Alert RSS https://tools.cisco.com/security/center/psirtrss20/AlertRSS.xml en-us 1992-2010 Cisco Systems, Inc. All rights reserved. Alert RSS Cisco Systems, Inc. 15 WordPress 4.9.2 Security Update for January 16, 2018 https://tools.cisco.com/security/center/viewAlert.x?alertId=56507&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=WordPress%204.9.2%20Security%20Update%20for%20January%2016,%202018&vs_k=1 WordPress has released version 4.9.2 to address multiple security issues.<br /> <br /> This update addresses a cross-site scripting (XSS) vulnerability in <em>flash fallback</em> files that are found within the <em>MediaElement </em>library used by WordPress. An attacker could exploit this vulnerability by persuading a user to click on a malicious link. A successful exploit could allow the attacker to execute arbitrary script code or allow the attacker to access sensitive browser-based information.<br /> <br /> In addition, 21 other issues in WordPress prior to 4.9.2 were addressed including the following issues:<br /> <ul> <li>JavaScript errors that prevented saving posts in Firefox was fixed.</li> <li>The previous taxonomy-agnostic behavior of <em>get_category_link()</em> and <em>category_description()</em> was restored.</li> <li>Switching themes will now attempt to restore previous widget assignments, even when there are no sidebars to map. </li> </ul><br /> For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin <a href="https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss">Understanding Cross-Site Scripting (XSS) Threat Vectors</a>. <br /> <br /> Administrators are advised to apply the appropriate updates.<br /> <br /> Administrators are advised to monitor affected systems.<br /> <br /> WordPress.org has released a security and maintenance release document at the following link: <a href="https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/">WordPress 4.9.2 Security and Maintenance Release</a><br /> <br /> WordPress.org has released software updates at the following link: <a href="https://wordpress.org/download/">WordPress 4.9.2</a><br /> <br /> FreeBSD has released a VuXML document at the following link: <a href="http://www.vuxml.org/freebsd/c04dc18f-fcde-11e7-bdf6-00e04c1ea73d.html">wordpress -- multiple issues</a><br /> <br /> FreeBSD has released ports collection updates at the following link: <a href="https://www.freebsd.org/ports/master-index.html">Ports Collection Index</a><br /> <br/>Security Impact Rating: Medium Fri, 19 Jan 2018 21:43:10 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56507 Oracle Critical Patch Update for January 2018 https://tools.cisco.com/security/center/viewAlert.x?alertId=56479&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Oracle%20Critical%20Patch%20Update%20for%20January%202018&vs_k=1 Oracle has released the Critical Patch Update for January 2018. The update contains 237 new security fixes that address vulnerabilities in multiple Oracle product families. The update addresses vulnerabilities that could allow an attacker to access sensitive information, gain elevated privileges, execute arbitrary code, or cause a denial of service (DoS) condition on a targeted system.<br /> <br /> This update also includes security fixes for the Spectre, Meltdown, and Intel processor vulnerabilities.<br /> <br /> Administrators are advised to apply the appropriate software updates.<br /> <br /> Administrators are advised to allow only trusted users to have network access.<br /> <br /> Administrators are advised to monitor affected systems.<br /> <br /> Oracle has released a security advisory, which includes a list of affected products and product versions, at the following link: <a href="http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html">Oracle Critical Patch Update Advisory - January 2018</a><br /> <br /> Oracle has released patches at the following link: <a href="https://www.oracle.com/downloads/index.html">Oracle Downloads</a><br /> <br /> <span> CentOS packages can be updated using the <strong>up2date </strong>or <strong>yum </strong>command.<br /> <br /> <span style="background-color: #e6e6e6;">FreeBSD has released a VuXML document at the following link: </span><a href="http://www.vuxml.org/freebsd/e3445736-fd01-11e7-ac58-b499baebfeaf.html"><span style="background-color: #e6e6e6;">MySQL -- multiple vulnerabilities</span><br /> </a><br /> <span style="background-color: #e6e6e6;">FreeBSD has released ports collection updates at the following link: </span></span><a href="https://www.freebsd.org/ports/master-index.html"><span><span style="background-color: #e6e6e6;">Ports Collection Index</span><br /> </span> </a><br /> <span>Red Hat has released official CVE statements and a security advisory for multiple bugs at the following link: <a href="https://access.redhat.com/errata/RHSA-2018:0095">RHSA-2018:0095</a>, <a href="https://access.redhat.com/errata/RHSA-2018:0099"></a></span><span><a href="https://access.redhat.com/errata/RHSA-2018:0099">RHSA-2018-0099</a>, and <a href="https://access.redhat.com/errata/RHSA-2018:0100">RHSA-2018-0100</a></span><span></span><span></span><span><br /> </span><span> </span><br /> <span> Red Hat has released updated software for registered subscribers at the following link: <a href="https://sso.redhat.com/auth/realms/redhat-external/protocol/saml?SAMLRequest=fZLLbsIwEEV%2FJTuvjPMAQq0kUgSqhESrCtouuqmMM2kixXbqcQrt19cBodINS4%2FuPXcezlCorufl4Bq9hc8B0AUlIljXGr00GgcFdgf2q5Xwst3kpHGuR86YkBIQJxaqRriJNIopocUHKNCOjVBWt1p07Q%2BQYOWp%2FjEi%2FwCI5totfAfMgugUsnOZwtGB9QzWW%2BOMNN2JS4L1Kifv8zpJ6ljuaR1Gkk6T2R1dzERKYR5Wi9lUVGlceyniAGuNTmiXkziMFjSMaJQ%2BR3c8TnicvpHgFSyeOosnIQmOqtPIx6CcDFZzI7BFroUC5E7yXfmw4V7IxWVJ15b%2BtucyBymyUc1P3dnCNqjoAfYZu65m58s8esp69WS6Vn4HZdeZw9JvyUFOnB38bu%2BNVcLdzh0rbUXrk5T347zo%2FJ0IK86Z%2Fz9A8Qs%3D&amp;RelayState=http%3A%2F%2Faccess.redhat.com%2Fmanagement&amp;SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&amp;Signature=jQQAt8ZzvYC9yQhjcJwJXs%2BlDooZjNwyC48roYt34zkx8q1SWL4kwZNJIxTGIjZ97BQTQDgverAVwcDOGDQfi6G90imHDPACn8EtWA7VCzgBpwic9xkm3BEw3eXjWLNC68QWRg8s225uThlsPRSiLUC6RWEquX52BNh8Sfi%2B%2BmINiMO8HkKZbBG2S6kNDTqVXmiPyAJKTnbvdNgzJa6A6snz%2B1JQQ5wPeGKLOTU%2BAkig1L%2BTaECkUs1TpbJHteQKrJb%2Bp7iypaxngNWNBHBfaCx4IAaFpPDx0AQhgUT2u1Je%2BVcnJZ1QNgWqR756SyXueR1mjp5gLnTzxCkwdMx5Lw%3D%3D">Red Hat Network</a>. Red Hat packages can be updated on Red Hat Enterprise Linux versions 5 and later using the <strong>yum</strong> tool.</span> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2013-2566,CVE-2015-3253,CVE-2015-7501,CVE-2015-7940,CVE-2016-0635,CVE-2016-0704,CVE-2016-1182,CVE-2016-2107,CVE-2016-2179,CVE-2016-5385,CVE-2016-9878,CVE-2017-0781,CVE-2017-10068,CVE-2017-10262,CVE-2017-10273,CVE-2017-10282,CVE-2017-10301,CVE-2017-10352,CVE-2017-12617,CVE-2017-13077,CVE-2017-3732,CVE-2017-3736,CVE-2017-3737,CVE-2017-5461,CVE-2017-5645,CVE-2017-5664,CVE-2017-5715,CVE-2017-9072,CVE-2017-9798,CVE-2018-2560,CVE-2018-2561,CVE-2018-2562,CVE-2018-2564,CVE-2018-2565,CVE-2018-2566,CVE-2018-2567,CVE-2018-2568,CVE-2018-2569,CVE-2018-2570,CVE-2018-2571,CVE-2018-2573,CVE-2018-2574,CVE-2018-2575,CVE-2018-2576,CVE-2018-2577,CVE-2018-2578,CVE-2018-2579,CVE-2018-2580,CVE-2018-2581,CVE-2018-2582,CVE-2018-2583,CVE-2018-2584,CVE-2018-2585,CVE-2018-2586,CVE-2018-2588,CVE-2018-2589,CVE-2018-2590,CVE-2018-2591,CVE-2018-2592,CVE-2018-2593,CVE-2018-2594,CVE-2018-2595,CVE-2018-2596,CVE-2018-2597,CVE-2018-2599,CVE-2018-2600,CVE-2018-2601,CVE-2018-2602,CVE-2018-2603,CVE-2018-2604,CVE-2018-2605,CVE-2018-2606,CVE-2018-2607,CVE-2018-2608,CVE-2018-2609,CVE-2018-2610,CVE-2018-2611,CVE-2018-2612,CVE-2018-2613,CVE-2018-2614,CVE-2018-2615,CVE-2018-2616,CVE-2018-2617,CVE-2018-2618,CVE-2018-2619,CVE-2018-2620,CVE-2018-2621,CVE-2018-2622,CVE-2018-2623,CVE-2018-2624,CVE-2018-2625,CVE-2018-2626,CVE-2018-2627,CVE-2018-2629,CVE-2018-2630,CVE-2018-2631,CVE-2018-2632,CVE-2018-2633,CVE-2018-2634,CVE-2018-2635,CVE-2018-2636,CVE-2018-2637,CVE-2018-2638,CVE-2018-2639,CVE-2018-2640,CVE-2018-2641,CVE-2018-2642,CVE-2018-2643,CVE-2018-2644,CVE-2018-2645,CVE-2018-2646,CVE-2018-2647,CVE-2018-2648,CVE-2018-2649,CVE-2018-2650,CVE-2018-2651,CVE-2018-2652,CVE-2018-2653,CVE-2018-2654,CVE-2018-2655,CVE-2018-2656,CVE-2018-2657,CVE-2018-2658,CVE-2018-2659,CVE-2018-2660,CVE-2018-2661,CVE-2018-2662,CVE-2018-2663,CVE-2018-2664,CVE-2018-2665,CVE-2018-2666,CVE-2018-2667,CVE-2018-2668,CVE-2018-2669,CVE-2018-2670,CVE-2018-2671,CVE-2018-2672,CVE-2018-2673,CVE-2018-2674,CVE-2018-2675,CVE-2018-2676,CVE-2018-2677,CVE-2018-2678,CVE-2018-2679,CVE-2018-2680,CVE-2018-2681,CVE-2018-2682,CVE-2018-2683,CVE-2018-2684,CVE-2018-2685,CVE-2018-2686,CVE-2018-2687,CVE-2018-2688,CVE-2018-2689,CVE-2018-2690,CVE-2018-2691,CVE-2018-2692,CVE-2018-2693,CVE-2018-2694,CVE-2018-2695,CVE-2018-2696,CVE-2018-2697,CVE-2018-2698,CVE-2018-2699,CVE-2018-2700,CVE-2018-2701,CVE-2018-2702,CVE-2018-2703,CVE-2018-2704,CVE-2018-2705,CVE-2018-2706,CVE-2018-2707,CVE-2018-2708,CVE-2018-2709,CVE-2018-2710,CVE-2018-2711,CVE-2018-2712,CVE-2018-2713,CVE-2018-2714,CVE-2018-2715,CVE-2018-2716,CVE-2018-2717,CVE-2018-2719,CVE-2018-2720,CVE-2018-2721,CVE-2018-2722,CVE-2018-2723,CVE-2018-2724,CVE-2018-2725,CVE-2018-2726,CVE-2018-2727,CVE-2018-2728,CVE-2018-2729,CVE-2018-2730,CVE-2018-2731,CVE-2018-2732,CVE-2018-2733 Fri, 19 Jan 2018 19:28:08 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56479 Xplico Decoding Manager Daemon Command Injection Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56499&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Xplico%20Decoding%20Manager%20Daemon%20Command%20Injection%20Vulnerability&vs_k=1 A vulnerability in Xplico could allow an authenticated, remote attacker to execute arbitrary commands on a targeted system.<br /> <br /> The vulnerability is due to improper security restrictions imposed by the affected software. An authenticated attacker could exploit this vulnerability by submitting a crafted packet capture (PCAP) file. If successful, the attacker could execute arbitrary commands on the affected system. Additionally, an unauthenticated attacker could exploit this vulnerability by registering a new user account. If successful, the attacker could execute arbitrary commands as a <em>root</em> user on the targeted system.<br /> <br /> Functional code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> The vendor has confirmed this vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-16666 Fri, 19 Jan 2018 18:51:36 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56499 phpMyAdmin Cross-Site Request Forgery Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56498&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=phpMyAdmin%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1 A vulnerability in phpMyAdmin could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by convincing a user to click a malicious link. A successful exploit could allow the attacker to perform unauthorized database operations such as deleting records or dropping tables.<br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> phpMyAdmin has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-1000499 Fri, 19 Jan 2018 17:20:16 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56498 Zoho ManageEngine Applications Manager SQL Injection Vulnerabilities https://tools.cisco.com/security/center/viewAlert.x?alertId=56497&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Zoho%20ManageEngine%20Applications%20Manager%20SQL%20Injection%20Vulnerabilities&vs_k=1 Vulnerabilities in Zoho ManageEngine Applications Manager could allow an authenticated or unauthenticated remote attacker to conduct SQL injection attacks on a targeted system.<br /> <br /> The vulnerabilities are due to insufficient validation of user-supplied input by the affected software. An authenticated, remote attacker could exploit one of the vulnerabilities by submitting a crafted <em>manageApplications.do?method=insert </em>request to the affected software. An unauthenticated, remote attacker could exploit the other vulnerability by submitting a crafted <em>manageApplications.do?method=AddSubGroup</em> request to the affected software. A successful exploit of either or both vulnerabilities could allow the attacker to conduct a SQL injection attack on the targeted system, which could be used to conduct further attacks.<br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> Zoho has not confirmed this vulnerability and software updates are not available.<br /> <br /> To exploit this vulnerability, the attacker may need access to trusted or internal networks to submit crafted SQL queries to the targeted system. This access requirement could reduce the likelihood of a successful exploit. <br /> <br /> Administrators are advised to contact the vendor regarding future updates and releases.<br /> <br /> Administrators are advised to allow only trusted users to have network access.<br /> <br /> Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.<br /> <br /> Administrators can apply Snort SIDs 44921 and 44922 to help prevent attacks that attempt to exploit this vulnerability.<br /> <br /> Administrators are advised to monitor affected systems.<br /> <br /> For additional information about SQL injection attacks and defenses, see <a href="https://www.cisco.com/c/en/us/about/security-center/sql-injection.html">Understanding SQL Injection</a>.<br /> <br /> Vendor announcements are not available.<br /> <br /> Software updates are not available. <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-16542,CVE-2017-16846 Fri, 19 Jan 2018 15:10:34 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56497 Hikvision IP Cameras Privilege Escalation Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56496&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Hikvision%20IP%20Cameras%20Privilege%20Escalation%20Vulnerability&vs_k=1 A vulnerability in Hikvision IP cameras could allow an unauthenticated, remote attacker to gain elevated privileges or modify information on a targeted device.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by affected firmware versions. An attacker could exploit this vulnerability by sending a crafted request to a targeted camera. An exploit could allow the attacker to gain elevated privileges or modify device information, which could be used to conduct further attacks.<br /> <br /> Hikvision has confirmed the vulnerability and released firmware updates.<br /> <br /> Administrators are advised to apply the appropriate updates.<br /> <br /> Administrators are advised to allow only trusted users to have network access.<br /> <br /> Administrators can help protect affected systems from external attacks by using a solid firewall strategy.<br /> <br /> Administrators are advised to apply Snort SID 45413 to help prevent attacks that attempt to exploit the vulnerability.<br /> <br /> Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.