Debian Linux Security Advisory 3297-1 - It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options::* apt configuration.
592353727e99b36bc11ff7fa2a1deaee71c2dfafbe59ccc20cf3e9636b24d375
Ubuntu Security Notice 2657-1 - It was discovered that unattended-upgrades incorrectly performed authentication checks in certain configurations. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.
86ccbecafb837e328f635d2fcc068c94f66e9a887e68593b313fb3216003929b
Red Hat Security Advisory 2015-1196-01 - PostgreSQL is an advanced object-relational database management system. A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file.
21a23422eed52f92a03a44240a2d21387667a2aa6bd115db53a8e66a0e93d216
Red Hat Security Advisory 2015-1195-01 - PostgreSQL is an advanced object-relational database management system. A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file.
326fda39561ebb2685611cba27081731faa2c3f742819f728c63a8c81c7bbbf8
Red Hat Security Advisory 2015-1193-01 - Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. All xerces-c users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
f53c22d063cac6510e87555a911ccca5902d8eb1bbcfe85374a148575fb20968
Red Hat Security Advisory 2015-1194-01 - PostgreSQL is an advanced object-relational database management system. A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file.
7df1d0bc78fc8d84be2cbf7f54933f20a33ddbf05e07e10604dd63a337dfdb36
The Watchguard XCS virtual appliance contains a number of vulnerabilities, including unauthenticated SQL injection, command execution and privilege escalation. By combining these vulnerabilities, an attacker may remotely obtain root privileges on the underlying host. Versions 10.0 and below are affected.
21607839bbbdd227a1fed5a3aae9f1e09f5c3ba5d6cf448a29b254d43dbc7f66
The CollabNet Subversion Edge Management Frontend fails to implement any cross site request forgery protection. Fixed in version 5.0. Version 4.0.11 is affected.
51550678e302e308a0266d2824d45d664b115efd79d9d9699ff2ea9b8606149c
Wedge Networks WedgeOS Virtual Appliance contains a number of security vulnerabilities, including unauthenticated arbitrary file read as root, command injection in the web interface, privilege escalation to root, and command execution via the system update functionality. Versions 4.0.4 and below are affected.
18dd393ace4d14161649a80f893aaf38c39cd9fa4882db05ddf096eaeca05aa0
The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "filename" parameter of the tail action. Fixed in version 5.0. Version 4.0.11 is affected.
3a33fc1ca00a370d70ae632d4e5ff2d50d6aebfcfe2f943cfc2b1fac21f6187a
The management frontend does not require the old password for changing the password to a new one. An authenticated attacker may perform password setting attacks via XSRF without knowing the current password. An attacker that stole a Session ID (cookie) is able to gain persistent access by changing the password. Fixed in version 5.0. Version 4.0.11 is affected.
b01690bfbbc4be90118e3f7f950ff41e45b8a303eb3e13ca92e517d946087a0a
NetIQ Access Manager is vulnerable to XXE injection attacks.
5ab83fb7455997ac3fe10dc835a9bc56e92d52e2ce04391ac1b7bb994f39d5dc
The CollabNet Subversion Edge Management stores passwords as unsalted MD5 hashes. Unsalted MD5 hashes can easily be cracked by brute forcing the password. Fixed in version 5.0. Version 4.0.11 is affected.
8cc3148316f4aa4c7d8a4758a7e89063b6e5b83abbe5c26a33241c18c888460c
The CollabNet Subversion Edge Management web application does not restrict users to be logged in only once and does not provide a configuration option to configure this feature for admins and/or user accounts. Fixed in version 5.0. Version 4.0.11 is affected.
136cd2ad53bd137bb66b883f29da54e22164f5784ffa08198eb81b5bca4a4fac
Courier mail server versions before 0.75 suffer from out of bounds read access and heap overflow vulnerabilities.
425cff4ddf61bbeaf9670a04c641dac78fd64b617955be6dc1d7dbc7d51f3a76
The CollabNet Subversion Edge Management Frontend does not protect against brute forcing accounts. An attacker has infinite tries to guess a valid user password. Fixed in version 5.0. Version 4.0.11 is affected.
c4a5be8f15df488c6909bf4b2ac7dc41e0d49ed272885ca67e0b4f9bf8d4b650
The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "listViewItem" parameter of the "index" action. Fixed in version 5.0. Version 4.0.11 is affected.
056057c0fb271eb7d3df3d949644529069ad9b220d3cea13dac2b89f6483c3e0
The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "filename" parameter of the show action. Fixed in version 5.0. Version 4.0.11 is affected.
a81a00d4e11ec10f5cba3ea70751d59751a88dc2fb69e74a400c31265fe07b31
CollabNet Subversion Edge Management Frontend does not implement clickjacking protection. Fixed in version 5.0. Version 4.0.11 is affected.
c207b180dc94d5a50e20b860125c9f73e2c49f364c17a3013f7603f8c6f2d141
The CollabNet Subversion Edge Management does not implement a strong passwordpolicy. Passwords like "aaaaa" are allowed as the only requirement is that the password is at least 5 characters long. Fixed in version 5.0. Version 4.0.11 is affected.
f122205e04ea0584d756f4c07ab8c745e0d178bd283e8cbc86963df7402628e9
The CollabNet Subversion Edge management frontend login page password field has autocomplete enabled. This may allow an attacker to retrieve a stored password from the browsers key store. Fixed in version 5.0. Version 4.0.11 is affected.
020e15b4242216e2e5a8d794bda6b2c2bedd387d58410fbce5ecb455fa026919