The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Red Hat Fedora

vulnerability announce CVE-2017-5193 CVE-2017-5194 CVE-2017-5195

irssi: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of irssi.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, Solaris, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 10/01/2017.
Identifiers: bulletinjul2017, CVE-2017-5193, CVE-2017-5194, CVE-2017-5195, CVE-2017-5196, DLA-1217-1, FEDORA-2017-7f9e997585, FEDORA-2017-d2e7217e2a, openSUSE-SU-2017:0093-1, openSUSE-SU-2017:0094-1, SSA:2017-011-03, USN-3184-1, VIGILANCE-VUL-21532.

Description of the vulnerability

Several vulnerabilities were announced in irssi.

An attacker can force a NULL pointer to be dereferenced via nickcmp(), in order to trigger a denial of service. [severity:2/4; CVE-2017-5193]

An attacker can force a read at an invalid address via Incomplete Control Codes, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-5194]

An attacker can force a read at an invalid address via Incomplete Character Sequences, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-5195]

An attacker can trigger a fatal error via Invalid Nick Message, in order to trigger a denial of service. [severity:2/4; CVE-2017-5196]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce 21522

TinyMCE: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of TinyMCE, in order to run JavaScript code in the context of the web site.
Impacted products: Fedora.
Severity: 2/4.
Creation date: 06/01/2017.
Identifiers: FEDORA-2016-8d8d7d6d47, VIGILANCE-VUL-21522.

Description of the vulnerability

The TinyMCE product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of TinyMCE, in order to run JavaScript code in the context of the web site.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability CVE-2016-8745

Apache Tomcat: information disclosure via sendfile

Synthesis of the vulnerability

An attacker can use a vulnerability via sendfile() of Apache Tomcat, in order to obtain sensitive information or to hijack a session.
Impacted products: Tomcat, Debian, Fedora, openSUSE Leap, Oracle DB, Oracle Fusion Middleware, Oracle OIT, Solaris, Tuxedo, WebLogic, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Creation date: 12/12/2016.
Revision date: 05/01/2017.
Identifiers: bulletinjan2017, cpuapr2018, cpuoct2017, CVE-2016-8745, DLA-779-1, DSA-3754-1, DSA-3755-1, FEDORA-2017-19c5440abe, FEDORA-2017-376ae2b92c, openSUSE-SU-2017:1292-1, RHSA-2017:0455-01, RHSA-2017:0456-01, RHSA-2017:0457-01, RHSA-2017:0527-01, RHSA-2017:0935-01, SUSE-SU-2017:1229-1, SUSE-SU-2017:1382-1, SUSE-SU-2017:1632-1, SUSE-SU-2017:1660-1, USN-3177-1, USN-3177-2, VIGILANCE-VUL-21355.

Description of the vulnerability

The Apache Tomcat product includes an HTTP server.

It may use the sendfile() function from the operating system to send the content of a file without reading it itself. However, an attacker can trigger an error in the response processing, in such a a way that the client receive the respond of another client, including response headers and notably the session identifier.

An attacker can therefore use a vulnerability via sendfile() of Apache Tomcat, in order to obtain sensitive information or to hijack a session.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2016-10109

pcsc-lite: use after free via SCardReleaseContext

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via SCardReleaseContext() of pcsc-lite, in order to trigger a denial of service, and possibly to run code with administrator privileges.
Impacted products: Debian, Fedora, openSUSE, openSUSE Leap, Ubuntu.
Severity: 3/4.
Creation date: 04/01/2017.
Identifiers: CVE-2016-10109, DLA-778-1, DSA-3752-1, FEDORA-2017-1a7b8c0730, FEDORA-2017-8311440c55, openSUSE-SU-2017:0178-1, USN-3176-1, VIGILANCE-VUL-21512.

Description of the vulnerability

The pcsc-lite product is a middleware for access to smartcard and readers.

A client application uses SCardReleaseContext() to free resources at disconnect time. However, the handler of the coresponding request in the server frees a memory area before reusing it if the client calls SCardReleaseContext() more than once.

An attacker can therefore force the usage of a freed memory area via SCardReleaseContext() of pcsc-lite, in order to trigger a denial of service, and possibly to run code with administrator privileges.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin 21508

BorgBackup: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of BorgBackup.
Impacted products: Fedora.
Severity: 2/4.
Creation date: 04/01/2017.
Identifiers: FEDORA-2016-3b51e954fd, FEDORA-2016-6e66f01186, VIGILANCE-VUL-21508.

Description of the vulnerability

Several vulnerabilities were announced in BorgBackup.

An attacker can bypass access restrictions via Replace Archives, in order to read or alter data. [severity:2/4]

An attacker can alter displayed information of Manifest, in order to deceive the victim. [severity:2/4]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2016-9941 CVE-2016-9942

LibVNCServer: two vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in LibVNCServer.
Impacted products: Debian, Fedora, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 04/01/2017.
Identifiers: CVE-2016-9941, CVE-2016-9942, DLA-777-1, DSA-3753-1, FEDORA-2017-0e08170fd3, FEDORA-2017-6125002d79, FEDORA-2017-dd5d2381e4, openSUSE-SU-2018:0851-1, SUSE-SU-2017:0104-1, SUSE-SU-2018:0830-1, USN-3171-1, VIGILANCE-VUL-21507.

Description of the vulnerability

Several vulnerabilities were announced in LibVNCServer.

An attacker can generate a buffer overflow via FramebufferUpdate, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9941]

An attacker can generate a buffer overflow via FramebufferUpdate Ultra, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9942]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2016-7030 CVE-2016-9575

FreeIPA: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of FreeIPA.
Impacted products: Fedora, FreeIPA, RHEL.
Severity: 3/4.
Creation date: 19/12/2016.
Revision date: 03/01/2017.
Identifiers: CVE-2016-7030, CVE-2016-9575, FEDORA-2016-ca1d1e1dc1, FEDORA-2016-d337166907, RHSA-2017:0001-01, VIGILANCE-VUL-21418.

Description of the vulnerability

Several vulnerabilities were announced in FreeIPA.

An authenticated attacker can change the validation rules for X.509 certificates via the command certprofile-mod, in order to install himself as a man in the middle or to trigger a denial of service. [severity:2/4; CVE-2016-9575]

An attacker can force locking of user account when Kerberos is used, in order to trigger a denial of service. [severity:3/4; CVE-2016-7030]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2016-8739

Apache CXF: external XML entity injection via Atom Entity Provider

Synthesis of the vulnerability

An attacker can transmit malicious XML data via Atom Entity Provider to Apache CXF, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Fedora.
Severity: 2/4.
Creation date: 02/01/2017.
Identifiers: CVE-2016-8739, FEDORA-2016-2361e1e07a, RHSA-2017:0868-01, VIGILANCE-VUL-21498.

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the Apache CXF parser allows external entities.

An attacker can therefore transmit malicious XML data via Atom Entity Provider to Apache CXF, in order to read a file, scan sites, or trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2016-6812

Apache CXF: Cross Site Scripting via FormattedServiceListWriter

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via FormattedServiceListWriter of Apache CXF, in order to run JavaScript code in the context of the web site.
Impacted products: Fedora.
Severity: 2/4.
Creation date: 02/01/2017.
Identifiers: CVE-2016-6812, FEDORA-2016-2361e1e07a, RHSA-2017:0868-01, VIGILANCE-VUL-21497.

Description of the vulnerability

The Apache CXF product offers a web service.

However, it does not filter received data via FormattedServiceListWriter before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via FormattedServiceListWriter of Apache CXF, in order to run JavaScript code in the context of the web site.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability 21470

Tracker: security improvement via tracker-extract

Synthesis of the vulnerability

The security of Tracker was improved via tracker-extract.
Impacted products: Fedora.
Severity: 1/4.
Creation date: 29/12/2016.
Identifiers: FEDORA-2016-631737a49a, VIGILANCE-VUL-21470.

Description of the vulnerability

This bulletin is about a security improvement.

It does not describe a vulnerability.

The security of Tracker was therefore improved via tracker-extract.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat Fedora: