Tanzania Computer Emergency Response Team

IBM has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review IBM Security Bulletins for 4th October 2021 and apply necessary updates.

Amazon has released security updates to address vulnerabilities affecting Amazon Linux. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Amazon Security Advisory  and apply necessary updates.

Oracle has released security updates to address vulnerabilities affecting Oracle Linux OS. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrator are encouraged to review Oracle Security Advisories for 5th October 2021 and apply necessary updates.

Advisory No: TZCERT/SA/2021/10/06 Date of First Release: 06th October 2021 Source: Apache Software Affected: Apache HTTP Server 2.4.49 Overview The vulnerability exists in the Apache web servers running version 2.4.49. The exploitation of this vulnerability could allow an attacker to use a path traversal attack to map URLs to files outside the expected document root. …

Cisco has released security updates to address vulnerability affecting Lasso Security Assertion Markup Language (SAML) Single Sign-On (SSO) library. Exploitation of this vulnerability may allow an attacker to take control of a system. Users and Administrators are encouraged to review Cisco Security Advisory and apply necessary updates.