Remote Code Execution

bind9 is vulnerable to remote code execution. A buffer overflow in GSSAPI security policy negotiation can result in remote code execution...

[SECURITY] [DSA 4857-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4857-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 18, 2021 https://www.debian.org/security/faq -...

USN-4737-1: Bind vulnerability

It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the Bind AppArmor...

SUSE-SU-2021:0504-1 Security update for bind

This update for bind fixes the following issues: - CVE-2020-8625: A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack bsc1182246, CVE-2020-8625...

ISC BIND Buffer Overflow Vulnerability (CVE-2020-8625) - Linux

ISC BIND is prone to a buffer overflow vulnerability in the GSSAPI security policy negotiation. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

ISC BIND Buffer Overflow Vulnerability (CVE-2020-8625) - Windows

ISC BIND is prone to a buffer overflow vulnerability in the GSSAPI security policy negotiation. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

DEBIAN-CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the...

ALPINE-CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the...

CVE-2020-8625 A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the...

cyrus-sasl security, bug fix, and enhancement update

2.1.27-5 - Reduce excessive GSSAPI plugin logging - Resolves: rhbz1274734 2.1.27-4 - Add support for setting maxssf=0 in GSS-SPNEGO - Resolves: rhbz1822133 2.1.27-3 - Backport GSSAPI Channel Bindings support - Resolves: rhbz1817054 2.1.27-2 - Backport fix for CVE-2019-19906 - Resolves: rhbz180403...

Security update for postgresql96, postgresql10 and postgresql12 (moderate)

openSUSE Security Update: Security update for postgresql96, postgresql10 and postgresql12 Announcement ID: openSUSE-SU-2020:1227-1 Rating: moderate References: 1091610 1104199 1104202 1134689 1145092 1148643 1163985 1171924 1175194 Cross-References: CVE-2018-10915 CVE-2018-10925 CVE-2018-1115...

SUSE SLED15 / SLES15 Security Update : postgresql10 / postgresql12 (SUSE-SU-2020:2149-1)

This update for postgresql10 and postgresql12 fixes the following issues : postgresql10 was updated to 10.13 bsc1171924. https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html postgresql10 was updated to 10.12 CVE-2020-1720, bsc1163985...

Pivotnacci - A Tool To Make Socks Connections Through HTTP Agents

Pivot into the internal network by deploying HTTP agents. Pivotnacci allows you to create a socks server which communicates with HTTP agents. The architecture looks like the following: This tool was inspired by the great reGeorg. However, it includes some improvements: Support for balanced server...

Information Disclosure

curl is vulnerable to information disclosure. It was found that cURL always performed credential delegation when authenticating with GSSAPI. A rogue server could use this flaw to obtain the client's credentials and impersonate that client to other servers that are using GSSAPI...

Information Disclosure

openssh is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the way the OpenSSH server processes GSSAPI authentication requests. When GSSAPI authentication was enabled in the OpenSSH server, a remote attacker was potentially able to determine if a username is...

Debian DLA-2128-1 : openjdk-7 security update

Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes. For Debian 8 'Jessie', these problems have been fixed in version 7u251-2.6.21-1deb8u1. We recommend...

Debian: Security Advisory (DLA-2128-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-4621-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4621-1 : openjdk-8 - security update

Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

Ubuntu 16.04 LTS / 18.04 LTS : OpenJDK vulnerabilities (USN-4257-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4257-1 advisory. It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use th...