Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules

New Tracing Options As hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on an op or writing a new one, what we can do is make the debugging experience easier. To that end one of our two Google Summer of Code GSoC projects is here to...

EUVD-2010-3880

Malware in sbrugna...

PT-2025-25967 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0-rc6+ Description: A vulnerability in the Linux kernel has been resolved, which was causing a call trace with a null VSI during VF reset. The issue occurred during stress tests with attaching and detaching...

java-1.8.0-openjdk security and bug fix update

1:1.8.0.272.b10-1 - Add backport of JDK-8215727: 'Restore JFR thread sampler loop to old / previous behaviour' - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add backport of...

java-1.8.0-openjdk security update

1:1.8.0.272.b10-0 - Remove the 64-bit siphash test which fails to compile on x86-32 debug builds with gcc 4.4.7 in RHEL 6 - Resolves: rhbz1876665 1:1.8.0.272.b10-0 - Update to aarch64-shenandoah-jdk8u272-b10. - Switch to GA mode for final release. - Update release notes for 8u272 release. - Add...

Exploit for Improper Verification of Cryptographic Signature in Golang Package_Ssh

Exploit for CVE-2020-9283 This project is inspired by the o...

Fedora 14 : openconnect-2.26-4.fc14 (2010-18055)

This update implements DTLS rekeying, elides the session cookie from debugging output by default, and fixes a potential crash on relative HTTP redirect during authentication. It also fixes a problem which occurs when changing VPN hosts in the NetworkManager auth-dialog, after the connection to th...

CVE-2010-3902

OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list...

CVE-2010-3902

OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list...

Design/Logic Flaw

OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list...

CVE-2010-3902

CVE-2010-3902 affects OpenConnect; the issue is that the webvpn cookie value could be exposed in debugging output, potentially leaking sensitive information. Root cause: debugging output includes the session cookie. Evidence in connected feeds shows Fedora advisories shifting to fix this by elidi...

CVE-2010-3902

OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list...

nCipher Advisory #10: Pass phrases are exposed in netHSM log files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 nCipher Security Advisory No. 10 Pass phrases are exposed in netHSM log files -------------------------------------------- SUMMARY ======= Pass phrases entered by means of the nCipher netHSM front panel, either using the built in thumbwheel or using a...