VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-201502-0200 CVE-2015-2050 D-Link DAP-1320 Code Injection Vulnerability CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors. The D-Link DAP-1320 is a wireless network extender from D-Link. A security hole exists in D-Link DAP-1320 Rev Ax. D-Link DAP-1320 is prone to a command-injection vulnerability. Failed exploit attempts will likely result in denial-of-service conditions
VAR-201502-0201 CVE-2015-2051 D-Link DIR-645 Wired/Wireless Router Operating System Command Injection Vulnerability CVSS V2: 10.0
CVSS V3: 8.8
Severity: HIGH
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface. Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. The D-Link DIR-645 is a D-Link router that regulates wireless transmit power. Ax has a security vulnerability. D-Link DIR-645 Router Series are prone to a remote arbitrary command-execution vulnerability
VAR-201502-0228 CVE-2014-6184 plural OS Run on IBM Tivoli Storage Manager Client's dsmtca Vulnerable to stack-based buffer overflow CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
Stack-based buffer overflow in dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2 before 6.2.5.4, and 6.3 before 6.3.2.3 on UNIX, Linux, and OS X allows local users to gain privileges via unspecified vectors. Successful exploits may allow attackers to execute arbitrary code in the context of the application with root privileges. Failed exploits may result in denial-of-service conditions. IBM Tivoli Storage Manager (TSM) is a set of backup and recovery management solutions of IBM Corporation in the United States. The solution supports data protection, space management and archiving, business recovery and disaster recovery, etc. The dsmtca program in the IBM TSM client has a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability to gain privileges. The following versions are affected: IBM TSM versions 5.4 through 5.4.3.6, 5.5 through 5.5.4.3, 6.1 through 6.1.5.6, 6.2.0.0 through 6.2.5.3 on UNIX, Linux and OS X platforms, Version 6.3.0.0 to version 6.3.2.2
VAR-201502-0146 CVE-2015-0618 Network Convergence System 6000 Device and Carrier Routing System X Runs on the device Cisco IOS XR Service disruption in (DoS) Vulnerabilities CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241. Vendors have confirmed this vulnerability Bug ID CSCuq95241 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlA third party could use a malformed IPv6 Service disruption via packets ( Reload line card ) There is a possibility of being put into a state. Cisco IOS XR is prone to a remote denial-of-service vulnerability
VAR-201502-0155 CVE-2015-0631 Cisco Intrusion Prevention System Runs on the device SSL Service disruption in implementations (DoS) Vulnerabilities CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688. Vendors have confirmed this vulnerability Bug ID CSCui25688 It is released as.During the phase of replaying the upgrade key by a third party, HTTPS Service disruption by establishing a connection (DoS) There is a possibility of being put into a state. Cisco Intrusion Prevention System is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCui25688. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors
VAR-201502-0152 CVE-2015-0624 Cisco AsyncOS Web Framework Input Validation Vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639. Vendors have confirmed this vulnerability CSCur44412 , CSCur44415 , CSCur89630 , CSCur89636 , CSCur89633 ,and CSCur89639 It is released as.Skillfully crafted by a third party HTTP A redirect may be triggered via the header. Cisco AsyncOS is a set of operating systems used in these products. Cisco AsyncOS Software is prone to an open-redirection vulnerability because it fails to properly sanitize user-supplied input. An attacker can leverage this issue to conduct phishing attacks; other attacks are possible. This issue is being tracked by Cisco Bug ID's CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639. The following products are affected: ESA, Content SMA, WSA
VAR-201502-0089 CVE-2015-1605 Dell ScriptLogic Asset Manager In SQL Injection vulnerability CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) GetClientPackage.aspx or (2) GetProcessedPackage.aspx. Authentication is not required to exploit this vulnerability.To exploit this security flaw, an attacker would make a specially crafted web request to a handler named GetClientPackage.aspx that is installed as part of this product. An attacker can leverage this vulnerability to execute code under the context of NETWORK SERVICE. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Dell ScriptLogic Asset Manager is a tool developed by Dell for managing software and hardware assets
VAR-201503-0206 CVE-2015-2301 PHP ‘ phar_rename_archive 'Reuse the function after the release of the vulnerability CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file. PHP is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/php-5.4.40-i486-1_slack14.1.txz: Upgraded. This update fixes some security issues. Please note that this package build also moves the configuration files from /etc/httpd to /etc, /etc/php.d, and /etc/php-fpm.d. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.40-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.40-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.40-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.40-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.8-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.8-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: 2666059d6540b1b4385d25dfc5ebbe99 php-5.4.40-i486-1_slack14.0.txz Slackware x86_64 14.0 package: c146f500912ba9c7e5d652e5e3643c04 php-5.4.40-x86_64-1_slack14.0.txz Slackware 14.1 package: 9efc8a96f9a3f3261e5f640292b1b781 php-5.4.40-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 2c95e077f314f1cfa3ee83b9aba90b91 php-5.4.40-x86_64-1_slack14.1.txz Slackware -current package: 30d14f237c71fada0d594c2360a58016 n/php-5.6.8-i486-1.txz Slackware x86_64 -current package: 1a0fcc590aa4dff5de5f08293936d0d9 n/php-5.6.8-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg php-5.4.40-i486-1_slack14.1.txz Then, restart Apache httpd: # /etc/rc.d/rc.httpd stop # /etc/rc.d/rc.httpd start +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 OS X El Capitan 10.11 is now available and addresses the following: Address Book Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to inject arbitrary code to processes loading the Address Book framework Description: An issue existed in Address Book framework's handling of an environment variable. This issue was addressed through improved environment variable handling. CVE-ID CVE-2015-5897 : Dan Bastone of Gotham Digital Science AirScan Available for: Mac OS X v10.6.8 and later Impact: An attacker with a privileged network position may be able to extract payload from eSCL packets sent over a secure connection Description: An issue existed in the processing of eSCL packets. This issue was addressed through improved validation checks. CVE-ID CVE-2015-5853 : an anonymous researcher apache_mod_php Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.27, including one which may have led to remote code execution. This issue was addressed by updating PHP to version 5.5.27. CVE-ID CVE-2014-9425 CVE-2014-9427 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0235 CVE-2015-0273 CVE-2015-1351 CVE-2015-1352 CVE-2015-2301 CVE-2015-2305 CVE-2015-2331 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3329 CVE-2015-3330 Apple Online Store Kit Available for: Mac OS X v10.6.8 and later Impact: A malicious application may gain access to a user's keychain items Description: An issue existed in validation of access control lists for iCloud keychain items. This issue was addressed through improved access control list checks. CVE-ID