Monthly Archives: November 2015
CVE-2015-2924
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922.
CVE-2015-8215
net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is limited to the NetworkManager product.
CESA-2015:2065 Important CentOS 5 xen SecurityUpdate
CentOS Errata and Security Advisory 2015:2065 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2065.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 388ec1332b1e2f675f67fdb8ad56c28811128e3c9e7f0093fd67b7180e12bf70 xen-3.0.3-147.el5_11.i386.rpm 3c8e64bff83246ab9f8e361c248f4e473096ad5d0213631738082ed9c6db5d4d xen-3.0.3-147.el5_11.i686.rpm b563a6f98a3c39f0a28ef6057e175c6d940e9c16f808877006803b6a6f1f83ca xen-devel-3.0.3-147.el5_11.i386.rpm 6ea1d0d1d4d9a76c7e9ab5c057a265fa162fec047d164ac818341e216dffa97c xen-devel-3.0.3-147.el5_11.i686.rpm 2469d3e25e7fe7135c69bcd43699b4ff5ea6e912ba1de5918c4041ec5b8ce223 xen-libs-3.0.3-147.el5_11.i386.rpm b3ee5a22722b9eca0d758746f85208abf66e05dcc30cbc38b20be3a12d8cbe8e xen-libs-3.0.3-147.el5_11.i686.rpm x86_64: 489c2f01bb31c69c37aea0ce5a681e4a9a979c453ba87671040f882307afb7f0 xen-3.0.3-147.el5_11.x86_64.rpm b563a6f98a3c39f0a28ef6057e175c6d940e9c16f808877006803b6a6f1f83ca xen-devel-3.0.3-147.el5_11.i386.rpm b71e966fd955b269897933773580ea8d37ba385a63545b323dd308b4063413b9 xen-devel-3.0.3-147.el5_11.x86_64.rpm 2469d3e25e7fe7135c69bcd43699b4ff5ea6e912ba1de5918c4041ec5b8ce223 xen-libs-3.0.3-147.el5_11.i386.rpm c111fe7960da5cbc37c8f0f4804f2b762aadde878099f72c38b4e04ab689995f xen-libs-3.0.3-147.el5_11.x86_64.rpm Source: 0e2ed9159d7d8a815c5483da3a802da4e05d229302f4446a6d5ce1915a22b669 xen-3.0.3-147.el5_11.src.rpm
CVE-2014-9752
Unrestricted file upload vulnerability in mods/_core/properties/lib/course.inc.php in ATutor before 2.2 patch 6 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension as a customicon for a new course, then accessing it via a direct request to the file in content/.
CVE-2015-7712
Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and earlier allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary PHP code via the (1) asc or (2) desc parameter.
CVE-2015-7815
Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter.
CVE-2015-7816
The DisplayTopKeywords function in plugins/Referrers/Controller.php in Piwik before 2.15.0, which allows remote attackers to conduct PHP object injection attacks, conduct Server-Side Request Forgery (SSRF) attacks, and execute arbitrary PHP code via a crafted HTTP header.
CVE-2015-7897
The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.
Attackers Can Use SAP to Bridge Corporate, Operational ICS Networks
Research presented during Black Hat Europe demonstrates how attackers can abuse business applications connected to ICS and SCADA gear.