Weekly Update: a new vulnerability is published on the National Vulnerability Database (10 items)

New vulnerabilities from the NVD: CVE-2016-10745 In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. Published at: April 08, 2019 at 04:29PM View on website April 08, 2019 at 06:12PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2014-9186 A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Published at: April 08, 2019 at 07:29PM View on website April 08, 2019 at 10:11PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2014-5436 A directory traversal vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to possible information disclosure. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Published at: April 08, 2019 at 07:29PM View on website April 08, 2019 at 10:11PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2014-5435 An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. Published at: April 08, 2019 at 07:29PM View on website April 08, 2019 at 10:11PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2017-17544 A privilege escalation vulnerability in Fortinet FortiOS all versions below 6.2.0 allows admin users to elevate their profile to super_admin via restoring modified configurations. Published at: April 09, 2019 at 07:29PM View on website April 09, 2019 at 10:11PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2017-3139 A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. Published at: April 09, 2019 at 09:29PM View on website April 10, 2019 at 12:11AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2017-17023 The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows a man-in-the-middle (MITM) or man-on-the-side (MOTS) attacker to execute arbitrary, malicious software on a target user's computer. This is related to SIC_V11.04-64.exe (Sophos), NCP_EntryCl_Windows_x86_1004_31799.exe (NCP), and ncpmon.exe (both Sophos and NCP). The vulnerability exists because: (1) the VPN client requests update metadata over an insecure HTTP connection; and (2) the client software does not check if the software update is signed before running it. Published at: April 09, 2019 at 09:29PM View on website April 10, 2019 at 12:11AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2006-7254 The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon. Published at: April 10, 2019 at 11:29PM View on website April 11, 2019 at 02:11AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2005-3590 The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory. Published at: April 10, 2019 at 11:29PM View on website April 11, 2019 at 02:11AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2017-14199 A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0 and 1.10.0. Published at: April 12, 2019 at 08:29PM View on website April 12, 2019 at 10:51PM via National Vulnerability Database