CVE-2011-3205 SUSE Enterprise Linux Security Update for squid3 (SUSE-SU-2016:1996-1)漏洞银行丨0DAY BANK

漏洞信息

Suse has released security update for squid3 to fix the vulnerabilities.

Affected Products:
SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4

漏洞危害

This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command “yum update”.

Refer to Suse security advisory SUSE-SU-2016:1996-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SUSE-SU-2016:1996-1: SUSE Enterprise Linux

Virtual Patches:
Trend Micro Virtual Patching
Virtual Patch #1005303: 1005303 – Squid ‘cachemgr.cgi’ Remote Denial Of Service Vulnerability

www.0daybank.org

CVE-2015-7833 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2016:1985-1)漏洞银行丨0DAY BANK

漏洞信息

Suse has released security update for the linux kernel to fix the vulnerabilities.

Affected Products:
SUSE Linux Enterprise Real Time Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4

漏洞危害

This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system. Additionally this vulnerability can also be used to cause a complete denial of service and could render the resource completely unavailable.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command “yum update”.

Refer to Suse security advisory SUSE-SU-2016:1985-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SUSE-SU-2016:1985-1: SUSE Enterprise Linux

www.0daybank.org

CVE-2016-4994 SUSE Enterprise Linux Security Update for gimp (SUSE-SU-2016:1962-1)漏洞银行丨0DAY BANK

漏洞信息

Suse has released security update for gimp to fix the vulnerabilities.

Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Desktop 12-SP1

漏洞危害

This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command “yum update”.

Refer to Suse security advisory SUSE-SU-2016:1962-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SUSE-SU-2016:1962-1: SUSE Enterprise Linux

www.0daybank.org

CVE-2016-6153 SUSE Enterprise Linux Security Update for sqlite3 (SUSE-SU-2016:1945-1)漏洞银行丨0DAY BANK

漏洞信息

Suse has released security update for sqlite3 to fix the vulnerabilities.

Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1

漏洞危害

This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command “yum update”.

Refer to Suse security advisory SUSE-SU-2016:1945-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SUSE-SU-2016:1945-1: SUSE Enterprise Linux

www.0daybank.org

CVE-2016-6153 SUSE Enterprise Linux Security Update for sqlite3 (SUSE-SU-2016:1945-1)漏洞银行丨0DAY BANK

漏洞信息

Suse has released security update for sqlite3 to fix the vulnerabilities.

Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1

漏洞危害

This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerability to change all the contents or configuration on the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command “yum update”.

Refer to Suse security advisory SUSE-SU-2016:1945-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SUSE-SU-2016:1945-1: SUSE Enterprise Linux

www.0daybank.org

CVE-2016-5008 SUSE Enterprise Linux Security Update for libvirt (SUSE-SU-2016:1944-1)漏洞银行丨0DAY BANK

漏洞信息

Suse has released security update for libvirt to fix the vulnerabilities.

Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4

漏洞危害

Malicious users could use this vulnerability to change partial contents or configuration on the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command “yum update”.

Refer to Suse security advisory SUSE-SU-2016:1944-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SUSE-SU-2016:1944-1: SUSE Enterprise Linux

www.0daybank.org

CVE-2016-5139 Red Hat Update for chromium-browser (RHSA-2016:1580)漏洞银行丨0DAY BANK

漏洞信息

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 52.0.2743.116.

Security Fix(es):

* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5146, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145)

漏洞危害

A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

解决方案

Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

Refer to Red Hat security advisory RHSA-2016:1580 to address this issue and obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

RHSA-2016:1580: Red Hat Enterprise Linux

www.0daybank.org

CVE-2016-5696 Red Hat Kernel TCP Challenge ACK Counter Information Disclosure.漏洞银行丨0DAY BANK

漏洞信息

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments.

An attacker which knows a connections client IP, server IP and server port can abuse the challenge ACK mechanism to determine the accuracy of a normally ‘blind’ attack on the client or server.

This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4 and 5.

漏洞危害

On successful exploitation it leads to identify hosts communicating over the protocol and ultimately attack that traffic.

解决方案

There are no vendor supplied patches available at this time.
Refer to Redhat advisory CVE-2016-5696

www.0daybank.org

CVE-2016-5408 Red Hat Update for squid (RHSA-2016:1573)漏洞银行丨0DAY BANK

漏洞信息

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

* It was found that the fix for CVE-2016-4051 released via RHSA-2016:1138 did not properly prevent the stack overflow in the munge_other_line() function. A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemgr CGI utility, possibly triggering execution of arbitrary code. (CVE-2016-5408)

漏洞危害

A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemgr CGI utility, possibly triggering execution of arbitrary code.

解决方案

Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

Refer to Red Hat security advisory RHSA-2016:1573 to address this issue and obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

RHSA-2016:1573: Red Hat Enterprise Linu

www.0daybank.org

CVE-2015-7979 Red Hat Update for ntp (RHSA-2016:1552)漏洞银行丨0day Bank

漏洞信息

The Network Time Protocol (NTP) is used to synchronize a computer’s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service.

Security Fix(es):

* It was found that when NTP was configured in broadcast mode, a remote attacker could broadcast packets with bad authentication to all clients. The clients, upon receiving the malformed packets, would break the association with the broadcast server, causing them to become out of sync over a longer period of time. (CVE-2015-7979)

* A denial of service flaw was found in the way NTP handled preemptable client associations. A remote attacker could send several crypto NAK packets to a victim client, each with a spoofed source address of an existing associated peer, preventing that client from synchronizing its time. (CVE-2016-1547)

* It was found that an ntpd client could be forced to change from basic client/server mode to the interleaved symmetric mode. A remote attacker could use a spoofed packet that, when processed by an ntpd client, would cause that client to reject all future legitimate server responses, effectively disabling time synchronization on that client. (CVE-2016-1548)

* A flaw was found in the way NTP’s libntp performed message authentication. An attacker able to observe the timing of the comparison function used in packet authentication could potentially use this flaw to recover the message digest. (CVE-2016-1550)

* An out-of-bounds access flaw was found in the way ntpd processed certain packets. An authenticated attacker could use a crafted packet to create a peer association with hmode of 7 and larger, which could potentially (although highly unlikely) cause ntpd to crash. (CVE-2016-2518)

The CVE-2016-1548 issue was discovered by Miroslav Lichvar (Red Hat).

漏洞危害

On successful exploitation it allows effectively disabling time synchronization on that client.

解决方案

Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

Refer to Red Hat security advisory RHSA-2016:1552 to address this issue and obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

RHSA-2016:1552: Red Hat Enterprise Linux

www.0daybank.org