CVE-2015-5836 : XiaoFeng Wang of Indiana University, Luyi Xing of Indiana University, Tongxin Li of Peking University, Tongxin Li of Peking University, Xiaolong Bai of Tsinghua University AppleEvents Available for: Mac OS X v10.6.8 and later Impact: A user connected through screen sharing can send Apple Events to a local user's session Description: An issue existed with Apple Event filtering that allowed some users to send events to other users. This was addressed by improved Apple Event handling. CVE-ID CVE-2015-5849 : Jack Lawrence (@_jackhl) Audio Available for: Mac OS X v10.6.8 and later Impact: Playing a malicious audio file may lead to an unexpected application termination Description: A memory corruption issue existed in the handling of audio files. This issue issue was addressed through improved memory handling. CVE-ID CVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.: Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea bash Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in bash Description: Multiple vulnerabilities existed in bash versions prior to 3.2 patch level 57. These issues were addressed by updating bash version 3.2 to patch level 57. CVE-ID CVE-2014-6277 CVE-2014-7186 CVE-2014-7187 Certificate Trust Policy Available for: Mac OS X v10.6.8 and later Impact: Update to the certificate trust policy Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/en- us/HT202858. CFNetwork Cookies Available for: Mac OS X v10.6.8 and later Impact: An attacker in a privileged network position can track a user's activity Description: A cross-domain cookie issue existed in the handling of top level domains. The issue was address through improved restrictions of cookie creation. CVE-ID CVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University CFNetwork FTPProtocol Available for: Mac OS X v10.6.8 and later Impact: Malicious FTP servers may be able to cause the client to perform reconnaissance on other hosts Description: An issue existed in the handling of FTP packets when using the PASV command. This issue was resolved through improved validation. CVE-ID CVE-2015-5912 : Amit Klein CFNetwork HTTPProtocol Available for: Mac OS X v10.6.8 and later Impact: A maliciously crafted URL may be able to bypass HSTS and leak sensitive data Description: A URL parsing vulnerability existed in HSTS handling. This issue was addressed through improved URL parsing. CVE-ID CVE-2015-5858 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University CFNetwork HTTPProtocol Available for: Mac OS X v10.6.8 and later Impact: A malicious website may be able to track users in Safari private browsing mode Description: An issue existed in the handling of HSTS state in Safari private browsing mode. This issue was addressed through improved state handling. CVE-ID CVE-2015-5860 : Sam Greenhalgh of RadicalResearch Ltd CFNetwork Proxies Available for: Mac OS X v10.6.8 and later Impact: Connecting to a malicious web proxy may set malicious cookies for a website Description: An issue existed in the handling of proxy connect responses. This issue was addressed by removing the set-cookie header while parsing the connect response. CVE-ID CVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University CFNetwork SSL Available for: Mac OS X v10.6.8 and later Impact: An attacker with a privileged network position may intercept SSL/TLS connections Description: A certificate validation issue existed in NSURL when a certificate changed. This issue was addressed through improved certificate validation. CVE-ID CVE-2015-5824 : Timothy J. Wood of The Omni Group CFNetwork SSL Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of RC4. An attacker could force the use of RC4, even if the server preferred better ciphers, by blocking TLS 1.0 and higher connections until CFNetwork tried SSL 3.0, which only allows RC4. This issue was addressed by removing the fallback to SSL 3.0. CoreCrypto Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to determine a private key Description: By observing many signing or decryption attempts, an attacker may have been able to determine the RSA private key. This issue was addressed using improved encryption algorithms. CoreText Available for: Mac OS X v10.6.8 and later Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team Dev Tools Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in dyld. This was addressed through improved memory handling. CVE-ID CVE-2015-5876 : beist of grayhash Dev Tools Available for: Mac OS X v10.6.8 and later Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : @PanguTeam Disk Images Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in DiskImages. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5847 : Filippo Bigarella, Luca Todesco dyld Available for: Mac OS X v10.6.8 and later Impact: An application may be able to bypass code signing Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5839 : TaiG Jailbreak Team EFI Available for: Mac OS X v10.6.8 and later Impact: A malicious application can prevent some systems from booting Description: An issue existed with the addresses covered by the protected range register. This issue was fixed by changing the protected range. CVE-ID CVE-2015-5900 : Xeno Kovah & Corey Kallenberg from LegbaCore EFI Available for: Mac OS X v10.6.8 and later Impact: A malicious Apple Ethernet Thunderbolt adapter may be able to affect firmware flashing Description: Apple Ethernet Thunderbolt adapters could modify the host firmware if connected during an EFI update. This issue was addressed by not loading option ROMs during updates. CVE-ID CVE-2015-5914 : Trammell Hudson of Two Sigma Investments and snare Finder Available for: Mac OS X v10.6.8 and later Impact: The "Secure Empty Trash" feature may not securely delete files placed in the Trash Description: An issue existed in guaranteeing secure deletion of Trash files on some systems, such as those with flash storage. This issue was addressed by removing the "Secure Empty Trash" option. CVE-ID CVE-2015-5901 : Apple Game Center Available for: Mac OS X v10.6.8 and later Impact: A malicious Game Center application may be able to access a player's email address Description: An issue existed in Game Center in the handling of a player's email. This issue was addressed through improved access restrictions. CVE-ID CVE-2015-5855 : Nasser Alnasser Heimdal Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to replay Kerberos credentials to the SMB server Description: An authentication issue existed in Kerberos credentials. This issue was addressed through additional validation of credentials using a list of recently seen credentials. CVE-ID CVE-2015-5913 : Tarun Chopra of Microsoft Corporation, U.S. and Yu Fan of Microsoft Corporation, China ICU Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in ICU Description: Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1. CVE-ID CVE-2014-8146 CVE-2014-8147 CVE-2015-5922 Install Framework Legacy Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to gain root privileges Description: A restriction issue existed in the Install private framework containing a privileged executable. This issue was addressed by removing the executable. CVE-ID CVE-2015-5888 : Apple Intel Graphics Driver Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in the Intel Graphics Driver. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5830 : Yuki MIZUNO (@mzyy94) CVE-2015-5877 : Camillus Gerard Cai IOAudioFamily Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in IOAudioFamily that led to the disclosure of kernel memory content. This issue was addressed by permuting kernel pointers. CVE-ID CVE-2015-5864 : Luca Todesco IOGraphics Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5871 : Ilja van Sprundel of IOActive CVE-2015-5872 : Ilja van Sprundel of IOActive CVE-2015-5873 : Ilja van Sprundel of IOActive CVE-2015-5890 : Ilja van Sprundel of IOActive IOGraphics Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in IOGraphics which could have led to the disclosure of kernel memory layout. This issue was addressed through improved memory management. CVE-ID CVE-2015-5865 : Luca Todesco IOHIDFamily Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple memory corruption issues existed in IOHIDFamily. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5866 : Apple CVE-2015-5867 : moony li of Trend Micro IOStorageFamily Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to read kernel memory Description: A memory initialization issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5863 : Ilja van Sprundel of IOActive Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues existed in the Kernel. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team CVE-2015-5896 : Maxime Villard of m00nbsd CVE-2015-5903 : CESG Kernel Available for: Mac OS X v10.6.8 and later Impact: A local process can modify other processes without entitlement checks Description: An issue existed where root processes using the processor_set_tasks API were allowed to retrieve the task ports of other processes. This issue was addressed through additional entitlement checks. CVE-ID CVE-2015-5882 : Pedro Vilaca, working from original research by Ming-chieh Pan and Sung-ting Tsai; Jonathan Levin Kernel Available for: Mac OS X v10.6.8 and later Impact: A local attacker may control the value of stack cookies Description: Multiple weaknesses existed in the generation of user space stack cookies. These issues were addressed through improved generation of stack cookies. CVE-ID CVE-2013-3951 : Stefan Esser Kernel Available for: Mac OS X v10.6.8 and later Impact: An attacker may be able to launch denial of service attacks on targeted TCP connections without knowing the correct sequence number Description: An issue existed in xnu's validation of TCP packet headers. This issue was addressed through improved TCP packet header validation. CVE-ID CVE-2015-5879 : Jonathan Looney Kernel Available for: Mac OS X v10.6.8 and later Impact: An attacker in a local LAN segment may disable IPv6 routing Description: An insufficient validation issue existed in the handling of IPv6 router advertisements that allowed an attacker to set the hop limit to an arbitrary value. This issue was addressed by enforcing a minimum hop limit. CVE-ID CVE-2015-5869 : Dennis Spindel Ljungmark Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed that led to the disclosure of kernel memory layout. This was addressed through improved initialization of kernel memory structures. CVE-ID CVE-2015-5842 : beist of grayhash Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in debugging interfaces that led to the disclosure of memory content. This issue was addressed by sanitizing output from debugging interfaces. CVE-ID CVE-2015-5870 : Apple Kernel Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to cause a system denial of service Description: A state management issue existed in debugging functionality. This issue was addressed through improved validation. CVE-ID CVE-2015-5902 : Sergi Alvarez (pancake) of NowSecure Research Team libc Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2014-8611 : Adrian Chadd and Alfred Perlstein of Norse Corporation libpthread Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team libxpc Available for: Mac OS X v10.6.8 and later Impact: Many SSH connections could cause a denial of service Description: launchd had no limit on the number of processes that could be started by a network connection. This issue was addressed by limiting the number of SSH processes to 40. CVE-ID CVE-2015-5881 : Apple Login Window Available for: Mac OS X v10.6.8 and later Impact: The screen lock may not engage after the specified time period Description: An issue existed with captured display locking. The issue was addressed through improved lock handling. CVE-ID CVE-2015-5833 : Carlos Moreira, Rainer Dorau of rainer dorau informationsdesign, Chris Nehren, Kai Takac, Hans Douma, Toni Vaahtera, and an anonymous researcher lukemftpd Available for: Mac OS X v10.6.8 and later Impact: A remote attacker may be able to deny service to the FTP server Description: A glob-processing issue existed in tnftpd. This issue was addressed through improved glob validation. CVE-ID CVE-2015-5917 : Maksymilian Arciemowicz of cxsecurity.com Mail Available for: Mac OS X v10.6.8 and later Impact: Printing an email may leak sensitive user information Description: An issue existed in Mail which bypassed user preferences when printing an email. This issue was addressed through improved user preference enforcement. CVE-ID CVE-2015-5881 : Owen DeLong of Akamai Technologies, Noritaka Kamiya, Dennis Klein from Eschenburg, Germany, Jeff Hammett of Systim Technology Partners Mail Available for: Mac OS X v10.6.8 and later Impact: An attacker in a privileged network position may be able to intercept attachments of S/MIME-encrypted e-mail sent via Mail Drop Description: An issue existed in handling encryption parameters for large email attachments sent via Mail Drop. The issue is addressed by no longer offering Mail Drop when sending an encrypted e-mail. CVE-ID CVE-2015-5884 : John McCombs of Integrated Mapping Ltd Multipeer Connectivity Available for: Mac OS X v10.6.8 and later Impact: A local attacker may be able to observe unprotected multipeer data Description: An issue existed in convenience initializer handling in which encryption could be actively downgraded to a non-encrypted session. This issue was addressed by changing the convenience initializer to require encryption. CVE-ID CVE-2015-5851 : Alban Diquet (@nabla_c0d3) of Data Theorem NetworkExtension Available for: Mac OS X v10.6.8 and later Impact: A malicious application may be able to determine kernel memory layout Description: An uninitialized memory issue in the kernel led to the disclosure of kernel memory content. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-5831 : Maxime Villard of m00nbsd Notes Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to leak sensitive user information Description: An issue existed in parsing links in the Notes application. This issue was addressed through improved input validation. CVE-ID CVE-2015-5878 : Craig Young of Tripwire VERT, an anonymous researcher Notes Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to leak sensitive user information Description: A cross-site scripting issue existed in parsing text by the Notes application. This issue was addressed through improved input validation. CVE-ID CVE-2015-5875 : xisigr of Tencent's Xuanwu LAB (www.tencent.com) OpenSSH Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in OpenSSH Description: Multiple vulnerabilities existed in OpenSSH versions prior to 6.9. These issues were addressed by updating OpenSSH to version 6.9. CVE-ID CVE-2014-2532 OpenSSL Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg. CVE-ID CVE-2015-0286 CVE-2015-0287 procmail Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in procmail Description: Multiple vulnerabilities existed in procmail versions prior to 3.22. These issues were addressed by removing procmail. CVE-ID CVE-2014-3618 remote_cmds Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with root privileges Description: An issue existed in the usage of environment variables by the rsh binary. This issue was addressed by dropping setuid privileges from the rsh binary. CVE-ID CVE-2015-5889 : Philip Pettersson removefile Available for: Mac OS X v10.6.8 and later Impact: Processing malicious data may lead to unexpected application termination Description: An overflow fault existed in the checkint division routines. This issue was addressed with improved division routines. CVE-ID CVE-2015-5840 : an anonymous researcher Ruby Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in Ruby Description: Multiple vulnerabilities existed in Ruby versions prior to 2.0.0p645. These were addressed by updating Ruby to version 2.0.0p645. CVE-ID CVE-2014-8080 CVE-2014-8090 CVE-2015-1855 Security Available for: Mac OS X v10.6.8 and later Impact: The lock state of the keychain may be incorrectly displayed to the user Description: A state management issue existed in the way keychain lock status was tracked. This issue was addressed through improved state management. CVE-ID CVE-2015-5915 : Peter Walz of University of Minnesota, David Ephron, Eric E. Lawrence, Apple Security Available for: Mac OS X v10.6.8 and later Impact: A trust evaluation configured to require revocation checking may succeed even if revocation checking fails Description: The kSecRevocationRequirePositiveResponse flag was specified but not implemented. This issue was addressed by implementing the flag. CVE-ID CVE-2015-5894 : Hannes Oud of kWallet GmbH Security Available for: Mac OS X v10.6.8 and later Impact: A remote server may prompt for a certificate before identifying itself Description: Secure Transport accepted the CertificateRequest message before the ServerKeyExchange message. This issue was addressed by requiring the ServerKeyExchange first. CVE-ID CVE-2015-5887 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of INRIA Paris-Rocquencourt, and Cedric Fournet and Markulf Kohlweiss of Microsoft Research, Pierre-Yves Strub of IMDEA Software Institute SMB Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5891 : Ilja van Sprundel of IOActive SMB Available for: Mac OS X v10.6.8 and later Impact: A local user may be able to determine kernel memory layout Description: An issue existed in SMBClient that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5893 : Ilja van Sprundel of IOActive SQLite Available for: Mac OS X v10.6.8 and later Impact: Multiple vulnerabilities in SQLite v3.8.5 Description: Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2. CVE-ID CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 Telephony Available for: Mac OS X v10.6.8 and later Impact: A local attacker can place phone calls without the user's knowledge when using Continuity Description: An issue existed in the authorization checks for placing phone calls. This issue was addressed through improved authorization checks. CVE-ID CVE-2015-3785 : Dan Bastone of Gotham Digital Science Terminal Available for: Mac OS X v10.6.8 and later Impact: Maliciously crafted text could mislead the user in Terminal Description: Terminal did not handle bidirectional override characters in the same way when displaying text and when selecting text. This issue was addressed by suppressing bidirectional override characters in Terminal. CVE-ID CVE-2015-5883 : an anonymous researcher tidy Available for: Mac OS X v10.6.8 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in tidy. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5522 : Fernando Munoz of NULLGroup.com CVE-2015-5523 : Fernando Munoz of NULLGroup.com Time Machine Available for: Mac OS X v10.6.8 and later Impact: A local attacker may gain access to keychain items Description: An issue existed in backups by the Time Machine framework. This issue was addressed through improved coverage of Time Machine backups. CVE-ID CVE-2015-5854 : Jonas Magazinius of Assured AB Note: OS X El Capitan 10.11 includes the security content of Safari 9: https://support.apple.com/kb/HT205265. OS X El Capitan 10.11 may be obtained from the Mac App Store: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWDB2wAAoJEBcWfLTuOo7t0sYP/2L3JOGPkHH8XUh2YHpu5qaw S5F2v+SRpWleKQBVsGZ7oA8PV0rBTzEkzt8K1tNxYmxEqL9f/TpRiGoforn89thO /hOtmVOfUcBjPZ4XKwMVzycfSMC9o6LxWTLEKDVylE+F+5jkXafOC9QaqD11dxX6 QhENkpS1BwrKhyaSVxEcgBQtZM9aTsVdZ78rTCb9XTn6gDnvs8NfIQquFOnaQT54 YJ36e5UcUsnyBIol+yGDbC3ZEhzSVIGE5/8/NFlFfRXLgnJArxD8lqz8WdfU9fop hpT/dDqqAdYbRcW1ihcG1haiNHgP9yQCY5jRNfttb+Tc/kIi/QmPkEO0QS8Ygt/O c3sUbNulr1LCinymFVwx16CM1DplGS/GmBL18BAEBnL6yi9tEhYDynZWLSEa37VR 8q802rXRSF10Wct9/kEeR4HgY/1k0KK/4Uddm3c0YyOU21ya7NAhoHGwmDa9g11r N1TniOK8tPiCGjRNOJwuF6DKxD9L3Fv44bVlxAarGUGYkICqzaNS+bgKI1aQNahT fJ91x5uKD4+L9v9c5slkoDIvWqIhO9oyuxgnmC5GstkwFplFXSOklLkTktjLGNn1 nJq8cPnZ/3E1RXTEwVhGljYw5pdZHNx98XmLomGrPqVlZfjGURK+5AXdf2pOlt2e g6jld/w5tPuCFhGucE7Z =XciV -----END PGP SIGNATURE----- . NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (CVE-2015-0231). An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is embedded in PHP, processed certain ZIP archives. It was discovered that the PHP PostgreSQL database extension incorrectly handled certain pointers. The libzip packages has been patched to address the CVE-2015-2331 flaw. Additionally the php-xdebug package has been upgraded to the latest 2.3.2 and the PECL packages which requires so has been rebuilt for php-5.5.23. The verification of md5 checksums and GPG signatures is performed automatically for you. ============================================================================ Ubuntu Security Notice USN-2535-1 March 18, 2015 php5 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Several security issues were fixed in PHP. (CVE-2014-8117) S. (CVE-2015-2301) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.3 php5-cgi 5.5.12+dfsg-2ubuntu4.3 php5-cli 5.5.12+dfsg-2ubuntu4.3 php5-enchant 5.5.12+dfsg-2ubuntu4.3 php5-fpm 5.5.12+dfsg-2ubuntu4.3 Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.7 php5-cgi 5.5.9+dfsg-1ubuntu4.7 php5-cli 5.5.9+dfsg-1ubuntu4.7 php5-enchant 5.5.9+dfsg-1ubuntu4.7 php5-fpm 5.5.9+dfsg-1ubuntu4.7 Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.17 php5-cgi 5.3.10-1ubuntu3.17 php5-cli 5.3.10-1ubuntu3.17 php5-enchant 5.3.10-1ubuntu3.17 php5-fpm 5.3.10-1ubuntu3.17 Ubuntu 10.04 LTS: libapache2-mod-php5 5.3.2-1ubuntu4.29 php5-cgi 5.3.2-1ubuntu4.29 php5-cli 5.3.2-1ubuntu4.29 php5-enchant 5.3.2-1ubuntu4.29 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: php55 security and bug fix update Advisory ID: RHSA-2015:1053-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1053.html Issue date: 2015-06-04 CVE Names: CVE-2014-8142 CVE-2014-9427 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-1351 CVE-2015-1352 CVE-2015-2301 CVE-2015-2305 CVE-2015-2348 CVE-2015-2787 CVE-2015-4147 CVE-2015-4148 ===================================================================== 1. Summary: Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to upstream version 5.5.21, which provides multiple bug fixes over the version shipped in Red Hat Software Collections 1. (BZ#1057089) The following security issues were fixed in the php55-php component: An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2015-0232) Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273, CVE-2015-2787, CVE-2015-4147, CVE-2015-4148) A heap buffer overflow flaw was found in the enchant_broker_request_dict() function of PHP's enchant extension. An attacker able to make a PHP application enchant dictionaries could possibly cause it to crash. (CVE-2014-9705) A heap buffer overflow flaw was found in PHP's regular expression extension. An attacker able to make PHP process a specially crafted regular expression pattern could cause it to crash and possibly execute arbitrary code. (CVE-2015-2305) A buffer over-read flaw was found in the GD library used by the PHP gd extension. A specially crafted GIF file could cause a PHP application using the imagecreatefromgif() function to crash. (CVE-2014-9709) A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of a portion of the server memory. (CVE-2015-1351) A use-after-free flaw was found in PHP's phar (PHP Archive) extension. An attacker able to trigger certain error condition in phar archive processing could possibly use this flaw to disclose certain portions of server memory. (CVE-2015-2301) An