((SSA:2016-057-01))
[29/02/2016] Slackware
has released security update packages for fixing the vulnerability identified in
the libssh packages for multiple versions of Slackware Linux. An attacker could
bypass security restrictions and obtain sensitive
information.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.397927
50.
Security Updates in Ubuntu GNU/Linux
(USN-2908-4, USN-2908-5, USN-2909-2, USN-2910-2)
[29/02/2016] Ubuntu has released security update packages for fixing the
vulnerabilities identified in the linux, linux-lts-wily, linux-lts-utopic and
linux-lts-vivid packages for versions 14.04 LTS and 15.10. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2908-4/
URL:www.ubuntu.com/usn/usn-2908-5/
URL:www.ubuntu.com/usn/usn-2909-2/
URL:www.ubuntu.com/usn/usn-2910-2/
No comments:
Post a Comment