Vulnerability Summary for the Week of March 27, 2017 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The !" indentity number is the #ublicly $nown %& given to that #articular vulnerability. Therefore you can search the status of that #articular vulnerability using that %&. • The CVSS (Common Vulnerability Scoring 'ystem) score is a standard scoring system used to determine the severity of the vulnerability. High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity allwinnertech ** linu+*,.4* The sun+i*debug driver in .llwinner ,.4 legacy 2017-03-27 7.2 CVE-2016- 10225 sun+i $ernel for H,, ./,T and H/ devices allows local MLIST (link is users to gain root #rivileges by sending external) 0rootmydevice0 to MLIST (link is external) 1#roc1sun+i2debug1sun+i2debug. BID (link is external) CONFIRM (link is external) MISC MISC (link is external) a#ache ** camel .#ache amel's 4ac$son and 4ac$son5ML 2017-03-28 7.5 CVE-2016-8749 CONFIRM unmarshalling operation are vulnerable to BID (link is 6emote ode "+ecution attac$s. external) a#ache ** #oi .#ache P7% in versions #rior to release ,.89 2017-03-24 7.1 CVE-2017-5644 CONFIRM allows remote attac$ers to cause a denial of BID (link is service ( P: consum#tion) via a s#ecially crafted external) 775ML file, a$a an 5ML Entity "+#ansion (5"") attac$. artife+ ** mu;s Hea#*based buffer overflow in the 2017-03-24 7.5 CVE-2016- 10133 ;s2stac$overflow function in ;srun.c in .rtife+ CONFIRM (link is external) 'oftware, %nc. Mu4' allows attac$ers to have MLIST (link is uns#ecified im#act by leveraging an error when external) drop#ing e+tra arguments to lightweight MLIST (link is external) functions. CONFIRM (link is external) FEDORA eviewg#s ** ev- &ue to a lac$ of authentication, an 2017-03-27 7.8 CVE-2017-5237 BID (link is <=s2g#s2trac$er2firmwar unauthenticated user who $nows the Eview "!* external) e <=' >P' Trac$er3s #hone number can revert the MISC (link is device to a factory default configuration with an external) 'M' command, 06"'"T?0 gnu ** gnutls Double free vulnerability in the 2017-03-24 7.5 CVE-2017-5334 SUSE gnutls2+9<@2e+t2im#ort2#roxy function in MLIST (link is >nuTL' before ,.3.2B and ,.5.x before ,.5./ external) allows remote attac$ers to have uns#ecified MLIST (link is external) im#act via crafted #olicy language information BID (link is in an 5.5<@ certificate with a Proxy ertificate external) %nformation e+tension. SECTRACK (link is external) CONFIRM (link is external) CONFIRM GENTOO gnu ** gnutls 'tac$*based buffer overflow in the 2017-03-24 7.5 CVE-2017-5336 SUSE cdk2#$2get2$eyid function in MLIST (link is lib1opencdk1#ub$ey.c in >nuTL' before ,.3.2B external) and ,.5.x before ,.5.8 allows remote attac$ers to MLIST (link is external) have uns#ecified im#act via a crafted 7#enP>P BID (link is certificate. external) SECTRACK (link is external) MISC CONFIRM (link is external) CONFIRM GENTOO gnu ** gnutls Multi#le hea#*based buffer overflows in the 2017-03-24 7.5 CVE-2017-5337 SUSE read_attribute function in >nuTL' before ,.3.2B MLIST (link is and ,.5.x before ,.5.8 allow remote attac$ers to external) have uns#ecified im#act via a crafted 7#enP>P MLIST (link is external) certificate. BID (link is external) SECTRACK (link is external) MISC MISC CONFIRM (link is external) CONFIRM GENTOO hesiod_#ro;ect ** hesiod The read_config2file function in lib1hesiod.c in 2017-03-28 10.0 CVE-2016- 10152 Hesiod ,.2.1 falls bac$ to the 0.athena.mit.edu0 MLIST (link is default domain when opening the configuration external) file fails, which allows remote attac$ers to gain BID (link is external) root #rivileges by #oisoning the DNS cache. CONFIRM (link is external) CONFIRM (link is external) huawei ** Huawei .6,A<< routers with software before 2017-03-24 10.0 CVE-2016-6206 CONFIRM (link ar,A<<2firmware !A<<6<<= <<'P B<< allow remote attac$ers to is external) cause a denial of service or e+ecute arbitrary BID (link is code via a crafted #ac$et. external) huawei ** The %ON driver in Huawei P/ smart#hones with 2017-03-24 7.1 CVE-2015-8678 CONFIRM (link mate2s2firmware software >6.*TL<< before >6.*TL<< <8CA,<, is external) >6.* L<< before >6.* L<< @ACA,<, >6.* L8< before >6.* L8< @ACA,<, >6.*:L<< before >6.*:L<< <<CA,<, and >6.*:L8< before >6.