An update is available that adds support for DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1

An update is available that adds support for DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary What is DTLS? The DTLS protocol provides communications privacy. The protocol allows client and server applications to communicate in a way that is designed to prevent eavesdropping, tamperin...

The first stage of the WER protocol is not SSL encrypted in Windows

The first stage of the WER protocol is not SSL encrypted in Windows Symptoms Microsoft uses Windows Error Reporting WER to transmit troubleshooting information and updates for specific problems in Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008. For example, WER sends...

LSN-0065-1: Kernel Live Patch Security Notice

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 It was discovered that the KVM implementation in the Linux kernel, when...

LSN-0065-1 Kernel Live Patch Security Notice

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 It was discovered that the KVM implementation in the Linux kernel, when...

Update Rollup 14 for System Center 2012 R2 Operations Manager

Update Rollup 14 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 14 for Microsoft System Center 2012 R2 Operations Manager. This article also contains the installation instructions for this update. Issues that are fixed...

"0x0000009F" Stop error when a Windows VPN client computer is shutdown with an active L2TP VPN connection

"0x0000009F" Stop error when a Windows VPN client computer is shutdown with an active L2TP VPN connection This article describes a 0x9F Stop error that occurs in Windows 8.1, Windows RT 8.1, or Windows Server 2012 R2. You can fix this issue by using the update in this article. Before you install...

A VPN connection through a third-party VPN server disconnects after an hour on a Windows-based computer

A VPN connection through a third-party VPN server disconnects after an hour on a Windows-based computer Symptoms On a computer that is running Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 8, Windows RT, or Windows Server 2012, you establish a Layer 2 Tunneling Protocol/Internet...

UBUNTU-CVE-2020-11653

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss...

PT-2020-12751 · Varnish +6 · Varnish Cache +6

Name of the Vulnerable Software and Affected Versions: Varnish Cache versions prior to 6.0.6 LTS Varnish Cache versions 6.1.x Varnish Cache versions 6.2.x prior to 6.2.3 Varnish Cache versions 6.3.x prior to 6.3.2 Description: An issue occurs in Varnish Cache when communication with a TLS...

Samsung Mobile Device Input Validation Error Vulnerability (CNVD-2020-31817)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. The Samsung mobile device suffers from an input validation error vulnerability that can be exploited by an attacker to interact with the Radio Interface Layer aka R...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4325-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4325-1 advisory. It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local...

CVE-2016-11046

An issue was discovered on Samsung mobile devices with JBP4.3, KK4.4, and L5.0/5.1 software. Because of a misused whitelist, attackers can reach the radio layer aka RIL or RILD to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 May 2016...

CVE-2016-11046

An issue was discovered on Samsung mobile devices with JBP4.3, KK4.4, and L5.0/5.1 software. Because of a misused whitelist, attackers can reach the radio layer aka RIL or RILD to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 May 2016...

CVE-2016-11046

The CVE-2016-11046 issue affects Samsung mobile devices running JBP (4.3), KK (4.4), and L (5.0/5.1) where a misused whitelist allows access to the Radio Interface Layer (RIL/RILD) enabling calls or SMS. Affected component is the RIL path; root cause is the whitelist mishandling, as described in ...

CVE-2016-11046

An issue was discovered on Samsung mobile devices with JBP4.3, KK4.4, and L5.0/5.1 software. Because of a misused whitelist, attackers can reach the radio layer aka RIL or RILD to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 May 2016...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4319-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4319-1 advisory. It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local...

USN-4320-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerability

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory...

Fedora: Security Advisory for cyrus-sasl (FEDORA-2020-bf829f9a84)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

DEBIAN-CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.5.14 and fixes at least the following security vulnerabilities: In the Linux kernel 5.3.10, there is a use-after-free read in the perftracelockacquire function related to include/trace/events/lock.h CVE-2019-19769. Manfred Paul discovered that the bpf verifier i...