UBUNTU-CVE-2023-41337

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. In version 2.3.0-beta2 and prior, when h2o is configured to listen to multiple addresses or ports with each of them using different backend servers managed by multiple entities, a malicious backend entity that also has the...

CVE-2023-41337 h2o vulnerable to TLS session resumption misdirection

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. In version 2.3.0-beta2 and prior, when h2o is configured to listen to multiple addresses or ports with each of them using different backend servers managed by multiple entities, a malicious backend entity that also has the...

CVE-2023-41337

Summary: CVE-2023-41337 affects the H2O HTTP server prior to 2.3.0-beta2 when configured to listen on multiple addresses/ports with backend servers from multiple entities. A malicious backend that can observe/inject client–server packets may misdirect TLS session resumption, causing HTTPS request...

CVE-2023-41337 h2o vulnerable to TLS session resumption misdirection

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. In version 2.3.0-beta2 and prior, when h2o is configured to listen to multiple addresses or ports with each of them using different backend servers managed by multiple entities, a malicious backend entity that also has the...

h2o data forgery problem vulnerability

h2o is a new generation of HTTP server. Not only is it very fast compared to older generation HTTP servers, but it also provides faster response to end users. A data forgery issue vulnerability exists in h2o 2.3.0-beta2 and earlier versions, which arises from an opportunity for a malicious backen...

PortSwigger Web Security: Title: Deceptive Manipulation of HTTP to HTTPS with VPN in Burp Suite

Vulnerability description not provided...

Zip domains, a bad idea nobody asked for

If you heard a strange and unfamiliar creaking noise on May 3, it may have been the simultaneous rolling of a million eyeballs. The synchronised ocular rotation was the less than warm welcome that parts of the IT and security industries--this author included--gave to Google's decision to put .zip...

Clickjacking

cockpit-hq is vulnerable to Clickjacking. The vulnerability exists due to the lack of the x-frame-options header in admin.php which allows an attacker to misdirect the user, making them click something unintentionally...

Mozilla: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports

The Mozilla Foundation Security Advisory describes this flaw as: The Opportunistic Encryption feature of HTTP2 RFC 8164 allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on...

UBUNTU-CVE-2020-28086

pass through 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log into a remote service with the password. If an attacker controls the central Git server or one of the other members' machines, a...

wrong connect-only connection

An application that performs multiple requests with libcurl's multi API and sets the CURLOPTCONNECTONLY option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl picks and uses the wrong connection - and instead picks another one the...

CVE-2020-6223

The open document of SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to modify certain error pages to include malicious content. This can misdirect a user who is tricked into accessing these error pages rendered by the application, leading to Content...

CVE-2019-2003

In addLinks of Linkify.java, there is a possible phishing vector due to an unusual root cause. This could lead to remote code execution or misdirection of clicks with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

CVE-2019-2003

In addLinks of Linkify.java, there is a possible phishing vector due to an unusual root cause. This could lead to remote code execution or misdirection of clicks with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

FUD 101: How not to report healthcare cybersecurity issues

I was asked to review a report from Forescout about healthcare security by a journalist, as they were suspicious of the headlines. Here’s what got my spidey senses tingling: “The server SMB protocol is left open in 85% of connected devices in healthcare organisations, giving bad actors an easy an...

Google Android Framework elevation of privilege vulnerability (CNVD-2019-23558)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the Framework component of Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9. This could lead to remote code execution or click...

Showmax: Query string parameter modifications returned in page

NOTE BEFOREHAND: I KNOW it's not located on the core showmax.com domain, but that doesn't effect the applications of this and it still has the same risk. Summary: At https://sso.showmax.com/auth/failure?message=, you can change the message parameter to any text and it will be returned on the page...

Adobe LiveCycle ES DLL Loading Arbitrary Code Execution Vulnerability

Adobe LiveCycle ES Enterprise Suite is the United States of America Odo than Adobe the company's set of enterprise and government applications developed by the building platform. The platform is mainly used to build automated business process applications, and the integration of many Adobe tools,...

Chinese Telecom Routes Russian Domestic Internet Traffic through China

Russian Internet traffic, including the domestic one, has continuously been re-routed outside the country due to routing errors by China Telecom, which could result in compromising the security of Russian communications. Internet monitoring service Dyn reported Thursday in a blog post that the...

Gnome-PTY-Helper UTMP - Hostname Spoofing

// source: https://www.securityfocus.com/bid/15004/info 'gnome-pty-helper' is susceptible to a local UTMP hostname spoofing vulnerability. This issue is due to the failure of the application to properly validate user-supplied data prior to using it to update UTMP records. This vulnerability allow...