RHCOS 4 : OpenShift Container Platform 4.15.13 (RHSA-2024:2776)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2776 advisory. - jose-go: improper handling of highly compressed data CVE-2024-28180 Note that Nessus has not tested for this issue but has instead relied...

RHSA-2024:2776 Red Hat Security Advisory: OpenShift Container Platform 4.15.13 packages and security update

Bulletin has no description...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.13 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.13 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

RHEL 8 / 9 : OpenShift Container Platform 4.15.13 (RHSA-2024:2776)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2776 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

WordPress Mooberry Book Manager Plugin <= 4.15.12 is vulnerable to Sensitive Data Exposure

Software Mooberry Book Manager Type Plugin Vulnerable versions = 4.15.12 Fixed in 4.15.13 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-34368 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8048e91588cf Credits Steven Julian...

USN-5936-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

SUSE: Security Advisory (SUSE-SU-2023:0014-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0014-1 Security update for samba

This update for samba fixes the following issues: Update to 4.15.13 - CVE-2022-37966 rc4-hmac Kerberos session keys issued to modern servers bsc1205385. - CVE-2022-37967 Kerberos constrained delegation ticket forgery possible against Samba AD DC bsc1205386. - CVE-2022-38023 RC4/HMAC-MD5 NetLogon...

Samba Elevation of Privilege Vulnerability (CVE-2022-45141)

Samba is prone to an elevation of privilege vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided

Description This is Samba's response to Microsoft's CVE-2022-3802312. Following RFC8429 and as has been published for CVE-2022-3938, rc4-hmac also known as arcfour-hmac-md5 cryptography in Kerberos is weak, then it follows that the RC4 mode in the NETLOGON Secure Channel DCE/RPC bulk encryption i...