16 matches found
[SECURITY] [DLA 3865-1] frr security update
Debian LTS Advisory DLA-3865-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost September 03, 2024 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb11u3 CVE ID : CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035...
[SECURITY] [DLA 3797-1] frr security update
Debian LTS Advisory DLA-3797-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost April 28, 2024 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb10u2 CVE ID : CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035...
Fedora: Security Advisory for apache-commons-net (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5495-1] frr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5495-1 [email protected] https://www.debian.org/security/ Aron Xu September 11, 2023 https://www.debian.org/security/faq -...
USN-6323-1: FRR vulnerability
Ben Cartwright-Cox discovered that FRR did not handle RFC 7606 attributes properly. A remote attacker could possibly use this to cause denial of service...
USN-6240-1: FRR vulnerability
It was discovered that FRR incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service...
USN-6136-1: FRR vulnerabilities
It was discovered that FRR incorrectly handled parsing certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 23.04. CVE-2023-31489 It was discovered that FRR incorrectly handled parsing certai...
Melody - A Transparent Internet Sensor Built For Threat Intelligence
Melody Monitor the Internet's background noise Melody is a transparent internet sensor built for threat intelligence and supported by a detection rule framework which allows you to tag packets of interest for further analysis and threat monitoring. Features Here are some key features of Melody :...
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations exposing possibly sensitive data in clear text over the network.
...
Security in a World of Physically Capable Computers
It's no secret that computers are insecure. Stories like the recent Facebook hack, the Equifax hack and the hacking of government agencies are remarkable for how unremarkable they really are. They might make headlines for a few days, but they're just the newsworthy tip of a very large iceberg. Th...
GNU Wget: Cookie injection
Background GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. Description A vulnerability was discovered in GNU Wget’s respnew function which does not validate \r\n sequences in continuation lines. Impact A remote attacker...
IETF Discussing Ways to Protect Internet Against Pervasive Surveillance
The IETF is considering a range of options to help reengineer some of the fundamental protocols that underpin the Internet in response to revelations that the NSA and other intelligence agencies are conducting widespread, dragnet-style surveillance online. The group, which is responsible for...
Microsoft Windows Vista Windows Mail File Execution (MS07-034; CVE-2007-1658)
Microsoft Windows Mail product is an implementation of an email and newsgroup client capable of handling most standard Internet protocols as well as numerous proprietary Microsoft protocols and formats. It is the successor to Outlook Express and is included in recent versions of Microsoft Windows...
WorkgroupShare Detection
This host is running a WorkgroupShare Server. WorkgroupShare lets the people share their personal Outlook folders, such as calendar, contact, task and notes information by using standard internet protocols. OpenVAS Vulnerability Test $Id: gbworkgroupsharedetect.nasl 5388 2017-02-21 15:13:30Z teis...
Internet Explorer FTP Response Parsing Memory Corruption (MS07-016; CVE-2007-0217)
Microsoft Internet Explorer IE is a web browser application that is included as part of Microsoft Windows operating systems. Microsoft Windows Internet WinINet application programming interface API in Internet Explorer is a component to serve as application interface for Internet protocols, such ...
[SECURITY] Fedora Core 6 Update: fetchmail-6.3.6-1.fc6
Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC for retrieval...