PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
a0a78f15378a28ad666e9325eb8d111af5a53cfcfed70bf4274cbf18fb6cc40bUbuntu Security Notice 2622-1 - It was discovered that OpenLDAP incorrectly handled certain search queries that returned empty attributes. A remote attacker could use this issue to cause OpenLDAP to assert, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Michael Vishchers discovered that OpenLDAP improperly counted references when the rwm overlay was used. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service. Various other issues were also addressed.
0c7e0dc0f65cbfa8e9b0f3ae82475c92e5e43464c1e6fa58bb39af044f7da402Debian Linux Security Advisory 3273-1 - William Robinet and Michal Zalewski discovered multiple vulnerabilities in the TIFF library and its tools, which may result in denial of service or the execution of arbitrary code if a malformed TIFF file is processed.
fe5446b07e643bed3c0be65b7f95e684cbf73daec4e785e5095579a483cba473extjs suffers from an arbitrary file read vulnerability.
25c706347c312a1dbec64e7145f83ad3ced43c430111d99c2af5d66c8674f7a1Ubuntu Security Notice 2985-1 - Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). Various other issues were also addressed.
493c76ea8ce318894b316a5a208fb8df41462f866dbab930ef81d92361f8208cSynology Photo Station version 6.2-2858 suffers from multiple cross site scripting vulnerabilities.
927478dedc2f46ddf47bf2eba3a71f368d3eede44841b733a91812ac2f0c7fe4Synology DiskStation Manager version 5.2-5565 suffers from a cross site scripting vulnerability.
c70cd82b2c879cc9faf4d63e2542922479c5b742ab89fdf1e169021d4de5a076Synology Photo Station version 6.2-2858 suffers from a command injection vulnerability.
7036f18e0c6a38dc59ea9beaac1cea09173f31c896f8abef0c736a5664dedf77Red Hat Security Advisory 2015-1023-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 43.0.2357.65, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.
6eb794a5c0ab83b003193d853a129ca03eecc87bb5e448424373010f34554ed3Ubuntu Security Notice 2621-1 - Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled authentication timeouts. A remote attacker could use this flaw to cause the unauthenticated session to crash, possibly leading to a security issue. Noah Misch discovered that PostgreSQL incorrectly handled certain standard library function return values, possibly leading to security issues. Various other issues were also addressed.
698c9bbae93dfe50fd74e77f2fe4476beaa4cdf32cd2098bad76dae6f209aea5Debian Linux Security Advisory 3265-2 - The update for zendframework issued as DSA-3265-1 introduced a regression preventing the use of non-string or non-stringable objects as header values. A fix for this problem is now applied, along with the final patch for CVE-2015-3154.
3ed80bad260108444011947810e0434f6a3476ea2c1a354b05d75a8d188fe20bDebian Linux Security Advisory 3272-1 - Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of service.
0769bab7ebc694dbeaf6af932717a75df86598082acbabc2a20181b57e68e52fDebian Linux Security Advisory 3271-1 - Tuomas Rasanen discovered that unsafe signal handling in nbd-server, the server for the Network Block Device protocol, could allow remote attackers to cause a deadlock in the server process and thus a denial of service.
567fb50afd9751ca422d2bc84d615c534ab4290c75ef5d129abf23ad4e78b5ed
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed