An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to root privileges by modifying the “token” cookie issued at login.
All posts by 007admin
CVE-2016-4897
Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690.
CVE-2016-4894
SetucoCMS allows remote attackers to cause a denial of service.
CVE-2017-7281
An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A lack of sanitization of user input in the createReportName and saveReport functions in recoveryconsole/bpl/reports.php allows for an authenticated user to create a randomly named file on disk with a user-controlled extension, contents, and path, leading to remote code execution, aka Unrestricted File Upload.
CVE-2016-5856
Drivers/soc/qcom/spcom.c in the Qualcom SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857.
ansible-2.3.0.0-1.el7
Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes.
rst and html docs have been split out into a ansible-docs subpackage.
Includes fix for CVE-2017-7466
—-
Update to upstream 2.2.2.0 release.
ansible-2.3.0.0-1.el6
Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes.
rst and html docs have been split out into a ansible-docs subpackage.
Includes fix for CVE-2017-7466
—-
Update to upstream 2.2.2.0 release.
ansible-2.3.0.0-1.fc26
Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes.
rst and html docs have been split out into a ansible-docs subpackage.
Includes fix for CVE-2017-7466
ansible-2.3.0.0-1.fc25
Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes.
rst and html docs have been split out into a ansible-docs subpackage.
Includes fix for CVE-2017-7466
ansible-2.3.0.0-1.fc24
Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes.
rst and html docs have been split out into a ansible-docs subpackage.
Includes fix for CVE-2017-7466