Alter Stand
Kategorie-Datenstand: 31.03.2018 um 09:45 Uhr
Seitencache-Datum: 16.05.2018 16:55:55 TSecurity News Portal
 
  1. Startseite

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese
Anzeige

Neuen Team Security Inhalt hinzufügen

Übergeordnete News Kategorie
News Überschrift*
Einsender / Author*
Authoren Webseite
Email-Adresse*
Nachrichtentext eingeben*

Webseiten News

News vom: 14.04.2018 um 14:11 Uhr

Hallo alle zusammen,

In den letzten Tagen wurde tsecurity.de umgestellt auf PHP 7.2.x :-)

Weitere News Beiträge ansehen: Webseiten News (28)

Startseite und alle Kategorien


Suchen

Windows 10 Summer Update Marks the Beginning of the End for SHA-1 Support (May 2, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

Microsoft plans to release its first major update for Windows 10 this summer.......


Weiterlesen Artikel ansehen

Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016

Weiterlesen Artikel ansehen

'Demonically Clever' Backdoor in Computer Chip (June 1, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

Researchers at the University of Michigan have developed a proof-of-concept backdoor in a computer chip that is virtually undetectable.......


Weiterlesen Artikel ansehen

SWIFT May Ban Banks Without Strong Cybersecurity (June 3, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

The head of SWIFT says that banks without adequate cybersecurity measures in place could find themselves suspended from using the SWIFT financial transfer communication network.......


Weiterlesen Artikel ansehen

USN-2829-1: Linux kernel vulnerabilities

Unix Server vom 00.00.0000 um 00:00 Uhr | Quelle ubuntu.com

Ubuntu Security Notice USN-2829-1

4th December, 2015

linux vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.04

Summary

Several security issues were fixed in the kernel.

Software description

  • linux - Linux kernel

Details

It was discovered that the SCTP protocol implementation in the Linux kernel
performed an incorrect sequence of protocol-initialization steps. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2015-5283)

Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted
to garbage collect incompletely instantiated keys. A local unprivileged
attacker could use this to cause a denial of service (system crash).
(CVE-2015-7872)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.04:
linux-image-3.19.0-39-powerpc64-emb 3.19.0-39.44
linux-image-3.19.0-39-powerpc64-smp 3.19.0-39.44
linux-image-3.19.0-39-generic 3.19.0-39.44
linux-image-3.19.0-39-powerpc-smp 3.19.0-39.44
linux-image-3.19.0-39-generic-lpae 3.19.0-39.44
linux-image-3.19.0-39-powerpc-e500mc 3.19.0-39.44
linux-image-3.19.0-39-lowlatency 3.19.0-39.44

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-5283, CVE-2015-7872


Weiterlesen Artikel ansehen

USN-2891-1: QEMU vulnerabilities

Unix Server vom 00.00.0000 um 00:00 Uhr | Quelle ubuntu.com

Ubuntu Security Notice USN-2891-1

3rd February, 2016

qemu, qemu-kvm vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in QEMU.

Software description

  • qemu - Machine emulator and virtualizer
  • qemu-kvm - Machine emulator and virtualizer

Details

Qinghao Tang discovered that QEMU incorrectly handled PCI MSI-X support. An
attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 15.10. (CVE-2015-7549)

Lian Yihan discovered that QEMU incorrectly handled the VNC server. A
remote attacker could use this issue to cause QEMU to crash, resulting in a
denial of service. (CVE-2015-8504)

Felix Wilhelm discovered a race condition in the Xen paravirtualized
drivers which can cause double fetch vulnerabilities. An attacker in the
paravirtualized guest could exploit this flaw to cause a denial of service
(crash the host) or potentially execute arbitrary code on the host.
(CVE-2015-8550)

Qinghao Tang discovered that QEMU incorrectly handled USB EHCI emulation
support. An attacker inside the guest could use this issue to cause QEMU to
consume resources, resulting in a denial of service. (CVE-2015-8558)

Qinghao Tang discovered that QEMU incorrectly handled the vmxnet3 device.
An attacker inside the guest could use this issue to cause QEMU to consume
resources, resulting in a denial of service. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-8567, CVE-2015-8568)

Qinghao Tang discovered that QEMU incorrectly handled SCSI MegaRAID SAS HBA
emulation. An attacker inside the guest could use this issue to cause QEMU
to crash, resulting in a denial of service. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-8613)

Ling Liu discovered that QEMU incorrectly handled the Human Monitor
Interface. A local attacker could use this issue to cause QEMU to crash,
resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 15.10. (CVE-2015-8619, CVE-2016-1922)

David Alan Gilbert discovered that QEMU incorrectly handled the Q35 chipset
emulation when performing VM guest migrations. An attacker could use this
issue to cause QEMU to crash, resulting in a denial of service. This issue
only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-8666)

Ling Liu discovered that QEMU incorrectly handled the NE2000 device. An
attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service. (CVE-2015-8743)

It was discovered that QEMU incorrectly handled the vmxnet3 device. An
attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 15.10. (CVE-2015-8744, CVE-2015-8745)

Qinghao Tang discovered that QEMU incorrect handled IDE AHCI emulation. An
attacker inside the guest could use this issue to cause a denial of
service, or possibly execute arbitrary code on the host as the user running
the QEMU process. In the default installation, when QEMU is used with
libvirt, attackers would be isolated by the libvirt AppArmor profile.
(CVE-2016-1568)

Donghai Zhu discovered that QEMU incorrect handled the firmware
configuration device. An attacker inside the guest could use this issue to
cause a denial of service, or possibly execute arbitrary code on the host
as the user running the QEMU process. In the default installation, when
QEMU is used with libvirt, attackers would be isolated by the libvirt
AppArmor profile. (CVE-2016-1714)

It was discovered that QEMU incorrectly handled the e1000 device. An
attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service. (CVE-2016-1981)

Zuozhi Fzz discovered that QEMU incorrectly handled IDE AHCI emulation. An
attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service. This issue only affected Ubuntu 15.10.
(CVE-2016-2197)

Zuozhi Fzz discovered that QEMU incorrectly handled USB EHCI emulation. An
attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 15.10. (CVE-2016-2198)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.10:
qemu-system-misc 1:2.3+dfsg-5ubuntu9.2
qemu-system 1:2.3+dfsg-5ubuntu9.2
qemu-system-aarch64 1:2.3+dfsg-5ubuntu9.2
qemu-system-x86 1:2.3+dfsg-5ubuntu9.2
qemu-system-sparc 1:2.3+dfsg-5ubuntu9.2
qemu-system-arm 1:2.3+dfsg-5ubuntu9.2
qemu-system-ppc 1:2.3+dfsg-5ubuntu9.2
qemu-system-mips 1:2.3+dfsg-5ubuntu9.2
Ubuntu 14.04 LTS:
qemu-system-misc 2.0.0+dfsg-2ubuntu1.22
qemu-system 2.0.0+dfsg-2ubuntu1.22
qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.22
qemu-system-x86 2.0.0+dfsg-2ubuntu1.22
qemu-system-sparc 2.0.0+dfsg-2ubuntu1.22
qemu-system-arm 2.0.0+dfsg-2ubuntu1.22
qemu-system-ppc 2.0.0+dfsg-2ubuntu1.22
qemu-system-mips 2.0.0+dfsg-2ubuntu1.22
Ubuntu 12.04 LTS:
qemu-kvm 1.0+noroms-0ubuntu14.27

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart all QEMU virtual
machines to make all the necessary changes.

References

CVE-2015-7549, CVE-2015-8504, CVE-2015-8550, CVE-2015-8558, CVE-2015-8567, CVE-2015-8568, CVE-2015-8613, CVE-2015-8619, CVE-2015-8666, CVE-2015-8743, CVE-2015-8744, CVE-2015-8745, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922, CVE-2016-1981, CVE-2016-2197, CVE-2016-2198


Weiterlesen Artikel ansehen

WordPress Sites Delivering Ransomware (February 4, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

A significant number of websites that run on the WordPress content management system appear to have been compromised so that they infect site visitors' computers with ransomware and other malware.......


Weiterlesen Artikel ansehen

Bugtraq: [security bulletin] HPSBHF03545 rev. 1 - HP EliteBook and Zbook Products with Windows NVidia Graphics Driver, Multiple Local Vulnerabilities

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
[security bulletin] HPSBHF03545 rev. 1 - HP EliteBook and Zbook Products with Windows NVidia Graphics Driver, Multiple Local Vulnerabilities

Weiterlesen Artikel ansehen

kamagra gold 100mg rendeles war

Alle Kategorien vom 00.00.0000 um 00:00 Uhr | Quelle kamagradxt.com
chewable kamagra polo 100mg http://kamagradxt.com/ kamagra reviews users [url=http://kamagradxt.com/]kamagra 100mg tablets usage[/url] kamagra vs kamagra gold http://kamagradxt.com/ reviews kamagra gold

Weiterlesen Artikel ansehen

Bugtraq: OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference

Weiterlesen Artikel ansehen

US Federal Agencies and Ransomware (March 30, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

Twenty-nine US federal government agencies have reported a total of 321 ransomware incidents since June 2015, according to the Department of Homeland Security (DHS).......


