OpenSuSE Security Update for the Linux Kernel (openSUSE-SU-2016:2184-1)澳门金沙官方丨0DAY BANK

漏洞类别:SUSE

漏洞等级:

漏洞信息

Suse has released security update for the linux kernel to fix the vulnerabilities.

Affected Products:
openSUSE 13.1

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command "yum update".

Refer to Suse security advisory openSUSE-SU-2016:2184-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

openSUSE-SU-2016:2184-1: OpenSuse

0day

ownCloud Windows Client Local Code Injection Vulnerability澳门金沙官方丨0DAY BANK

漏洞类别:Local

漏洞等级:

漏洞信息

ownCloud is a suite of client-server software for creating file hosting services and using them.

ownCloud Windows Client is vulnerable to local code injection attack wherein a malicious local user could load a specially crafted DLL to inject the code into other user's ownCloud Client on the same machine.

Affected Versions:
ownCloud Windows Desktop Client prior to version 2.2.3

漏洞危害

A malicius local user could exploit this vulnerability to run an arbitrary code in the context of other local users on the system.

解决方案

Customers are advised to install ownCloud Windows Desktop Client version 2.2.3 or later to remediate this vulnerability.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

oC-SA-2016-016

0day

CVE-2016-6369 2016-08-31 20:39:40 Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vulnerability澳门金沙官方丨0DAY BANK

漏洞类别:Local

漏洞等级:

漏洞信息

Cisco AnyConnect is a VPN Client for multiple platforms.

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account.

Affected Versions:
Cisco AnyConnect Secure Mobility before 4.2.05015 and 4.3.x before 4.3.02039

漏洞危害

On successful exploitation it allows local users to gain privileges via a crafted INF file.

解决方案

There are no solution that address this vulnerability. Workaround:
There are no workarounds that address this vulnerability.

0day

OpenSuSE Security Update for php5 (openSUSE-SU-2016:1922-1)澳门金沙官方丨0DAY BANK

漏洞类别:SUSE

漏洞等级:

漏洞信息

Suse has released security update for php5 to fix the vulnerabilities.

Affected Products:
openSUSE Leap 42.1

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command "yum update".

Refer to Suse security advisory openSUSE-SU-2016:1922-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

openSUSE-SU-2016:1922-1: OpenSuse

0day

OpenSuSE Security Update for libidn (openSUSE-SU-2016:1924-1)澳门金沙官方丨0DAY BANK

漏洞类别:SUSE

漏洞等级:

漏洞信息

Suse has released security update for libidn to fix the vulnerabilities.

Affected Products:
openSUSE 13.2

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command "yum update".

Refer to Suse security advisory openSUSE-SU-2016:1924-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

openSUSE-SU-2016:1924-1: OpenSuse

0day

OpenSuSE Security Update for mupdf (openSUSE-SU-2016:1926-1)澳门金沙官方丨0DAY BANK

漏洞类别:SUSE

漏洞等级:

漏洞信息

Suse has released security update for mupdf to fix the vulnerabilities.

Affected Products:
openSUSE Leap 42.1
openSUSE 13.2

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command "yum update".

Refer to Suse security advisory openSUSE-SU-2016:1926-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

openSUSE-SU-2016:1926-1: OpenSuse

0day

OpenSuSE Security Update for polarssl (openSUSE-SU-2016:1928-1)澳门金沙官方丨0DAY BANK

漏洞类别:SUSE

漏洞等级:

漏洞信息

Suse has released security update for polarssl to fix the vulnerabilities.

Affected Products:
openSUSE 13.2

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command "yum update".

Refer to Suse security advisory openSUSE-SU-2016:1928-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

openSUSE-SU-2016:1928-1: OpenSuse

0day

OpenSuSE Security Update for sqlite3 (openSUSE-SU-2016:1932-1)澳门金沙官方丨0DAY BANK

漏洞类别:SUSE

漏洞等级:

漏洞信息

Suse has released security update for sqlite3 to fix the vulnerabilities.

Affected Products:
openSUSE 13.2

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command "yum update".

Refer to Suse security advisory openSUSE-SU-2016:1932-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

openSUSE-SU-2016:1932-1: OpenSuse

0day

OpenSuSE Security Update for MozillaFirefox, mozilla-nss (openSUSE-SU-2016:1964-1)澳门金沙官方丨0DAY BANK

漏洞类别:SUSE

漏洞等级:

漏洞信息

Suse has released security update for mozillafirefox, mozilla-nss to fix the vulnerabilities.

Affected Products:
openSUSE Leap 42.1
openSUSE 13.2

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command "yum update".

Refer to Suse security advisory openSUSE-SU-2016:1964-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

openSUSE-SU-2016:1964-1: OpenSuse

0day

OpenSuSE Security Update for libvirt (openSUSE-SU-2016:1975-1)澳门金沙官方丨0DAY BANK

漏洞类别:SUSE

漏洞等级:

漏洞信息

Suse has released security update for libvirt to fix the vulnerabilities.

Affected Products:
openSUSE Leap 42.1

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command "yum update".

Refer to Suse security advisory openSUSE-SU-2016:1975-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

openSUSE-SU-2016:1975-1: OpenSuse

0day