CVE-2020-1633

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway BNG and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded,...

Design/Logic Flaw

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway BNG and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded,...

CVE-2020-1633

CVE-2020-1633 affects Juniper Networks Junos OS on MX Series where a new IPv6 NDP proxy feature for EVPN leaf nodes allows crafted NDPv6 packets to traverse a BNG and reach the EVPN leaf, causing a stale MAC entry and potential DoS. Affected are Junos OS 17.4 (and later) with specific older/MX-se...

BSA-2020-910

Security Advisory ID : BSA-2020-910 Component : Linux Kernel Revision : 1.0: Final In the Linux kernel through 5.4.6, there are information leaks ofuninitialized memory to a USB device in thedrivers/net/can/usb/kvaserusb/kvaserusbleaf.c driver, aka CID-da2311a6385c. Impact: Successful exploitatio...

The vulnerability of Linux operating system kernels, related to the lack of protection for service data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Linux operating system kernels is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information using a USB device driver drivers/net/can/usb/kvaserusb/kvaserusbleaf.c driver...

Updated jss packages fix security vulnerability

Updated jss packages fix security vulnerability: A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be...

NewStart CGSL CORE 5.05 / MAIN 5.05 : jss Vulnerability (NS-SA-2019-0240)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has jss packages installed that are affected by a vulnerability: - A flaw was found in the Leaf and Chain OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root...

DEBIAN-CVE-2019-19947

In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaserusb/kvaserusbleaf.c driver, aka CID-da2311a6385c...

UBUNTU-CVE-2019-19947

In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaserusb/kvaserusbleaf.c driver, aka CID-da2311a6385c...

libyang: stack-based buffer overflow in make_canonical when bits leaf type is used

A stack-based buffer overflow flaw was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or execute code...

libyang: stack-based buffer overflow in make_canonical when identityref leaf type is used

A stack-based buffer overflow flaw was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or execute code...

PT-2019-4497 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.4.6 Description: The issue is related to information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser usb/kvaser usb leaf.c driver. This could allow an attacker to gain...

JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle...

JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle...

Man-in-the-Middle (MitM)

JSS is vulnerable to man-in-the-middle MitM. The vulnerability exists as the OCSP policy "Leaf and Chain" implicitly trusts the root certificate...

DEBIAN-CVE-2019-14823

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attack...

CVE-2019-14823

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attack...

JSS CryptoManager Trust Management Issues Vulnerability

JSS CryptoManager is a JSS Java Network Security Service cryptographic management package. A trust management issue vulnerability exists in the implementation of the 'Leaf and Chain' OCSP protocol in JSS CryptoManager versions 4.4.6 onwards, 4.5.3 onwards, and 4.6.0 onwards, which can be exploite...

PT-2019-13851 · Jss +3 · Cryptomanager +3

Name of the Vulnerable Software and Affected Versions: JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0 Description: A flaw was found in the "Leaf and Chain" OCSP policy implementation where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may...

CVE-2019-1977

A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure ACI mode could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an endpoint device in certain circumstances. The...