SevOne NMS versions 4.3.6.0 and below remote root exploit.
Monthly Archives: January 2016
WhatsUp Gold 16.3 Remote Code Execution
WhatsUp Gold version 16.3 suffers from an unauthenticated remote code execution vulnerability.
Vuln: TigerVNC Screen Size Handling Integer Overflow Vulnerability
TigerVNC Screen Size Handling Integer Overflow Vulnerability
Vuln: Mozilla Network Security Services Memory Corruption and Heap Buffer Overflow Vulnerabilities
Mozilla Network Security Services Memory Corruption and Heap Buffer Overflow Vulnerabilities
CESA-2016:0043 Moderate CentOS 7 openssh SecurityUpdate
CentOS Errata and Security Advisory 2016:0043 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0043.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 7aa1a232479f86e7f3b82d335b0683d815ca92f20e14a166a49c03bbb7f8ac9e openssh-6.6.1p1-23.el7_2.x86_64.rpm a32b1a4625dd33016d110eb247329be9c242ca78f0b8f8b6d5ec6fc8a3cdc1f0 openssh-askpass-6.6.1p1-23.el7_2.x86_64.rpm 614657ffb529da95ab36aaf3a7f0e72b28622503ab1f7276083bf176b49dd58f openssh-clients-6.6.1p1-23.el7_2.x86_64.rpm cc70492e83aa70730a0b885bc00ad645c3ff81c31abcf85a11a06bd8df51895f openssh-keycat-6.6.1p1-23.el7_2.x86_64.rpm 97ae0347cf1cee17df80c150ff633bfd35d26184f3f9cb1d5b1640af32e9fbeb openssh-ldap-6.6.1p1-23.el7_2.x86_64.rpm a5b98159190191c035e260475b6e7fd5a0abeba2babe09749cc2f54748a633dc openssh-server-6.6.1p1-23.el7_2.x86_64.rpm 7c78c4bcb410d1060463e8bf694f1fe144636042102604a8fbb403e398404b53 openssh-server-sysvinit-6.6.1p1-23.el7_2.x86_64.rpm 93567227a3013b9311dd1669af23e4c2628140c10ce21591ec50afe56b8df8f2 pam_ssh_agent_auth-0.9.3-9.23.el7_2.i686.rpm c5b9720aec08ee9e853981401dd5946ee4515859d53ec9e86795f7e4403f1db6 pam_ssh_agent_auth-0.9.3-9.23.el7_2.x86_64.rpm Source: c0ae36b679f0dd6171897ad8952ec809c968464e685d7a0ae9333ea443132d10 openssh-6.6.1p1-23.el7_2.src.rpm
CEBA-2016:0038 CentOS 6 findutils FASTTRACKBugFix Update
CentOS Errata and Bugfix Advisory 2016:0038 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-0038.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 1d998ee1603cc90a26061b7b73e2286f741e7ca70a3a70af5f26eee1f12f32ee findutils-4.4.2-8.el6.i686.rpm x86_64: 1905c13970c52829fe8de918eb4f685a58e4476cfe110e019f339a6033612e69 findutils-4.4.2-8.el6.x86_64.rpm Source: 6a9b2e233ceecd5ffd4543331142f4c979c19e7d39ba56dc3be7780e07fdc973 findutils-4.4.2-8.el6.src.rpm
CEBA-2016:0039 CentOS 6 ibus FASTTRACK BugFixUpdate
CentOS Errata and Bugfix Advisory 2016:0039 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-0039.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: f76e912c52bcf2af15eaa713caa69cd6a2607e4b9e65de81cc91afc0c35f7c41 ibus-1.3.4-9.el6.i686.rpm 2a16cf43821903f5f0f06cd0b5d07fb7a1462557dbc171dd7541e6fba2fa5ce5 ibus-devel-1.3.4-9.el6.i686.rpm 6ec26fdfbde0876556242b5e06b833c03cad1ab457db915c5b328667488ec1d2 ibus-devel-docs-1.3.4-9.el6.i686.rpm f98ab3e7a7ebddceb165e7c26324e499bf236d409af5d46f3586225a1d99d42b ibus-gtk-1.3.4-9.el6.i686.rpm 56e19414c3ade4b771855bda38b9949570d884040b0a959b36ce8412374e5893 ibus-libs-1.3.4-9.el6.i686.rpm x86_64: 4e71c20728c4df004aa1eea443a5818d92ac68e4b1cf0d7c0bb306ea3cfdf49a ibus-1.3.4-9.el6.x86_64.rpm 2a16cf43821903f5f0f06cd0b5d07fb7a1462557dbc171dd7541e6fba2fa5ce5 ibus-devel-1.3.4-9.el6.i686.rpm 4c1b157eab95c92982dba9748f2fc629c02b43d1b7257ff314475951ff63b039 ibus-devel-1.3.4-9.el6.x86_64.rpm 971ffb745137e8f9c1137913eb5026a606a84783b697df788880e64048993b7d ibus-devel-docs-1.3.4-9.el6.x86_64.rpm f98ab3e7a7ebddceb165e7c26324e499bf236d409af5d46f3586225a1d99d42b ibus-gtk-1.3.4-9.el6.i686.rpm f243f4d169791bd2b600c82beb2b11ffc97045a1001f9c47463fe20690e45fac ibus-gtk-1.3.4-9.el6.x86_64.rpm 56e19414c3ade4b771855bda38b9949570d884040b0a959b36ce8412374e5893 ibus-libs-1.3.4-9.el6.i686.rpm 2a454c9379e70f33d87c5bb4b4a1c0077609547f3c1739ce796bc19c7df7c8c9 ibus-libs-1.3.4-9.el6.x86_64.rpm Source: 3753983af979d5b302eb780522f2fe898b5ed96185dfe52ae1ba999cc664a8a2 ibus-1.3.4-9.el6.src.rpm
CVE-2015-8605
ISC DHCP 4.x before 4.1-ESV-R12-P1 and 4.2.x and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
CVE-2016-0777
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2016-0778
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.