332 matches found
The vulnerability of the gweb component of the Connection dispatcher, related to writing outside of the allocated memory range, allows a hacker to execute arbitrary code.
The vulnerability of the gweb component of the Connman connection controller is related to writing beyond the boundaries of a reserved memory range. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Debian dla-3144 : connman - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3144 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3144-1 [email protected]...
Debian: Security Advisory (DLA-3144-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3144-1] connman security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3144-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 10, 2022 https://wiki.debian.org/LTS -...
DLA-3144-1 connman - security update
Bulletin has no description...
openSUSE 15 Security Update : connman (openSUSE-SU-2022:10134-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10134-1 advisory. - In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer...
OPENSUSE-SU-2022:10134-1 Security update for connman
This update for connman fixes the following issues: - CVE-2022-32292: Add refcounting to wispr portal detection to avoid heap overflow boo1200190 - CVE-2022-32292: Fix OOB write in receiveddata boo1200189...
Security update for connman (critical)
openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2022:10134-1 Rating: critical References: 1200189 1200190 Cross-References: CVE-2022-32292 CVE-2022-32293 CVSS scores: CVE-2022-32292 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-32293 NVD : 8.1...
Debian DSA-5231-1 : connman - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5231 advisory. Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary...
Debian: Security Advisory (DSA-5231-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5231-1] connman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5231-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 17, 2022 https://www.debian.org/security/faq -...
DSA-5231-1 connman - security update
Bulletin has no description...
Debian: Security Advisory (DLA-3105-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3105-1] connman security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3105-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 13, 2022 https://wiki.debian.org/LTS -...
DLA-3105-1 connman - security update
Bulletin has no description...
Debian dla-3105 : connman - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3105 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3105-1 [email protected]...
(Pwn2Own) ConnMan wispr_portal_web_result wp_object Double Free Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ConnMan. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wisprportalwebresult method. The issue results from the lack of validating the...
(Pwn2Own) ConnMan received_data Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installation of ConnMan. Authentication is not required to exploit this vulnerability. The specific flaw exists within the receiveddata method. Crafted data in a HTTP response can trigger a write past the e...
MGASA-2022-0319 Updated connman packages fix security vulnerability
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute code. CVE-2022-32292 In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a...
Updated connman packages fix security vulnerability
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute code. CVE-2022-32292 In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a...