Updated rsync packages fix security vulnerabilities

Updated rsync packages fix security vulnerabilities: It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2016-9840, CVE-2016-9841 It was...

The vulnerability of the `__zzip_parse_root_directory` function in the ZZIPlib archive library arises from the fact that resources are not released after their useful period has ended. This allows a malicious actor to cause service failures.

The vulnerability of the zzipparserootdirectory function in the ZZIPlib compression library is related to the failure to release resources after their useful period has ended. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

The vulnerability of the zzip_disk_findfirst function in the ZZIPlib compression library, which stems from incorrect calculation of buffer size, allows a hacker to cause a service failure.

The vulnerability of the zzipdiskfindfirst function in the ZZIPlib compression library is related to incorrect calculation of buffer size. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by using a specially created zip file...

The vulnerability of the __zzipFetchFetchDiskTrailer function in the ZZIPlib library allows a hacker to trigger a service failure.

The vulnerability of the zzipfetchdisktrailer function in the ZZIPlib compression library is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by using a specially created zip file...

CVE-2020-9342

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 on Linux of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper...

CVE-2020-9342

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 on Linux of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper...

Design/Logic Flaw

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 on Linux of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper...

CVE-2020-9342

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 on Linux of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper...

CVE-2020-9342

Summary: CVE-2020-9342 affects the F-Secure AV parsing engine prior to 2020-02-05, enabling a virus-detection bypass via crafted Compression Method data in a GZIP archive. Affected products/versions include Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper on Lin...

CVE-2013-3587

The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of...

SecuSTATION SC-831 HD Camera Remote Configuration Disclosure

!/usr/bin/perl SecuSTATION SC-831 HD Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor Donev i...

US Natural Gas-Compression facility cripples after ransomware attack

By Deeba Ahmed Another day, another ransomware attack - This time, hackers have hit critical infrastructure of the government of the United States. This is a post from HackRead.com Read the original post: US Natural Gas-Compression facility cripples after ransomware attack...

spice-client: Insufficient encoding checks for LZ can cause different integer/buffer overflows

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...

[SECURITY] Fedora 31 Update: upx-3.96-2.fc31

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

[SECURITY] Fedora 30 Update: upx-3.96-1.fc30

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

Fedora: Security Advisory for upx (FEDORA-2020-20cf0743f5)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian DLA-2085-1 : zlib security update

Several issues have been found in zlib, a compression library. They are basically about improper big-endian CRC calculation, improper left shift of negative integers and improper pointer arithmetic. For Debian 8 'Jessie', these problems have been fixed in version 1:1.2.8.dfsg-2+deb8u1. We recomme...

Debian: Security Advisory (DLA-2085-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2085-1] zlib security update

Package : zlib Version : 1:1.2.8.dfsg-2+deb8u1 CVE ID : CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Several issues have been found in zlib, a compression library. They are basically about improper big-endian CRC calculation, improper left shift of negative integers and improper pointe...

Fedora: Security Advisory for mingw-wavpack (FEDORA-2020-73274c9df4)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...