<br /> <br /> Hikvision has released a security notice, which contains download links to firmware updates that resolve this vulnerability, at the following link: <a href="http://www.hikvision.com/us/about_10805.html">HSRC-201703-04</a> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-7921 Thu, 18 Jan 2018 19:51:22 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56496 Microsoft Office Memory Corruption Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=55872&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Office%20Memory%20Corruption%20Vulnerability&vs_k=1 A vulnerability in Microsoft Office could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /><br />The vulnerability is due to improper memory operations that are performed by the affected software. An attacker could exploit the vulnerability by persuading a user to access a file that submits malicious input to the affected software on a targeted system. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user on the targeted system. If the user has elevated privileges, the attacker could compromise the system completely.<br /> <br /> Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-11882 Thu, 18 Jan 2018 16:25:53 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=55872 Microsoft .NET Framework Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=55135&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20.NET%20Framework%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in the Microsoft .NET Framework of Microsoft Windows could allow a local attacker to execute arbitrary code.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input before loading libraries by the affected software. An attacker could exploit this vulnerability by executing a crafted application on the local system. An exploit could allow the attacker to execute arbitrary code, which could result in a complete system compromise.<br /> <br /> <span>Functional exploit code that demonstrates an exploit of this vulnerability is publicly available.</span><br /> <br /> Microsoft confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-8759 Thu, 18 Jan 2018 16:09:33 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=55135 Tinysvcmdns Multi-label DNS mdns_parse_qn Denial Of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56490&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Tinysvcmdns%20Multi-label%20DNS%20mdns_parse_qn%20Denial%20Of%20Service%20Vulnerability&vs_k=1 A vulnerability in tinysvcmdns could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability exists in the <em>mdns_parse_qn</em> function, and is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by submitting a crafted packet to cause a NULL pointer dereference on the affected system. A successful exploit could allow the attacker to cause a DoS condition on the targeted system.<br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> The vendor has confirmed the vulnerability and released updated software.<br /> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-12130 Wed, 17 Jan 2018 21:18:29 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56490 rsync receive_xattr Function Buffer Overread Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56480&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=rsync%20receive_xattr%20Function%20Buffer%20Overread%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in the <em>receive_xattr</em> function in the <em>xattrs.c</em> code of rsync could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by sending crafted input that contains a trailing \0 character to a targeted system. An exploit could trigger a heap-based buffer overread condition, causing the affected application to crash and resulting in a DoS condition.<br /> <br /> The vendor has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-16548 Wed, 17 Jan 2018 20:46:48 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56480 Intel CPU Process Prediction Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56355&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Intel%20CPU%20Process%20Prediction%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability due to the design of most modern CPUs could allow a local attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability is due to improper implementation of the speculative execution of instructions by the affected software. This vulnerability can by triggered by utilizing branch target injection. An attacker could exploit this vulnerability by executing arbitrary code and performing a side-channel attack on a targeted system. A successful exploit could allow the attacker to read sensitive memory information.<br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> Intel has confirmed the vulnerability and updates are available. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-5715 Wed, 17 Jan 2018 19:37:41 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56355 rsync Daemon Security Bypass Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56482&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=rsync%20Daemon%20Security%20Bypass%20Vulnerability&vs_k=1 A vulnerability in the daemon that is used by rsync could allow an unauthenticated, remote attacker to bypass security restrictions on a targeted system.<br /> <br /> The vulnerability is due to insufficient checks for <em>fnamecmp</em> filenames in the <em>daemon_filter_list</em> data structure. In addition, the affected software fails to apply the <em>sanitize_paths</em> protection mechanism to pathnames that are found in <em>xname follows</em> strings. An attacker could exploit this vulnerability to bypass access restrictions on a targeted system. A successful exploit could be used to conduct further attacks.<br /> <br /> The vendor has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-17434 Wed, 17 Jan 2018 19:37:18 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56482 ISC BIND Fetch Cleanup Sequencing Use-After-Free Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56484&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=ISC%20BIND%20Fetch%20Cleanup%20Sequencing%20Use-After-Free%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in ISC BIND could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by submitting a crafted DNS request to the affected system. A successful exploit could cause a use-after-free condition, which could lead to a DoS condition on the targeted system.<br /> <br /> ISC.org has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-3145 Wed, 17 Jan 2018 18:14:02 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56484 ISC DHCP OMAPI Connections Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56483&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=ISC%20DHCP%20OMAPI%20Connections%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in ISC DHCP could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability is due to improper cleaning of closed Object Management Application Programming Interface (OMAPI) connections by the affected software. An attacker could exploit this vulnerability by sending crafted OMAPI messages to the OMAPI control port on a targeted system. A successful exploit could exhaust the pool of socket descriptors available to the DHCP server, resulting in a DoS condition.<br /> <br /> ISC.org has confirmed the vulnerability and released a software patch. