Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
d17b3cbbd305c52b9cd0d5141f41954882f398db44f26c10cb45fdaaa46a99d2
WordPress Paid Memberships Pro plugin version 1.8.4.2 suffers from a cross site scripting vulnerability.
410ccd42ad7f7fd44ee5b3408fbbe29164843761e90521e5e7335512139412ff
WordPress Count Per Day plugin version 3.4 suffers from a remote SQL injection vulnerability.
f687e1b0d3ad51322c1b0413cd02097173f02fb47e8b268312c45c39c2901d6d
EMC Avamar includes a directory traversal vulnerability that could potentially be exploited by malicious users to access the data on the Avamar Server. Affected products include EMC Avamar Server all versions from 7.0 to 7.1.1-145 (inclusive) and EMC Avamar Virtual Addition (AVE) all versions from 7.0 to 7.1.1-145 (inclusive).
c6bcceab48f34aae26e4a2a6e821e935301ecdd0843777f09bd60177c5a04537
Xceedium Xsuite versions 2.3.0 and 2.4.3.0 suffer from command injection, cross site scripting, directory traversal, hard-coded credential, and privilege escalation vulnerabilities.
435b9ea5332e4395e8c3c079290a5fe9be967080695ef116f10918e9ad4d0414
NetCracker Resource Management System versions 8.0 and below suffer from multiple remote SQL injection vulnerabilities.
93d2f137db25cb48662c6394b587ff5d423fa89e6aff521417512fcc7700707b
NetCracker Resource Management System versions 8.0 and below suffer from multiple cross site scripting vulnerabilities.
919ec0379fdf91eec0154ace839eb6d6c2a1ed54c9f07a49617f729d6eeb7926
This bulletin summary lists one bulletin that has undergone a major revision increment for July, 2015.
dfbfa2a50e30d66f21c2c9f3183eaa18f1021dc2ce7c5214d084192eabc508e9
cisco-sa-2015722-tftp.txt - A vulnerability in the TFTP server feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The TFTP server feature is not enabled by default. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
658481621117b1e5ad4720664e9f121c4ec0623b5bc76430db620a3e6fc56afc
Red Hat Security Advisory 2015-1485-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
794c652bb7d208e3f4dd4c9b8fac7a97aaa4c11f4e0da035ca9234948959b6e5
Red Hat Security Advisory 2015-1486-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
1a69476a2a502577fbfdefd6cda2711b581bb8fc6bba18e7c2c0acd53f683d9f
Open Web Analytics version 1.5.7 suffers from password disclosure, weak cryptographic control, and cross site scripting vulnerabilities.
eff923ffcdcd382735364473953777226ac5141d068f398cd44bc9d036ebb5d2
FreeBSD Security Advisory - TCP connections transitioning to the LAST_ACK state can become permanently stuck due to mishandling of protocol state in certain situations, which in turn can lead to accumulated consumption and eventual exhaustion of system resources, such as mbufs and sockets.
ca370532c669a959a43a27961c0f51adab4f5da48a536d4759a39ad719cbe9a9
Red Hat Security Advisory 2015-1344-01 - The autofs utility controls the operation of the automount daemon. The daemon automatically mounts file systems when in use and unmounts them when they are not busy. It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. Note: This issue has been fixed by adding the "AUTOFS_" prefix to the affected environment variables so that they are not used to subvert the system. A configuration option to override this prefix and to use the environment variables without the prefix has been added. In addition, warnings have been added to the manual page and to the installed configuration file. Now, by default the standard variables of the program map are provided only with the prefix added to its name.
14f6a08aaec36181c76a2200b5055fb5bc3d2ce81fa1e01f5ce899a036fca960
Red Hat Security Advisory 2015-1385-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.
e856697fa0fbaf74af1b4b3706a28577bc53843c99783d86587297c7214ca752
Red Hat Security Advisory 2015-1287-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. A stack-based buffer overflow was found in the way the FreeRADIUS rlm_pap module handled long password hashes. An attacker able to make radiusd process a malformed password hash could cause the daemon to crash. The freeradius packages have been upgraded to upstream version 2.2.6, which provides a number of bug fixes and enhancements over the previous version.
fff0889efd9c4efb715a9ebd610f56cf82b6e6c7c64de811570484fbdb6d13bb
Red Hat Security Advisory 2015-1347-01 - Red Hat Certificate System is an enterprise software system designed to manage enterprise public key infrastructure deployments. PKI Core contains fundamental packages required by Red Hat Certificate System, which comprise the Certificate Authority subsystem. Multiple cross-site scripting flaws were discovered in the Red Hat Certificate System Agent and End Entity pages. An attacker could use these flaws to perform a cross-site scripting attack against victims using the Certificate System's web interface.
