48 matches found
EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1222)
According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a...
CVE-2018-7705
SecurEnvoy SecurMail vulnerability CVE-2018-7705 is a directory traversal flaw in secupload2/upload.aspx that allows remote authenticated users to read emails to arbitrary recipients. Affected products are SecurEnvoy SecurMail versions before 9.2.501; the issue is fixed in 9.2.501 or newer. Impac...
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SecurEnvoy SecurMail vulnerable version: 9.1.501 fixed version: 9.2.501...
About the security content of tvOS 9.2.2 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
CVE-2015-7705
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests...
DEBIAN-CVE-2015-7705
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests...
CVE-2015-7705
CVE-2015-7705 describes a DoS vulnerability in NTP’s rate-limiting: remote attackers can cause a client to delay/stop querying time sources by sending forged Kiss-of-Death messages. Affected are NTPd 4.x before 4.2.8p4 and 4.3.x before 4.3.77; multiple vendors (e.g., F5 BIG-IP, Debian, Arista/EOS...
GLSA-201706-12 : Wireshark: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201706-12 Wireshark: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to process a...
SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:1442-1)
Wireshark was updated to version 2.2.6, which brings several new features, enhancements and bug fixes. Thses security issues were fixed : - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in...
SUSE-SU-2017:1442-1 Security update for wireshark
Wireshark was updated to version 2.2.6, which brings several new features, enhancements and bug fixes. Thses security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in...
CVE-2016-7705
CVE-2016-7705 is an Apple vulnerability entry with concrete details in connected docs: in IOAcceleratorFamily, it describes a local privilege escalation via a null pointer dereference that was addressed by improved validation. Apple security updates across watchOS 2.2.2, tvOS 9.2.2, iOS 9.3.3, an...
CVE-2016-7705
...
SUSE-SU-2017:1174-1 Security update for wireshark
Wireshark was updated to version 2.0.12, which brings several new features, enhancements and bug fixes. These security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in...
openSUSE Security Update : wireshark (openSUSE-2017-503)
This update to Wireshark 2.2.6 fixes minor vulnerabilities that could be used to trigger a dissector crash or infinite loops by sending specially crafted packages over the network or into a capture file : - CVE-2017-7700: NetScaler file parser infinite loop boo1033936 - CVE-2017-7701: BGP dissect...
Wireshark 2.2.x < 2.2.6 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.6 advisory. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite...
Security fix for the ALT Linux 9 package wireshark version 2.2.6-alt1
April 14, 2017 Anton Farygin 2.2.6-alt1 - new version with these security fixes: wnpa-sec-2017-12 IMAP dissector crash CVE-2017-7703 wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702 wnpa-sec-2017-14 NetScaler file parser infinite loop CVE-2017-7700 wnpa-sec-2017-15 RPCoRDMA dissector...
Security fix for the ALT Linux 7 package wireshark version 2.2.6-alt1.M70P.1
April 14, 2017 Anton Farygin 2.2.6-alt1.M70P.1 - new version with these security fixes: wnpa-sec-2017-12 IMAP dissector crash CVE-2017-7703 wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702 wnpa-sec-2017-14 NetScaler file parser infinite loop CVE-2017-7700 wnpa-sec-2017-15 RPCoRDMA...
DEBIAN-CVE-2017-7705
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset...
CVE-2017-7705
CVE-2017-7705 : In Wireshark versions 2.2.0–2.2.5 and 2.0.0–2.0.11, the RPC over RDMA dissector could enter an infinite loop when processing certain crafted packets or malformed captures. The issue was fixed in epan/dissectors/packet-rpcrdma.c by validating offsets to prevent reading beyond the m...
About the security content of watchOS 2.2.2
About the security content of watchOS 2.2.2 This document describes the security content of watchOS 2.2.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...