kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS

A flaw was found in the Linux kernel’s implementation of the WiFi station handoff code. An attacker within the radio range could use this flaw to deny a valid device from joining the access point...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1076)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-5108

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

CVE-2019-5108

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

CVE-2019-5061

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table...

CVE-2019-5061

An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table...

Linux kernel CAM table denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

Taking Reputation to Scale: An Iterative Journey with an Agile Approach (Part 2)

In Part 1 of this blog, we shared with you the challenges we had in balancing latency, scalability, and cost for our reputation services. In this blog, we’ll give you some insights into each major iteration along that journey, from the beginning to where we are now. 100 requests per second. Befor...

CVE-2017-13719

The Amcrest IPM-721S AmcrestIPC-AWXXEngNV2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encod...

Format string

The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack...

Starbucks: Reflected Cross site Scripting (XSS) on www.starbucks.com

Summary: Reflected Cross site Scripting XSS on https://www.starbucks.com/account/signin?ReturnUrl Description: The attacker can execute javascript on the victims account just after the authentication process. Platforms Affected: www.starbucks.com www.starbucks.ca www.starbucks.com.br...

CVE-2017-7537

It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates...

Remote code execution

The Credential Security Support Provider protocol CredSSP in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code...

Ed: Oauth flow on the comments widget login can lead to the access code leakage

Description Hello. Here is a keyword: frog I discovered an little Oauth flow in the comments widget authentication process using redirecturi manipulations. The widget located on the all blogposts, which have URL https://edoverflow.com/2017/post-title/ Upon authentication, it appeared that code...

Information disclosure

Skybox Manager Client Application prior to 8.5.501 is prone to an information disclosure vulnerability of user password hashes. A local authenticated attacker can access the password hashes in a debugger-pause state during the authentication process...

Enabling Save Passwords option with Receiver for ios and Storefront

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company's Help Desk/IT support team and can refer to CTX297149 for more information. For Storefront Direct Connections , password saving is not available for receiver for ios and end...

Stack overflow

An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20 all versions. A stack-based buffer overflow can be triggered during the SNMP login authenticatio...

Google Simplifies Two-Step Verification

Most major technology companies offer some take on two-factor authentication as an option for users to secure access to accounts and web-based services. Making users drink from that pond, however, has been a different story. Simplifying the process of using the second form of authentication, most...

IRS Reinstates Get Transcript Service Following Hack

The Internal Revenue Service has reinstated its Get Transcript service, more than a year after hackers managed to manipulate settings in the system in order to steal information on more than 720,000 U.S. taxpayers. The IRS suspended the service – which gives citizens a way to look up line-by-line...

Simple PHP Agenda Request Forgery Vulnerability

Simple PHP Agenda is a PHP, MYSQL based meeting schedule management tool. A request forgery vulnerability exists in Simple PHP Agenda auth/process.php, which allows remote attackers to construct malicious URIs, trick users into parsing them, and perform malicious actions in the context of the...