Feed aggregator

Vuln: Linux Kernel CVE-2017-6214 Remote Denial of Service Vulnerability

Security Focus Latest Security Advisories - July 23, 2017 - 11:00pm
Linux Kernel CVE-2017-6214 Remote Denial of Service Vulnerability
Categories:

Vuln: GNU glibc CVE-2017-1000366 Local Memory Corruption Vulnerability

Security Focus Latest Security Advisories - July 23, 2017 - 11:00pm
GNU glibc CVE-2017-1000366 Local Memory Corruption Vulnerability
Categories:

Vuln: ISC BIND CVE-2017-3142 Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 23, 2017 - 11:00pm
ISC BIND CVE-2017-3142 Security Bypass Vulnerability
Categories:

Vuln: Sudo CVE-2017-1000368 Incomplete Fix Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - July 23, 2017 - 11:00pm
Sudo CVE-2017-1000368 Incomplete Fix Local Privilege Escalation Vulnerability
Categories:

Vuln: ISC BIND CVE-2017-3143 Security Bypass Vulnerability

Security Focus Latest Security Advisories - July 23, 2017 - 11:00pm
ISC BIND CVE-2017-3143 Security Bypass Vulnerability
Categories:

4.13-rc2: mainline

Linux Kernel Updates - July 23, 2017 - 6:15pm
Version:4.13-rc2 (mainline) Released:2017-07-23 Source:linux-4.13-rc2.tar.gz Patch:full (incremental)

[security bulletin] HPESBHF03766 rev.1 - HPE ConvergedSystem 700 Solution with Comware v5 Switches using NTP, Remote Denial of Service (DoS), Unauthorized Modification and Local Denial of Service (DoS)

BugTraq Latest Security Advisories - July 21, 2017 - 1:15am

Posted by security-alert on Jul 20

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03766en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03766en_us
Version: 1

HPESBHF03766 rev.1 - HPE ConvergedSystem 700 Solution with Comware v5
Switches using NTP, Remote Denial of Service (DoS), Unauthorized Modification
and Local Denial of Service (DoS)

NOTICE: The information in...
Categories:

File Upload in Integration Gateway (PSIGW)

BugTraq Latest Security Advisories - July 20, 2017 - 10:58am

Posted by ERPScan inc on Jul 20

1. ADVISORY INFORMATION
Title: File Upload in Integration Gateway (PSIGW)
Advisory ID: [ERPSCAN-17-039]
Advisory URL: https://erpscan.com/advisories/erpscan-17-039-file-upload-integration-gateway-psigw-peoplesoft/
Risk: High
Date published: 18.07.2017
Vendor contacted: Oracle

2. VULNERABILITY INFORMATION
Class: File Upload
Impact: Remote command execution on the server
Remotely Exploitable: Yes
Locally Exploitable: Yes
CVE Name: CVE-2017-10061...
Categories:

Multiple XSS (POST request) Vulnerabilities in TestServlet (PeopleSoft)

BugTraq Latest Security Advisories - July 20, 2017 - 10:46am

Posted by ERPScan inc on Jul 20

1. ADVISORY INFORMATION
Title: Multiple XSS (POST request) Vulnerabilities in TestServlet (PeopleSoft)
Advisory ID: [ERPSCAN-17-037]
Advisory URL: https://erpscan.com/advisories/erpscan-17-037-multiple-xss-vulnerabilities-testservlet-peoplesoft/
Risk: Medium
Date published: 18.07.2017
Vendor contacted: Oracle

2. VULNERABILITY INFORMATION
Class: XSS [CWE-79]
Impact: Modify displayed content from a Web site, steal authentication
information of a...
Categories:

Directory Traversal vulnerability in Integration Gateway (PSIGW)

BugTraq Latest Security Advisories - July 20, 2017 - 10:35am

Posted by ERPScan inc on Jul 20

1. ADVISORY INFORMATION
Title: Directory Traversal vulnerability in Integration Gateway (PSIGW)
Advisory ID: [ERPSCAN-17-038]
Advisory URL: https://erpscan.com/advisories/erpscan-17-038-directory-traversal-vulnerability-integration-gateway-psigw/
Risk: High
Date published: 18.07.2017
Vendor contacted: Oracle

2. VULNERABILITY INFORMATION
Class: Directory Traversal
Impact: Read, delete, rewrite file from the system
Remotely Exploitable: Yes
CVE...
Categories:

APPLE-SA-2017-07-19-7 iCloud for Windows 6.2.2

BugTraq Latest Security Advisories - July 20, 2017 - 2:19am

Posted by Apple Product Security on Jul 20

APPLE-SA-2017-07-19-7 iCloud for Windows 6.2.2

iCloud for Windows 6.2.2 is now available and addresses the
following:

libxml2
Available for: Windows 7 and later
Impact: Parsing a maliciously crafted XML document may lead to
disclosure of user information
Description: An out-of-bounds read was addressed through improved
bounds checking.
CVE-2017-7010: Apple
CVE-2017-7013: found by OSS-Fuzz

WebKit
Available for: Windows 7 and later
Impact:...
Categories:

APPLE-SA-2017-07-19-5 Safari 10.1.2

BugTraq Latest Security Advisories - July 20, 2017 - 2:08am

Posted by Apple Product Security on Jul 20

APPLE-SA-2017-07-19-5 Safari 10.1.2

Safari 10.1.2 is now available and addresses the following:

Safari
Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6,
and macOS Sierra 10.12.6
Impact: Processing maliciously crafted web content may lead to an
infinite number of print dialogs
Description: An issue existed where a malicious or compromised
website could show infinite print dialogs and make users believe
their browser was locked. The...
Categories: