SUSE SLED15 / SLES15 Security Update : freeradius-server (SUSE-SU-2020:1023-1)

This update for freeradius-server fixes the following issues : CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd bsc1144524. CVE-2019-17185: Fixed a debial of service due to multithreaded BNCTX access bsc1166847. Fixed an issue in TLS-EAP where the OCSP verification, when an...

SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2020:1020-1)

This update for freeradius-server fixes the following issues : CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd bsc1144524. CVE-2019-17185: Fixed a debial of service due to multithreaded BNCTX access bsc1166847. Note that Tenable Network Security has extracted the preceding descripti...

Information Disclosure

httpd is vulnerable to information disclosure. A use-after-free flaw was discovered in the way the Apache HTTP Server handled request headers in subrequests. In configurations where subrequests are used, a multithreaded MPM Multi-Processing Module could possibly leak information from other reques...

New Imperva Framework: Accelerating the development of large scale solutions with “Stepping”

Handling large amounts of data at scale is a common task in the high-tech industry nowadays. To address this challenge many frameworks have been developed and made publicly available such as distributed messaging queues, distributed databases, lightweight protocols and caching servers, among...

OpenRelayMagic - Tool To Find SMTP Servers Vulnerable To Open Relay

╔═╗┌─┐┌─┐┌┐┌╦═╗┌─┐┬ ┌─┐┬ ┬╔╦╗┌─┐┌─┐┬┌─┐ ║ ║├─┘├┤ │││╠╦╝├┤ │ ├─┤└┬┘║║║├─┤│ ┬││ ╚═╝┴ └─┘┘└┘╩╚═└─┘┴─┘┴ ┴ ┴ ╩ ╩┴ ┴└─┘┴└─┘ Tool to test for vulnerable open relays on SMTP servers Features Check single target/ domain list Port 587 and 465 Implemented Multithreaded Download OpenRelayMagic...

CredNinja - A Multithreaded Tool Designed To Identify If Credentials Are Valid, Invalid, Or Local Admin Valid Credentials Within A Network At-Scale Via SMB, Plus Now With A User Hunter

This tool is intended for penetration testers who want to perform an engagement quickly and efficiently. While this tool can be used for more covert operations including some additions below, it really shines when used at the scale of a large network. At the core of it, you provide it a list of...

Huawei EulerOS: Security Advisory for guile (EulerOS-SA-2019-2424)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for CVE-2020-0609

This is a PoC exploit for CVE-2020-0609 and CVE-2020-0610, two v...

Grouper2 - Find Vulnerabilities In AD Group Policy

What is it for? Grouper2 is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy. It might also be useful for other people doing other stuff, but it is explicitly NOT meant to be an audit tool. If you want to check your policy configs against some...

Fedora Update for libnbd FEDORA-2019-d20b357d44

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for nbdkit FEDORA-2019-a75665981b

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for libnbd FEDORA-2019-ec2eedaa9e

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Updated freeradius packages fix security vulnerabilities

Updated freeradius packages fix security vulnerabilities: It was discovered freeradius does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a...

EulerOS 2.0 SP2 : guile (EulerOS-SA-2019-2424)

According to the version of the guile package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threa...

Fedora Update for libnbd FEDORA-2019-f6ea699dbb

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 29 Update: nbdkit-1.12.8-1.fc29

NBD is a protocol for accessing block devices hard disks and disk-like things over the network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal license BSD allows...

[SECURITY] Fedora 30 Update: nbdkit-1.12.8-1.fc30

NBD is a protocol for accessing block devices hard disks and disk-like things over the network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal license BSD allows...

[SECURITY] Fedora 31 Update: nbdkit-1.14.2-1.fc31

NBD is a protocol for accessing block devices hard disks and disk-like things over the network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal license BSD allows...

[SECURITY] Fedora 29 Update: libnbd-1.0.2-1.fc29

NBD =EF=BF=BD=EF=BF=BD=EF=BF=BD Network Block Device =EF=BF=BD=EF=BF=BD=EF =BF=BD is a protocol for accessing Block Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and...

Fedora Update for libnbd FEDORA-2019-749d828945

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...