The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Sun Solaris

vulnerability announce CVE-2016-10195 CVE-2016-10196 CVE-2016-10197

libevent: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of libevent.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 6.
Creation date: 15/02/2017.
Identifiers: bulletinjul2018, CERTFR-2017-AVI-134, cpujul2017, CVE-2016-10195, CVE-2016-10196, CVE-2016-10197, CVE-2017-10195-ERROR, CVE-2017-10196-ERROR, CVE-2017-10197-ERROR, DLA-824-1, DSA-3789-1, FEDORA-2017-31c64a0bbf, FEDORA-2017-82265ed89e, FEDORA-2017-87e23bcc34, MFSA-2017-10, MFSA-2017-11, MFSA-2017-12, MFSA-2017-13, openSUSE-SU-2018:0220-1, RHSA-2017:1201-01, SSA:2017-112-01, SUSE-SU-2017:1669-1, SUSE-SU-2017:2235-1, USN-3228-1, USN-3278-1, VIGILANCE-VUL-21846.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of libevent.
Full Vigil@nce bulletin... (Free trial)

cybersecurity alert CVE-2016-9179

Lynx: vulnerability via URL Parsing

Synthesis of the vulnerability

A vulnerability via URL Parsing of Lynx was announced.
Severity: 2/4.
Creation date: 15/02/2017.
Identifiers: bulletinjul2018, CVE-2016-9179, FEDORA-2017-c9828b259c, openSUSE-SU-2017:0668-1, VIGILANCE-VUL-21840.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A vulnerability via URL Parsing of Lynx was announced.
Full Vigil@nce bulletin... (Free trial)

computer threat bulletin CVE-2016-10207

TigerVNC: denial of service via TLS

Synthesis of the vulnerability

An attacker can generate a fatal error via the TLS handshake in TigerVNC, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 13/02/2017.
Identifiers: bulletinjan2018, CVE-2016-10207, openSUSE-SU-2017:0444-1, RHSA-2017:0630-01, RHSA-2017:2000-01, VIGILANCE-VUL-21810.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via the TLS handshake in TigerVNC, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

security weakness CVE-2017-5884 CVE-2017-5885

gtk-vnc: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of gtk-vnc.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 13/02/2017.
Identifiers: bulletinjan2018, CVE-2017-5884, CVE-2017-5885, DLA-831-1, FEDORA-2017-404f1a29fc, FEDORA-2017-a9e6a5c249, FEDORA-2017-ab04a91edd, FEDORA-2017-c3739273e5, RHSA-2017:2258-01, USN-3203-1, VIGILANCE-VUL-21804.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of gtk-vnc.
Full Vigil@nce bulletin... (Free trial)

security note CVE-2017-3135

ISC BIND: assertion error via the combination DNS64+RPZ

Synthesis of the vulnerability

An attacker can force an assertion failure when functions DNS64 and RPZ of ISC BIND are both enabled, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 09/02/2017.
Identifiers: bulletinjul2018, CVE-2017-3135, DLA-843-1, DSA-2019-131, DSA-3795-1, FEDORA-2017-27099c270a, FEDORA-2017-2b46c8b6c2, FEDORA-2017-96b7f4f53e, FEDORA-2017-d0c9bf9508, HPESBUX03747, JSA10799, K80533167, NTAP-20180926-0001, NTAP-20180926-0002, NTAP-20180926-0003, NTAP-20180926-0004, NTAP-20180926-0005, NTAP-20180927-0001, openSUSE-SU-2017:0620-1, RHSA-2017:0276-01, SSA:2017-041-01, USN-3201-1, VIGILANCE-VUL-21790.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The ISC BIND product is a DNS server.

It can compute responses for IPv6 address queries from data for IPv4 addresses. However, when this function is enabled and that the function "Response Policy Zone" is also enabled, an assertion may be evaluated as false, which stops the process with a SIGABORT signal.

An attacker can therefore force an assertion failure when functions DNS64 and RPZ of ISC BIND are both enabled, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2016-7444

GnuTLS: Man-in-the-Middle via gnutls_ocsp_resp_check_crt

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle via gnutls_ocsp_resp_check_crt() on GnuTLS, in order to read or write data in the session.
Severity: 2/4.
Creation date: 01/02/2017.
Identifiers: bulletinjul2017, CVE-2016-7444, openSUSE-SU-2017:0386-1, RHSA-2017:2292-01, SUSE-SU-2017:0348-1, USN-3183-1, USN-3183-2, VIGILANCE-VUL-21736.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can act as a Man-in-the-Middle via gnutls_ocsp_resp_check_crt() on GnuTLS, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2017-5482 CVE-2017-5483 CVE-2017-5484

tcpdump: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 5.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21705.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)

threat note CVE-2017-5341 CVE-2017-5342

tcpdump: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2017-5341, CVE-2017-5342, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21704.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-5202 CVE-2017-5203 CVE-2017-5204

tcpdump: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21703.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)

weakness note CVE-2016-8574 CVE-2016-8575

tcpdump: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 30/01/2017.
Identifiers: bulletinapr2017, CVE-2016-8574, CVE-2016-8575, DLA-809-1, DSA-3775-1, FEDORA-2017-7ecbc90157, HT207615, openSUSE-SU-2017:1199-1, RHSA-2017:1871-01, SSA:2017-041-04, USN-3205-1, VIGILANCE-VUL-21701.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Sun Solaris: