The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Red Hat Fedora

computer vulnerability note CVE-2017-2661

Pacemaker Corosync: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of Pacemaker Corosync, in order to run JavaScript code in the context of the web site.
Impacted products: Fedora.
Severity: 2/4.
Creation date: 04/04/2017.
Identifiers: CVE-2017-2661, FEDORA-2017-71e69a691b, FEDORA-2017-7accc8010b, VIGILANCE-VUL-22319.

Description of the vulnerability

The Pacemaker Corosync product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of Pacemaker Corosync, in order to run JavaScript code in the context of the web site.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2017-2641 CVE-2017-2643 CVE-2017-2644

Moodle: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Moodle.
Impacted products: Fedora.
Severity: 2/4.
Creation date: 03/04/2017.
Identifiers: CVE-2017-2641, CVE-2017-2643, CVE-2017-2644, CVE-2017-2645, FEDORA-2017-0196511d58, FEDORA-2017-0fcaf52f1a, VIGILANCE-VUL-22303.

Description of the vulnerability

Several vulnerabilities were announced in Moodle.

An attacker can use a SQL injection, in order to read or alter data. [severity:2/4; CVE-2017-2641]

An attacker can bypass security features via Global Search, in order to obtain sensitive information. [severity:1/4; CVE-2017-2643]

An attacker can trigger a Cross Site Scripting via Evidence, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2017-2644]

An attacker can trigger a Cross Site Scripting via Attachments, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2017-2645]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2017-7585 CVE-2017-7586

libsndfile: buffer overflow via a FLAC file

Synthesis of the vulnerability

An attacker can generate a buffer overflow in libsndfile while processing a file in FLAC format, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, openSUSE Leap, Ubuntu.
Severity: 2/4.
Creation date: 03/04/2017.
Identifiers: CVE-2017-7585, CVE-2017-7586, DLA-928-1, FEDORA-2017-72a971ccf0, FEDORA-2017-f676ecb20d, openSUSE-SU-2017:1107-1, openSUSE-SU-2017:1427-1, USN-3306-1, VIGILANCE-VUL-22302.

Description of the vulnerability

An attacker can generate a buffer overflow in libsndfile while processing a file in FLAC format, in order to trigger a denial of service, and possibly to run code.

Technical details are unknown.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2016-9042 CVE-2017-6451 CVE-2017-6452

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Impacted products: Mac OS X, Blue Coat CAS, BIG-IP Hardware, TMOS, Fedora, FreeBSD, AIX, McAfee Web Gateway, Meinberg NTP Server, NetBSD, NTP.org, Solaris, Palo Alto Firewall PA***, PAN-OS, pfSense, RHEL, Slackware, Spectracom SecureSync, Symantec Content Analysis, Synology DSM, Synology DS***, Synology RS***, Ubuntu, VxWorks.
Severity: 2/4.
Creation date: 22/03/2017.
Revision date: 30/03/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinapr2017, CVE-2016-9042, CVE-2017-6451, CVE-2017-6452, CVE-2017-6455, CVE-2017-6458, CVE-2017-6459, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464, FEDORA-2017-5ebac1c112, FEDORA-2017-72323a442f, FreeBSD-SA-17:03.ntp, HT208144, K02951273, K07082049, K32262483, K-511308, K99254031, NTP-01-002, NTP-01-003, NTP-01-004, NTP-01-007, NTP-01-008, NTP-01-009, NTP-01-012, NTP-01-014, NTP-01-016, PAN-SA-2017-0022, RHSA-2017:3071-01, RHSA-2018:0855-01, SA147, SB10201, SSA:2017-112-02, TALOS-2016-0260, USN-3349-1, VIGILANCE-VUL-22217, VU#633847.

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can tamper with packet timestamp, in order to make target trafic dropped. [severity:2/4; CVE-2016-9042]

An attacker can generate a buffer overflow via ntpq, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6460, NTP-01-002]

An attacker can generate a buffer overflow via mx4200_send(), in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2017-6451, NTP-01-003]

An attacker can generate a buffer overflow via ctl_put(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6458, NTP-01-004]

An attacker can generate a buffer overflow via addKeysToRegistry(), in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2017-6459, NTP-01-007]

An attacker can generate a buffer overflow in the MS-Windows installer, in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2017-6452, NTP-01-008]

An attacker can define the PPSAPI_DLLS environment variable, in order to make the server run a library with hight privileges. [severity:2/4; CVE-2017-6455, NTP-01-009]

An authenticated attacker can submit an invalid configuration directive, to trigger a denial of service. [severity:2/4; CVE-2017-6463, NTP-01-012]

A privileged attacker can generate a buffer overflow via datum_pts_receive(), in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2017-6462, NTP-01-014]

An authenticated attacker can submit an invalid configuration directive "mode", to trigger a denial of service. [severity:2/4; CVE-2017-6464, NTP-01-016]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2017-7261

Linux kernel: denial of service via the module drm/vmwgfx

Synthesis of the vulnerability

A local attacker can use an ioctl system call to the video device driver vmwgfx of the Linux kernel, in order to make the kernel panic.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, Linux, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 27/03/2017.
Identifiers: 1435719, CERTFR-2017-AVI-141, CERTFR-2017-AVI-158, CERTFR-2017-AVI-162, CERTFR-2017-AVI-275, CERTFR-2017-AVI-282, CERTFR-2017-AVI-311, CVE-2017-7261, DLA-922-1, FEDORA-2017-02174df32f, FEDORA-2017-93dec9eba5, K63771715, openSUSE-SU-2017:1140-1, openSUSE-SU-2017:1215-1, SUSE-SU-2017:1183-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1301-1, SUSE-SU-2017:1360-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2525-1, USN-3291-1, USN-3291-2, USN-3291-3, USN-3293-1, USN-3361-1, USN-3406-1, USN-3406-2, VIGILANCE-VUL-22260.

Description of the vulnerability

The Linux kernel includes a video driver vmwgfx for guests systems running under VMware ESX.

This driver defines a device "/dev/dri/renderD128" which accepts ioctl system calls. However, the routine vmw_surface_define_ioctl() that implements ioctl calls does not rightly check its argument "num_sizes". A null value leads to a bad memory allocation, then to an invalid pointer dereference and a fatal exception. See also VIGILANCE-VUL-22282 et VIGILANCE-VUL-22298.

A local attacker can therefore use an ioctl system call to the video device driver vmwgfx of the Linux kernel, in order to make the kernel panic.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2017-6435 CVE-2017-6436 CVE-2017-6437

libplist: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of libplist.
Impacted products: Debian, Fedora, openSUSE Leap, Slackware.
Severity: 2/4.
Creation date: 27/03/2017.
Identifiers: CVE-2017-6435, CVE-2017-6436, CVE-2017-6437, CVE-2017-6438, CVE-2017-6439, CVE-2017-6440, DLA-870-1, FEDORA-2017-3849af4477, FEDORA-2017-4047180cd3, openSUSE-SU-2017:1426-1, openSUSE-SU-2017:2208-1, SSA:2017-320-01, VIGILANCE-VUL-22251.

Description of the vulnerability

Several vulnerabilities were announced in libplist.

An attacker can generate a memory corruption via parse_string_node(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6435]

An attacker can trigger a fatal error via parse_string_node(), in order to trigger a denial of service. [severity:1/4; CVE-2017-6436]

An attacker can force a read at an invalid address via base64encode(), in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-6437]

An attacker can generate a buffer overflow via parse_unicode_node(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6438]

An attacker can generate a buffer overflow via parse_string_node(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6439]

An attacker can trigger a fatal error via parse_data_node(), in order to trigger a denial of service. [severity:1/4; CVE-2017-6440]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2016-6167 CVE-2017-6542

PuTTY: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PuTTY.
Impacted products: Fedora, openSUSE Leap, X2GoClient.
Severity: 2/4.
Creation date: 24/02/2017.
Revision date: 22/03/2017.
Identifiers: CVE-2016-6167, CVE-2017-6542, FEDORA-2017-efdd962fee, openSUSE-SU-2017:0741-1, VIGILANCE-VUL-21958.

Description of the vulnerability

Several vulnerabilities were announced in PuTTY.

An attacker can generate an integer overflow via ssh_agent_channel_data(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6542]

An attacker can create a malicious DLL, and then put it in the current directory, in order to execute code. [severity:2/4; CVE-2016-6167]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability 22180

sscg: security improvement

Synthesis of the vulnerability

The security of sscg was improved.
Impacted products: Fedora.
Severity: 1/4.
Creation date: 20/03/2017.
Identifiers: FEDORA-2017-19b5c9f1c6, FEDORA-2017-6558bc25bc, VIGILANCE-VUL-22180.

Description of the vulnerability

This bulletin is about a security improvement.

It does not describe a vulnerability.

The security of sscg was therefore improved.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2017-6503 CVE-2017-6504

qBittorrent: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of qBittorrent.
Impacted products: Debian, Fedora, openSUSE Leap.
Severity: 2/4.
Creation date: 16/03/2017.
Identifiers: CVE-2017-6503, CVE-2017-6504, DLA-897-1, FEDORA-2017-66593c367e, FEDORA-2017-b59943dcae, openSUSE-SU-2017:0821-1, VIGILANCE-VUL-22148.

Description of the vulnerability

Several vulnerabilities were announced in qBittorrent.

An attacker can trigger a Cross Site Scripting via WebUI, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2017-6503]

An attacker can use a Clickjacking via WebUI, in order to deceive the victim. [severity:2/4; CVE-2017-6504]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2017-6377 CVE-2017-6379 CVE-2017-6381

Drupal Core: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Drupal Core.
Impacted products: Drupal Core, Fedora.
Severity: 3/4.
Creation date: 16/03/2017.
Identifiers: CERTFR-2017-AVI-085, CVE-2017-6377, CVE-2017-6379, CVE-2017-6381, DRUPAL-SA-CORE-2017-001, FEDORA-2017-05010f0b46, FEDORA-2017-9801754fd7, VIGILANCE-VUL-22147.

Description of the vulnerability

Several vulnerabilities were announced in Drupal Core.

An attacker can bypass security features via Inline Private Files, in order to obtain sensitive information. [severity:2/4; CVE-2017-6377]

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:3/4; CVE-2017-6379]

An attacker can use a vulnerability via Development Library, in order to run code. [severity:3/4; CVE-2017-6381]
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat Fedora: