97 matches found
Ubuntu 21.10 : Thunderbird vulnerabilities (USN-5152-1)
The remote Ubuntu 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5152-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...
OPENSUSE-SU-2021:1050-1 Security update for fossil
This update for fossil fixes the following issues: fossil 2.16: Add the fossil patch command Improve the fossil ui command to work on check-out directories and remote machines web UI improvements Add fossil bisect run command for improved automation of bisects Improve fossil merge handling of...
SUSE-SU-2021:1472-1 Security update for ceph, deepsea
This update for ceph, deepsea fixes the following issues: - ceph was updated to 14.2.20-402-g6aa76c6815: CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905. CVE-2020-27839: Use secure cookies to store JWT Tok...
Security Bulletin: Vulnerability in IBM Java SDK affect IBM Spectrum Scale RAID/IBM GPFS Native RAID (CVE-2015-7575)
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM Spectrum Scale RAID/IBM GPFS Native RAID. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID:...
CVE-2020-15526
In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...
Code injection
In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...
CVE-2020-15526
CVE-2020-15526 affects Redgate SQL Monitor versions 7.1.4 through 10.1.6, where the scope for disabling TLS certificate checks could extend beyond the intended Configuration > Notifications, also affecting VMware monitoring. This allows potential man-in-the-middle attacks when sending alert no...
CVE-2020-15526
In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...
Exploit for Use After Free in Microsoft
detectbluekeep.py Python script to detect bluekeep vulnerabil...
Security Bulletin: Vulnerabilities in IBM Java Runtime affect Watson Explorer, Watson Content Analytics, and OmniFind Enterprise Edition (CVE-2015-7575, CVE-2015-4872)
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by Watson Explorer, Watson Content Analytics, and OmniFind Enterprise Edition. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security...
Security Bulletin: OpenSSL vulnerabilities for Rational Automation Framework Security Advisory (CVE-2015-0204)
Summary A vulnerability in the OpenSSL ssl3getkeyexchange function could allow a remote attacker to downgrade the security of certain TLS connections. An OpenSSL client accepts the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. This could allow a remote attacker using...
The Digital Transformation Age Is Dawning: Do You Know Where Your Certificates Are?
How many digital certificates are in use in your organization? When do they expire? Do you have a way of discovering digital certificates from unapproved Certificate Authorities? Most organizations can't answer these questions with complete certainty, because they lack the necessary visibility an...
CVE-2018-1069
GlusterFS and NFS network filesystems rely on File System User ID and Group ID information in order to restrict access to file shares. However, it's possible to overwrite the Openshift restrictions on container UserId and GroupdId as they are not validated before being sent over the Openshift...
The "Extended Random" Feature in the BSAFE Crypto Library
Matthew Green wrote a fascinating blog post about the NSA's efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA's backdoor into the DUALECPRNG random number generator to weaken TLS...
SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based...
CipherScan - Find out which SSL ciphersuites are supported by a target
Cipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl sclient command line. Cipherscan is meant to run on all...
EUVD-2017-12848
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...
US-CERT Warns HTTPS Inspection May Degrade TLS Security
Recent academic work looking at the degradation of security occurring when HTTPS inspection tools are sitting in TLS traffic streams has been escalated by an alert published Thursday by the Department of Homeland Security. DHS’ US-CERT warned enterprises that running standalone inspection...
Fedora 24 : 1:xrdp (2017-05e32fe278)
WARNING: Please note that this update comes with a slightly different syntax of sesman.ini file, so if you edited this file by hand, you may need to look at the .rpmnew file and merge any required changes by hand. This release also creates three files in /etc/xrdp directory if they don't already...
Fedora 25 : 1:xrdp (2017-8fffbae8af)
WARNING: Please note that this update comes with a slightly different syntax of sesman.ini file, so if you edited this file by hand, you may need to look at the .rpmnew file and merge any required changes by hand. This release also creates three files in /etc/xrdp directory if they don't already...