11 matches found
SUSE: Security Advisory (SUSE-SU-2020:0930-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-202011-22] ceph: multiple issues
Arch Linux Security Advisory ASA-202011-22 ========================================== Severity: High Date : 2020-11-26 CVE-ID : CVE-2020-1759 CVE-2020-1760 CVE-2020-10753 CVE-2020-25660 Package : ceph Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1195 Summary =====...
Fedora: Security Advisory for ceph (FEDORA-2020-81b9c6cddc)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
FreeBSD : ceph14 -- multiple security issues (5b6bc863-89dc-11ea-af8b-00155d0a0200)
RedHat reports : ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions. ceph: header-splitting in RGW GetObject has a possible XSS. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBS...
openSUSE Security Update : ceph (openSUSE-2020-494)
This update for ceph fixes the following issues : - CVE-2020-1759: Fixed once reuse in msgr V2 secure mode bsc1166403 - CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting bsc1166484. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security,...
CVE-2020-1759
CVE-2020-1759 affects Red Hat Ceph Storage 4 and Red Hat OpenShift Container Storage 4.2, where the secure mode of the messenger v2 protocol (msgr2) allows nonce reuse. This enables forging authentication tags and can lead to confidentiality and integrity problems in sessions when a nonce is reus...
OPENSUSE-SU-2020:0494-1 Security update for ceph
This update for ceph fixes the following issues: - CVE-2020-1759: Fixed once reuse in msgr V2 secure mode bsc1166403 - CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting bsc1166484. This update was imported from the SUSE:SLE-15-SP1:Update update project...
Security update for ceph (important)
openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2020:0494-1 Rating: important References: 1166403 1166484 Cross-References: CVE-2020-1759 CVE-2020-1760 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description: Thi...
CVE-2020-1759
A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious...
SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2020:0930-1)
This update for ceph fixes the following issues : CVE-2020-1759: Fixed once reuse in msgr V2 secure mode bsc1166403 CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting bsc1166484. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...
SUSE-SU-2020:0930-1 Security update for ceph
This update for ceph fixes the following issues: - CVE-2020-1759: Fixed once reuse in msgr V2 secure mode bsc1166403 - CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting bsc1166484...