DynaTrace UEM versions 6.3.x, 6.2.x, and 6.1.x suffer from a cookie manipulation vulnerability that can cause a server-side crash.
Monthly Archives: May 2016
CESA-2016:0715 Moderate CentOS 6 kernel SecurityUpdate
CentOS Errata and Security Advisory 2016:0715 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0715.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: c57558d0dae7aa07aa6f342ece99699686e120bcae889c64e2174c52b21fe0fa kernel-2.6.32-573.26.1.el6.i686.rpm 67f4925b7e037e25cba53451231122bfb6a02393b16bd18e1f99f27ba5f0ab7a kernel-abi-whitelists-2.6.32-573.26.1.el6.noarch.rpm 2288ce509385a0062f431eae0f24f69317ad5edb8f3415de318d4bf644a927a4 kernel-debug-2.6.32-573.26.1.el6.i686.rpm dfd9af9bca242bd2092107a37ee5f40fdbfaabaa0c143356a9b14c3972d7818e kernel-debug-devel-2.6.32-573.26.1.el6.i686.rpm e25a4c2dfe710a07eba43097f82cb5bb74326b5a879731a2100004df1683b9ac kernel-devel-2.6.32-573.26.1.el6.i686.rpm 588b5306cdd86ec5a77868ef58dc65a3f08b86f73c45f1b4aeba87e66be65a7b kernel-doc-2.6.32-573.26.1.el6.noarch.rpm 2f30e3d0a3f37f436f2e03f06e297f151573b70c4864c3cfe212cd9c45dba25b kernel-firmware-2.6.32-573.26.1.el6.noarch.rpm 49e84568ed669b5114071cb6f291fe2d4dcaf0bb8c4b81b578c358413924bb43 kernel-headers-2.6.32-573.26.1.el6.i686.rpm 13c4d01c55caf5c113597c7ab33372e69b3f3db603fb25a157b3bd1b6897250e perf-2.6.32-573.26.1.el6.i686.rpm 9e0a83aadee10727a33d0019f7fee30ce45671cb7eb85341363decd4b503d5d1 python-perf-2.6.32-573.26.1.el6.i686.rpm x86_64: dd926cd26ee29b5b3d662e4b56fd717a4e8fa7c6c6d34885ee7082f7841249df kernel-2.6.32-573.26.1.el6.x86_64.rpm 67f4925b7e037e25cba53451231122bfb6a02393b16bd18e1f99f27ba5f0ab7a kernel-abi-whitelists-2.6.32-573.26.1.el6.noarch.rpm 56e2f3a84b4dfa414d426e253c553b994ca7a345fceec2256022370b545a85d4 kernel-debug-2.6.32-573.26.1.el6.x86_64.rpm dfd9af9bca242bd2092107a37ee5f40fdbfaabaa0c143356a9b14c3972d7818e kernel-debug-devel-2.6.32-573.26.1.el6.i686.rpm 508bb7bf18dbf29a1f0c45c8f5fa5d59359a3106796efdd046454866f242365e kernel-debug-devel-2.6.32-573.26.1.el6.x86_64.rpm 457446da693c30100241eef365a1f87e768e2ea43899cc016231f16951feca6a kernel-devel-2.6.32-573.26.1.el6.x86_64.rpm 588b5306cdd86ec5a77868ef58dc65a3f08b86f73c45f1b4aeba87e66be65a7b kernel-doc-2.6.32-573.26.1.el6.noarch.rpm 2f30e3d0a3f37f436f2e03f06e297f151573b70c4864c3cfe212cd9c45dba25b kernel-firmware-2.6.32-573.26.1.el6.noarch.rpm a39f9b32d6db6ad1d6c125ee165043085650d1e5e32b5a2eaf1d2acb84ec4913 kernel-headers-2.6.32-573.26.1.el6.x86_64.rpm 636bbb3da90a573a1936d0cc7c80cbfda447e8936b066b58b033a8ae5a5bfbe6 perf-2.6.32-573.26.1.el6.x86_64.rpm 8570c7bb037ab090e953bf525569cb2935a9551e840a9c1351323075595af97c python-perf-2.6.32-573.26.1.el6.x86_64.rpm Source: cb53a6bf6389f7fd291562fc25c64c0ef72659b8a217dd3120d357a54ee81ae0 kernel-2.6.32-573.26.1.el6.src.rpm
DSA-3567 libpam-sshauth – security update
It was discovered that libpam-sshauth, a PAM module to authenticate
using an SSH server, does not correctly handle system users. In certain
configurations an attacker can take advantage of this flaw to gain root
privileges.
OpenSSL Toolkit 1.0.2h
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
OXID eShop CE 4.9.7 Path Traversal / Privilege Escalation
OXID eShop Community Edition version 4.9.7 suffers from path traversal and privilege escalation vulnerabilities.
Swagger Editor 2.9.9 Cross Site Scripting
Swagger Editor version 2.9.9 suffers from a cross site scripting vulnerability.
NetCommWireless HSPA 3G10WVE Authentication Bypass / Code Execution
NetCommWireless HSPA 3G10WVE suffers from authentication bypass and remote code execution vulnerabilities.
libxml 2.9.2 Stack Overflow
libxml versions prior to 2.9.3 suffer from a stack overflow vulnerability when parsing a malicious file.