Santosh Ananthakrishnan discovered a use-after-free in remctl, a serverfor Kerberos-authenticated command execution. If the command isconfigured with the sudo option, this could potentially result in theexecution of arbitrary code.
More info:
https://www.debian.org/security/2018/dsa-4159
James Davis discovered two issues in Django, a high-level Python webdevelopment framework, that can lead to a denial-of-service attack.An attacker with control on the input of the django.utils.html.urlize()function or django.utils.text.Truncators chars() and words() methodscould craft a string that might stuck the execution of the application.
More info:
https://www.debian.org/security/2018/dsa-4161
It was discovered that insufficient input sanitising in libevt, a libraryto access the Windows Event Log (EVT) format, could result in denial ofservice or the execution of arbitrary code if a malformed EVT file isprocessed.
More info:
https://www.debian.org/security/2018/dsa-4160
More info:
https://wpvulndb.com/vulnerabilities/9050
Linux kernel vulnerability CVE-2017-17448. Security Advisory. Security Advisory Description. net/netfilter/nfnetlink_cthelper ...
More info:
https://support.f5.com/csp/article/K01043241
It was discovered that constructed ASN.1 types with a recursivedefinition could exceed the stack, potentially leading to a denial ofservice.
More info:
https://www.debian.org/security/2018/dsa-4158
Multiple vulnerabilities have been discovered in OpenSSL, a SecureSockets Layer toolkit. The Common Vulnerabilities and Exposures projectidentifies the following issues:
More info:
https://www.debian.org/security/2018/dsa-4157
Apache vulnerability CVE-2017-15710. Security Advisory. Security Advisory Description. In Apache httpd 2.0.23 to 2.0.65 ...
More info:
https://support.f5.com/csp/article/K14027805
glibc vulnerability CVE-2015-8778. Security Advisory. Security Advisory Description. Integer overflow in the GNU C Library ...
More info:
https://support.f5.com/csp/article/K51079478
More info:
https://wpvulndb.com/vulnerabilities/9050
