Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to publicly disclosed vulnerabilities from [All] Python (CVE-2018-1060, CVE-2018-1061)

Summary Python as used by IBM QRadar Network Packet Capture is vulnerable to a denial of service Vulnerability Details CVEID: CVE-2018-1060 Description: Python is vulnerable to a denial of service, caused by catastrophic backtracking in the pop3lib's apop method. A remote attacker could exploit...

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to publicly disclosed vulnerabilities from OpenSSL (CVE-2018-0739, CVE-2018-0732)

Summary OpenSSL as used by IBM QRadar Network Packet Capture is vulnerable to a denial of service Vulnerability Details CVEID: CVE-2018-0739 Description: OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could...

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to a Publicly disclosed vulnerability from GNU glibc (CVE-2018-11237)

Summary GLIBC as used by IBM QRadar Network Packet Capture is vulnerable to a buffer overflow Vulnerability Details CVEID: CVE-2018-11237 Description: GNU glibc is vulnerable to a buffer overflow, caused by improper bounds of checking by the mempcpy function. By sending a specially-crafted reques...

CVE-2019-6526

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

CVE-2019-3915

Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway G1100 firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface...

Authentication flaw

Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway G1100 firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface...

CVE-2019-3915

Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway G1100 firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface...

CVE-2019-3915

Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway G1100 firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface...

CVE-2019-3915

CVE-2019-3915 applies to Verizon Fios Quantum Gateway (G1100) firmware 02.01.00.05. The vulnerability is an authentication bypass via capture‑replay: because the web admin interface relies on HTTP (not HTTPS), an adjacent‑network attacker can intercept login requests and replay them to gain admin...

[SECURITY] Fedora 30 Update: tcpreplay-4.3.2-1.fc30

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap tcpdump and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information...

CVE-2019-1003043

A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2019-1003044

A cross-site request forgery vulnerability in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2019-1003043

A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

Design/Logic Flaw

A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2019-1003043

Summary: Jenkins Slack Notification Plugin (versions ≤ 2.19) contains a missing permission check in a form-validation pathway that can be exploited by users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs, potentially exfiltrating credenti...

CB Threat Intelligence Notification: Vidar InfoStealer Trojan Aims to Steal Data Before Erasing Itself

Vidar is an info stealer trojan, which was sold under the name Vidar Pro stealer and can be distributed through different campaigns. This malware will perform multiple types of malicious behavior including stealing web browser cookies and history, digital wallets, two-factor authentication data,...

[SECURITY] Fedora 28 Update: tcpreplay-4.3.2-1.fc28

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap tcpdump and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information...

[SECURITY] Fedora 29 Update: tcpflow-1.5.0-4.fc29

tcpflow is a program that captures data transmitted as part of TCP connections flows, and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being...

CVE-2015-2254

Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch...