openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host

OpenStack Nova has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. All Nova installations supporting...

[SECURITY] Fedora 27 Update: openssh-7.6p1-6.fc27

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Debian DLA-1495-1 : git-annex security update

The git-annex package was found to have multiple vulnerabilities when operating on untrusted data that could lead to arbitrary command execution and encrypted data exfiltration. CVE-2017-12976 git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an...

CVE-2018-9192

A plaintext recovery of encrypted messages or a Man-in-the-middle MiTM attack on RSA PKCS 1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspection feature when CPx bein...

CVE-2018-9194

CVE-2018-9194 relates to a plaintext recovery/MiTM vulnerability in RSA PKCS#1 v1.5 encryption exposed under Fortinet FortiOS VIP SSL when CPx is used, affecting FortiOS 5.4.6–5.4.9 and 6.0.0–6.0.1. The issue arises without knowledge of the server’s private key. Connected sources identify the vul...

CVE-2018-9192

The CVE-2018-9192 entry corresponds to the ROBOT attack against RSA PKCS#1 v1.5 in Fortinet FortiOS when SSL Deep Inspection CPx is used. Connected documents confirm a Bleichenbacher-style plaintext-recovery/MiTM vulnerability affecting FortiOS versions 5.4.6–5.4.9 and 6.0.0–6.0.1. The root cause...

[SECURITY] Fedora 28 Update: openssh-7.8p1-1.fc28

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Symantec Norton Identity Safe Elevation of Privilege Vulnerability

Symantec Norton Identity Safe is an identity security and credit card information management tool from Symantec USA. A privilege extraction vulnerability exists in versions prior to Symantec Norton Identity Safe 5.3.0.976. An attacker could exploit the vulnerability to recover encrypted data...

Privilege escalation

The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials...

CVE-2018-12240

The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials...

The ROBOT Attack - Return of Bleichenbacher's Oracle Threat

A plaintext recovery of encrypted messages or a Man-in-the-middle MiTM attack on RSA PKCS 1 v1.5 encryption may be possible without knowledge of the server's private key...

Bleichenbacher and Dictionary Attacks on IPsec IKE

Two new attacks on IPsec IKE Internet Key Exchange were recently disclosed 1, involving multiple ways to perform attacks against IKE signature based and PSK Pre-Shared Key authentications. The end goal is to crack IPsec VPN encrypted communications. The relevant CVEs are: CVE-2018-5389: Practical...

Moderate: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

An update for openstack-nova is now available for Red Hat OpenStack Platform 12.0 Pike. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host

OpenStack Nova has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. All Nova installations supporting...

CVE-2017-13105

Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, 2017-09-13, Android application accepts all SSL certificates during SSL communication. This opens the application up to a man-in-the-middle attack having all of its encrypted traffic intercepted and read by an attacker...

CVE-2018-8753

The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack...

Fedora 27 : thunderbird-enigmail (2018-eacf5a9ce8)

Update to 2.0.8 : - A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed and/or encrypted. - Changelog: https://enigmail.net/index.php/en/download/changelog Note that Tenable Network Security has extracted...

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...