168 matches found
Debian: Security Advisory (DLA-3203-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:4201-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2021-3618: Fixed the ALPACA attack limiting the number of errors after which the connection is closed bsc1187685...
SUSE-SU-2022:4192-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2021-3618: Fixed the ALPACA attack limiting the number of errors after which the connection is closed bsc1187685...
SUSE SLES12 Security Update : vsftpd (SUSE-SU-2022:3888-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3888-1 advisory. - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, bsc1187686, bsc1187678. Bugfixes: - Fixed a seccomp failure in FIPS...
SUSE: Security Advisory (SUSE-SU-2022:3888-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3888-1 Security update for vsftpd
This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, bsc1187686, bsc1187678. Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled bsc1052900. - Allowed wait4 to be called so that the broker can wait for its...
Amazon Linux 2022 : vsftpd (ALAS2022-2022-172)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-172 advisory. ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates...
Amazon Linux 2022 : sendmail, sendmail-cf, sendmail-milter (ALAS2022-2022-171)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-171 advisory. ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates...
WordPress WP Best Quiz plugin <= 1.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Alpaca in WordPress WP Best Quiz plugin versions = 1.0. Solution No patched version available...
SUSE SLES15 Security Update : vsftpd (SUSE-SU-2022:3458-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3458-1 advisory. - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, jscSLE-23895, bsc1187686, bsc1187678. - Added hardening to systemd...
SUSE SLES15 / openSUSE 15 Security Update : vsftpd (SUSE-SU-2022:3457-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3457-1 advisory. - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, jscSLE-23896, bsc1187686, bsc1187678. - Added hardeni...
openSUSE: Security Advisory for vsftpd (SUSE-SU-2022:3457-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:3458-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3458-1 Security update for vsftpd
This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, jscSLE-23895, bsc1187686, bsc1187678. - Added hardening to systemd services bsc1181400. Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled bsc1052900. -...
SUSE-SU-2022:3457-1 Security update for vsftpd
This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, jscSLE-23896, bsc1187686, bsc1187678. - Added hardening to systemd services bsc1181400. Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled bsc1052900. -...
SUSE SLES12 Security Update : vsftpd (SUSE-SU-2022:3383-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3383-1 advisory. - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, bsc1187686, bsc1187678. Bugfixes: - Fixed a seccomp failure in FIPS...
SUSE-SU-2022:3383-1 Security update for vsftpd
This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack PM-3322, bsc1187686, bsc1187678. Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled bsc1052900. - Allowed wait4 to be called so that the broker can wait for its...
SUSE SLES15 / openSUSE 15 Security Update : vsftpd (SUSE-SU-2022:3320-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3320-1 advisory. - CVE-2021-3618: Enforced security checks against ALPACA attack bsc1187678, bsc1187686, PM-3322. Bugfixes: - Fixed a seccomp...
SUSE-SU-2022:3320-1 Security update for vsftpd
This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack bsc1187678, bsc1187686, PM-3322. Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled bsc1052900. - Allowed wait4 to be called so that the broker can wait for its...
Malicious code in alpaca-oas (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a68a07a8506d5dcce370260e4c897a0d0fcfccfc0e10eeb83a02284cd0ff55fc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...