The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID CSCuy12409.
Monthly Archives: May 2016
CVE-2016-1407
Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) mishandles flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.
Bugtraq: AfterLogic WebMail Pro ASP.NET < 6.2.7 Administrator Account Takover via XXE Injection
AfterLogic WebMail Pro ASP.NET < 6.2.7 Administrator Account Takover via XXE Injection
Bugtraq: [SECURITY] [DSA 3586-1] atheme-services security update
[SECURITY] [DSA 3586-1] atheme-services security update
Bugtraq: MSA-2016-01: PowerFolder Remote Code Execution Vulnerability
MSA-2016-01: PowerFolder Remote Code Execution Vulnerability
RHSA-2016:1098-1: Moderate: jq security update
Red Hat Enterprise Linux: An update for jq is now available for Red Hat Enterprise Linux OpenStack
Platform 6.0 (Juno) for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2015-8863
RHSA-2016:1100-1: Important: kernel security, bug fix, and enhancement update
Red Hat Enterprise Linux: An update for kernel is now available for Red Hat Enterprise Linux 6.6 Extended
Update Support.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2015-5364, CVE-2015-5366
RHBA-2016:1104-1: openstack-neutron bug fix advisory
Red Hat Enterprise Linux: Updated OpenStack Networking packages that resolve various issues are now
available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for
RHEL 7.
RHBA-2016:1102-1: redhat-certification-commons bug fix
Red Hat Enterprise Linux: An updated redhat-certification-commons package that fixes a bug is now
available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
USN-2984-1: PHP vulnerabilities
Ubuntu Security Notice USN-2984-1
24th May, 2016
php5, php7.0 vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
Several security issues were fixed in PHP.
Software description
- php5
– HTML-embedded scripting language interpreter - php7.0
– HTML-embedded scripting language interpreter
Details
It was discovered that the PHP Fileinfo component incorrectly handled
certain magic files. An attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8865)
Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly
handled certain malformed Zip archives. A remote attacker could use this
issue to cause PHP to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-3078)
It was discovered that PHP incorrectly handled invalid indexes in the
SplDoublyLinkedList class. An attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-3132)
It was discovered that the PHP rawurlencode() function incorrectly handled
large strings. A remote attacker could use this issue to cause PHP to
crash, resulting in a denial of service. This issue only affected Ubuntu
16.04 LTS. (CVE-2016-4070)
It was discovered that the PHP php_snmp_error() function incorrectly
handled string formatting. A remote attacker could use this issue to cause
PHP to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4071)
It was discovered that the PHP phar extension incorrectly handled certain
filenames in archives. A remote attacker could use this issue to cause PHP
to crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4072)
It was discovered that the PHP mb_strcut() function incorrectly handled
string formatting. A remote attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-4073)
It was discovered that the PHP phar extension incorrectly handled certain
archive files. A remote attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and
Ubuntu 15.10. (CVE-2016-4342, CVE-2016-4343)
It was discovered that the PHP bcpowmod() function incorrectly handled
memory. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2016-4537, CVE-2016-4538)
It was discovered that the PHP XML parser incorrectly handled certain
malformed XML data. A remote attacker could possibly use this issue to
cause PHP to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2016-4539)
It was discovered that certain PHP grapheme functions incorrectly handled
negative offsets. A remote attacker could possibly use this issue to cause
PHP to crash, resulting in a denial of service. (CVE-2016-4540,
CVE-2016-4541)
It was discovered that PHP incorrectly handled certain malformed EXIF tags.
A remote attacker could possibly use this issue to cause PHP to crash,
resulting in a denial of service. (CVE-2016-4542, CVE-2016-4543,
CVE-2016-4544)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.04 LTS:
-
php7.0-fpm
7.0.4-7ubuntu2.1
-
libapache2-mod-php7.0
7.0.4-7ubuntu2.1
-
php7.0-cli
7.0.4-7ubuntu2.1
-
php7.0-cgi
7.0.4-7ubuntu2.1
- Ubuntu 15.10:
-
php5-cli
5.6.11+dfsg-1ubuntu3.4
-
php5-cgi
5.6.11+dfsg-1ubuntu3.4
-
libapache2-mod-php5
5.6.11+dfsg-1ubuntu3.4
-
php5-fpm
5.6.11+dfsg-1ubuntu3.4
- Ubuntu 14.04 LTS:
-
php5-cli
5.5.9+dfsg-1ubuntu4.17
-
php5-cgi
5.5.9+dfsg-1ubuntu4.17
-
libapache2-mod-php5
5.5.9+dfsg-1ubuntu4.17
-
php5-fpm
5.5.9+dfsg-1ubuntu4.17
- Ubuntu 12.04 LTS:
-
php5-cli
5.3.10-1ubuntu3.23
-
php5-cgi
5.3.10-1ubuntu3.23
-
libapache2-mod-php5
5.3.10-1ubuntu3.23
-
php5-fpm
5.3.10-1ubuntu3.23
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.