News aggregator

CVE-2016-9578

National Vulnerability Database - Fri, 07/27/2018 - 17:29
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.
Categories: Security News

CVE-2016-9603

National Vulnerability Database - Fri, 07/27/2018 - 17:29
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
Categories: Security News

CVE-2017-15118

National Vulnerability Database - Fri, 07/27/2018 - 17:29
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires TLS, the attacker cannot trigger the buffer overflow without first successfully negotiating TLS.
Categories: Security News

CVE-2016-9577

National Vulnerability Database - Fri, 07/27/2018 - 16:29
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.
Categories: Security News

CVE-2017-15097

National Vulnerability Database - Fri, 07/27/2018 - 16:29
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.
Categories: Security News

CVE-2017-15101

National Vulnerability Database - Fri, 07/27/2018 - 16:29
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution.
Categories: Security News

CVE-2017-2648

National Vulnerability Database - Fri, 07/27/2018 - 16:29
It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks.
Categories: Security News

CVE-2017-2649

National Vulnerability Database - Fri, 07/27/2018 - 16:29
It was found that the Active Directory Plugin for Jenkins up to and including version 2.2 did not verify certificates of the Active Directory server, thereby enabling Man-in-the-Middle attacks.
Categories: Security News

CVE-2017-2650

National Vulnerability Database - Fri, 07/27/2018 - 16:29
It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins.
Categories: Security News

CVE-2017-2652

National Vulnerability Database - Fri, 07/27/2018 - 16:29
It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes.
Categories: Security News

CVE-2017-2663

National Vulnerability Database - Fri, 07/27/2018 - 16:29
It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or launch a privilege escalation attack.
Categories: Security News

CVE-2017-2616

National Vulnerability Database - Fri, 07/27/2018 - 15:29
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Categories: Security News

CVE-2017-2618

National Vulnerability Database - Fri, 07/27/2018 - 15:29
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.
Categories: Security News

CVE-2017-2620

National Vulnerability Database - Fri, 07/27/2018 - 15:29
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
Categories: Security News

CVE-2017-2626

National Vulnerability Database - Fri, 07/27/2018 - 15:29
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list.
Categories: Security News

CVE-2017-2629

National Vulnerability Database - Fri, 07/27/2018 - 15:29
curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none or if the server doesn't support the TLS extension in question. This could lead to users not detecting when a server's certificate goes invalid or otherwise be mislead that the server is in a better shape than it is in reality. This flaw also exists in the command line tool (--cert-status).
Categories: Security News

CVE-2017-2632

National Vulnerability Database - Fri, 07/27/2018 - 15:29
A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. This would allow an attacker with tenant administration access to elevate privileges.
Categories: Security News

CVE-2017-2633

National Vulnerability Database - Fri, 07/27/2018 - 15:29
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user inside a guest could use this flaw to crash the QEMU process.
Categories: Security News

CVE-2017-2634

National Vulnerability Database - Fri, 07/27/2018 - 15:29
It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system.
Categories: Security News

CVE-2017-2646

National Vulnerability Database - Fri, 07/27/2018 - 14:29
It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks.
Categories: Security News

Pages