Posted by Apple Product Security on Oct 21
APPLE-SA-2015-10-21-8 OS X Server 5.0.15
OS X Server 5.0.15 is now available and addresses the following:
BIND
Available for: OS X Yosemite 10.10.5,
OS X El Capitan 10.11.1 or later
Impact: Multiple vulnerabilities in BIND
Description: Multiple vulnerabilities existed in BIND versions prior
to 9.9.7-P3, one of which may have allowed a remote attacker to cause
a denial of service. These issues were addressed by updating BIND to
version…
Posted by ZoRLu Bugrahan on Oct 21
#!/usr/bin/env python
#-*- coding:utf-8 -*-
#Title : SiteWIX – (edit_photo2.php id) SQL Injection Exploit
#Author : ZoRLu / zorlu () milw00rm com
#Website : milw00rm.com / milw00rm.net / milw00rm.org / milw0rm.info
#Twitter : https://twitter.com/milw00rm or @milw00rm
#Test : Windows7 Ultimate
#Discovery : 19/10/15
#Publish : 20/10/15
#Thks : exploit-db.com, packetstormsecurity.com,…
Posted by Apple Product Security on Oct 21
APPLE-SA-2015-10-21-1 iOS 9.1
iOS 9.1 is now available and addresses the following:
Accelerate Framework
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A memory corruption issue existed in the Accelerate
Framework in multi-threading mode. This issue was addressed through
improved accessor element…
Posted by Apple Product Security on Oct 21
APPLE-SA-2015-10-21-2 watchOS 2.0.1
watchOS 2.0.1 is now available and addresses the following:
Apple Pay
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: Some cards may allow a terminal to retrieve limited recent
transaction information when making a payment
Description: The transaction log functionality was enabled in
certain configurations. This issue was addressed by removing the…
Posted by Apple Product Security on Oct 21
APPLE-SA-2015-10-21-3 Safari 9.0.1
Safari 9.0.1 is now available and addresses the following:
WebKit
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5928 : Apple
CVE-2015-5929…
Posted by Apple Product Security on Oct 21
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update
2015-007
OS X El Capitan 10.11.1 and Security Update 2015-007 are now
available and address the following:
Accelerate Framework
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan 10.11
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A memory corruption issue existed in the Accelerate
Framework in…
Posted by Apple Product Security on Oct 21
APPLE-SA-2015-10-21-5 iTunes 12.3.1
iTunes 12.3.1 is now available and addresses the following:
iTunes
Available for: Windows 7 and later
Impact: A man-in-the-middle attack while browsing the iTunes Store
via iTunes may result in unexpected application termination or
arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5928 :…
CentOS Errata and Security Advisory 2015:1920 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1920.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d72e2661b3d3f63dd3e31e134305c90051559fed089dc7df2f11f42d647d39da java-1.7.0-openjdk-1.7.0.91-2.6.2.2.el6_7.i686.rpm d1e333fdef177c54ed4ad4da2bbaeec79150f27ca845161661689f568ff6a6a6 java-1.7.0-openjdk-demo-1.7.0.91-2.6.2.2.el6_7.i686.rpm ba0e0cdd9252a2c4e40199868178e9c33294813a3a946fb63d6ee6b05e764296 java-1.7.0-openjdk-devel-1.7.0.91-2.6.2.2.el6_7.i686.rpm 96005bc8eb6c0a4e9a13f0fe27aef3fe2b8f117087391c256ae4b67975e4f157 java-1.7.0-openjdk-javadoc-1.7.0.91-2.6.2.2.el6_7.noarch.rpm 90573960582711048b0f60e63cc8e8a220d0d59820c82dbf5e758754dfe1a66c java-1.7.0-openjdk-src-1.7.0.91-2.6.2.2.el6_7.i686.rpm x86_64: fca9faa6089825a6e753a197c1579310d03a2c023a965c0798cd36a5dcc27b8b java-1.7.0-openjdk-1.7.0.91-2.6.2.2.el6_7.x86_64.rpm 6f8e52dff818c08a09b8498d677401205aecc486976571f58f0476d64acf97cb java-1.7.0-openjdk-demo-1.7.0.91-2.6.2.2.el6_7.x86_64.rpm 27adba1b3a6f4f570d4be23c87e973cfd72890aa18845dd12274d47632cfe0cc java-1.7.0-openjdk-devel-1.7.0.91-2.6.2.2.el6_7.x86_64.rpm 96005bc8eb6c0a4e9a13f0fe27aef3fe2b8f117087391c256ae4b67975e4f157 java-1.7.0-openjdk-javadoc-1.7.0.91-2.6.2.2.el6_7.noarch.rpm ded1524d436b2319d7aea5296df26ff154edb863709bbb900dd0b42e7c18a401 java-1.7.0-openjdk-src-1.7.0.91-2.6.2.2.el6_7.x86_64.rpm Source: 4bf598bec324eebeda3229568573df701a70d28b9e54bd30f58338b3dac7997e java-1.7.0-openjdk-1.7.0.91-2.6.2.2.el6_7.src.rpm