ouf-of-bounds read flaw was found in the way the File Information (fileinfo) extension processed certain Pascal strings. A remote attacker could cause a PHP application to crash if it used fileinfo to identify the type of the attacker-supplied file. (CVE-2014-9652) It was found that PHP move_uploaded_file() function did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2015-2348) A NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to a function such as pg_insert() or pg_select() could cause a PHP application to crash. (CVE-2015-1352) A flaw was found in the way PHP handled malformed source files when running in CGI mode. A specially crafted PHP file could cause PHP CGI to crash. (CVE-2014-9427) All php55 users are advised to upgrade to these updated packages, which correct these issues. After installing the updated packages, the httpd24-httpd service must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1132446 - php55-php-fpm misinterpreting error_log=syslog 1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize() 1178736 - CVE-2014-9427 php: out of bounds read when parsing a crafted .php file 1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142) 1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c 1185900 - CVE-2015-1351 php: use after free in opcache extension 1185904 - CVE-2015-1352 php: NULL pointer dereference in pgsql extension 1188599 - CVE-2014-9652 file: out of bounds read in mconvert() 1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c 1191049 - CVE-2015-2305 regex: heap overflow in regcomp() on 32-bit architectures 1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone 1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict() 1194747 - CVE-2015-2301 php: use after free in phar_object.c 1204868 - CVE-2015-4147 php: SoapClient's __call() type confusion through unserialize() 1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re 1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name 1226916 - CVE-2015-4148 php: SoapClient's do_soap_call() type confusion after unserialize() 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: php55-2.0-1.el6.src.rpm php55-php-5.5.21-2.el6.src.rpm x86_64: php55-2.0-1.el6.x86_64.rpm php55-php-5.5.21-2.el6.x86_64.rpm php55-php-bcmath-5.5.21-2.el6.x86_64.rpm php55-php-cli-5.5.21-2.el6.x86_64.rpm php55-php-common-5.5.21-2.el6.x86_64.rpm php55-php-dba-5.5.21-2.el6.x86_64.rpm php55-php-debuginfo-5.5.21-2.el6.x86_64.rpm php55-php-devel-5.5.21-2.el6.x86_64.rpm php55-php-enchant-5.5.21-2.el6.x86_64.rpm php55-php-fpm-5.5.21-2.el6.x86_64.rpm php55-php-gd-5.5.21-2.el6.x86_64.rpm php55-php-gmp-5.5.21-2.el6.x86_64.rpm php55-php-imap-5.5.21-2.el6.x86_64.rpm php55-php-intl-5.5.21-2.el6.x86_64.rpm php55-php-ldap-5.5.21-2.el6.x86_64.rpm php55-php-mbstring-5.5.21-2.el6.x86_64.rpm php55-php-mysqlnd-5.5.21-2.el6.x86_64.rpm php55-php-odbc-5.5.21-2.el6.x86_64.rpm php55-php-opcache-5.5.21-2.el6.x86_64.rpm php55-php-pdo-5.5.21-2.el6.x86_64.rpm php55-php-pgsql-5.5.21-2.el6.x86_64.rpm php55-php-process-5.5.21-2.el6.x86_64.rpm php55-php-pspell-5.5.21-2.el6.x86_64.rpm php55-php-recode-5.5.21-2.el6.x86_64.rpm php55-php-snmp-5.5.21-2.el6.x86_64.rpm php55-php-soap-5.5.21-2.el6.x86_64.rpm php55-php-tidy-5.5.21-2.el6.x86_64.rpm php55-php-xml-5.5.21-2.el6.x86_64.rpm php55-php-xmlrpc-5.5.21-2.el6.x86_64.rpm php55-runtime-2.0-1.el6.x86_64.rpm php55-scldevel-2.0-1.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5): Source: php55-2.0-1.el6.src.rpm php55-php-5.5.21-2.el6.src.rpm x86_64: php55-2.0-1.el6.x86_64.rpm php55-php-5.5.21-2.el6.x86_64.rpm php55-php-bcmath-5.5.21-2.el6.x86_64.rpm php55-php-cli-5.5.21-2.el6.x86_64.rpm php55-php-common-5.5.21-2.el6.x86_64.rpm php55-php-dba-5.5.21-2.el6.x86_64.rpm php55-php-debuginfo-5.5.21-2.el6.x86_64.rpm php55-php-devel-5.5.21-2.el6.x86_64.rpm php55-php-enchant-5.5.21-2.el6.x86_64.rpm php55-php-fpm-5.5.21-2.el6.x86_64.rpm php55-php-gd-5.5.21-2.el6.x86_64.rpm php55-php-gmp-5.5.21-2.el6.x86_64.rpm php55-php-imap-5.5.21-2.el6.x86_64.rpm php55-php-intl-5.5.21-2.el6.x86_64.rpm php55-php-ldap-5.5.21-2.el6.x86_64.rpm php55-php-mbstring-5.5.21-2.el6.x86_64.rpm php55-php-mysqlnd-5.5.21-2.el6.x86_64.rpm php55-php-odbc-5.5.21-2.el6.x86_64.rpm php55-php-opcache-5.5.21-2.el6.x86_64.rpm php55-php-pdo-5.5.21-2.el6.x86_64.rpm php55-php-pgsql-5.5.21-2.el6.x86_64.rpm php55-php-process-5.5.21-2.el6.x86_64.rpm php55-php-pspell-5.5.21-2.el6.x86_64.rpm php55-php-recode-5.5.21-2.el6.x86_64.rpm php55-php-snmp-5.5.21-2.el6.x86_64.rpm php55-php-soap-5.5.21-2.el6.x86_64.rpm php55-php-tidy-5.5.21-2.el6.x86_64.rpm php55-php-xml-5.5.21-2.el6.x86_64.rpm php55-php-xmlrpc-5.5.21-2.el6.x86_64.rpm php55-runtime-2.0-1.el6.x86_64.rpm php55-scldevel-2.0-1.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: php55-2.0-1.el6.src.rpm php55-php-5.5.21-2.el6.src.rpm x86_64: php55-2.0-1.el6.x86_64.rpm php55-php-5.5.21-2.el6.x86_64.rpm php55-php-bcmath-5.5.21-2.el6.x86_64.rpm php55-php-cli-5.5.21-2.el6.x86_64.rpm php55-php-common-5.5.21-2.el6.x86_64.rpm php55-php-dba-5.5.21-2.el6.x86_64.rpm php55-php-debuginfo-5.5.21-2.el6.x86_64.rpm php55-php-devel-5.5.21-2.el6.x86_64.rpm php55-php-enchant-5.5.21-2.el6.x86_64.rpm php55-php-fpm-5.5.21-2.el6.x86_64.rpm php55-php-gd-5.5.21-2.el6.x86_64.rpm php55-php-gmp-5.5.21-2.el6.x86_64.rpm php55-php-imap-5.5.21-2.el6.x86_64.rpm php55-php-intl-5.5.21-2.el6.x86_64.rpm php55-php-ldap-5.5.21-2.el6.x86_64.rpm php55-php-mbstring-5.5.21-2.el6.x86_64.rpm php55-php-mysqlnd-5.5.21-2.el6.x86_64.rpm php55-php-odbc-5.5.21-2.el6.x86_64.rpm php55-php-opcache-5.5.21-2.el6.x86_64.rpm php55-php-pdo-5.5.21-2.el6.x86_64.rpm php55-php-pgsql-5.5.21-2.el6.x86_64.rpm php55-php-process-5.5.21-2.el6.x86_64.rpm php55-php-pspell-5.5.21-2.el6.x86_64.rpm php55-php-recode-5.5.21-2.el6.x86_64.rpm php55-php-snmp-5.5.21-2.el6.x86_64.rpm php55-php-soap-5.5.21-2.el6.x86_64.rpm php55-php-tidy-5.5.21-2.el6.x86_64.rpm php55-php-xml-5.5.21-2.el6.x86_64.rpm php55-php-xmlrpc-5.5.21-2.el6.x86_64.rpm php55-runtime-2.0-1.el6.x86_64.rpm php55-scldevel-2.0-1.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: php55-2.0-1.el6.src.rpm php55-php-5.5.21-2.el6.src.rpm x86_64: php55-2.0-1.el6.x86_64.rpm php55-php-5.5.21-2.el6.x86_64.rpm php55-php-bcmath-5.5.21-2.el6.x86_64.rpm php55-php-cli-5.5.21-2.el6.x86_64.rpm php55-php-common-5.5.21-2.el6.x86_64.rpm php55-php-dba-5.5.21-2.el6.x86_64.rpm php55-php-debuginfo-5.5.21-2.el6.x86_64.rpm php55-php-devel-5.5.21-2.el6.x86_64.rpm php55-php-enchant-5.5.21-2.el6.x86_64.rpm php55-php-fpm-5.5.21-2.el6.x86_64.rpm php55-php-gd-5.5.21-2.el6.x86_64.rpm php55-php-gmp-5.5.21-2.el6.x86_64.rpm php55-php-imap-5.5.21-2.el6.x86_64.rpm php55-php-intl-5.5.21-2.el6.x86_64.rpm php55-php-ldap-5.5.21-2.el6.x86_64.rpm php55-php-mbstring-5.5.21-2.el6.x86_64.rpm php55-php-mysqlnd-5.5.21-2.el6.x86_64.rpm php55-php-odbc-5.5.21-2.el6.x86_64.rpm php55-php-opcache-5.5.21-2.el6.x86_64.rpm php55-php-pdo-5.5.21-2.el6.x86_64.rpm php55-php-pgsql-5.5.21-2.el6.x86_64.rpm php55-php-process-5.5.21-2.el6.x86_64.rpm php55-php-pspell-5.5.21-2.el6.x86_64.rpm php55-php-recode-5.5.21-2.el6.x86_64.rpm php55-php-snmp-5.5.21-2.el6.x86_64.rpm php55-php-soap-5.5.21-2.el6.x86_64.rpm php55-php-tidy-5.5.21-2.el6.x86_64.rpm php55-php-xml-5.5.21-2.el6.x86_64.rpm php55-php-xmlrpc-5.5.21-2.el6.x86_64.rpm php55-runtime-2.0-1.el6.x86_64.rpm php55-scldevel-2.0-1.