Mail attachment containing a malicious html file was observed as part of recent campaigns. A remote attacker could send spam e-mails including those html and redirects users to manually download malicious files.
Monthly Archives: March 2017
Apache Struts2 Content-Type Remote Code Execution (CVE-2017-5638)
A remote code execution vulnerability exists in the Apache Struts2 using Jakarta multipart parser. An attacker could exploit this vulnerability by sending an invalid content-type as part of a file upload request. Successful exploitation could result in execution of arbitrary code on the affected system.
Bugtraq: WordPress audio playlist functionality is affected by Cross-Site Scripting
WordPress audio playlist functionality is affected by Cross-Site Scripting
Bugtraq: SEC Consult SA-20170307-0 :: Unauthenticated OS command injection & arbitrary file upload in Western Digital WD My Cloud
SEC Consult SA-20170307-0 :: Unauthenticated OS command injection & arbitrary file upload in Western Digital WD My Cloud
Bugtraq: Stack-based buffer overflow in Western Digital My Cloud allows for remote code execution
Stack-based buffer overflow in Western Digital My Cloud allows for remote code execution
RHSA-2017:0454-1: Important: kvm security update
Red Hat Enterprise Linux: An update for kvm is now available for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-2615, CVE-2017-2620
RHEA-2017:0458-1: new packages: kmod-redhat-mpt3sas
Red Hat Enterprise Linux: New kmod-redhat-mpt3sas package is now available for Red Hat Enterprise Linux 7.
RHBA-2017:0315-3: resource-agents enhancement update
Red Hat Enterprise Linux: Updated resource-agents packages that add one enhancement are now available for
Red Hat Enterprise Linux 6.5 Extended Update Support.
USN-3217-1: network-manager-applet vulnerability
Ubuntu Security Notice USN-3217-1
7th March, 2017
network-manager-applet vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
The system could be made to expose sensitive information.
Software description
- network-manager-applet
– GNOME frontend for NetworkManager
Details
It was discovered that network-manager-applet incorrectly checked
permissions when connecting to certain wireless networks. A local attacker
could use this issue at the login screen to access local files.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.10:
-
network-manager-gnome
1.2.6-0ubuntu1.1
- Ubuntu 16.04 LTS:
-
network-manager-gnome
1.2.6-0ubuntu0.16.04.2
- Ubuntu 14.04 LTS:
-
network-manager-gnome
0.9.8.8-0ubuntu4.5
- Ubuntu 12.04 LTS:
-
network-manager-gnome
0.9.4.1-0ubuntu2.6
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
USN-3218-1: Linux kernel vulnerability
Ubuntu Security Notice USN-3218-1
7th March, 2017
linux, linux-ti-omap4 vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 12.04 LTS
Summary
The system could be made to crash or run programs as an administrator.
Software description
- linux
– Linux kernel - linux-ti-omap4
– Linux kernel for OMAP4
Details
Alexander Popov discovered that the N_HDLC line discipline implementation
in the Linux kernel contained a double-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly gain
administrative privileges.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 12.04 LTS:
- linux-image-omap4 3.2.0.1502.97
-
linux-image-3.2.0-124-virtual
3.2.0-124.167
- linux-image-generic 3.2.0.124.139
- linux-image-powerpc-smp 3.2.0.124.139
- linux-image-generic-pae 3.2.0.124.139
-
linux-image-3.2.0-124-generic-pae
3.2.0-124.167
- linux-image-highbank 3.2.0.124.139
- linux-image-virtual 3.2.0.124.139
-
linux-image-3.2.0-124-omap
3.2.0-124.167
- linux-image-powerpc64-smp 3.2.0.124.139
-
linux-image-3.2.0-124-highbank
3.2.0-124.167
-
linux-image-3.2.0-124-generic
3.2.0-124.167
-
linux-image-3.2.0-1502-omap4
3.2.0-1502.129
- linux-image-omap 3.2.0.124.139
-
linux-image-3.2.0-124-powerpc-smp
3.2.0-124.167
-
linux-image-3.2.0-124-powerpc64-smp
3.2.0-124.167
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.