* :L8< <<CA,< and Mate ' smart#hones with software 66*TL<< before 66* TL<< <8C8B<'P<8, 66*:L<< before 66* :L<< <<C8B<, and 66* L<< before 66* L<< @AC8B8 allows remote attac$ers to cause a denial of service (crash) via a crafted a##lication. imagemagic$ ** coders1i#l.c in %mageMagic$ allows remote 2017-03-24 7.5 CVE-2016- 10144 imagemagic$ attac$ers to have uns#ecific im#act by MLIST (link is leveraging a missing malloc chec$. external) MLIST (link is external) BID (link is external) CONFIRM CONFIRM (link is external) imagemagic$ ** 7ff*by-one error in coders1wpg.c in 2017-03-24 7.5 CVE-2016- 10145 imagemagic$ %mageMagic$ allows remote attac$ers to have MLIST (link is uns#ecified im#act via vectors related to a string external) copy. MLIST (link is external) BID (link is external) CONFIRM CONFIRM (link is external) imagemagic$ ** Multi#le memory lea$s in the ca#tion and label 2017-03-24 7.8 CVE-2016- 10146 imagemagic$ handling code in %mageMagic$ allow remote MLIST (link is attac$ers to cause a denial of service (memory external) consum#tion) via uns#ecified vectors. MLIST (link is external) BID (link is external) CONFIRM CONFIRM (link is external) imagemagic$ ** Memory lea$ in coders1m#c.c in %mageMagic$ 2017-03-24 7.8 CVE-2017-5507 MLIST (link is imagemagic$ before B.9.=*- and =.x before =.0.4*- allows external) remote attac$ers to cause a denial of service MLIST (link is (memory consum#tion) via vectors involving a external) BID (link is #i+el cache. external) CONFIRM CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) imagemagic$ ** coders1#sd.c in %mageMagic$ allows remote 2017-03-24 7.5 CVE-2017-5511 MLIST (link is imagemagic$ attac$ers to have uns#ecified im#act by external) leveraging an im#ro#er cast, which triggers a MLIST (link is hea#*based buffer overflow. external) BID (link is external) CONFIRM CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) intelliants ** subrion2cms 'ubrion M' -.0.9.1< has 'DL in;ection in 2017-03-26 7.5 CVE-2017-6013 BID (link is admin1database1 via the Euery #arameter. external) MISC (link is external) irssi ** irssi The net;oin #rocessing in %rssi 8.x before 8.0.A 2017-03-27 7.5 CVE-2017-7191 BID (link is allows attac$ers to cause a denial of service (use* external) after*free) and #ossibly e+ecute arbitrary code CONFIRM (link via uns#ecified vectors. is external) CONFIRM libgitA2#ro;ect ** libgitA Cuffer overflow in the git2#$t2#arse2line 2017-03-24 7.5 CVE-2016- 10128 function in trans#orts1smart2#$t.c in the >it SUSE 'mart Protocol su##ort in libgitA before <.A-.6 SUSE and <.29.x before <.29.1 allows remote attac$ers SUSE MLIST (link is to have uns#ecified im#act via a crafted non* external) flush #ac$et. MLIST (link is external) BID (link is external) CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) linu+ ** linu+2$ernel The vmw_surface2define2ioctl function in 2017-03-28 7.2 CVE-2017-7294 BID (link is drivers1g#u1drm1vmwgf+1vmwgf+2surface.c in external) the Linu+ $ernel through -.1<.6 does not MISC (link is validate addition of certain levels data, which external) MISC allows local users to trigger an integer overflow and out*of*bounds write, and cause a denial of service (system hang or crash) or #ossibly gain #rivileges, via a crafted ioctl call for a 1dev/dri1render&F device. linu+ ** linu+2$ernel The #ac$et2set2ring function in 2017-03-29 7.2 CVE-2017-7308 BID (link is net1#ac$et1af2#ac$et.c in the Linu+ $ernel external) through -.1<.6 does not #roperly validate CONFIRM certain bloc$*size data, which allows local users to cause a denial of service (overflow) or #ossibly have uns#ecified other im#act via crafted system calls. microsoft ** iis Cuffer overflow in the 'c'toragePathGrom:rl 2017-03-26 10.0 CVE-2017-7269 function in the Heb&.! service in %nternet BID (link is external) %nformation 'ervices (%%') B.0 in Microsoft MISC (link is Hindows 'erver A<<, 6A allows remote attac$ers external) to e+ecute arbitrary code via a long header MISC (link is external) beginning with 0%f: Ihtt#:/10 in a P6OPG%ND MISC (link is reEuest, as e+#loited in the wild in 4uly or .ugust external) A<8B. MISC (link is external) modx ** modx2revolution setu#1controllers1welcome.ph# in M7&5 2017-03-30 7.5 CVE-2017-7321 BID (link is 6evolution A.5.4*#l and earlier allows remote external) attac$ers to e+ecute arbitrary PHP code via the MISC (link is config2$ey #arameter to the setu#1inde+.ph#J external) actionKwelcome :6%. modx ** modx2revolution setu#1tem#lates1findcore.ph# in M7&5 2017-03-30 7.5 CVE-2017-7324 BID (link is 6evolution A.5.4*#l and earlier allows remote external) attac$ers to e+ecute arbitrary PHP code via the MISC (link is core2#ath #arameter.