Updated perl packages fix security vulnerability

This update from 5.28.2 to 5.28.3 fixes bugs several bugs the RPM package manager. - Update to 5.23.3 See https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod for release notes - Security release fixes CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723 - Work around a glibc bug...

MGASA-2020-0255 Updated perl packages fix security vulnerability

This update from 5.28.2 to 5.28.3 fixes bugs several bugs the RPM package manager. - Update to 5.23.3 See https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod for release notes - Security release fixes CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723 - Work around a glibc bug ...

XACK DNS vulnerable to denial-of-service (DoS)

Overview XACK DNS is DNS server software provided by XACK, Inc. XACK DNS contains a denial-of-service DoS vulnerability due to an issue commonly referred to as NXNSAttack. XACK, Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and XACK, Inc. coordinat...

Huawei EulerOS: Security Advisory for screen (EulerOS-SA-2020-1433)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-11647

In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion...

UBUNTU-CVE-2020-11647

In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion...

CVE-2020-11647

In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion...

Huawei EulerOS: Security Advisory for screen (EulerOS-SA-2019-2548)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : screen (EulerOS-SA-2019-2548)

According to the version of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial o...

DEBIAN-CVE-2019-12295

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion...

CVE-2019-12295

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion...

Stack overflow

jQuery 3.0.0-rc.1 is vulnerable to Denial of Service DoS due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit...

DEBIAN-CVE-2017-15377

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found;...

UBUNTU-CVE-2017-15377

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found;...

CVE-2017-15377

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found;...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3626)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3626 advisory. kernel-uek 4.1.12-61.1.14 - net: add recursion limit to GRO Sabrina Dubroca Orabug: 24829133 CVE-2016-7039 Tenable has extracted the preceding description...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-61.1.14 - net: add recursion limit to GRO Sabrina Dubroca Orabug: 24829133 CVE-2016-7039...

DEBIAN-CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2015:0096-1)

This update of bind to 9.9.6P1 fixes bugs and also the following security issue : A flaw in delegation handling could be exploited to put named into an infinite loop. This has been addressed by placing limits on the number of levels of recursion named will allow default 7, and the number of...