LightBulb Framework - Tools For Auditing WAFS

LightBulb is an open source python framework for auditing web application firewalls and filters. Synopsis The framework consists of two main algorithms: GOFA : An active learning algorithm that infers symbolic representations of automata in the standard membership/equivalence query model. Active...

Updated openssl packages fix security vulnerabilities

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a Affected 1.1.1. Fixed in OpenSSL 1.1.0j Affected 1.1.0-1.1.0i. Fixed in OpenSSL 1.0.2q...

RHEL 7 : java-1.7.1-ibm (RHSA-2018:3672)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3672 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

RHEL 7 : java-1.8.0-ibm (RHSA-2018:3534)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3534 advisory. - OpenJDK: Incorrect handling of unsigned attributes in signed Jar manifests Security, 8194534 CVE-2018-3136 - OpenJDK: Leak of sensitive...

CVE-2018-15796

Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage...

CVE-2018-15796

The CVE-2018-15796 vulnerability affects Cloud Foundry Bits Service releases prior to 2.14.0, where an insecure hashing algorithm signs URLs. A remote attacker could obtain a signed URL and extract the signing key, gaining complete read/write access to the Bits Service storage. Mitigation: upgrad...

GHSA-VGRX-W6RG-8FQF Forgeable Public/Private Tokens in jwt-simple

Affected versions of the jwt-simple package allow users to select what algorithm the server will use to verify a provided JWT. A malicious actor can use this behaviour to arbitrarily modify the contents of a JWT while still passing verification. For the common use case of the JWT, the end result ...

Forgeable Public/Private Tokens in jwt-simple

Affected versions of the jwt-simple package allow users to select what algorithm the server will use to verify a provided JWT. A malicious actor can use this behaviour to arbitrarily modify the contents of a JWT while still passing verification. For the common use case of the JWT, the end result ...

Apache Tomcat 7.0.79 < 7.0.84 Insecure CGI Servlet Search Algorithm Description Weakness

The version of Apache Tomcat installed on the remote host is 7.0.x prior to 7.0.84. It is, therefore, affected by a flaw that is due to the program containing an incorrect description for the CGI Servlet search algorithm, which may cause an administrator to leave the system in an insecure state...

Apache Tomcat 9.0.0.M22 < 9.0.2 Insecure CGI Servlet Search Algorithm Description Weakness

The version of Apache Tomcat installed on the remote host is 9.0.x prior to 9.0.2. It is, therefore, affected by a flaw that is due to the program containing an incorrect description for the CGI Servlet search algorithm, which may cause an administrator to leave the system in an insecure state...

CVE-2018-0735

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j Affected 1.1.0-1.1.0i. Fixed in OpenSSL 1.1.1a Affected 1.1.1...

Denial Of Service (DoS)

spray-json is vulnerable to denial of service DoS attacks. The vulnerability exists due to the usage of a complex algorithm for parsing a field composed of many decimals...

MGASA-2018-0422 Updated unzip packages fix security vulnerabilities

Updated unzip packages fix security vulnerabilities Heap-based out-of-bounds write CVE-2018-1000031. Heap/BSS-based buffer overflow Bypass of CVE-2015-1315 CVE-2018-1000032. Heap out-of-bounds access in efscanforstream CVE-2018-1000033. Multiple vulnerabilities in the LZMA compression algorithm...

Important: Red Hat Security Advisory: java-1.7.0-openjdk security update

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2018-0734

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a Affected 1.1.1. Fixed in OpenSSL 1.1.0j Affected 1.1.0-1.1.0i. Fixed in OpenSSL 1.0.2q...

kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service

The HMAC implementation crypto/hmac.c in the Linux kernel, before 4.14.8, does not validate that the underlying cryptographic hash algorithm is unkeyed. This allows a local attacker, able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3, ...

CVE-2018-0734

CVE-2018-0734 (OpenSSL) describes a timing side-channel in the DSA signature algorithm that could enable private key recovery. The initial entry notes fixes in OpenSSL releases 1.1.1a (and 1.1.0j, 1.0.2q) for affected branches. Connected advisories (CloudLinux, Arch Linux, Amazon/Linux distributi...

CVE-2018-0735

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j Affected 1.1.0-1.1.0i. Fixed in OpenSSL 1.1.1a Affected 1.1.1...

bouncycastle: BKS-V1 keystore files vulnerable to trivial hash collisions

A flaw involving a risky cryptographic algorithm was found in Bouncycastle. BKS-V1 contained a design flaw resulting from using the SHA-1 hash function, as it contains a 16-bit MAC key size and a 160-bit SHA-1 hash function. This flaw allows an attacker to brute force the password due to the...

Verification Bypass in jsonwebtoken

Versions 4.2.1 and earlier of jsonwebtoken are affected by a verification bypass vulnerability. This is a result of weak validation of the JWT algorithm type, occuring when an attacker is allowed to arbitrarily specify the JWT algorithm. Recommendation Update to version 4.2.2 or later...