CentOS Errata and Security Advisory 2015:1919 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1919.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: b99302119be56a5d3aa457794d7aaa38b9ee29fe8fae77fec9640faeca7cf6e2 java-1.8.0-openjdk-1.8.0.65-0.b17.el6_7.i686.rpm 4632744468cfc4cd0a0c762d60904d26dd2cd04f50ba8fce1b7e7113d0afc5d4 java-1.8.0-openjdk-debug-1.8.0.65-0.b17.el6_7.i686.rpm d077161d31630c046f85c8262241fd83fe4c03e9ccbaf9e39840d2febd9aaae5 java-1.8.0-openjdk-demo-1.8.0.65-0.b17.el6_7.i686.rpm 18847ba867de45bfa567bfea751e55f18bb27ab17ae5ee377174930445bf01a6 java-1.8.0-openjdk-demo-debug-1.8.0.65-0.b17.el6_7.i686.rpm ffe9a334a661c10164ae31d16f4924d25f37cca1ea6e9a36a6bf999911f781cd java-1.8.0-openjdk-devel-1.8.0.65-0.b17.el6_7.i686.rpm 3c8cc1f2f314349289461f24afb36cfe2e9052f9ca86d0076d53ea7873e55aae java-1.8.0-openjdk-devel-debug-1.8.0.65-0.b17.el6_7.i686.rpm 06a8dc8bed67ed2c80ae641a890ed7ccc6677fbcd63515bc4132dd167a654069 java-1.8.0-openjdk-headless-1.8.0.65-0.b17.el6_7.i686.rpm b37f50f9c57c7ebfc9c85c898c4b802f6340f9cb28c4c8a26641243cea9325e2 java-1.8.0-openjdk-headless-debug-1.8.0.65-0.b17.el6_7.i686.rpm 70197b219a776a905d1aadfb92bbe29d1fe6ea6cd789ffeb19514db449019723 java-1.8.0-openjdk-javadoc-1.8.0.65-0.b17.el6_7.noarch.rpm f629d6d4b062d017209a0e6755c0ff6ae25728e3ab49c5e3579af4dc00af8033 java-1.8.0-openjdk-javadoc-debug-1.8.0.65-0.b17.el6_7.noarch.rpm ee5220348f0eb86674f3d5af721c1cb51ecccb700ac433259565c6bc81871526 java-1.8.0-openjdk-src-1.8.0.65-0.b17.el6_7.i686.rpm 590bd566ac88439d3553e5b41728b4319754b72367f528e0baf047c09779e0ce java-1.8.0-openjdk-src-debug-1.8.0.65-0.b17.el6_7.i686.rpm x86_64: 95dd49c3f59834ec1041b57e2dd691764e01b9880a8dc9c6178975448ba90a82 java-1.8.0-openjdk-1.8.0.65-0.b17.el6_7.x86_64.rpm d254057ee70868b9ba7fe29a4c8f4d757bced91db171ed24cc0f6ff558a0ae7c java-1.8.0-openjdk-debug-1.8.0.65-0.b17.el6_7.x86_64.rpm 86d2b9d7ff06663f56d750026ce7b15561c5cbf5545a48b03595343e91c4c3c5 java-1.8.0-openjdk-demo-1.8.0.65-0.b17.el6_7.x86_64.rpm 3ada20716364d358f0a8d5f783dda6c827aa9e7350f1aba591b794e19ae904ab java-1.8.0-openjdk-demo-debug-1.8.0.65-0.b17.el6_7.x86_64.rpm 882aa56d3e3123862a323839790f9bbb9990891ba899cb5bed966073056d8736 java-1.8.0-openjdk-devel-1.8.0.65-0.b17.el6_7.x86_64.rpm 45249f813d5b6fc8b976180f23de852ff5407c6fb67a141af17e4a97cac0dd71 java-1.8.0-openjdk-devel-debug-1.8.0.65-0.b17.el6_7.x86_64.rpm b72bc85f3cd9d7687e5f20f8f06d96c462d81e7535f5c790ac0b4a942461b838 java-1.8.0-openjdk-headless-1.8.0.65-0.b17.el6_7.x86_64.rpm 78338011170fc1dd3fad535da45b4b6adc4b5d5f18e2cf1081174bdc0fe31433 java-1.8.0-openjdk-headless-debug-1.8.0.65-0.b17.el6_7.x86_64.rpm 70197b219a776a905d1aadfb92bbe29d1fe6ea6cd789ffeb19514db449019723 java-1.8.0-openjdk-javadoc-1.8.0.65-0.b17.el6_7.noarch.rpm f629d6d4b062d017209a0e6755c0ff6ae25728e3ab49c5e3579af4dc00af8033 java-1.8.0-openjdk-javadoc-debug-1.8.0.65-0.b17.el6_7.noarch.rpm 39caf4bfd7f16327aebb3710462a388bf9eec72db80f4a6a3dadd265f4d4de63 java-1.8.0-openjdk-src-1.8.0.65-0.b17.el6_7.x86_64.rpm f8b2b97268ab5153a597febee053485a32b6759f5da467d9a41efc2690995df0 java-1.8.0-openjdk-src-debug-1.8.0.65-0.b17.el6_7.x86_64.rpm Source: b32e71cdd92dcd427b30f6a34bba062cde7b06e915db2fddab39bf742ee43c0e java-1.8.0-openjdk-1.8.0.65-0.b17.el6_7.src.rpm
Original release date: October 21, 2015
Cisco has released updates to address multiple vulnerabilities in its Adaptive Security Appliance (ASA) software. Exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition.
US-CERT encourages users and administrators to review the Cisco security advisories on the ASA DNS Vulnerability 1, ASA DNS Vulnerability 2, ASA DHCP Vulnerability, and ASA IKE Vulnerability and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.