Oracle Linux 6 : microcode_ctl (ELSA-2019-4868)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4868 advisory. 3:1.17-33.19.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618737 3:1.17-33.19.0.1 - merge Oracle changes for...

Managing Traffic From the Outset - How GTM Can Make Your Deployments Easier

What is GTM Global Traffic Management, or GTM, is a DNS-based load balancing service that offers application owners a level of flexibility and insight that is unmatched by traditional on-prem solutions. Highly scalable and fault-resilient, GTM offers customers a layer of abstraction between...

Nord Security: DoS of https://nordvpn.com/ via CVE-2018-6389 exploitation

There is possibility in /wp-admin/load-scripts.php script to generate large 3Mb amount of data via simple non-authenticated request to server. The vulnerability is registered as https://vulners.com/cve/CVE-2018-6389 Details Detailed attack scenario is described for example here:...

Managing Traffic From the Outset: How GTM Can Make Your Deployments Easier

Global Traffic Management, or GTM, is a DNS-based load balancing service that offers application owners a level of flexibility and insight that is unmatched by traditional on-prem solutions...

[SECURITY] Fedora 31 Update: haproxy-2.0.10-1.fc31

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

CentOS Update for bpftool CESA-2019:3979 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

microcode_ctl security update

3:1.17-33.19.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618737 3:1.17-33.19.0.1 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - update 06-55-04 to 0x2000065 - update 06-55-07 to...

Fedora 31 : clamav (2019-1543eae191)

Drop [email protected] file bz1725810 ClamAV 0.101.5 is a security patch release that addresses the following issues. - CVE-2019-15961: A Denial-of-Service DoS vulnerability may occur when scanning a specially crafted email file as a result of excessively long scan times. The issue is resolved...

Fedora 30 : clamav (2019-dcbfe89e39)

Drop [email protected] file bz1725810 ClamAV 0.101.5 is a security patch release that addresses the following issues. - CVE-2019-15961: A Denial-of-Service DoS vulnerability may occur when scanning a specially crafted email file as a result of excessively long scan times. The issue is resolved...

Unspecified Vulnerability in HAProxy

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer , 7-layer proxy , and can support tens of thousands of level of connections , with high efficiency , stability and other characteristics . A security vulnerability exists in the...

Qualys Cloud Platform 8.22 New Features (VM, PC)

Update December 11, 2019: See additional details about this release. The 8.22.0 release adds several new features in Qualys Cloud Platform, adds a new API in Policy Compliance and support for 2 new technologies for OCA. Feature Highlights Qualys Cloud Platform Support for DNS tracking – You can n...

EulerOS 2.0 SP8 : qemu (EulerOS-SA-2019-2300)

According to the versions of the qemu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an...

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

CVE-2019-6477

CVE-2019-6477 affects BIND (DNS server). It allows TCP-pipelined queries to bypass per-connection tcp-client limits, potentially causing denial of service by exhausting server resources and making the service unresponsive. Affected distributions reference patched releases: Debian DSA-4689-1 notes...

CVE-2019-6477 TCP-pipelined queries can bypass tcp-clients limit

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to...

CVE-2019-6477

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to...

SDL: heap-based buffer overflow in SDL blit functions in video/SDL_blit*.c

A heap-based buffer overflow was discovered in SDL in the SDLBlitCopy function, that was called while copying an existing surface into a new optimized one, due to lack of validation while loading a BMP image in the SDLLoadBMPRW function. An application that uses SDL to parse untrusted input files...

Security update for haproxy (moderate)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2019:2555-1 Rating: moderate References: 1142529 Cross-References: CVE-2019-14241 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for haproxy ...

Security update for haproxy (moderate)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2019:2556-1 Rating: moderate References: 1142529 Cross-References: CVE-2019-14241 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for haproxy ...

HTTP/2: flood using PRIORITY frames results in excessive resource consumption

A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...