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-3144 Wed, 17 Jan 2018 18:05:11 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56483 rsync recv_files Function Security Bypass Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56481&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=rsync%20recv_files%20Function%20Security%20Bypass%20Vulnerability&vs_k=1 A vulnerability in the <em>recv_files</em> function defined in the <em>receiver.c</em> source code file of rsync could allow an unauthenticated, remote attacker to bypass security restrictions on a targeted system.<br /> <br /> The vulnerability exists because the affected software performs insufficient checks for a filename in the <em>daemon_filter_list </em>data structure before the software proceeds with certain metadata updates for files. An attacker could exploit this vulnerability to bypass access restrictions on a targeted system. A successful exploit could allow the attacker to conduct further attacks.<br /> <br /> The vendor has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-17433 Wed, 17 Jan 2018 17:15:38 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56481 Juniper Junos J-Web Use-After-Free Memory Error Remote Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56470&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20Junos%20J-Web%20Use-After-Free%20Memory%20Error%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in the J-Web interface of Juniper Junos could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to a use-after-free vulnerability in the affected interface. An attacker could exploit this vulnerability by submitting crafted data to the affected system. A successful exploit could allow the attacker to execute arbitrary code on the system.<br /> <br /> Juniper Networks confirmed the vulnerability in a security bulletin and released software updates. <br/>Security Impact Rating: Critical <br/>CVE: CVE-2018-0001 Tue, 16 Jan 2018 20:35:07 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56470 Juniper Junos LLDP Processing Multiple Vulnerabilities https://tools.cisco.com/security/center/viewAlert.x?alertId=56471&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20Junos%20LLDP%20Processing%20Multiple%20Vulnerabilities&vs_k=1 Multiple vulnerabilities in Juniper Junos could allow an authenticated, local attacker to gain elevated privileges on a targeted system. Two additional vulnerabilities could allow an unauthenticated, remote attacker and an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerabilities are due to insufficient validation of user-supplied input by the affected interface. An attacker could exploit this vulnerability by submitting crafted LLDP packets to the affected system. A successful exploit could allow the attacker to gain elevated privileges or cause a DoS condition on the system.<br /> <br /> Juniper Networks confirmed the vulnerabilities in a security bulletin and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-0007 Tue, 16 Jan 2018 20:34:31 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56471 Juniper Junos Space Local Privilege Escalation Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56475&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20Junos%20Space%20Local%20Privilege%20Escalation%20Vulnerability&vs_k=1 A vulnerability in Juniper Junos Space could allow a local attacker to gain elevated privileges on a targeted system.<br /> <br /> The vulnerability is due to unknown reasons. An attacker could exploit this vulnerability to gain elevated privileges on the targeted system.<br /> <br /> Juniper Networks has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-0012 Tue, 16 Jan 2018 20:24:12 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56475 Juniper ScreenOS Etherleak Unpadded Ethernet Packets Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56478&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20ScreenOS%20Etherleak%20Unpadded%20Ethernet%20Packets%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability in Juniper ScreenOS could allow an unauthenticated, adjacent attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability is due to the improper handling of Ethernet packets by the affected software. An adjacent attacker on the local network could exploit this vulnerability to access packet information on a targeted system. A successful exploit could allow the attacker to access sensitive system memory information on the targeted system.<br /> <br /> Juniper Networks has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-0014 Tue, 16 Jan 2018 20:17:30 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56478 HPE Integrated Lights-Out 2 Multiple Remote Vulnerabilities https://tools.cisco.com/security/center/viewAlert.x?alertId=56465&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=HPE%20Integrated%20Lights-Out%202%20Multiple%20Remote%20Vulnerabilities&vs_k=1 Multiple vulnerabilities in HPE Integrated Lights-Out 2 (iLO2) firmware could allow an unauthenticated, remote attacker to execute arbitrary code, bypass authentication, or cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerabilities are due to an unspecified condition that exist in the affected firmware. An attacker could exploit these vulnerabilities to execute arbitrary code, bypass authentication, or cause a DoS condition on a targeted system. A successful exploit could result in a complete system compromise.<br /> <br /> HPE has confirmed these vulnerabilities and released software updates. <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-8979 Tue, 16 Jan 2018 19:22:14 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56465 Glibc in_realpath() Underflow Local Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56466&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Glibc%20in_realpath()%20Underflow%20Local%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in GNU <em>glibc</em> could allow a local attacker to execute arbitrary code and gain elevated privileges on a targeted system.<br /> <br /> The vulnerability exists in the <em>__realpath()</em> function in <em>stdlib/canonicalize.c</em> source code due to improper processing of path names in the <strong>getcwd()</strong> command. An attacker could exploit this vulnerability to execute arbitrary code. A successful exploit could allow the attacker to gain elevated privileges on the targeted system.<br /> <br /> The vendor has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-1000001 Tue, 16 Jan 2018 19:22:10 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56466 Juniper Networks Junos Space Crafted Request Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56476&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20Networks%20Junos%20Space%20Crafted%20Request%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability in Juniper Networks Junos Space software could allow an authenticated, remote attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability is due to improper handling of requests by the affected software. An attacker could exploit this vulnerability by sending a malicious request to the targeted system. A successful exploit could cause the system to include a file when responding to the malicious request. The attacker could use the file to access sensitive information.<br /> <br /> Juniper Networks has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-0013 Tue, 16 Jan 2018 19:22:07 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56476 Juniper Networks Junos Space Management Interface Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56477&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20Networks%20Junos%20Space%20Management%20Interface%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in the management interface of Juniper Networks Junos Space software could allow an authenticated, remote attacker to a conduct cross-site scripting (XSS) attack on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the management interface of the affected software. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the security context of the management interface or allow the attacker to access sensitive browser-based information.<br /> <br /> Juniper Networks has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-0011 Tue, 16 Jan 2018 19:22:03 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56477 Intel CPU Indirect Branch Prediction Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56357&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Intel%20CPU%20Indirect%20Branch%20Prediction%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability in Intel CPU hardware could allow a local attacker to gain access to sensitive information on a targeted system.<br /> <br /> The vulnerability is due to side-channel attacks, which are also referred to as Meltdown attacks. A local attacker could exploit this vulnerability by executing arbitrary code on the affected system. A successful exploit could allow the attacker to gain access to sensitive information on the targeted system, including accessing memory from the CPU cache.<br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> Intel has confirmed the vulnerability and updates are available. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-5754 Tue, 16 Jan 2018 16:37:34 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56357 Intel CPU Process Branch Prediction Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56356&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Intel%20CPU%20Process%20Branch%20Prediction%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability due to the design of most modern CPUs could allow a local attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability is due to improper implementation of the speculative execution of instructions by the affected software. This vulnerability can by triggered by performing a bounds check bypass. An attacker could exploit this vulnerability by executing arbitrary code and performing a side-channel attack on a targeted system. A successful exploit could allow the attacker to read sensitive memory information.<br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> Intel has confirmed the vulnerability and updates are available. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-5753 Tue, 16 Jan 2018 15:51:26 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56356 Juniper Networks Junos OS MAC Move Limit Bypass Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56472&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20Networks%20Junos%20OS%20MAC%20Move%20Limit%20Bypass%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in the MAC move limit feature of Juniper Networks QFX and EX Series switches running Juniper Networks Junos OS software could allow an unauthenticated, adjacent attacker to bypass MAC move limit restrictions on a targeted system.<br /> <br /> The vulnerability is due to improper security restrictions that are imposed by the affected software when the MAC move limit is exceeded. An attacker could exploit this vulnerability to bypass MAC move limits on a targeted system. A successful exploit could result in a DoS condition or other unintended conditions on the targeted system.<br /> <br /> Juniper Networks has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-0005 Tue, 16 Jan 2018 15:29:11 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56472 IBM WebSphere MQ Undocumented Service Trace Module Environment Variable Local Privilege Escalation Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56467&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=IBM%20WebSphere%20MQ%20Undocumented%20Service%20Trace%20Module%20Environment%20Variable%20Local%20Privilege%20Escalation%20Vulnerability&vs_k=1 A vulnerability in IBM WebSphere MQ could allow an unauthenticated, local attacker to gain elevated privileges on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by submitting a crafted value to the affected software. A successful exploit could allow the attacker to execute arbitrary code and gain elevated privileges on the targeted system.<br /> <br /> IBM has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-1612 Tue, 16 Jan 2018 15:05:21 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56467 Juniper Networks Junos flowd Packet Processing Remote Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56468&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20Networks%20Junos%20flowd%20Packet%20Processing%20Remote%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in the <em>flowd</em> daemon of Juniper Networks SRX Series and MX Series devices running Juniper Networks Junos OS software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted device.<br /> <br /> The vulnerability is due to the improper processing of crafted TCP/IP response packets by an affected device. An attacker could exploit this vulnerability by sending a crafted TCP/IP response packet to a targeted device. A successful exploit could trigger memory corruption that causes the <em>flowd</em> daemon on the targeted device to crash, resulting in a DoS condition.<br /> <br /> Juniper Networks has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2018-0002 Tue, 16 Jan 2018 15:01:01 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56468 Juniper Networks Junos OS MPLS Packet Processing Remote Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56469&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Juniper%20Networks%20Junos%20OS%20MPLS%20Packet%20Processing%20Remote%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in Juniper Networks Junos OS software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability is due to the improper processing of crafted Multiprotocol Label Switching (MPLS) packets by the affected software. An attacker could exploit this vulnerability by sending a crafted MPLS packet to a targeted system. A successful exploit could cause a kernel crash on the targeted system, resulting in a DoS condition.<br /> <br /> Juniper Networks has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-0003 Tue, 16 Jan 2018 15:00:57 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56469 IBM Security Access Manager Open Redirect Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56461&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=IBM%20Security%20Access%20Manager%20Open%20Redirect%20Vulnerability&vs_k=1 A vulnerability in IBM Security Access Manager could allow an unauthenticated, remote attacker to cause a browser redirect on a targeted system.<br /> <br /> The vulnerability is due to improper URL parsing by the affected software. An attacker could exploit this vulnerability by persuading a targeted user to follow a malicious link. A successful exploit could cause a browser redirect to a malicious website, which could be used to conduct further attacks on the system.<br /> <br /> IBM has confirmed the vulnerability in a security bulletin and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-1534 Fri, 12 Jan 2018 22:51:40 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56461 IBM Security Access Manager Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56462&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=IBM%20Security%20Access%20Manager%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability in IBM Security Access Manager could allow an authenticated, remote attacker to gain access to sensitive information on a targeted system.<br /> <br /> The vulnerability is due to insufficient permissions imposed by the affected software. An attacker could exploit this vulnerability to gain access and modify sensitive information on the targeted system.<br /> <br /> IBM has confirmed the vulnerability in a security bulletin and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-1459 Fri, 12 Jan 2018 22:45:25 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56462 Wireshark Updates for January 2018 https://tools.cisco.com/security/center/viewAlert.x?alertId=56463&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Wireshark%20Updates%20for%20January%202018&vs_k=1 Multiple vulnerabilities in Wireshark could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerabilities are due to improper processing of malformed packets by the affected software. An attacker could exploit these vulnerabilities by transmitting malformed data packets to a targeted system that has the Wireshark application installed or by persuading a user to use the affected software to open a malformed packet trace file. A successful exploit could cause the application to stop functioning properly or to crash, resulting in a DoS condition.<br /> <br /> Administrators are advised to apply the appropriate updates.<br /> <br /> Administrators are advised to allow only trusted users to have network access.<br /> <br /> Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.<br /> <br /> Administrators are advised to monitor affected systems.<br /> <br /> Wireshark has released security advisories at the following links:<br /> <ul> <li><a href="https://www.wireshark.org/security/wnpa-sec-2018-01.html">wnpa-sec-2018-01</a></li> <li><a href="https://www.wireshark.org/security/wnpa-sec-2018-03.html">wnpa-sec-2018-03</a></li> <li><a href="https://www.wireshark.org/security/wnpa-sec-2018-04.html">wnpa-sec-2018-04</a></li> </ul> Wireshark has released software updates at the following link: <a href="https://www.wireshark.org/download.html">Wireshark version 2.4.4 and 2.2.12 or later</a> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-5334,CVE-2018-5335,CVE-2018-5336 Fri, 12 Jan 2018 20:31:28 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56463 IBM Security Access Manager Appliance Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56464&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=IBM%20Security%20Access%20Manager%20Appliance%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability in IBM Security Access Manager Appliance could allow a local attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability is due to the way the affected software stores web pages. An attacker could exploit this vulnerability to access locally stored web pages on a targeted system. A successful exploit could allow the attacker to access sensitive information, which could be used to conduct further attacks.<br /> <br /> IBM has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-1478 Fri, 12 Jan 2018 20:12:12 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56464 IBM Security Access Manager Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56460&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=IBM%20Security%20Access%20Manager%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in IBM Security Access Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input processed by the affected software. An attacker could exploit this vulnerability by persuading a targeted user to follow a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the targeted user's browser, which could allow the attacker to view sensitive information, including user cookies and submitted web form data.<br /> <br /> IBM confirmed the vulnerability in a security bulletin and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-1533 Fri, 12 Jan 2018 18:10:36 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56460 Oracle Fusion Middleware Oracle WebLogic Server Component Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56454&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Oracle%20Fusion%20Middleware%20Oracle%20WebLogic%20Server%20Component%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1 A vulnerability in the Oracle Weblogic Server component of Oracle Fusion Middleware could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted system. A successful exploit could allow the attacker to execute arbitrary code on the system, which could be used to conduct further attacks.<br /> <br /> Functional exploit code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> Oracle has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-10271 Fri, 12 Jan 2018 17:06:54 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56454 VMware Workstation and Fusion Network Address Translation Service Use-After-Free Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56443&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=VMware%20Workstation%20and%20Fusion%20Network%20Address%20Translation%20Service%20Use-After-Free%20Vulnerability&vs_k=1 A vulnerability in the VMware Network Address Translation (NAT) service feature of VMware Workstation and Fusion could allow an authenticated, remote attacker on a guest system to execute arbitrary code on the host system.<br /> <br /> The vulnerability is due to improper processing of IPv6 packets by the VMware NAT service of the affected software. An attacker on a guest system could exploit this vulnerability by sending crafted IPv6 packets to the targeted system. An exploit could trigger a use-after-free condition that the attacker could use to execute arbitrary code on the host system.<br /> <br /> VMware has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Critical <br/>CVE: CVE-2017-4949 Thu, 11 Jan 2018 22:35:06 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56443 Ruby delayed_job_web Rails Gem Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56453&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Ruby%20delayed_job_web%20Rails%20Gem%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in the <em>delayed_job_web</em> rails gem could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input processed by the affected software. An attacker could exploit this vulnerability by sending a user an email message that contains a malicious link and persuading the user to click the link. A successful exploit could allow the attacker to execute arbitrary JavaScript code in the context of the user's browser, which could be used to conduct further attacks.<br /> <br /> The vendor has not confirmed the vulnerability and software updates are not available. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-12097 Thu, 11 Jan 2018 21:42:30 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56453 Ruby rails_admin Rails Gem Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56452&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Ruby%20rails_admin%20Rails%20Gem%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in the <em>rails_admin</em> rails gem could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input that is processed by the affected software. An attacker could exploit this vulnerability by sending a user an email message that contains a malicious link and persuading the user to click the link. A successful exploit could allow the attacker to execute arbitrary JavaScript code in the context of the user's browser, which could allow the attacker to conduct further attacks.<br /> <br /> The vendor has not confirmed the vulnerability and software updates are not available. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-12098 Thu, 11 Jan 2018 21:17:29 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56452 Blender Multiple Vulnerabilities https://tools.cisco.com/security/center/viewAlert.x?alertId=56451&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Blender%20Multiple%20Vulnerabilities&vs_k=1 Multiple vulnerabilities in Blender could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.<br /> <br /> These vulnerabilities exist in multiple functionalities of the affected software and are due to improper processing of crafted files. An attacker could exploit these vulnerabilities by persuading a user on the local system to open a crafted file with the affected application. An exploit could trigger an integer overflow condition that could lead to a buffer overflow condition that the attacker could use to execute arbitrary code under the security context of the application.<br /> <br /> Blender has not publicly confirmed these vulnerabilities and software updates are not available.<br /> <br /> Administrators are advised to contact the vendor regarding future updates and releases.<br /> <br /> Users are advised not to open email messages from suspicious or unrecognized sources. If users cannot verify that links or attachments included in email messages are safe, they are advised not to open them.<br /> <br /> Administrators are advised to monitor affected systems.<br /> <br /> Cisco Talos has released a security blog and vulnerability reports describing these vulnerabilities at the following links: <a href="http://blog.talosintelligence.com/2018/01/unpatched-blender-vulns.html#more">Vulnerability Spotlight: Multiple Unpatched Vulnerabilities in Blender Identified</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0406">TALOS-2017-0406</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0407">TALOS-2017-0407</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0408">TALOS-2017-0408</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0409">TALOS-2017-0409</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0410">TALOS-2017-0410</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0411">TALOS-2017-0411</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0412">TALOS-2017-0412</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0413">TALOS-2017-0413</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0414">TALOS-2017-0414</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0415">TALOS-2017-0415</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0425">TALOS-2017-0425</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0433">TALOS-2017-0433</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0434">TALOS-2017-0434</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0438">TALOS-2017-0438</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0451">TALOS-2017-0451</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0452">TALOS-2017-0452</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0453">TALOS-2017-0453</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0454">TALOS-2017-0454</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0455">TALOS-2017-0455</a>, <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0456">TALOS-2017-0456</a>, and <a href="https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0457">TALOS-2017-0457</a><br /> <br/>Security Impact Rating: High <br/>CVE: CVE-2017-12081,CVE-2017-12082,CVE-2017-12086,CVE-2017-12099,CVE-2017-12100,CVE-2017-12101,CVE-2017-12102,CVE-2017-12103,CVE-2017-12104,CVE-2017-12105,CVE-2017-2899,CVE-2017-2900,CVE-2017-2901,CVE-2017-2902,CVE-2017-2903,CVE-2017-2904,CVE-2017-2905,CVE-2017-2906,CVE-2017-2907,CVE-2017-2908,CVE-2017-2918 Thu, 11 Jan 2018 21:12:58 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56451 VMware Workstation and Fusion Network Address Translation Service Integer Overflow Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56444&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=VMware%20Workstation%20and%20Fusion%20Network%20Address%20Translation%20Service%20Integer%20Overflow%20Vulnerability&vs_k=1 A vulnerability in the VMware Network Address Translation (NAT) service feature of VMware Workstation and Fusion could allow an authenticated, remote attacker to cause an out-of-bounds read condition on a targeted system.<br /> <br /> The vulnerability is due to improper processing of IPv6 packets by the VMware NAT service of the affected software. An attacker could exploit this vulnerability by sending crafted IPv6 packets to the targeted system. A successful exploit could trigger an integer overflow condition, which may lead to an out-of-bounds read condition on the system. A successful exploit of this vulnerability, used in conjunction with other vulnerabilities, could allow the attacker to execute arbitrary code on the host system.<br /> <br /> VMware has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-4950 Thu, 11 Jan 2018 19:05:21 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56444 Linux Kernel rds_cmsg_atomic Function NULL Pointer Dereference Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56446&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20rds_cmsg_atomic%20Function%20NULL%20Pointer%20Dereference%20Vulnerability&vs_k=1 A vulnerability in Linux Kernel could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability exists in the <em>rds_cmsg_atomic</em> function and is due to insufficient handling of user-supplied input by the affected software. An attacker could exploit this vulnerability to cause a NULL pointer dereference, which could lead to a DoS condition on the targeted system.<br /> <br /> Kernel.org has confirmed the vulnerability and released a software patch. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-5333 Thu, 11 Jan 2018 16:52:16 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56446 Linux Kernel rds_message_alloc_sgs() Function Heap Out-of-Bounds Write Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56445&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Linux%20Kernel%20rds_message_alloc_sgs()%20Function%20Heap%20Out-of-Bounds%20Write%20Vulnerability&vs_k=1 A vulnerability in the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability is in the <em>rds_message_alloc_sgs()</em> function and is due to improper validation of DMA page allocation values by the affected software. An attacker could exploit this vulnerability to cause a heap-based out-of-bounds write, which could lead to a DoS condition on the system.<br /> <br /> Kernel.org has confirmed the vulnerability and released a software patch. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-5332 Thu, 11 Jan 2018 16:36:14 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56445 Adobe Flash Player Out-of-Bounds Read Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56425&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Adobe%20Flash%20Player%20Out-of-Bounds%20Read%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability in Adobe Flash Player could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability is due to an unspecified condition in the affected software that could lead to an out-of-bounds read condition. An attacker could exploit this vulnerability by persuading a user to visit a web page that contains malicious Flash content. A successful exploit could allow the attacker to access sensitive information, which could be used to conduct additional attacks.<br /> <br /> Adobe has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2018-4871 Thu, 11 Jan 2018 15:50:43 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56425 Adobe Flash Player Global Settings Preference Reset Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56235&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Adobe%20Flash%20Player%20Global%20Settings%20Preference%20Reset%20Vulnerability&vs_k=1 A vulnerability in Adobe Flash Player could allow an unauthenticated, remote attacker to reset the global settings preference file.<br /> <br /> The vulnerability is due to a business logic error in the affected application. An attacker could exploit this vulnerability through unspecified measures. A successful exploit could allow the attacker to reset the global setting preference file for the affected application.<br /> <br /> Adobe has confirmed the vulnerability in a security bulletin and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-11305 Thu, 11 Jan 2018 15:38:38 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56235 Symantec ASG and ProxySG Management Console Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56438&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Symantec%20ASG%20and%20ProxySG%20Management%20Console%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in Symantec ProxySG Management Console could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks on a targeted system.<br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input by the affected software. An attacker could exploit this vulnerability by persuading a user to visit a malicious URL. When the user visits the URL, the attacker could execute arbitrary script code in the user's browser session in the security context of the affected site. An exploit could allow the attacker to view sensitive information, including the targeted user's cookies and previously submitted web form data. This could allow the attacker to take further actions as the targeted user.<br /> <br /> Symantec has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-10257 Wed, 10 Jan 2018 19:53:04 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56438 Symantec ProxySG Management Console Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56437&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Symantec%20ProxySG%20Management%20Console%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in the Symantec ProxySG Management Console could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks on a targeted system.<br /> <br /> The vulnerability is due to insufficient sanitization of user-supplied input by the affected software. An attacker could exploit this vulnerability by persuading a user to visit a malicious URL. When the user visits the URL, the attacker could execute arbitrary script code in the user's browser session in the security context of the affected site. A successful exploit could allow the attacker to view sensitive information on the targeted system, including the user's cookies and data previously submitted in web forms, which could allow the attacker to perform additional actions as the user.<br /> <br /> Symantec has confirmed the vulnerability and released software patches. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-10256 Wed, 10 Jan 2018 19:06:21 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56437 Symantec ASG and ProxySG Management Consoles Information Disclosure Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56436&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Symantec%20ASG%20and%20ProxySG%20Management%20Consoles%20Information%20Disclosure%20Vulnerability&vs_k=1 A vulnerability in Symantec ASG and ProxySG management consoles could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.<br /> <br /> The vulnerability is due to insufficient security restrictions imposed by the affected console software. An attacker with access to a client host of an authenticated administrator could exploit this vulnerability to access sensitive information, including authentication credentials on the system.<br /> <br /> Symantec has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-9100 Wed, 10 Jan 2018 18:56:45 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56436 Symantec ASG and ProxySG Management Consoles Open Redirection Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56435&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Symantec%20ASG%20and%20ProxySG%20Management%20Consoles%20Open%20Redirection%20Vulnerability&vs_k=1 A vulnerability in Symantec ASG and ProxySG management consoles could allow an unauthenticated, remote attacker to cause a URL redirect on a targeted system.<br /> <br /> The vulnerability is due to improper URL parsing by the affected console software. An attacker could exploit this vulnerability by sending a user a crafted email message that contains a malicious management console link and persuading the user to click the link. A successful exploit could redirect the user's browser to a malicious website, which could be used to conduct further attacks on the system.<br /> <br /> Symantec has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2016-9099 Wed, 10 Jan 2018 18:41:14 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56435 Sophos XG Web Application Firewall Cross-Site Scripting Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56439&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Sophos%20XG%20Web%20Application%20Firewall%20Cross-Site%20Scripting%20Vulnerability&vs_k=1 A vulnerability in the Web Application Firewall (WAF) component of the Sophos XG Firewall operating system (SFOS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.<br /> <br /> The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by persuading a user to follow a link that injects malicious script code into the WAF logs page of a targeted system. After the user visits the WAF logs page, the attacker could perform unauthorized actions in the <em>webadmin</em> security context and gain full <em>root</em> ssh shell access to the targeted system, which could result in a complete system compromise.<br /> <br /> Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available.<br /> <br /> Sophos has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2017-18014 Wed, 10 Jan 2018 18:29:02 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56439 Multiple F5 BIG-IP Products TMM HTTP Request Denial of Service Vulnerability https://tools.cisco.com/security/center/viewAlert.x?alertId=56440&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20F5%20BIG-IP%20Products%20TMM%20HTTP%20Request%20Denial%20of%20Service%20Vulnerability&vs_k=1 A vulnerability in the Traffic Management Microkernel (TMM) URI parser library of multiple F5 BIG-IP products could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.<br /> <br /> The vulnerability is due to improper processing of HTTP requests by an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted system. An exploit could cause the TMM component of the system to generate a core file and restart, resulting in a DoS condition.<br /> <br /> F5 has confirmed the vulnerability and released software updates. <br/>Security Impact Rating: High <br/>CVE: CVE-2017-6133 Wed, 10 Jan 2018 17:27:49 CST https://tools.cisco.com/security/center/viewAlert.x?alertId=56440