7月 - 2017 - 漏洞银行丨0daybank

漏洞类别：SUSE 漏洞等级：漏洞信息 SUSE has released security update for libreoffice to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use …

2017-07-31 0条评论 5129点热度 0人点赞 admin 阅读全文

漏洞类别：SUSE 漏洞等级：漏洞信息 SUSE has released security update for systemd to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availabi…

2017-07-31 0条评论 4894点热度 0人点赞 admin 阅读全文

漏洞类别：RedHat 漏洞等级：漏洞信息 Graphite2 is a project within SIL's Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Various vulnerabilities have been discovered in Graphite2. …

2017-07-31 0条评论 5016点热度 0人点赞 admin 阅读全文

漏洞类别：RedHat 漏洞等级：漏洞信息 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle refe…

2017-07-31 0条评论 5858点热度 0人点赞 admin 阅读全文

漏洞类别：Local 漏洞等级：漏洞信息 The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string. A…

2017-07-31 0条评论 5090点热度 0人点赞 admin 阅读全文

漏洞类别：Local 漏洞等级：漏洞信息 Certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel (TMM). The Session Ticket option is disabled by def…

2017-07-31 0条评论 3791点热度 0人点赞 admin 阅读全文

漏洞类别：Local 漏洞等级：漏洞信息 Safari is a Web-browser developed by Apple which is based on the WebKit engine. The update addresses multiple vulnerabilities affecting WebKit and Safari for OS X Yosemite, El Capitan and macOS Sierra. 漏洞危害 Successful exploitation of the …

2017-07-31 0条评论 3613点热度 0人点赞 admin 阅读全文

漏洞类别：Amazon Linux 漏洞等级：漏洞信息 Security Fix(es): A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, b…

2017-07-31 0条评论 3812点热度 0人点赞 admin 阅读全文

漏洞类别：Amazon Linux 漏洞等级：漏洞信息 The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. ( …

2017-07-31 0条评论 3915点热度 0人点赞 admin 阅读全文

漏洞类别：SUSE 漏洞等级：漏洞信息 SUSE has released security update for apport to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users co…

2017-07-31 0条评论 3356点热度 0人点赞 admin 阅读全文

漏洞类别：SUSE 漏洞等级：漏洞信息 SUSE has released security update for jasper to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerabil…

2017-07-31 0条评论 3480点热度 0人点赞 admin 阅读全文

漏洞类别：RedHat 漏洞等级：漏洞信息 The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). It was found that the log file viewer in Red Hat JBoss Enterprise Applicat…

2017-07-31 0条评论 3396点热度 0人点赞 admin 阅读全文

漏洞类别：Ubuntu 漏洞等级：漏洞信息 It was discovered that libiberty incorrectly handled certain string operations. It was discovered that libiberty incorrectly handled parsing certain binaries. It was discovered that libiberty incorrectly handled parsing certain binaries.…

2017-07-31 0条评论 3440点热度 0人点赞 admin 阅读全文

漏洞类别：Ubuntu 漏洞等级：漏洞信息 It was discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. It was discovered that gdb incorrectly handled printing bad bytes in Intel Hex objects. It was discovered that gdb incorrectly handled certa…

2017-07-31 0条评论 3378点热度 0人点赞 admin 阅读全文

漏洞类别：Ubuntu 漏洞等级：漏洞信息 It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. It was discovered…

2017-07-31 0条评论 3430点热度 0人点赞 admin 阅读全文

漏洞类别：Ubuntu 漏洞等级：漏洞信息 It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. It was discovered that the Ruby OpenSSL extension incorrectly handled hostname wildcard matching. It was discovered that Ruby Fiddle::Handle incorrectly handle…

2017-07-31 0条评论 3368点热度 0人点赞 admin 阅读全文

漏洞类别：Ubuntu 漏洞等级：漏洞信息 It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A race condition in the Advanced Linux Sound Arch…

2017-07-31 0条评论 3292点热度 0人点赞 admin 阅读全文

漏洞类别：Ubuntu 漏洞等级：漏洞信息 It was discovered that ImageMagick incorrectly handled certain malformed image files. 漏洞危害 If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a den…

2017-07-31 0条评论 3287点热度 0人点赞 admin 阅读全文

漏洞类别：Ubuntu 漏洞等级：漏洞信息 It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. It was discovered that the X.Org X server incorrectly handled endianness conversion of certain X events. It was discovered that the …

2017-07-31 0条评论 3406点热度 0人点赞 admin 阅读全文

漏洞类别：SUSE 漏洞等级：漏洞信息 SUSE has released security update for apache2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 SU…

2017-07-31 0条评论 3501点热度 0人点赞 admin 阅读全文

CVE-2016-10327 OpenSUSE Security Update for libreoffice (openSUSE-SU-2017:1851-1)

CVE-2017-9217 OpenSUSE Security Update for systemd (openSUSE-SU-2017:1844-1)

CVE-2017-7771 Red Hat Update for graphite2 (RHSA-2017:1793)

CVE-2017-10053 21:25:36 Red Hat Update for java-1.8.0-openjdk (RHSA-2017:1789)

CVE-2016-6515 F5 BIG-IP ASM OpenSSH Denial of Service Vulnerability (K31510510)

CVE-2017-6141 F5 BIG-IP ASM TMM SSL/TLS Profile Vulnerability (K21154730)

CVE-2017-7060 Apple Safari 10.1.2 Not Installed (APPLE-SA-2017-07-19-5)

CVE-2017-3143 Amazon Linux Security Advisory for bind: ALAS-2017-858

CVE-2017-1000381 Amazon Linux Security Advisory for c-ares: ALAS-2017-859

CVE-2015-1338 SUSE Enterprise Linux Security Update for apport (SUSE-SU-2017:1938-1)

CVE-2016-9262 2017-07-26 21:16:34 SUSE Enterprise Linux Security Update for jasper (SUSE-SU-2017:1916-1)

CVE-2016-5018 Red Hat Update for jboss-ec2-eap (RHSA-2017:1552)

CVE-2016-2226 Ubuntu Security Notification for Libiberty Vulnerabilities (USN-3368-1)

CVE-2014-8501 Ubuntu Security Notification for Gdb Vulnerabilities (USN-3367-1)

CVE-2017-10053 Ubuntu Security Notification for Openjdk-8 Vulnerabilities (USN-3366-1)

CVE-2009-5147 Ubuntu Security Notification for Ruby1.9.1, Ruby2.0, Ruby2.3 Vulnerabilities (USN-3365-1)

CVE-2014-9900 Ubuntu Security Notification for Linux, Linux-raspi2, Linux-snapdragon Vulnerabilities (USN-3364-1)

CVE-2017-10928 Ubuntu Security Notification for Imagemagick Vulnerabilities (USN-3363-1)

CVE-2017-10971 Ubuntu Security Notification for Xorg-server, Xorg-server-hwe-16.04, Xorg-server-lts-xenial Vulnerabilities (USN-3362-1)

CVE-2017-9788 SUSE Enterprise Linux Security Update for apache2 (SUSE-SU-2017:1961-1)