Red Hat Enterprise Linux: Updated vdsm packages are now available.
Monthly Archives: November 2016
USN-3134-1: Python vulnerabilities
Ubuntu Security Notice USN-3134-1
22nd November, 2016
python2.7, python3.2, python3.4, python3.5 vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
Several security issues were fixed in Python.
Software description
- python2.7
– An interactive high-level object-oriented language - python3.2
– An interactive high-level object-oriented language - python3.4
– An interactive high-level object-oriented language - python3.5
– An interactive high-level object-oriented language
Details
It was discovered that the smtplib library in Python did not return an
error when StartTLS fails. A remote attacker could possibly use this to
expose sensitive information. (CVE-2016-0772)
Rémi Rampin discovered that Python would not protect CGI applications
from contents of the HTTP_PROXY environment variable when based on
the contents of the Proxy header from HTTP requests. A remote attacker
could possibly use this to cause a CGI application to redirect outgoing
HTTP requests. (CVE-2016-1000110)
Insu Yun discovered an integer overflow in the zipimporter module in
Python that could lead to a heap-based overflow. An attacker could
use this to craft a special zip file that when read by Python could
possibly execute arbitrary code. (CVE-2016-5636)
Guido Vranken discovered that the urllib modules in Python did
not properly handle carriage return line feed (CRLF) in headers. A
remote attacker could use this to craft URLs that inject arbitrary
HTTP headers. This issue only affected Ubuntu 12.04 LTS and Ubuntu
14.04 LTS. (CVE-2016-5699)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.04 LTS:
-
libpython2.7-minimal
2.7.12-1ubuntu0~16.04.1
-
libpython3.5-stdlib
3.5.2-2ubuntu0~16.04.1
-
libpython2.7
2.7.12-1ubuntu0~16.04.1
-
libpython3.5-minimal
3.5.2-2ubuntu0~16.04.1
-
python2.7
2.7.12-1ubuntu0~16.04.1
-
python2.7-minimal
2.7.12-1ubuntu0~16.04.1
-
python3.5
3.5.2-2ubuntu0~16.04.1
-
python3.5-minimal
3.5.2-2ubuntu0~16.04.1
-
libpython3.5
3.5.2-2ubuntu0~16.04.1
-
libpython2.7-stdlib
2.7.12-1ubuntu0~16.04.1
- Ubuntu 14.04 LTS:
-
libpython2.7-minimal
2.7.6-8ubuntu0.3
-
libpython2.7
2.7.6-8ubuntu0.3
-
python2.7
2.7.6-8ubuntu0.3
-
python3.4-minimal
3.4.3-1ubuntu1~14.04.5
-
python2.7-minimal
2.7.6-8ubuntu0.3
-
python3.4
3.4.3-1ubuntu1~14.04.5
-
libpython3.4-minimal
3.4.3-1ubuntu1~14.04.5
-
libpython3.4
3.4.3-1ubuntu1~14.04.5
-
libpython2.7-stdlib
2.7.6-8ubuntu0.3
-
libpython3.4-stdlib
3.4.3-1ubuntu1~14.04.5
- Ubuntu 12.04 LTS:
-
libpython2.7
2.7.3-0ubuntu3.9
-
python2.7
2.7.3-0ubuntu3.9
-
python2.7-minimal
2.7.3-0ubuntu3.9
-
python3.2
3.2.3-0ubuntu3.8
-
python3.2-minimal
3.2.3-0ubuntu3.8
-
libpython3.2
3.2.3-0ubuntu3.8
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart any Python
applications to make all the necessary changes.
References
USN-3135-1: GStreamer Good Plugins vulnerability
Ubuntu Security Notice USN-3135-1
22nd November, 2016
gst-plugins-good0.10, gst-plugins-good1.0 vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
GStreamer could be made to crash or run programs as your login if it
opened a specially crafted file.
Software description
- gst-plugins-good0.10
– GStreamer plugins - gst-plugins-good1.0
– GStreamer plugins
Details
Chris Evans discovered that GStreamer Good Plugins did not correctly handle
malformed FLC movie files. If a user were tricked into opening a crafted
FLC movie file with a GStreamer application, an attacker could cause a
denial of service via application crash, or execute arbitrary code with the
privileges of the user invoking the program.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.10:
-
gstreamer1.0-plugins-good
1.8.3-1ubuntu1.1
- Ubuntu 16.04 LTS:
-
gstreamer1.0-plugins-good
1.8.2-1ubuntu0.2
- Ubuntu 14.04 LTS:
-
gstreamer0.10-plugins-good
0.10.31-3+nmu1ubuntu5.1
-
gstreamer1.0-plugins-good
1.2.4-1~ubuntu1.1
- Ubuntu 12.04 LTS:
-
gstreamer0.10-plugins-good
0.10.31-1ubuntu1.3
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
NTP DoS Exploit Released — Update Your Servers to Patch 10 Flaws
A proof-of-concept (PoC) exploit for a critical vulnerability in the Network Time Protocol daemon (ntpd) has been publically released that could allow anyone to crash a server with just a single maliciously crafted packet.
The vulnerability has been patched by the Network Time Foundation with the release of NTP 4.2.8p9, which includes a total of 40 security patches, bug fixes, and
Kaspersky Lab Reports Asian and African Banks Attacked Using a Zero-day Vulnerability
The Kaspersky Lab Global Research and Analysis Team has discovered attacks which appear to be using a zero-day exploit for the InPage text editor.
ShadowGate Redirector
ShadowGate is an initial redirection point for exploit kits. Exploit Kits operate by delivering a malicious payload to the victim’s computer. Successful exploitation could result in remote code execution on the target system once the malicious page is loaded.
NTP Daemon _IO_str_init_static_internal Denial of Service (CVE-2016-7434)
A denial of service vulnerability exists in the Network Time Protocol daemon (NTPD). The vulnerability is due to a null pointer dereference in the _IO_str_init_static_internal() function. A remote attacker can exploit this vulnerability by sending a crafted packet to the target service. Successful exploitation may result in denial-of-service conditions.
CVE-2016-9562
SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835.
CVE-2016-9563
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909.
Mobile Security Framework MobSF 0.9.3 Beta
Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it’s API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.