漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for libass to fix the vulnerability. Affected OS: Fedora 25 Fedora 24 Fedora 23 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix thi…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for libgit2 to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation of the vulnerabilities can cause a heap-buffer-overflow. 解决方案 Fedora has issued updated packages to fix this vu…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for libgit2 to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation of the vulnerabilities can cause a heap-buffer-overflow. 解决方案 Fedora has issued updated packages to fix this vu…

漏洞类别：Hardware 漏洞等级： 漏洞信息 Junos OS is the FreeBSD-based operating system used in Juniper Networks hardware routers. The SRX Network Security Daemon (nsd) in SRX Series services gateways is susceptible to a denial of service vulnerability. This issue can happen …

漏洞类别：Hardware 漏洞等级： 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow root access to the operating…

漏洞类别：Hardware 漏洞等级： 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. A vulnerability in processing Secure Neighbor Discovery (SEND) Protocol packets can result in a high CPU consumption denial of service condition o…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. I…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this fla…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code …

漏洞类别：Local 漏洞等级： 漏洞信息 Apache Hadoop is an open-source software framework used for distributed storage and processing of very large data sets. A design error vulnerability has been identified in Hadoop. Specifically, the error occurs due to improper handling of…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 Multiple memory safety issues in Thunderbird. A same-origin policy bypass was discovered with local HTML files in some circumstances. A heap buffer-overflow was discovered in Cairo when processing SVG content. An error was discovered in …

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 A race condition in the af_packet implementation in the Linux kernel. 漏洞危害 A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. 解决方案 Refer to Ubunt…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 A race condition in the af_packet implementation in the Linux kernel. 漏洞危害 A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. 解决方案 Refer to Ubunt…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 A race condition in the af_packet implementation in the Linux kernel. 漏洞危害 A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. 解决方案 Refer to Ubunt…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 A race condition in the af_packet implementation in the Linux kernel. 漏洞危害 A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. 解决方案 Refer to Ubunt…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 Multiple security vulnerabilities were discovered in Chromium. A heap-corruption issue was discovered in FFmpeg. 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain…

2016-12-07 10:40:16 来源：安全客 作者：adlab_mickey 阅读：2512次 点赞(1) 收藏(8) 漏洞发现人：Philip Pettersson 漏洞编号：CVE-2016-8655 漏洞危害：高危，低权限用户利用该漏洞可以在Linux系统上实现本地提权。 影响范围：Linux内核（2011年4月19日发行）开始就受影响了，直到2016年11月30日修复。 漏洞描述 Philip Pettersson在Linux (net/packet/af_packet.c)发现条件竞争漏洞，可以通…

漏洞类别：Local 漏洞等级： 漏洞信息 Firefox is a free and open-source web browser developed for Windows, OS X, and Linux. A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Fi…

漏洞类别：CGI 漏洞等级： 漏洞信息 eir D1000 modem. Wireless N ADSL2+ 4-port Gateway. The Eir D1000 Modem has bugs that allow an attacker to gain full control of the modem from the Internet. The modem could then be used to hack into internal computers on the network, as a pr…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitr…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Expat is a C library for parsing XML documents. An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library…

漏洞类别：Local 漏洞等级： 漏洞信息 The Ruby SAML library is for implementing the client side of a SAML authorization, i.e. it provides a means for managing authorization initialization and confirmation requests from identity providers. The ruby-saml gem is vulnerable to an…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for kernel to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation of the vulnerabilities can allow a remote attackers to obtain sensitive information f…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for libgcrypt to fix the vulnerabilities. Affected Products: Oracle Linux 6 Oracle Linux 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issu…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for unbreakable enterprise kernel to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerability can allow local users to g…