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: php55-2.0-1.el7.src.rpm php55-php-5.5.21-2.el7.src.rpm x86_64: php55-2.0-1.el7.x86_64.rpm php55-php-5.5.21-2.el7.x86_64.rpm php55-php-bcmath-5.5.21-2.el7.x86_64.rpm php55-php-cli-5.5.21-2.el7.x86_64.rpm php55-php-common-5.5.21-2.el7.x86_64.rpm php55-php-dba-5.5.21-2.el7.x86_64.rpm php55-php-debuginfo-5.5.21-2.el7.x86_64.rpm php55-php-devel-5.5.21-2.el7.x86_64.rpm php55-php-enchant-5.5.21-2.el7.x86_64.rpm php55-php-fpm-5.5.21-2.el7.x86_64.rpm php55-php-gd-5.5.21-2.el7.x86_64.rpm php55-php-gmp-5.5.21-2.el7.x86_64.rpm php55-php-intl-5.5.21-2.el7.x86_64.rpm php55-php-ldap-5.5.21-2.el7.x86_64.rpm php55-php-mbstring-5.5.21-2.el7.x86_64.rpm php55-php-mysqlnd-5.5.21-2.el7.x86_64.rpm php55-php-odbc-5.5.21-2.el7.x86_64.rpm php55-php-opcache-5.5.21-2.el7.x86_64.rpm php55-php-pdo-5.5.21-2.el7.x86_64.rpm php55-php-pgsql-5.5.21-2.el7.x86_64.rpm php55-php-process-5.5.21-2.el7.x86_64.rpm php55-php-pspell-5.5.21-2.el7.x86_64.rpm php55-php-recode-5.5.21-2.el7.x86_64.rpm php55-php-snmp-5.5.21-2.el7.x86_64.rpm php55-php-soap-5.5.21-2.el7.x86_64.rpm php55-php-xml-5.5.21-2.el7.x86_64.rpm php55-php-xmlrpc-5.5.21-2.el7.x86_64.rpm php55-runtime-2.0-1.el7.x86_64.rpm php55-scldevel-2.0-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: php55-2.0-1.el7.src.rpm php55-php-5.5.21-2.el7.src.rpm x86_64: php55-2.0-1.el7.x86_64.rpm php55-php-5.5.21-2.el7.x86_64.rpm php55-php-bcmath-5.5.21-2.el7.x86_64.rpm php55-php-cli-5.5.21-2.el7.x86_64.rpm php55-php-common-5.5.21-2.el7.x86_64.rpm php55-php-dba-5.5.21-2.el7.x86_64.rpm php55-php-debuginfo-5.5.21-2.el7.x86_64.rpm php55-php-devel-5.5.21-2.el7.x86_64.rpm php55-php-enchant-5.5.21-2.el7.x86_64.rpm php55-php-fpm-5.5.21-2.el7.x86_64.rpm php55-php-gd-5.5.21-2.el7.x86_64.rpm php55-php-gmp-5.5.21-2.el7.x86_64.rpm php55-php-intl-5.5.21-2.el7.x86_64.rpm php55-php-ldap-5.5.21-2.el7.x86_64.rpm php55-php-mbstring-5.5.21-2.el7.x86_64.rpm php55-php-mysqlnd-5.5.21-2.el7.x86_64.rpm php55-php-odbc-5.5.21-2.el7.x86_64.rpm php55-php-opcache-5.5.21-2.el7.x86_64.rpm php55-php-pdo-5.5.21-2.el7.x86_64.rpm php55-php-pgsql-5.5.21-2.el7.x86_64.rpm php55-php-process-5.5.21-2.el7.x86_64.rpm php55-php-pspell-5.5.21-2.el7.x86_64.rpm php55-php-recode-5.5.21-2.el7.x86_64.rpm php55-php-snmp-5.5.21-2.el7.x86_64.rpm php55-php-soap-5.5.21-2.el7.x86_64.rpm php55-php-xml-5.5.21-2.el7.x86_64.rpm php55-php-xmlrpc-5.5.21-2.el7.x86_64.rpm php55-runtime-2.0-1.el7.x86_64.rpm php55-scldevel-2.0-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8142 https://access.redhat.com/security/cve/CVE-2014-9427 https://access.redhat.com/security/cve/CVE-2014-9652 https://access.redhat.com/security/cve/CVE-2014-9705 https://access.redhat.com/security/cve/CVE-2014-9709 https://access.redhat.com/security/cve/CVE-2015-0231 https://access.redhat.com/security/cve/CVE-2015-0232 https://access.redhat.com/security/cve/CVE-2015-0273 https://access.redhat.com/security/cve/CVE-2015-1351 https://access.redhat.com/security/cve/CVE-2015-1352 https://access.redhat.com/security/cve/CVE-2015-2301 https://access.redhat.com/security/cve/CVE-2015-2305 https://access.redhat.com/security/cve/CVE-2015-2348 https://access.redhat.com/security/cve/CVE-2015-2787 https://access.redhat.com/security/cve/CVE-2015-4147 https://access.redhat.com/security/cve/CVE-2015-4148 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVcBWDXlSAg2UNWIIRAnzoAJ9qn4wDNXMD8JU1N7k7nEzKlPpGDwCgi0Si MD3ZncY/P8Pl6+DgQxJQCjo= =MxfY -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
VAR-201504-0031 CVE-2015-1601 Siemens SIMATIC STEP 7 TIA Portal Man-in-the-middle attack information disclosure vulnerability CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlMan-in-the-middle attacks (man-in-the-middle attack) May obtain important information or change the data sent. Siemens SIMATIC is an automation software in a single engineering environment. The software provides PLC programming, design option packages, advanced drive technology and more
VAR-201504-0032 CVE-2015-1602 Siemens SIMATIC STEP 7 TIA Portal Password Hash Algorithm Security Vulnerability CVSS V2: 2.1
CVSS V3: -
Severity: LOW
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files. (1) Protection level password, or (2) Web Server password may be specified. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC STEP 7 TIA Portal is prone to a security weakness due to insecure password-hash algorithm. Local attackers can exploit this issue to perform brute-force attacks and obtain user passwords which may aid in further attacks. Versions prior to Siemens SIMATIC STEP 7 TIA Portal V13 SP1 Upd1 are vulnerable. The software provides PLC programming, design option packages, advanced drive technology and more. A local attacker can exploit this vulnerability by reading a file to determine the plaintext protection-level or web-server password
VAR-201502-0120 CVE-2015-0584 Cisco Desktop Collaboration Experience DX650 Endpoint image-upgrade Any in the implementation of OS Command execution vulnerability CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk Experience or DX) DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947. Vendors have confirmed this vulnerability Bug ID CSCus38947 It is released as.By the local user via any unspecified parameters OS The command may be executed. The basic system is Android. The Cisco Desktop Collaboration Experience DX650 has a command injection vulnerability that allows an attacker to exploit a vulnerability to inject shell commands and execute it because the image update feature does not adequately filter input during the upgrade. Successfully exploiting this issue may allow an attacker to execute arbitrary commands in context of the affected application. This issue is being tracked by Cisco bug ID CSCus38947
VAR-201502-0154 CVE-2015-0628 Cisco Web Security Vulnerability that bypasses proxy restrictions in the proxy engine of appliance devices CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
The proxy engine on Cisco Web Security Appliance (WSA) devices allows remote attackers to bypass intended proxying restrictions via a malformed HTTP method, aka Bug ID CSCus79174. The Cisco Web Security Appliance is a secure Web gateway that integrates malware protection, application visualization control, policy control, and more on a single platform. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCus79174. The vulnerability is caused by the program not properly handling malformed HTTP methods
VAR-201502-0063 CVE-2015-1515 SoftSphere DefenseWall Personal Firewall of dwall.sys Vulnerability to write data to arbitrary memory area in driver CVSS V2: 7.2
CVSS V3: -
Severity: HIGH
The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x00222004, 0x00222008, 0x0022200c, or 0x00222010 IOCTL call. SoftSphere DefenseWall Personal Firewall is prone to a local privilege-escalation. SoftSphere DefenseWall Personal Firewall 3.24 is vulnerable; other versions may also be affected
VAR-201502-0355 CVE-2015-0331 Adobe Flash Player Vulnerable to arbitrary code execution CVSS V2: 10.0
CVSS V3: -
Severity: HIGH
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322. This vulnerability CVE-2015-0313 , CVE-2015-0315 , CVE-2015-0320 ,and CVE-2015-0322 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of an invalid m3u8 playlist. By manipulating this playlist an attacker can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers
VAR-201502-0150 CVE-2015-0622 Cisco Wireless LAN Controller Run on device Wireless Intrusion Detection Service disruption in functionality (DoS) Vulnerabilities CVSS V2: 7.1
CVSS V3: -
Severity: HIGH
The Wireless Intrusion Detection (aka WIDS) functionality on Cisco Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device outage) via crafted packets that are improperly handled during rendering of the Signature Events Summary page, aka Bug ID CSCus46861. Attackers can exploit this issue to restart the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCus46861
VAR-201502-0151 CVE-2015-0623 Cisco Web Security The appliance Run on device Administrator Report page cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627. Vendors have confirmed this vulnerability Bug ID CSCus40627 It is released as.By any third party Web Script or HTML May be inserted. The Cisco Web Security Appliance is a secure Web gateway that integrates malware protection, application visualization control, policy control, and more on a single platform. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCus40627
VAR-201502-0153 CVE-2015-0626 Cisco Hosted Collaboration Solution of SOAP Vulnerabilities that gain access rights in the interface CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
The SOAP interface in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to obtain access to system-management tools via crafted Challenge SOAP calls, aka Bug ID CSCuc38114. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. This issue is being tracked by Cisco bug ID CSCuc38114. The solution includes products such as Cisco TelePresence, Customer Collaboration (Contact Center) and Unified Communications to support customers to use collaboration technology in public cloud, private cloud and hybrid cloud models
VAR-201502-0366 CVE-2015-1349 ISC BIND 9 Service operation interruption (DoS) Vulnerabilities CVSS V2: 5.4
CVSS V3: -
Severity: MEDIUM
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. ISC BIND 9 Under certain conditions in the management of trust anchors named Service termination (DoS) Vulnerabilities exist. ISC The advisory states that: CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash https://kb.isc.org/article/AA-01235/ "BIND servers which are configured to perform DNSSEC validation and which are using managed-keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may terminate with an assertion failure when encountering all of the following conditions in a managed trust anchor: *a key which was previously trusted is now flagged as revoked; *there are no other trusted keys available; *there is a standby key, but it is not trusted yet This situation results in termination of the named process and denial of service to clients, and can occur in two circumstances: *during an improperly-managed key rollover for one of the managed trust anchors (e.g., during a botched root key rollover), or *when deliberately triggered by an attacker, under specific and limited circumstances. ISC has demonstrated a proof-of-concept of this attack; however, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted"Service disruption by a remote third party (DoS) There is a possibility of being attacked. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: bind security update Advisory ID: RHSA-2015:0672-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0672.html Issue date: 2015-03-10 CVE Names: CVE-2015-1349 ===================================================================== 1. Summary: Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled trust anchor management. (CVE-2015-1349) Red Hat would like to thank ISC for reporting this issue. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm ppc64: bind-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm s390x: bind-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.s390x.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm ppc64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.s390x.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: bind-9.8.2-0.30.rc1.el6_6.2.src.rpm i386: bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.2.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm ppc64: bind-9.9.4-18.el7_1.1.ppc64.rpm bind-chroot-9.9.4-18.el7_1.1.ppc64.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-9.9.4-18.el7_1.1.ppc.rpm bind-libs-9.9.4-18.el7_1.1.ppc64.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc.rpm bind-libs-lite-9.9.4-18.el7_1.1.ppc64.rpm bind-utils-9.9.4-18.el7_1.1.ppc64.rpm s390x: bind-9.9.4-18.el7_1.1.s390x.rpm bind-chroot-9.9.4-18.el7_1.1.s390x.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-libs-9.9.4-18.el7_1.1.s390.rpm bind-libs-9.9.4-18.el7_1.1.s390x.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390.rpm bind-libs-lite-9.9.4-18.el7_1.1.s390x.rpm bind-utils-9.9.4-18.el7_1.1.s390x.rpm x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.9.4-18.ael7b_1.1.src.rpm noarch: bind-license-9.9.4-18.ael7b_1.1.noarch.rpm ppc64le: bind-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-libs-lite-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-utils-9.9.4-18.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bind-debuginfo-9.9.4-18.el7_1.1.ppc.rpm bind-debuginfo-9.9.4-18.el7_1.1.ppc64.rpm bind-devel-9.9.4-18.el7_1.1.ppc.rpm bind-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc.rpm bind-lite-devel-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-9.9.4-18.el7_1.1.ppc64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.ppc64.rpm s390x: bind-debuginfo-9.9.4-18.el7_1.1.s390.rpm bind-debuginfo-9.9.4-18.el7_1.1.s390x.rpm bind-devel-9.9.4-18.el7_1.1.s390.rpm bind-devel-9.9.4-18.el7_1.1.s390x.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390.rpm bind-lite-devel-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-9.9.4-18.el7_1.1.s390x.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.s390x.rpm x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64le: bind-debuginfo-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-lite-devel-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-9.9.4-18.ael7b_1.1.ppc64le.rpm bind-sdb-chroot-9.9.4-18.ael7b_1.1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: bind-9.9.4-18.el7_1.1.src.rpm noarch: bind-license-9.9.4-18.el7_1.1.noarch.rpm x86_64: bind-9.9.4-18.el7_1.1.x86_64.rpm bind-chroot-9.9.4-18.el7_1.1.x86_64.rpm bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-9.9.4-18.el7_1.1.i686.rpm bind-libs-9.9.4-18.el7_1.1.x86_64.rpm bind-libs-lite-9.9.4-18.el7_1.1.i686.rpm bind-libs-lite-9.9.4-18.el7_1.1.x86_64.rpm bind-utils-9.9.4-18.el7_1.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bind-debuginfo-9.9.4-18.el7_1.1.i686.rpm bind-debuginfo-9.9.4-18.el7_1.1.x86_64.rpm bind-devel-9.9.4-18.el7_1.1.i686.rpm bind-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-lite-devel-9.9.4-18.el7_1.1.i686.rpm bind-lite-devel-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-9.9.4-18.el7_1.1.x86_64.rpm bind-sdb-chroot-9.9.4-18.el7_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-1349 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU/7nhXlSAg2UNWIIRArKUAJ9WX/XGIY2BbVU1+km5wJAaBaPytQCdGBnW 7ZfcyFEskWi6YX7JcLMs9Fg= =dWCz -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Release Date: 2015-07-17 Last Updated: 2015-07-17 Potential Security Impact: Remote Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). References: CVE-2015-1349 CVE-2015-4620 SSRT101976 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.31 running BIND 9.7.3 prior to C.9.7.3.7.0 HP-UX B.11.31 running BIND 9.9.4 prior to C.9.9.4.3.0 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2015-1349 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2015-4620 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided updated versions of the BIND service to resolve this vulnerability. BIND 9.7.3 for HP-UX Release Depot Name Download location B.11.31 (PA and IA) HP_UX_11.31_HPUX-NameServer_C.9.7.3.7.0_HP-UX_B.11.31_IA_PA.depot https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe r=BIND BIND 9.9.4 for HP-UX Release Depot Name Download location B.11.31 (PA and IA) HP_UX_11.31_HPUX-NameServer_C.9.9.4.3.0_HP-UX_B.11.31_IA_PA.depot https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumbe r=BIND MANUAL ACTIONS: Yes - Update Download and install the software update PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS For BIND 9.7.3 HP-UX B.11.31 ================== NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.7.3.7.0 or subsequent For BIND 9.9.4 HP-UX B.11.31 ================== NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.9.4.3.0 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 17 July 2015 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/bind-9.9.6_P2-i486-1_slack14.1.txz: Upgraded. For more information, see: https://kb.isc.org/article/AA-01166/ https://kb.isc.org/article/AA-01161/ https://kb.isc.org/article/AA-01167/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8680 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.6_P2-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.6_P2-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.6_P2-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.6_P2-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.6_P2-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.6_P2-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.6_P2-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.6_P2-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.6_P2-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.6_P2-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.10.2-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.10.2-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 package: 409f093c9b35cabad287327ad3aaf426 bind-9.9.6_P2-i486-1_slack13.0.txz Slackware x86_64 13.0 package: 1bee65570447f21f4fe73a8df91d15eb bind-9.9.6_P2-x86_64-1_slack13.0.txz Slackware 13.1 package: 6caaad4788de51f77a391b3f9ce1f639 bind-9.9.6_P2-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 47d6656f5dab791b826fbff1aac17e44 bind-9.9.6_P2-x86_64-1_slack13.1.txz Slackware 13.37 package: bccb04bab7be8ab02b9623b75f1f5d1e bind-9.9.6_P2-i486-1_slack13.37.txz Slackware x86_64 13.37 package: 593a2e762e7ed1cb15f8286fea25b98f bind-9.9.6_P2-x86_64-1_slack13.37.txz Slackware 14.0 package: 5166d66c87a14c561898e65037e1f509 bind-9.9.6_P2-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 03c6787c991f063c95401578e9b3ff82 bind-9.9.6_P2-x86_64-1_slack14.0.txz Slackware 14.1 package: afe0884910ba3177fc760e940eee8f70 bind-9.9.6_P2-i486-1_slack14.1.txz Slackware x86_64 14.1 package: ce0c341a39382c43bd23fc59e6937cce bind-9.9.6_P2-x86_64-1_slack14.1.txz Slackware -current package: d4f3b5ec462119e670fb95325566765d n/bind-9.10.2-i486-1.txz Slackware x86_64 -current package: f604392171654a69ade08e76c46425ef n/bind-9.10.2-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg bind-9.9.6_P2-i486-1_slack14.1.txz Then, restart the name server: # /etc/rc.d/rc.bind restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. This can lead to resource exhaustion and denial of service (up to and including termination of the named server process) (CVE-2014-8500). Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator&#039;s part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives &quot;dnssec-lookaside auto;&quot; (as enabled in the Mandriva default configuration) or &quot;dnssec-validation auto;&quot; (CVE-2015-1349). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 http://advisories.mageia.org/MGASA-2014-0524.html http://advisories.mageia.org/MGASA-2015-0082.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 2/X86_64: a2cf83873b09b47275d0030063a236c8 mbs2/x86_64/bind-9.10.1.P2-7.mbs2.x86_64.rpm 83d97de0884ef84b933cb06bfbbce24a mbs2/x86_64/bind-devel-9.10.1.P2-7.mbs2.x86_64.rpm 633a8a160c3be4dda5f134550288df8f mbs2/x86_64/bind-doc-9.10.1.P2-7.mbs2.noarch.rpm 40760cee0f0c97261b80d159ab60cb32 mbs2/x86_64/bind-sdb-9.10.1.P2-7.mbs2.x86_64.rpm ec17a87a3d0e50c4a1c33c84adc0c08b mbs2/x86_64/bind-utils-9.10.1.P2-7.mbs2.x86_64.rpm 95f44b351208cfcbf15108dc707b0f21 mbs2/SRPMS/bind-9.10.1.P2-7.mbs2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. For the stable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-09-16-4 OS X Server 5.0.3 OS X Server 5.0.3 is now available and addresses the following: apache Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16. CVE-ID CVE-2013-5704 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 BIND Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in BIND, the most severe of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in BIND versions prior to 9.9.7. These issues were addressed by updating BIND to version 9.9.7. CVE-ID CVE-2014-8500 CVE-2015-1349 PostgreSQL Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9. CVE-ID CVE-2014-0067 CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 Wiki Server Available for: OS X Yosemite v10.10.4 or later Impact: Multiple XML security issues in Wiki Server Description: Multiple XML vulnerabilities existed in Wiki Server based on Twisted. This issue was addressed by removing Twisted. CVE-ID CVE-2015-5911 : Zachary Jones of WhiteHat Security Threat Research Center OS X Server 5.0.3 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:05.bind Security Advisory The FreeBSD Project Topic: BIND remote denial of service vulnerability Category: contrib Module: bind Announced: 2015-02-25 Credits: ISC Affects: FreeBSD 8.x and FreeBSD 9.x. Corrected: 2015-02-18 22:20:19 UTC (stable/9, 9.3-STABLE) 2015-02-25 05:56:54 UTC (releng/9.3, 9.3-RELEASE-p10) 2015-02-18 22:29:52 UTC (stable/8, 8.4-STABLE) 2015-02-25 05:56:54 UTC (releng/8.4, 8.4-RELEASE-p24) CVE Name: CVE-2015-1349 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. II. Problem Description BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit unpredictable behavior due to the use of an improperly initialized variable. III. IV. Workaround Only systems that runs BIND, including recursive resolvers and authoritative servers that performs DNSSEC validation and using managed-keys are affected. This issue can be worked around by not using "auto" for the dnssec-validation or dnssec-lookaside options and do not configure a managed-keys statement. Note that in order to do DNSSEC validation with this workaround one would have to configure an explicit trusted-keys statement with the appropriate keys. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch # fetch https://security.FreeBSD.org/patches/SA-15:05/bind.patch.asc # gpg --verify bind.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. Restart the applicable daemons, or reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r278973 releng/8.4/ r279265 stable/9/ r278972 releng/9.3/ r279265 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. ============================================================================ Ubuntu Security Notice USN-2503-1 February 18, 2015 bind9 vulnerability ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Bind could be made to crash if it received specially crafted network traffic. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: bind9 1:9.9.5.dfsg-4.3ubuntu0.2 Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.2 Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.10 In general, a standard system update will make all the necessary changes
VAR-201502-0508 No CVE Multiple NetGear Routers SOAP Service Verification Bypass Vulnerabilities CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
NetGear WNDR3700v4, WNR2200 and WNR2500 are all wireless router products of NetGear. A remote authentication bypass vulnerability exists in several NetGear routers. An attacker could use this vulnerability to bypass the authentication mechanism and obtain potentially sensitive information. The following products and versions are affected: NetGear WNDR3700v4 V1.0.0.4SH version, WNDR3700v4 V1.0.1.52 version, WNR2200 V1.0.1.88 version, WNR2500 V1.0.0.24 version
VAR-201502-0149 CVE-2015-0621 Cisco TelePresence MCU Service disruption in device software (DoS) Vulnerabilities CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Cisco TelePresence MCU devices with software 4.5(1.45) allow remote attackers to cause a denial of service (device reload) via an unspecified series of TCP packets, aka Bug ID CSCur50347. Vendors have confirmed this vulnerability Bug ID CSCur50347 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. Cisco TelePresence Multipoint Control Unit is prone to a denial-of-service vulnerability. An attacker can exploit this issue to reload the device, denying service to legitimate users