9165 matches found
Mail.ru: An implementation flaw in Mail.ru can be exploited for DKIM signature spoofing and email spoofing
Domain, site, application -- https://e.mail.ru Quick note: this report is different from my previous report Report 727233 , and is not policy configuration or enforcement issue as well. TL;DR --------- This report disclosure an implementation bug, which chains multiple features in the Mail.ru...
CVE-2017-18232
The Serial Attached SCSI SAS implementation in the Linux kernel mishandles a mutex within libsas. This allows local users to cause a denial of service deadlock by triggering certain error-handling code...
SUSE SLED12 / SLES12 Security Update : dbus-1 (SUSE-SU-2019:2820-1)
This update for dbus-1 fixes the following issues : Security issue fixed : CVE-2019-12749: Fixed an implementation flaw in DBUSCOOKIESHA1 which could have allowed local attackers to bypass authentication bsc1137832. Note that Tenable Network Security has extracted the preceding description block...
Mbed TLS -- Side channel attack on ECDSA
Janos Follath reports: Our bignum implementation is not constant time/constant trace, so side channel attacks can retrieve the blinded value, factor it as it is smaller than RSA keys and not guaranteed to have only large prime factors, and then, by brute force, recover the key...
USN-4163-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that a race condition existed in the ARC EMAC ethernet driver for the Linux kernel, resulting in a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash. CVE-2016-10906 It was discovered that a race condition existed in the Serial...
USN-4157-2: Linux kernel (HWE) vulnerabilities
USN-4157-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly...
Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-4157-2)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4157-2 advisory. USN-4157-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement H...
OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
Unsound `impl Follow for bool`
The implementation of impl Follow for bool allows to reinterpret arbitrary bytes as a bool. In Rust bool has stringent requirements for its in-memory representation. Use of this function allows to violate these requirements and invoke undefined behaviour in safe code...
Microsoft to Reward Hackers for Finding Bugs in Open Source Election Software
Fair elections are the lifelines of democracy, but in recent years election hacking has become a hot topic worldwide. Whether it's American voting machines during the 2016 presidential election or India's EVMs during 2014 general elections, the integrity, transparency, and security of electronic...
Security Bulletin: A vulnerability in Open Source Botan affects IBM Netezza SQL Extensions
Summary Open Source Botan is used by IBM Netezza SQL Extensions. IBM Netezza SQL Extensions has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-14737 DESCRIPTION: Botan could allow a local attacker to obtain sensitive information, caused by a flaw in the cryptographic...
OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
Ubuntu 19.04 : Linux kernel vulnerabilities (USN-4157-1)
Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-14814, CVE-2019-14815,...
Adobe Acrobat < 2015.006.30504 / 2017.011.30150 / 2019.021.20047 Multiple Vulnerabilities (APSB19-49) (macOS)
The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2015.006.30504, 2017.011.30150, or 2019.021.20047. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier,...
The vulnerability relates to the implementation of the HTTP/2 server using the nginx software framework and Node.js, as well as the SwiftNIO networking library. It involves an uncontrolled resource consumption, allowing attackers to cause service failures.
The vulnerability of the HTTP/2 server implementation of nginx, a Node.js software platform, and the SwiftNIO networking framework is related to an uncontrolled resource consumption when processing a header with a parameter equal to zero. Exploiting this vulnerability could allow a malicious acto...
generichash::Digest::eq always return true
PartialEq implementation for generichash::Digest has compared itself to itself. Digest::eq always returns true and Digest::ne always returns false...
RUSTSEC-2019-0026 generichash::Digest::eq always return true
PartialEq implementation for generichash::Digest has compared itself to itself. Digest::eq always returns true and Digest::ne always returns false...
CVE-2017-12163
An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. Mitigation ...
Important: Red Hat Security Advisory: Red Hat A-MQ Broker 7.5 release and security update
Red Hat A-MQ Broker 7.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
XNU - Remote Double-Free via Data Race in IPComp Input Path
=== Summary === This report describes a bug in the XNU implementation of the IPComp protocol https://tools.ietf.org/html/rfc3173. This bug can be remotely triggered by an attacker who is able to send traffic to a macOS system iOS AFAIK isn't affected over two network interfaces at the same time...