MGASA-2020-0361 Updated squid packages fix security vulnerabilities

An issue was discovered in Squid before 4.13. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any...

[SECURITY] [DLA 2193-1] openjdk-7 security update

Package : openjdk-7 Version : 7u261-2.6.22-1deb8u1 CVE ID : CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, insecure TLS...

Protect

An Uncontrolled Resource Consumption vulnerability in multiple products may allow an attacker to cause web service portal denial of service DoS via handling special crafted HTTP requests/responses in pieces slowly. Slow HTTP attacks are denial-of-service DoS attacks in which the attacker sends HT...

CVE-2019-2809

Vulnerability in the Oracle iRecruitment component of Oracle E-Business Suite subcomponent: Password Reset. Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

ThreatList: Fewer Big DDoS Attacks in Q3, Overall Rate Holds Steady

When it comes to distributed denial of service DDoS attacks, the third quarter of 2018 marked an apparent lull in the action, with fewer huge, multi-day attacks than in previous quarters. Researchers however warn against having a false sense of security: The total number of attacks in the quarter...

[TOPERA v0.0.2] Security tools for IPv6

Topera is a new security tools for IPv6, with the particularity that their attacks can’t be detected by Snort. Snort is the most known IDS/IPS and is widely used in many different critical environments. Some commercial tools Juniper or Checkpoint ones use it as detection engine also. Mocking snor...

CVE-2001-0669

Various Intrusion Detection Systems IDS including 1 Cisco Secure Intrusion Detection System, 2 Cisco Catalyst 6000 Intrusion Detection System Module, 3 Dragon Sensor 4.x, 4 Snort before 1.8.1, 5 ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and 6 ISS RealSecure Server Sensor 5.5 and 6...

CVE-2001-0669

CVE-2001-0669 affects multiple IDS products (Cisco Secure IDS, Cisco Catalyst 6000 IDS Module, Dragon Sensor 4.x, Snort before 1.8.1, ISS RealSecure Network Sensor 5.x/6.x before XPU 3.2, and ISS RealSecure Server Sensor 5.5/6.0 for Windows) where an attacker can bypass HTTP attack detection by u...