Ubuntu Security Notice 5067-1 - Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.
57bb124cbecf36bdb8d4f0c37b6abc7cd806b1d2b852b746eea1be28e8aa2a43Gentoo Linux Security Advisory 202003-52 - Multiple vulnerabilities have been found in Samba, the worst of which could lead to remote code execution. Versions less than 4.11.6 are affected.
78ecd3bc02b0f10129021084736ee7cc0c9408898c589745d90193370efe75aaRed Hat Security Advisory 2020-0179-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
0d5a0f10b1f5201a55ee5d74a0dcbb1f48b8429af6b4c428ed98e86453972daeRed Hat Security Advisory 2020-0103-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
fcb90197bf847c6ebafd82de864d910086dc1d311169e67eb45ec1ca8f2ab402Red Hat Security Advisory 2020-0036-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, null pointer, and use-after-free vulnerabilities.
1e0f0fd70b306e09392d1b9748151af1a86a0d713f765efd696043bf2e820c1dRed Hat Security Advisory 2019-2587-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include code execution and denial of service vulnerabilities.
89b9f7500052fdb49625bbc8a8734904b10ccb16484d2ad58eaf340ea1707561Red Hat Security Advisory 2019-2043-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
e071d742d6603367cb65da2c4efe950228d4321aa8233e8b9ddce2ca45118e06Red Hat Security Advisory 2019-2029-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
bac8beb8ce1ab8e43186837924865c4859c9dd53f0986287f9d903fc550005c1Ubuntu Security Notice 4072-1 - It was discovered that Ansible failed to properly handle sensitive information. A local attacker could use those vulnerabilities to extract them. It was discovered that Ansible could load configuration files from the current working directory containing crafted commands. An attacker could run arbitrary code as result. Various other issues were also addressed.
067d7fa1810947a5a71e4e63c60c2cf15d329e2fb5336677d77831ac4b96d497Debian Linux Security Advisory 4396-1 - Several vulnerabilities have been found in Ansible, a configuration management, deployment, and task execution system.
2dde31e5783af9038db0eb1aa458aab47e774751c9f88602e04c74b7ca36d972Red Hat Security Advisory 2019-0054-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include code execution and information leakage vulnerabilities.
b6bfd543e53faabd19b515f3b2ca2aeaa17de513c6ec77321984edea097181e6Red Hat Security Advisory 2018-3470-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, denial of service, deserialization, and format string vulnerabilities.
9e8155ff0d32478283821315ef01b373ffb94a7f3e9c04679d7c9bfd1ff773d5Red Hat Security Advisory 2018-3056-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability.
e893e36441accabfa64608059478e847abe16e77cea8e5c13de3fac1109eed20Red Hat Security Advisory 2018-3158-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Issues addressed include an information leak.
2d974d6a6e542ac30db1cad245f5d4b2533f5679dc5993997d02bf1951f64cb4Ubuntu Security Notice 3777-2 - USN-3777-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
19e56ea426f696a74aa692607d87804e67eeaa6dfd9e083466313919a494c760Ubuntu Security Notice 3777-1 - Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
5db6c7887e9651017faced7ba733531733f1515003351691c185c6a854134435Red Hat Security Advisory 2018-2757-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.
ebc2c485eac5e96a5ec19794c9c43a5b4e7aee4c30f1a0fff67a7a95a75f23cbRed Hat Security Advisory 2018-2613-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability.
ebe5db390257253c8eaa149bade81247c27749aa2440840562382ca93ef358a8Red Hat Security Advisory 2018-2612-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability.
d8a73b89cc76b1a2a734150ce5b056ba6c4729bdfd5117f4bb476d072cb6837bRed Hat Security Advisory 2018-2585-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include code execution and information leakage vulnerabilities.
c2f7fbc80a1e3aef3f121319c8acd42c0aa36597f4908da7a0a51c7f2be8bcddSlackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
7d7bfb81585f003b8060eb303f9d201d705ed9ff357804632ef0da65a60bf6aaUbuntu Security Notice 3738-1 - Svyatoslav Phirsov discovered that the Samba libsmbclient library incorrectly handled extra long filenames. A malicious server could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. Volker Mauel discovered that Samba incorrectly handled database output. When used as an Active Directory Domain Controller, a remote authenticated attacker could use this issue to cause Samba to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.
5221d6d7ec1ae368c2796879860e183bb504d52cfbf35eb129391261b6719f11Debian Linux Security Advisory 4271-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
1cd23e688938ba7d5034395ba01b18fc3d061baf0c1802c7177355634269b102Red Hat Security Advisory 2018-2184-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security fix: ansible: Failed tasks do not honour no_log option allowing for secrets to be disclosed in logs Issues addressed include an information leakage vulnerability.
347d2019e1ce59cbdad13b2c91e7c6d733dbb455fb6118c1f45f4036c8fc1438Red Hat Security Advisory 2018-2013-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.9.31. Issues addressed include code execution and authentication vulnerabilities.
e3a729420ecf3281988f13758b4df2a08b4cd0bb3c48d942625c3729e4cf6685
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed