The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
Monthly Archives: January 2017
Red Hat Security Advisory 2017-0025-01
Red Hat Security Advisory 2017-0025-01 – puppet-tripleo is a key component of the Red Hat OpenStack Platform director, which is a toolset for installing and managing a complete OpenStack environment. Security Fix: An access-control flaw was discovered in puppet-tripleo’s IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. Some API services in Red Hat OpenStack Platform director are not exposed to public networks, which meant their $public_ssl_port value was set to empty. If SSL was enabled, a malicious user could use these open ports to gain access to unauthorized resources.
CVE-2016-6890 (matrixssl)
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
CVE-2015-3441 (drgos)
The Parental Control panel in Genexis devices with DRGOS before 1.14.1 allows remote authenticated users to execute arbitrary CLI commands via the (1) start_hour, (2) start_minute, (3) end_hour, (4) end_minute, or (5) hostname parameter.
CVE-2016-6892 (matrixssl)
The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.
CVE-2016-6891 (matrixssl)
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
CVE-2016-8006 (security_information_and_event_management)
Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users’ information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands.
CVE-2017-5179 (nessus)
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Experts Warn of Novel PDF-Based Phishing Scam
Security experts are warning of an active phishing campaign that utilizes PDF attachments in a novel ploy to harvest email credentials from victims.
Android maxdsm Driver Kernel Information Disclosure
Android suffers from a kernel information disclosure vulnerability in the maxdsm_read function in the maxdsm driver.