[SECURITY] Fedora 24 Update: nodejs-4.4.6-2.fc24

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

kernel: SCTP denial of service during timeout

A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctpaccept during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a deni...

Microsoft Exchange Server CVE-2016-0028 Information Disclosure Vulnerability

Description Microsoft Exchange Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 are vulnerable. Technologies...

Network Wide Hardware Ad Blocking: Pi-Hole

The Pi-hole can block ads for all devices on your network. All you need is a Raspberry Pi connected to your router. It was inspired as a low-cost,open source alternative to the AdTrap. The Pi-hole works on the the B, B+and Pi 2 it can also run on the Zero, but you need a micro-USB-to-Ethernet...

[SECURITY] Fedora 24 Update: nodejs-4.4.4-1.fc24

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

IDS IPS Testing Framework: pytbull

pytbull is an Intrusion Detection/Prevention System IDS/IPS Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to...

[SECURITY] Fedora 22 Update: squid-3.5.10-1.fc22

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

Medium: kernel

Issue Overview: An integer overflow vulnerability was found in xtalloctableinfo, which on 32-bit systems can lead to small structure allocation and a copyfromuser based heap corruption. CVE-2016-3135 In the marksourcechains function net/ipv4/netfilter/iptables.c it is possible for a user-supplied...

CVE-2016-0741

slapd/connection.c in 389 Directory Server formerly Fedora Directory Server 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service infinite loop and connection blocking by leveraging an abnormally closed connection...

CVE-2016-0741

slapd/connection.c in 389 Directory Server formerly Fedora Directory Server 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service infinite loop and connection blocking by leveraging an abnormally closed connection...

UBUNTU-CVE-2016-2166

The 1 proton.reactor.Connector, 2 proton.reactor.Container, and 3 proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain...

PT-2016-5042 · Apache +1 · Apache Qpid Proton +1

Name of the Vulnerable Software and Affected Versions: Apache Qpid Proton versions prior to 0.12.1 Description: The issue is related to the improper use of an unencrypted connection for an amqps URI scheme when SSL support is unavailable in certain classes. This might allow attackers to obtain...

[SECURITY] Fedora 24 Update: nodejs-5.10.0-1.fc24

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

HackerOne: Web Authentication Endpoint Credentials Brute-Force Vulnerability

Dear, Your web authentication endpoint, https://hackerone.com/sessions POST, currently protects against credentials brute-force attacks only by requests rate-limiting based on IP. It was found that if an attacker sends login requests faster than every 4 seconds from the same IP address, it would...

Mangabro - bypass blocking - Dangerous filesystem permissions, Exported ContentProvider, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Mangabro - bypass blocking published at the 'play' market has multiple vulnerabilities...

Cisco Firepower Malware Block Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to improper input validation of fields in HTTP headers. A...

[SECURITY] Fedora 22 Update: nodejs-0.10.42-4.fc22

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

[SECURITY] Fedora 23 Update: nodejs-0.10.42-4.fc23

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

[SECURITY] Fedora 22 Update: privoxy-3.0.23-3.fc22

Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit...

kernel security update

kernel 2.6.18-408 - net udp: fix behavior of wrong checksums Denys Vlasenko 1240757 CVE-2015-5364 CVE-2015-5366 - net ipv6/udp: Use correct var to determine non-blocking cond Denys Vlasenko 1240757 CVE-2015-5364 CVE-2015-5366 - net SNMP: Restore Udp6InErrors incrementation Denys Vlasenko 1240757...