4 matches found
Fedora 28 : openocd (2019-f0add5eed0)
fix for CVE-2018-5704 RHBZ 1534844 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Netwo...
[SECURITY] [DSA 4093-1] openocd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4093-1 [email protected] https://www.debian.org/security/ January 21, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
CVE-2018-5704
Open On-Chip Debugger OpenOCD 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site...
CVE-2018-5704
CVE-2018-5704 affects OpenOCD 0.10.0, enabling cross‑protocol scripting via crafted web content that can trigger arbitrary command execution on the host (targeted by HTTP POST to 127.0.0.1:4444). Public advisories note a remedy: OpenOCD defaults bound to localhost and patches/upstream fixes have ...