CVE-2020-10887

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue results from the lack of proper...

EUVD-2019-10361

Malware in sbrugna...

SUSE-SU-2023:4071-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. bsc1215861 - CVE-2023-3919...

SUSE-SU-2023:4032-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. bsc1215861 -...

curl security update

7.76.1-19 - fix unpreserved file permissions CVE-2022-32207 - fix HTTP compression denial of service CVE-2022-32206 - fix FTP-KRB bad message verification CVE-2022-32208 7.76.1-18 - fix too eager reuse of TLS and SSH connections CVE-2022-27782 7.76.1-17 - fix leak of SRP credentials in redirects...

SUSE-SU-2022:1657-1 Security update for curl

This update for curl fixes the following issues: - CVE-2022-27776: Fixed auth/cookie leak on redirect bsc1198766 - CVE-2022-27775: Fixed bad local IPv6 connection reuse bsc1198723 - CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use bsc1198614...

MGASA-2022-0159 Updated curl packages fix security vulnerability

OAUTH2 bearer bypass in connection re-use. CVE-2022-22576 Credential leak on redirect. CVE-2022-27774 Bad local IPv6 connection reuse. CVE-2022-27775 Auth/cookie leak on redirect. CVE-2022-27776...

[slackware-security] curl

New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-7.83.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: OAUTH2 bearer bypass in connection...

CURL-CVE-2022-27775 Bad local IPv6 connection reuse

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup. Due to errors in the logic, the config matching function did not take the IPv6 address zone id into account which could lead to libcurl reusing the wrong connection...

openSUSE Security Update : the Linux Kernel (openSUSE-2015-686)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2015-3290: arch/x86/entry/entry64.S in the Linux kernel on the x8664 platform improperly relied on espfix64 during nested NMI processing, which allowed local users to gain...

Linux Command Shell, Bind IPv6 TCP Stager with UUID Support (Linux x86)

Spawn a command shell staged. Listen for an IPv6 connection with UUID Support Linux x86 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 166 include Msf::Payload::Stager include...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20141216)

A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system. CVE-2014-3673, CVE-2014-3687, Important - A flaw was found in the way the Linux...

Scientific Linux Security Update : openssl on SL6.x i386/x86_64

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength, general purpose cryptography library. A buffer over-read flaw was discovered in the way OpenSSL parsed the Certificate Status Request TLS extensions i...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1

Ubuntu Update for Linux kernel vulnerabilities USN-464-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4641.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone...

Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager (Windows x86)

Inject the meterpreter server DLL staged. Listen for an IPv6 connection Windows x86 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 298 include Msf::Payload::Stager include...