Weiterlesen Artikel ansehen

APPLE-SA-2016-04-28-1 OS X: Flash Player plug-in blocked

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle prod.lists.apple.com
From: Apple Product Security
Reply to list

APPLE-SA-2016-04-28-1 OS X: Flash Player plug-in blocked

Due to security and stability issues in older versions, Apple
has updated the web plug-in blocking mechanism to disable all
versions prior to Flash Player 21.0.0.226 and 18.0.0.343.

Information on blocked web plug-ins will be posted to: [...]

Weiterlesen Artikel ansehen

Google Releases May's Android Fixes (May 2, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

On Monday, May 2, Google released its monthly security update for Android.......


Weiterlesen Artikel ansehen

Bugtraq: ESA-2016-051: Patch 14 for RSA® Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
ESA-2016-051: Patch 14 for RSA® Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities

Weiterlesen Artikel ansehen

Bugtraq: [security bulletin] HPSBMU03600 rev.1 - HPE Insight Control server provisioning using OpenSSL, Remote Denial of Service (DoS)

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
[security bulletin] HPSBMU03600 rev.1 - HPE Insight Control server provisioning using OpenSSL, Remote Denial of Service (DoS)

Weiterlesen Artikel ansehen

Microsoft Warns About ZCrypt Ransomware (June 1, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

Microsoft has issued a warning about ransomware known as ZCrypt, which affects removable drives.......


Weiterlesen Artikel ansehen

Google Releases June Android Security Update (June 6, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

Google has released the June security update for its Android mobile operating system.......


Weiterlesen Artikel ansehen

USN-2828-1: QEMU vulnerabilities

Unix Server vom 00.00.0000 um 00:00 Uhr | Quelle ubuntu.com

Ubuntu Security Notice USN-2828-1

3rd December, 2015

qemu, qemu-kvm vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.10
  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in QEMU.

Software description

  • qemu - Machine emulator and virtualizer
  • qemu-kvm - Machine emulator and virtualizer

Details

Jason Wang discovered that QEMU incorrectly handled the virtio-net device.
A remote attacker could use this issue to cause guest network consumption,
resulting in a denial of service. (CVE-2015-7295)

Qinghao Tang and Ling Liu discovered that QEMU incorrectly handled the
pcnet driver when used in loopback mode. A malicious guest could use this
issue to cause a denial of service, or possibly execute arbitrary code on
the host as the user running the QEMU process. In the default installation,
when QEMU is used with libvirt, attackers would be isolated by the libvirt
AppArmor profile. (CVE-2015-7504)

Ling Liu and Jason Wang discovered that QEMU incorrectly handled the
pcnet driver. A remote attacker could use this issue to cause a denial of
service, or possibly execute arbitrary code on the host as the user running
the QEMU process. In the default installation, when QEMU is used with
libvirt, attackers would be isolated by the libvirt AppArmor profile.
(CVE-2015-7512)

Qinghao Tang discovered that QEMU incorrectly handled the eepro100 driver.
A malicious guest could use this issue to cause an infinite loop, leading
to a denial of service. (CVE-2015-8345)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.10:
qemu-system-misc 1:2.3+dfsg-5ubuntu9.1
qemu-system 1:2.3+dfsg-5ubuntu9.1
qemu-system-aarch64 1:2.3+dfsg-5ubuntu9.1
qemu-system-x86 1:2.3+dfsg-5ubuntu9.1
qemu-system-sparc 1:2.3+dfsg-5ubuntu9.1
qemu-system-arm 1:2.3+dfsg-5ubuntu9.1
qemu-system-ppc 1:2.3+dfsg-5ubuntu9.1
qemu-system-mips 1:2.3+dfsg-5ubuntu9.1
Ubuntu 15.04:
qemu-system-misc 1:2.2+dfsg-5expubuntu9.7
qemu-system 1:2.2+dfsg-5expubuntu9.7
qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.7
qemu-system-x86 1:2.2+dfsg-5expubuntu9.7
qemu-system-sparc 1:2.2+dfsg-5expubuntu9.7
qemu-system-arm 1:2.2+dfsg-5expubuntu9.7
qemu-system-ppc 1:2.2+dfsg-5expubuntu9.7
qemu-system-mips 1:2.2+dfsg-5expubuntu9.7
Ubuntu 14.04 LTS:
qemu-system-misc 2.0.0+dfsg-2ubuntu1.21
qemu-system 2.0.0+dfsg-2ubuntu1.21
qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.21
qemu-system-x86 2.0.0+dfsg-2ubuntu1.21
qemu-system-sparc 2.0.0+dfsg-2ubuntu1.21
qemu-system-arm 2.0.0+dfsg-2ubuntu1.21
qemu-system-ppc 2.0.0+dfsg-2ubuntu1.21
qemu-system-mips 2.0.0+dfsg-2ubuntu1.21
Ubuntu 12.04 LTS:
qemu-kvm 1.0+noroms-0ubuntu14.26

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart all QEMU virtual
machines to make all the necessary changes.

References

CVE-2015-7295, CVE-2015-7504, CVE-2015-7512, CVE-2015-8345


Weiterlesen Artikel ansehen

USN-2883-1: OpenSSL vulnerability

Unix Server vom 00.00.0000 um 00:00 Uhr | Quelle ubuntu.com

Ubuntu Security Notice USN-2883-1

28th January, 2016

openssl vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.10

Summary

OpenSSL could be made to expose sensitive information over the network.

Software description

  • openssl - Secure Socket Layer (SSL) cryptographic library and tools

Details

Antonio Sanso discovered that OpenSSL reused the same private DH exponent
for the life of a server process when configured with a X9.42 style
parameter file. This could allow a remote attacker to possibly discover the
server's private DH exponent when being used with non-safe primes.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.10:
libssl1.0.0 1.0.2d-0ubuntu1.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2016-0701


Weiterlesen Artikel ansehen

hkqgxvec

Alle Kategorien vom 00.00.0000 um 00:00 Uhr | Quelle installmentloans.bid
direct lender installment loans teacher loan installment loans online what is cash advance

Weiterlesen Artikel ansehen

GPS Satellites Broadcast Incorrect Time (February 4, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

On January 26, 2016, 15 global positioning system (GPS) satellites were found to be broadcasting the incorrect time.......


Weiterlesen Artikel ansehen

Bugtraq: [security bulletin] HPSBGN03442 rev.1 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
[security bulletin] HPSBGN03442 rev.1 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution

Weiterlesen Artikel ansehen

MedStar Cleaning Up Malware Infection (March 30, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

MedStar Health is in the process of restoring its systems after a malware attack.......


Weiterlesen Artikel ansehen

Bugtraq: [security bulletin] HPSBST03576 rev.2 - HP P9000, XP7 Command View Advanced Edition (CVAE) Suite including Device Manager and Tiered Storage Manager using Java Deserialization, Remote Arbitrary Code Execution

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
[security bulletin] HPSBST03576 rev.2 - HP P9000, XP7 Command View Advanced Edition (CVAE) Suite including Device Manager and Tiered Storage Manager using Java Deserialization, Remote Arbitrary Code Execution

Weiterlesen Artikel ansehen

NHS to Share 1.6 Million Health Records with Google AI Company (April 29 and May 2, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

Google's artificial intelligence company DeepMind has struck a deal with the UK's NHS to access healthcare data of 1.......


Weiterlesen Artikel ansehen

Bugtraq: [SECURITY] [DSA 3567-1] libpam-sshauth security update

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
[SECURITY] [DSA 3567-1] libpam-sshauth security update

Weiterlesen Artikel ansehen

Bugtraq: [security bulletin] HPSBUX03606 rev.1 - HPE HP-UX running Apache Tomcat 7, Multiple Remote Vulnerabilities

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
[security bulletin] HPSBUX03606 rev.1 - HPE HP-UX running Apache Tomcat 7, Multiple Remote Vulnerabilities

Weiterlesen Artikel ansehen

Google Updates Chrome for the 3rd Time in Little Over a Month

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

June 2, 2016 Using the bounty program as well as internal assets Google has patched a number of vulnerabilities and updated their software.......


Weiterlesen Artikel ansehen

Bill Proposes Studying Replacing Grid Systems with Older Technology (June 6, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

US Senators have introduced legislation that proposes a two-year study regarding the (feasibility of) replacing modern systems at power grid stations with older technology to help protect them.......


Weiterlesen Artikel ansehen

USN-2827-1: OpenJDK 6 vulnerabilities

Unix Server vom 00.00.0000 um 00:00 Uhr | Quelle ubuntu.com

Ubuntu Security Notice USN-2827-1

3rd December, 2015

openjdk-6 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in OpenJDK 6.

Software description

  • openjdk-6 - Open Source Java implementation

Details

Multiple vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker
could exploit these to cause a denial of service or expose sensitive
data over the network. (CVE-2015-4805, CVE-2015-4835, CVE-2015-4843,
CVE-2015-4844, CVE-2015-4860, CVE-2015-4881, CVE-2015-4883)

A vulnerability was discovered in the OpenJDK JRE related to
information disclosure and data integrity. An attacker could exploit
this to expose sensitive data over the network. (CVE-2015-4806)

A vulnerability was discovered in the OpenJDK JRE related to data
integrity. An attacker could exploit this expose sensitive data over
the network. (CVE-2015-4872)

Multiple vulnerabilities were discovered in the OpenJDK JRE related
to information disclosure. An attacker could exploit these to expose
sensitive data over the network. (CVE-2015-4734, CVE-2015-4842,
CVE-2015-4903)

Multiple vulnerabilities were discovered in the OpenJDK JRE related
to availability. An attacker could exploit these to cause a denial of
service. (CVE-2015-4803, CVE-2015-4893, CVE-2015-4911)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 12.04 LTS:
icedtea-6-jre-cacao 6b37-1.13.9-1ubuntu0.12.04.1
icedtea-6-jre-jamvm 6b37-1.13.9-1ubuntu0.12.04.1
openjdk-6-jre 6b37-1.13.9-1ubuntu0.12.04.1
openjdk-6-jre-headless 6b37-1.13.9-1ubuntu0.12.04.1
openjdk-6-jre-zero 6b37-1.13.9-1ubuntu0.12.04.1
openjdk-6-jre-lib 6b37-1.13.9-1ubuntu0.12.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional
bug fixes. After a standard system update you need to restart any
Java applications or applets to make all the necessary changes.

References

CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4903, CVE-2015-4911


Weiterlesen Artikel ansehen

Bugtraq: Exploiting XXE vulnerabilities in AMF libraries

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
Exploiting XXE vulnerabilities in AMF libraries

Weiterlesen Artikel ansehen

Univ. of Central Florida Data Breach (February 4, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

The University of Central Florida (ECF) has disclosed that its computer systems were breached, compromising the personal information of 63,000 current and former students, staff, and faculty.......


Weiterlesen Artikel ansehen

Bugtraq: Vivint Sky Control Panel Unauthenticated Access Vulnerability

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
Vivint Sky Control Panel Unauthenticated Access Vulnerability

Weiterlesen Artikel ansehen

Ukraine Cybersec Strategy (March 31, 2016)

IT Security Nachrichten vom 00.00.0000 um 00:00 Uhr | Quelle sans.org

Ukraine's president has approved a draft cybersecurity strategy following escalating attacks against the country's critical and social infrastructure.......


Weiterlesen Artikel ansehen

Bugtraq: [security bulletin] HPSBGN03555 rev.1 - HPE Vertica Analytics, Management Console, Remote Disclosure of Sensitive information, Execution of Arbitrary Code with Root Privileges

Exploits vom 00.00.0000 um 00:00 Uhr | Quelle securityfocus.com
[security bulletin] HPSBGN03555 rev.1 - HPE Vertica Analytics, Management Console, Remote Disclosure of Sensitive information, Execution of Arbitrary Code with Root Privileges

Weiterlesen Artikel ansehen

Seitennavigation

Seite 8922 von 8.975 Seiten (Bei Beitrag 312235 - 312270)
314.094x Beiträge in dieser Kategorie

Auf Seite 8921 zurück | Nächste 8923 Seite | Letzte Seite
[ 8917 ] [ 8918 ] [ 8919 ] [ 8920 ] [ 8921 ] [8922] [ 8923 ] [ 8924 ] [ 8925 ] [ 8926 ] [ 8927 ] [ 8928 ] [ 8929 ] [ 8930 ] [ 8931 ] [ 8932 ]

Folge uns auf Twitter um einen Echtzeit-Stream zu erhalten. Updates alle 5 Minuten!

Die Webseite benutzt einen Cache von 10-15 Minuten