MIT krb5 kadmind CVE-2014-9422 Security Bypass Vulnerability
Monthly Archives: February 2015
Vuln: MIT Kerberos 5 'kadmind' Daemon CVE-2014-9421 Remote Code Execution Vulnerability
MIT Kerberos 5 ‘kadmind’ Daemon CVE-2014-9421 Remote Code Execution Vulnerability
Vuln: MIT krb5 kadmind CVE-2014-5352 Double Free Remote Code Execution Vulnerability
MIT krb5 kadmind CVE-2014-5352 Double Free Remote Code Execution Vulnerability
Vuln: Google Chrome Prior to 40.0.2214.109 Multiple Security Vulnerabilities
Google Chrome Prior to 40.0.2214.109 Multiple Security Vulnerabilities
Microsoft Security Bulletin Revision Increment For February, 2015
This bulletin summary lists one bulletin that has undergone a major revision increment for February, 2015.
Google Releases Security Update for Chrome OS
Original release date: February 10, 2015
Google has released Chrome OS 40.0.2214.114 for Chrome devices to address multiple vulnerabilities. Exploitation of one these vulnerabilities could allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review the Google Chrome blog entry and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
CESA-2015:0165 Moderate CentOS 6 subversionSecurity Update
CentOS Errata and Security Advisory 2015:0165 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0165.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 32a3927ae4971b23bc81f9123363306d8d9a5939b139a3c802de82e5b79644bb mod_dav_svn-1.6.11-12.el6_6.i686.rpm 6c23fef4443d27c6e82193bdfbdda82b7898093c1006615dbcc75e3cf68a815a subversion-1.6.11-12.el6_6.i686.rpm 6cc1d25aa4ac53e913242ec41159d8de42fadb871384062e45fffecb1d31e175 subversion-devel-1.6.11-12.el6_6.i686.rpm 6596246e0c441e32c50e6c90c016a714c6c6b0c6ce109c2a69992bbcdb7c00ac subversion-gnome-1.6.11-12.el6_6.i686.rpm 1ed02f11d33fd55628ff0d97f2c4b2a901431f9340c59bdb862db3aef6f4dd6a subversion-javahl-1.6.11-12.el6_6.i686.rpm e8a59903e9b33553cf4b1dffe1e191d331496a4e56afdb22dad22eca9c08b2e6 subversion-kde-1.6.11-12.el6_6.i686.rpm 32906e72f51ff99aa406438d53e538ea2cf7b5e90d84d05258a3a74e8fe329df subversion-perl-1.6.11-12.el6_6.i686.rpm 2efa70361dd48f5ebdf2cf5a85f0e58a748760483e6573c37c99e2c2ea12d5b4 subversion-ruby-1.6.11-12.el6_6.i686.rpm 768cf02d302b8469f9d3960c7bcfecc0358b67e48b389e057db5689d64d43a37 subversion-svn2cl-1.6.11-12.el6_6.noarch.rpm x86_64: cfe4ec1671cf414256ebdf9453c2395084cec939c33f2fecc78adfca6a7e2f05 mod_dav_svn-1.6.11-12.el6_6.x86_64.rpm 6c23fef4443d27c6e82193bdfbdda82b7898093c1006615dbcc75e3cf68a815a subversion-1.6.11-12.el6_6.i686.rpm 870fc0650e8d86a5e48c4628d6b67d52c20a751e51e6a232e54a4b20b1fb7efa subversion-1.6.11-12.el6_6.x86_64.rpm 6cc1d25aa4ac53e913242ec41159d8de42fadb871384062e45fffecb1d31e175 subversion-devel-1.6.11-12.el6_6.i686.rpm e431d9f4b9790c57e42e9148ffcf13ca00ce688e3c22ab61a128aff3bb73daaa subversion-devel-1.6.11-12.el6_6.x86_64.rpm 6596246e0c441e32c50e6c90c016a714c6c6b0c6ce109c2a69992bbcdb7c00ac subversion-gnome-1.6.11-12.el6_6.i686.rpm 22fe7bcc6134958b412fc10381341810a5d3a3e70c9c360aba782936c189a4d3 subversion-gnome-1.6.11-12.el6_6.x86_64.rpm 1ed02f11d33fd55628ff0d97f2c4b2a901431f9340c59bdb862db3aef6f4dd6a subversion-javahl-1.6.11-12.el6_6.i686.rpm 0e79ef2ce0f6897b4802be09c2f9f6fe9b737cfda476732cc191e615b57422bb subversion-javahl-1.6.11-12.el6_6.x86_64.rpm e8a59903e9b33553cf4b1dffe1e191d331496a4e56afdb22dad22eca9c08b2e6 subversion-kde-1.6.11-12.el6_6.i686.rpm f7bc0a34c739ccb42822099d9d137b53af5f5cd1dcf5102fb71f7966d527b82f subversion-kde-1.6.11-12.el6_6.x86_64.rpm 32906e72f51ff99aa406438d53e538ea2cf7b5e90d84d05258a3a74e8fe329df subversion-perl-1.6.11-12.el6_6.i686.rpm a4f559b9031bb7671ad0885d94c91b0aee15b7a1894a845cdd876e08540ec467 subversion-perl-1.6.11-12.el6_6.x86_64.rpm 2efa70361dd48f5ebdf2cf5a85f0e58a748760483e6573c37c99e2c2ea12d5b4 subversion-ruby-1.6.11-12.el6_6.i686.rpm db41dfd9c8b081d35e3931757813a551fe3ddbec09bfe7f2a94b6cb5b192fe9f subversion-ruby-1.6.11-12.el6_6.x86_64.rpm 768cf02d302b8469f9d3960c7bcfecc0358b67e48b389e057db5689d64d43a37 subversion-svn2cl-1.6.11-12.el6_6.noarch.rpm Source: 2044b1b915eec1cc021681fd599cbf2fd37106670883426e2e24c08d1d45095f subversion-1.6.11-12.el6_6.src.rpm
Microsoft Security Bulletin Summary For February, 2015
This bulletin summary lists nine released Microsoft security bulletins for February, 2015.
CVE-2015-1042
The string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 through 1.2.18 uses an incorrect regular expression, which allows remote attackers to conduct open redirect and phishing attacks via a URL with a “:/” (colon slash) separator in the return parameter to login_page.php, a different vulnerability than CVE-2014-6316.
CVE-2015-1169
Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication.