Multiple Vendors OpenSSL Insecure Protocol Negotiation (Updated).Multiple Vendors FUSE Mount Options Corruption.Multiple Vendors Linux Kernel USB Subsystem Denials of Service (Updated).Multiple Vendors Linux Kernel 'Sysctl' Denial of Service (Updated).Multiple Vendors Linux Kernel Denial of Service & Information Disclosure (Updated).Multiple Vendors Linux Kernel Denial of Service.Multiple Vendors Linux Kernel Radionet Open Source Environment (ROSE) ndigis Input Validation (Updated).Multiple Vendors GNU gnump3d Unspecified Cross-Site Scripting (Updated).Multiple Vendors GNUMP3d Cross-Site Scripting or Directory Traversal (Updated).Multiple Vendors GNOME-DB LibGDA Multiple Format String (Updated).Multiple Vendors GDK-Pixbuf BMP Image Processing Double Free Remote Denial of Service (Updated).GTK+ GdkPixbuf XPM Image Rendering Library (Updated).Multiple Vendors Squid NTLM Authentication Remote Denial of Service (Updated).Multiple Vendors Linux Kernel IPV6 Denial of Service (Updated).Multiple Vendors GNU gnump3d Insecure Temporary File Creation & Directory Traversal.LiteSpeed Web Server Cross-Site Scripting.PNMToPNG Remote Buffer Overflow (Updated).IPsec-Tools ISAKMP IKE Remote Denial of Service.Info-ZIP UnZip File Permission Modification (Updated).IBM WebSphere Application Server for z/OS Remote Denial of Service. GpsDrive Remote Format String (Updated).Eric Raymond Fetchmail 'fetchmailconf' Information Disclosure (Updated).Common-lisp-controller Elevated Privileges (Updated).VP-ASP Shopping Cart Cross-Site Scripting.Microsoft Internet Explorer Unauthorized Access.MailEnable Arbitrary Code Execution or Denial of Service.Cosminexus Collaboration and Groupmax Collaboration Cross-Site Scripting or Denial of Service.Eudora WorldMail Server Information Disclosure.Winmail Server Multiple Vulnerabilities.The Recent Exploit/Technique table contains a "Workaround or Patch Available" column that indicates whether a workaround or patch has been published for the vulnerability which the script exploits. The risks levels applied to vulnerabilities in the Cyber Security Bulletin are based on how the "system" may be impacted. The text in the Risk column appears in red for vulnerabilities ranking High. Updates to vulnerabilities that appeared in previous bulletins are listed in bold text. This bulletin provides a summary of new or updated vulnerabilities, exploits, trends, viruses, and trojans. Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information. Information in the US-CERT Cyber Security Bulletin is a compilation and includes information published by outside sources, therefore the information should not be considered the result of US-CERT analysis.
0 Comments
Leave a Reply. |