openSUSE: Security Advisory for haproxy (openSUSE-SU-2019:2555-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:2556-1 Security update for haproxy

This update for haproxy to version 2.0.5+git0.d905f49a fixes the following issues: Security issue fixed: - CVE-2019-14241: Fixed a cookie memory corruption problem. bsc1142529 The update to 2.0.5 brings lots of features and bugfixes: - new internal native HTTP representation called HTX, was alrea...

OPENSUSE-SU-2019:2555-1 Security update for haproxy

This update for haproxy to version 2.0.5+git0.d905f49a fixes the following issues: Security issue fixed: - CVE-2019-14241: Fixed a cookie memory corruption problem. bsc1142529 The update to 2.0.5 brings lots of features and bugfixes: - new internal native HTTP representation called HTX, was alrea...

Security update for haproxy (moderate)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2019:2555-1 Rating: moderate References: 1142529 Cross-References: CVE-2019-14241 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for haproxy ...

SUSE-SU-2019:3002-1 Security update for haproxy

This update for haproxy to version 2.0.5+git0.d905f49a fixes the following issues: Security issue fixed: - CVE-2019-14241: Fixed a cookie memory corruption problem. bsc1142529 The update to 2.0.5 brings lots of features and bugfixes: - new internal native HTTP representation called HTX, was alrea...

SUSE-SU-2019:3001-1 Security update for haproxy

This update for haproxy to version 2.0.5+git0.d905f49a fixes the following issues: Security issue fixed: - CVE-2019-14241: Fixed a cookie memory corruption problem. bsc1142529 The update to 2.0.5 brings lots of features and bugfixes: - new internal native HTTP representation called HTX, was alrea...

Arjun v1.6 - HTTP Parameter Discovery Suite

Introduction Web applications use parameters or queries to accept user input, take the following example into consideration http://api.example.com/v1/userinfo?id=751634589 This URL seems to load user information for a specific user id, but what if there exists a parameter named admin which when s...

Fedora Update for suricata FEDORA-2019-fddfb520ec

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 29 Update: suricata-4.1.5-3.fc29

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 30 Update: suricata-4.1.5-3.fc30

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Brutality - A Fuzzer For Any GET Entries

A fuzzer for any GET entries. Features Multi-threading on demand Fuzzing, bruteforcing GET params Find admin panels Colored output Hide results by return code, word numbers Proxy support Big wordlist Colored Usages Install git clone https://github.com/ManhNho/brutality.git chmod 755 -R brutality/...

VulnX - CMS And Vulnerabilites Detector And An Intelligent Auto Shell Injector

Vulnx is a cms and vulnerabilites detection, an intelligent auto shell injector, fast cms detection of target and fast scanner and informations gathering like subdomains, ipaddresses, country, org, timezone, region, ans and more ... Instead of injecting shell and checking it works like all the...

Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities - Lenovo Support US

No description provided...

RapidRepoPull - Tool To Quickly Pull And Install Repos From A List

Description This program uses Python to clone/maintain multiple security related repos using threading and multiprocessing Goal The goal of this program is to quickly pull and install repos from its list Use cases Quickly install your favorite Security repos on a new system Kick off multiple...

Arjun v1.3 - HTTP Parameter Discovery Suite

Features Multi-threading 4 modes of detection A typical scan takes 30 seconds Regex powered heuristic scanning Huge list of 25,980 parameter names Makes just 30-35 requests to the target Usage Note: Arjun doesn't work with python 3.4 Discover parameters To find GET parameters, you can simply do:...

OpenSSL 1.0.2 < 1.0.2q Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2q. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2q advisory. - Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a...

Updated openssl packages fix security vulnerabilities

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a Affected 1.1.1. Fixed in OpenSSL 1.1.0j Affected 1.1.0-1.1.0i. Fixed in OpenSSL 1.0.2q...

[SECURITY] Fedora 29 Update: suricata-4.0.6-1.fc29

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 27 Update: suricata-4.0.6-1.fc27

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Design/Logic Flaw

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...