Mageia: Security Advisory (MGASA-2020-0171)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NimHollow - Nim Implementation Of Process Hollowing Using Syscalls (PoC)

Playing around with the Process Hollowing technique using Nim. Features: Direct syscalls for triggering Windows Native API functions with NimlineWhispers. Shellcode encryption/decryption with AES in CTR mode. Simple sandbox detection methods from the OSEP course by @offensive-security. AMSI...

Security Bulletin: Vulnerability in libssh affects Power Hardware Management Console (CVE-2020-1730).

Summary libssh is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1730 DESCRIPTION: libssh is vulnerable to a denial of service, caused by the use of uninitialized AES-CTR ciphers. A remote attacker could exploit this...

AZL-6604 CVE-2021-43389 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detachcapictr function in drivers/isdn/capi/kcapi.c...

DEBIAN-CVE-2021-43389

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detachcapictr function in drivers/isdn/capi/kcapi.c...

`aes-ctr` has been merged into the `aes` crate

Please use the aes crate going forward. The new repository location is at: The aes crate now has an optional ctr feature which autodetects SIMD features on i686/x86-64 targets and uses them if available, or otherwise falls back to the implementation in the ctr crate. If you would prefer not to ha...

actinium226-librespot (=0.4.3), actinium226-librespot-connect (=0.4.3) +51 more potentially affected by unknown CVE via aes-ctr (>=0.6.0 <=0.99.99)

aes-ctr CARGO version =0.6.0, =0.4.3, =0.5.0, =0.1.0, =0.2.0, =0.1.0, =0.40.0, =0.40.0, =0.40.0, =0.40.0, =0.1.0, =0.1.0, =0.6.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0061...

SUSE: Security Advisory (SUSE-SU-2020:0968-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 6.02 : libssh Multiple Vulnerabilities (NS-SA-2021-0069)

The remote NewStart CGSL host, running version MAIN 6.02, has libssh packages installed that are affected by multiple vulnerabilities: - A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could...

CentOS 8 : libssh (CESA-2020:4545)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4545 advisory. - libssh: unsanitized location in scp could lead to unwanted command execution CVE-2019-14889 - libssh: denial of service when handling AES-CTR or DES...

SUSE SLED15 / SLES15 Security Update : libssh2_org (SUSE-SU-2020:3551-1)

This update for libssh2org fixes the following issues : Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes : - adds ECDSA keys and host key support when using OpenSSL - adds ED25519 key and host key support when using OpenSSL 1.1.1 - adds OpenSSH style key file reading -...

openSUSE Security Update : libssh2_org (openSUSE-2020-2126)

This update for libssh2org fixes the following issues : - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes : - adds ECDSA keys and host key support when using OpenSSL - adds ED25519 key and host key support when using OpenSSL 1.1.1 - adds OpenSSH style key file reading ...

Security update for libssh2_org (moderate)

openSUSE Security Update: Security update for libssh2org Announcement ID: openSUSE-SU-2020:2129-1 Rating: moderate References: 1130103 1178083 Cross-References: CVE-2019-17498 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862...

OPENSUSE-SU-2020:2126-1 Security update for libssh2_org

This update for libssh2org fixes the following issues: - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes: adds ECDSA keys and host key support when using OpenSSL adds ED25519 key and host key support when using OpenSSL 1.1.1 adds OpenSSH style key file reading adds AES...

SUSE-SU-2020:3551-1 Security update for libssh2_org

This update for libssh2org fixes the following issues: - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes: adds ECDSA keys and host key support when using OpenSSL adds ED25519 key and host key support when using OpenSSL 1.1.1 adds OpenSSH style key file reading adds AES...

Moderate: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CV...

Oracle Linux 8 : libssh (ELSA-2020-4545)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4545 advisory. - Add a test for CVE-2019-14889 - Fixed CVE-2019-14889 1781782 - Fixed CVE-2020-1730 1802422 Tenable has extracted the preceding description block...

Moderate: Red Hat Security Advisory: libssh security, bug fix, and enhancement update

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2020:4545 Moderate: libssh security, bug fix, and enhancement update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh 0.9.4. BZ1804797 Security Fixes: libssh: denial of service when handling AES-CTR or DES ciphers...