1bb6fac126d70d90824254f7e4c907a2edb6ed2e4c8f6d047dc7c0a0b16ee4ba
Red Hat Security Advisory 2015-1320-01 - The ppc64-diag packages provide diagnostic tools for Linux on the 64-bit PowerPC platforms. The platform diagnostics write events reported by the firmware to the service log, provide automated responses to urgent events, and notify system administrators or connected service frameworks about the reported events. Multiple insecure temporary file use flaws were found in the way the ppc64-diag utility created certain temporary files. A local attacker could possibly use either of these flaws to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running ppc64-diag, or obtain sensitive information from the temporary files.
63440a3bb657de211eb5615f2e0a1ca271c07da80d15773bf005bd3d8ba62b86
Cisco Security Advisory - The password change functionality in the Cisco Unified MeetingPlace Web Conferencing application could allow an unauthenticated remote, attacker to change the passwords of arbitrary users. The vulnerability is due to the following: Users are not required to enter the previous password during a password change request. HTTP session functionality does not validate the session ID in the HTTP request for the password change request. An attacker could exploit this vulnerability via a crafted HTTP request and change arbitrary user passwords to gain access to the application. A successful exploit could allow the attacker to use the reset credentials to gain full control of the application. Cisco has released software updates that address this vulnerability. There is no workaround that mitigates this vulnerability.
7cbd83c8b6d07ea171e6c9a9d09ae2d0b179745988e82ee08f8883d41da6a3f2
Cisco Security Advisory - A vulnerability in the cluster management configuration of the Cisco Application Policy Infrastructure Controller (APIC) and the Cisco Nexus 9000 Series ACI Mode Switch could allow an authenticated, remote attacker to access the APIC as the root user. The vulnerability is due to improper implementation of access controls in the APIC filesystem. An attacker could exploit this vulnerability by accessing the cluster management configuration of the APIC. An exploit could allow the attacker to gain access to the APIC as the root user and perform root-level commands. Cisco has released software updates that address this vulnerability.
fafd7eb09a16ca913cb45419d8ba5f8ceb303b8a96173884be5dd66938a190c9
Red Hat Security Advisory 2015-1254-02 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory.
0ed5cabcb944358c959adc7aca7eed2a6fdaaf3a1626d9b045adaa54f8d1b50f
Ubuntu Security Notice 2676-1 - It was discovered that NBD incorrectly handled IP address matching. A remote attacker could use this issue with an IP address that has a partial match and bypass access restrictions. This issue only affected Ubuntu 12.04 LTS. Tuomas discovered that NBD incorrectly handled wrong export names and closed connections during negotiation. A remote attacker could use this issue to cause NBD to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.
0cfef8765233ddb6db3ab0a1c9ceb17aa66f3140b82421a3ebb1288b1ef8d9c9
Gentoo Linux Security Advisory 201507-21 - Multiple vulnerabilities have been found in libXfont, the worst of which could result in execution of arbitrary code or Denial of Service. Versions less than 1.5.1 are affected.
d6f33139e8c527bc70c4ea761d7fc2d4631efdbe323f07c4c8c6e913720f3040
Ubuntu Security Notice 2675-1 - Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user. Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor profile changes and SELinux domain transitions. A local attacker could exploit this flaw to run programs inside the container that are not confined by AppArmor or SELinux. Various other issues were also addressed.
47dbd7d7a0f2824fa938fc929557064d57f6833f03d5e891f292307fdb4e85b7
Red Hat Security Advisory 2015-1471-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure.
2debc590947a9e9122956a6dc9e4c78dece4a4fc8c76d4716510b0804d68f369