The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of RedHat Enterprise Linux

computer vulnerability bulletin CVE-2016-9933

gd: denial of service via gdImageFillToBorder

Synthesis of the vulnerability

An attacker can generate a fatal error via gdImageFillToBorder() of gd, in order to trigger a denial of service.
Impacted products: Mac OS X, Debian, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiGate, FortiGate Virtual Appliance, FortiOS, openSUSE, openSUSE Leap, RHEL, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 22/12/2016.
Identifiers: CERTFR-2017-AVI-237, CVE-2016-9933, DLA-758-1, DSA-3751-1, FG-IR-17-051, HT207483, openSUSE-SU-2016:3228-1, openSUSE-SU-2017:0006-1, openSUSE-SU-2017:0061-1, openSUSE-SU-2017:0081-1, openSUSE-SU-2017:0598-1, RHSA-2018:1296-01, USN-3213-1, VIGILANCE-VUL-21458.

Description of the vulnerability

An attacker can generate a fatal error via gdImageFillToBorder() of gd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-0736 CVE-2016-2161 CVE-2016-8743

Apache httpd: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Apache httpd.
Impacted products: Apache httpd, Mac OS X, Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, Junos Space, openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, TrendMicro ServerProtect, Ubuntu.
Severity: 3/4.
Consequences: data reading, data creation/edition, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 21/12/2016.
Revision date: 22/12/2016.
Identifiers: 1117414, APPLE-SA-2017-09-25-1, CVE-2016-0736, CVE-2016-2161, CVE-2016-8743, DLA-841-1, DLA-841-2, DSA-3796-1, DSA-3796-2, FEDORA-2016-8d9b62c784, FEDORA-2016-d22f50d985, HPESBUX03725, HT207615, HT208144, HT208221, JSA10838, K00373024, openSUSE-SU-2017:0897-1, openSUSE-SU-2017:0903-1, openSUSE-SU-2018:2856-1, RHSA-2017:0906-01, RHSA-2017:1721-01, SSA:2016-358-01, SUSE-SU-2018:2554-1, SUSE-SU-2018:2815-1, USN-3279-1, USN-3373-1, VIGILANCE-VUL-21434.

Description of the vulnerability

Several vulnerabilities were announced in Apache httpd.

An attacker can tamper with encrypted session data, in order to get knowledge of the plain text value. [severity:1/4; CVE-2016-0736]

An attacker can trigger a fatal error in case of use of shared memory, in order to trigger a denial of service. [severity:2/4; CVE-2016-2161]

An attacker can make profit of syntax error recovery to tamper with HTTP responses headers and bodies. [severity:3/4; CVE-2016-8743]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-9807

GStreamer Plugin: out-of-bounds memory reading via flx_decode_chunks

Synthesis of the vulnerability

An attacker can force a read at an invalid address via flx_decode_chunks of GStreamer Plugin, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: openSUSE, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 21/12/2016.
Identifiers: CVE-2016-9807, openSUSE-SU-2017:0071-1, openSUSE-SU-2017:0141-1, openSUSE-SU-2017:0151-1, openSUSE-SU-2017:0160-1, openSUSE-SU-2017:0298-1, openSUSE-SU-2017:0847-1, RHSA-2016:2975-01, RHSA-2017:0018-01, RHSA-2017:0019-01, RHSA-2017:0020-01, RHSA-2017:0021-01, SUSE-SU-2016:3288-1, SUSE-SU-2016:3303-1, SUSE-SU-2017:0210-1, SUSE-SU-2017:0225-1, SUSE-SU-2017:0237-1, VIGILANCE-VUL-21443.

Description of the vulnerability

An attacker can force a read at an invalid address via flx_decode_chunks of GStreamer Plugin, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-9586 CVE-2016-9952 CVE-2016-9953

cURL: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of cURL.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, Debian, Unisphere EMC, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, RHEL, Ubuntu.
Severity: 2/4.
Consequences: client access/rights, data reading.
Provenance: internet server.
Number of vulnerabilities in this bulletin: 3.
Creation date: 21/12/2016.
Identifiers: APPLE-SA-2017-07-19-2, cpuoct2018, CVE-2016-9586, CVE-2016-9952, CVE-2016-9953, DLA-1568-1, DLA-767-1, DSA-2019-114, FEDORA-2016-86d2b5aefb, FEDORA-2016-edbb33ab2e, HT207615, HT207922, JSA10874, openSUSE-SU-2017:1105-1, RHSA-2018:3558-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-21435.

Description of the vulnerability

Several vulnerabilities were announced in cURL.

