Red Hat Enterprise Linux: Updated dmdicode packages that fix one bug are now available for Red Hat
Enterprise Linux 7.
Category Archives: Security
Security
RHBA-2017:0905-1: irqbalance bug fix update
Red Hat Enterprise Linux: Updated irqbalance packages that fix one bug are now available for Red Hat
Enterprise Linux 7.
CVE-2017-7627
The “Smart related articles” extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check).
CVE-2017-7626
The “Smart related articles” extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method).
CVE-2017-7628
The “Smart related articles” extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability).
Wireshark Analyzer 2.2.6
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
Ansvif 1.7
Ansvif is “A Not So Very Intelligent Fuzzer”. It feeds garbage arguments and data into programs trying to induce a fault.
Nintendo 3DS DNS Client Resolver Predictable TXID
The Nintendo 3DS DNS client resolver library uses a predictable (incremented) TXID allowing for the spoofing of responses.
Adobe Creative Cloud Desktop Application 4.0.0.185 Privilege Escalation
Adobe Creative Cloud Desktop Application versions 4.0.0.185 and below suffers from a privilege escalation vulnerability.
c0c0n 2017 Call For Papers
The c0c0n 2017 call for papers has been announced. It will take place August 17th through the 19th, 2017 at Le Meridien, Kochi (Cochin), Kerala, India