SRs is a system field that allows end users to input the details of the software release they are experiencing. A search engine vulnerability in the SRs field of a help desk ticket allowed for XSS via the Linked SRs field, leading to remote code execution.

21143 CVE-2018-12761 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.

21144 CVE-2018-12762 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.

21145 CVE-2018-12763 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.

21146 CVE-2018-12764 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.

21147 CVE-2018-12765 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.

21148 CVE-2018-12766 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.

21149 CVE-2018-12767 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.

Linux, VMware vSphere and Virtualization Software

22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.
Private VMs without network interfaces are susceptible to directory traversal attacks.

Checkpoint SF Lyon

Checkpoint is a security company. They have a number of products, from antivirus software and firewalls, to threat management solutions that help businesses keep their data safe. One security solution they offer is their online identity service: Checkpoint SF Lyon.

Checkpoint SF Lyon is an identity and access management (IAM) service that helps organizations manage user identities and access permissions. The service allows organizations to establish users' identities in order to create scopes, roles, groups, and policies for access control across the enterprise. With Checkpoint SF Lyon, customers can manage access privileges on both Windows and Linux-based systems, as well as evaluate security risks by tracking all activity on a system via the Identity Access Management server. The product also integrates with Microsoft Active Directory and LDAP servers for seamless integration into existing environments.

There are many advantages to using the Checkpoint SF Lyon ID Service, but one of its most important benefits is its ability to provide multi-factor authentication for both remote login sessions and web browser sessions in order to increase user's protection against phishing attacks. To further enhance security with this service, Checkpoint offers two-factor authentication hardware devices that require users to enter a one-time password sent via SMS or generated by a hardware device such as a YubiKey or RSA SecurID token in order to log in remotely or use it with their web browser session.

Additionally, Checkpoint offers several different levels of protection for organizations depending on

Installation Notes:

- To install the patch, download the appropriate file for your Linux distribution.
- If your system is running a kernel version earlier than 4.14, you will need to update it to the latest version first.

Authentication, Authorization and Governance

21146 CVE-2018-12764 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.
21147 CVE-2018-12765 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.
21148 CVE-2018-12766 22 Dir Access Bypass In Dir Access - Linux, a guest user can bypass access restrictions via a symlink attack.

Timeline

Published on: 09/11/2022 21:15:00 UTC
Last modified on: 09/15/2022 03:46:00 UTC

References