An attacker can generate a buffer overflow via float numbers, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-9586]

On WinCE platforms, an attacker can tamper with X.501 names in the X.509 certificate validation process, in order to spoof a server. [severity:2/4; CVE-2016-9952]

On WinCE platforms, an attacker can raise a read only buffer overflow in the X.509 certificate validation process, in order to read the server process memory or crash it. [severity:2/4; CVE-2016-9953]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-10009 CVE-2016-10010 CVE-2016-10011

OpenSSH: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSH.
Impacted products: Mac OS X, Blue Coat CAS, Debian, VNX Operating Environment, VNX Series, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, Juniper EX-Series, Juniper J-Series, Junos OS, Junos Space, Junos Space Network Management Platform, SRX-Series, McAfee Email Gateway, Data ONTAP 7-Mode, OpenSSH, openSUSE Leap, Solaris, pfSense, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 5.
Creation date: 19/12/2016.
Identifiers: 1009, 1010, bulletinapr2017, CERTFR-2019-AVI-325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, DLA-1500-1, DLA-1500-2, DSA-2019-131, FEDORA-2017-4767e2991d, FreeBSD-SA-17:01.openssh, HPESBUX03818, HT207615, JSA10880, JSA10940, K24324390, K31440025, K62201745, K64292204, NTAP-20171130-0002, openSUSE-SU-2017:0344-1, openSUSE-SU-2017:0674-1, pfSense-SA-17_03.webgui, RHSA-2017:2029-01, SA144, SSA-181018, SSA:2016-358-02, SUSE-SU-2018:2275-1, SUSE-SU-2018:2685-1, SUSE-SU-2018:3540-1, USN-3538-1, VIGILANCE-VUL-21419.

Description of the vulnerability

Several vulnerabilities were announced in OpenSSH.

An attacker can bypass security features via ssh-agent, in order to escalate his privileges. [severity:2/4; CVE-2016-10009]

An attacker can bypass security features via Unix Domain Sockets, in order to escalate his privileges. [severity:2/4; CVE-2016-10010]

An attacker can bypass security features via Privilege-separated Child realloc(), in order to obtain sensitive information. [severity:1/4; CVE-2016-10011]

An attacker can generate a buffer overflow via Pre-authentication Compression, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-10012]

An attacker can bypass security features via AllowUser/DenyUsers Address Ranges, in order to escalate his privileges. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-10002 CVE-2016-10003

Squid cache: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Squid cache.
Impacted products: Debian, Fedora, openSUSE Leap, RHEL, Squid, Ubuntu.
Severity: 3/4.
Consequences: privileged access/rights, client access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 19/12/2016.
Identifiers: CERTFR-2016-AVI-422, CVE-2016-10002, CVE-2016-10003, DLA-763-1, DSA-3745-1, FEDORA-2016-c614315d29, openSUSE-SU-2017:0192-1, RHSA-2017:0182-01, RHSA-2017:0183-01, USN-3192-1, VIGILANCE-VUL-21417.

Description of the vulnerability

Several vulnerabilities were announced in Squid cache.

When the configuration directive collapsed_forwarding is enabled, an attacker can request an URL with some specially crafted headers, to get the response which was cached while processing a request for a previous client, in order to get the response body of the initial client. [severity:3/4; CVE-2016-10003]

An attacker can request an URL with specially crafted header If-None-Modified, to get the response which was cached while processing a request for a previous client, in order to get the response body of the initial client, including session cookies and the associated access rights. [severity:3/4; CVE-2016-10002]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-2123 CVE-2016-2125

Samba: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Samba.
Impacted products: Debian, Fedora, openSUSE Leap, Pulse Connect Secure, RHEL, Samba, Slackware, Ubuntu.
Severity: 2/4.
Consequences: privileged access/rights, client access/rights, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 19/12/2016.
Identifiers: CERTFR-2016-AVI-423, CVE-2016-2123, CVE-2016-2125, CVE-2016-2126-REJECTERROR, DLA-776-1, DSA-3740-1, FEDORA-2016-364f61377b, FEDORA-2017-d0a537062c, openSUSE-SU-2017:0020-1, openSUSE-SU-2017:0021-1, RHSA-2017:0662-01, RHSA-2017:0744-01, RHSA-2017:1265-01, SA43730, SSA:2016-363-02, USN-3158-1, VIGILANCE-VUL-21416, ZDI-17-053.

Description of the vulnerability

Several vulnerabilities were announced in Samba.

An attacker can generate an integer overflow via ndr_pull_dnsp_name(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-2123, ZDI-17-053]

An attacker can bypass security features via a Kerberos ticket, in order to escalate his privileges. [severity:2/4; CVE-2016-2125]

An attacker can bypass security features via tjhe cryptographic algorithm arcfour-hmac-md5 is used, in order to escalate his privileges. [severity:2/4; CVE-2016-2126-REJECTERROR]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-9588

Linux kernel: denial of service via KVM

Synthesis of the vulnerability

An attacker, inside a guest system, on a host using twice the KVM virtualization, can generate a fatal error in the Linux kernel, in order to trigger a denial of service on the host system.
Impacted products: Debian, Fedora, QRadar SIEM, Linux, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 15/12/2016.
Identifiers: 2011746, CERTFR-2017-AVI-058, CERTFR-2017-AVI-162, CERTFR-2018-AVI-557, CVE-2016-9588, DLA-849-1, DSA-3804-1, FEDORA-2016-2b1f91e9bd, FEDORA-2016-dd895763ac, RHSA-2017:1842-01, RHSA-2017:2077-01, SUSE-SU-2017:1247-1, SUSE-SU-2017:1360-1, USN-3208-1, USN-3208-2, USN-3209-1, USN-3822-1, USN-3822-2, VIGILANCE-VUL-21389.

Description of the vulnerability

An attacker, inside a guest system, on a host using twice the KVM virtualization, can generate a fatal error in the Linux kernel, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-7867 CVE-2016-7868 CVE-2016-7869

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 17.
Creation date: 14/12/2016.
Identifiers: 3209498, APSB16-39, CERTFR-2016-AVI-410, CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870, CVE-2016-7871, CVE-2016-7872, CVE-2016-7873, CVE-2016-7874, CVE-2016-7875, CVE-2016-7876, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7890, CVE-2016-7892, MS16-154, openSUSE-SU-2016:3160-1, RHSA-2016:2947-01, SUSE-SU-2016:3148-1, VIGILANCE-VUL-21376, ZDI-16-619, ZDI-16-620, ZDI-16-621, ZDI-16-622, ZDI-16-623, ZDI-16-624, ZDI-16-625, ZDI-16-626, ZDI-16-627.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7872, ZDI-16-626]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7877]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7878, ZDI-16-620]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7879, ZDI-16-619]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7880]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7881]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7892]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7867, ZDI-16-622]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7868, ZDI-16-625]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7869, ZDI-16-624]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7870, ZDI-16-623]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7871, ZDI-16-627]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7873]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7874]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7875, ZDI-16-621]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7876]

An attacker can bypass security features, in order to escalate his privileges. [severity:3/4; CVE-2016-7890]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-9080 CVE-2016-9893 CVE-2016-9894

Mozilla Firefox, Thunderbird: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Mozilla Firefox.
Impacted products: Debian, Fedora, Firefox, SeaMonkey, Thunderbird, NetBSD, openSUSE, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, client access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 14.
Creation date: 14/12/2016.
Identifiers: bulletinjan2017, CERTFR-2016-AVI-412, CERTFR-2016-AVI-431, CVE-2016-9080, CVE-2016-9893, CVE-2016-9894, CVE-2016-9895, CVE-2016-9896, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9903, CVE-2016-9904, CVE-2016-9905, DLA-743-1, DLA-782-1, DSA-3734-1, DSA-3757-1, FEDORA-2016-2bca1021a3, FEDORA-2016-55f912fcdc, FEDORA-2016-85eae56259, FEDORA-2016-bd94ef48c8, FEDORA-2016-f115a880a6, FEDORA-2017-7af4c910c2, FEDORA-2017-7c870ccc88, MFSA-2016-94, MFSA-2016-95, MFSA-2016-96, openSUSE-SU-2016:3184-1, openSUSE-SU-2016:3307-1, openSUSE-SU-2016:3308-1, openSUSE-SU-2016:3310-1, openSUSE-SU-2017:0026-1, RHSA-2016:2946-01, RHSA-2016:2973-01, SSA:2016-348-01, SSA:2016-365-02, SSA:2016-365-03, SUSE-SU-2016:3210-1, SUSE-SU-2016:3222-1, SUSE-SU-2016:3223-1, USN-3155-1, USN-3165-1, VIGILANCE-VUL-21369.

Description of the vulnerability

Several vulnerabilities were announced in Mozilla Firefox.

An attacker can generate a buffer overflow via SkiaGL, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-9894]

An attacker can force the usage of a freed memory area via the DOM interface, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-9899]

An attacker can bypass security features via a "marquee" element, in order to escalate his privileges. [severity:3/4; CVE-2016-9895]

An attacker can force the usage of a freed memory area via WebVR, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-9896]

An attacker can generate a memory corruption via libGLES, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-9897]

An attacker can force the usage of a freed memory area via DOM, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-9898]

An attacker can bypass security features via URLs if type "data", in order to escalate his privileges. [severity:3/4; CVE-2016-9900]

An attacker can bypass the origin check via a timing attack, in order to access to victim's data. [severity:2/4; CVE-2016-9904]

An attacker can bypass security features via the Pocket service, in order to escalate his privileges. [severity:2/4; CVE-2016-9901]

An attacker can bypass the origin check via the Pocket extension, in order to access to victim's data. [severity:2/4; CVE-2016-9902]

An attacker can trigger a Cross Site Scripting via SDK, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-9903]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-9080]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-9893]

An attacker can generate a buffer overflow via EnumerateSubDocuments, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-9905]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about RedHat Enterprise Linux: