EulerOS 2.0 SP9 : unbound (EulerOS-SA-2024-1500)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service...

Debian DLA-2686-1 : python-urllib3 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2686 advisory. Several vulnerabilities were discovered in python-urllib3, a HTTP client for Python. CVE-2018-20060 Urllib3 does not remove the Authorization HTTP header when...

Debian DLA-2650-1 : exim4 security update

The Qualys Research Labs reported several vulnerabilities in Exim, a mail transport agent, which could result in local privilege escalation and remote code execution. Details can be found in the Qualys advisory at https://www.qualys.com/2021/05/04/21nails/21nails.txt For Debian 9 stretch, these...

SUSE SLES12 Security Update : xen (SUSE-SU-2021:1268-1)

This update for xen fixes the following issues : CVE-2021-27379: Fixed an issue where entries in the IOMMU were not being updated under certain circumstances due to improper backport of XSA-321 XSA-366, bsc1182431 Fixed an issue where xenstored was crashing with segfault bsc1182155. Note that...

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0348-1)

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel bnc1181349...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3281-1)

The SUSE Linux Enterprise 12 SP5 kernel Azure was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-25656: Fixed a concurrency use-after-free in vtdokdgkbioctl bnc1177766. CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in...

Debian DLA-2332-2 : sane-backends regression update

A regression was introduced in DLA-2332-1, where changes in the Debian package building process triggered a bug in the sane-backends packages, causing missing files. For Debian 9 stretch, this problem has been fixed in version 1.0.25-4.1+deb9u2. We recommend that you upgrade your sane-backends...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1713-1)

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-10768: Fixed an issue with the prctl function which could have allowed indirect branch speculation even after it has been disabled bsc1172783...

SUSE SLES12 Security Update : mariadb-connector-c (SUSE-SU-2020:1431-1)

This update for mariadb-connector-c fixes the following issues : Security issue fixed : CVE-2020-13249: Fixed an improper validation of OK packets received from clients bsc1171550. Non-security issues fixed : Update to release 3.1.8 bsc1171550 - CONC-304: Rename the static library to libmariadb.a...

Debian DLA-2061-1 : firefox-esr security update

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, data exfiltration or cross-site scripting. For Debian 8 'Jessie', these problems have been fixed in version 68.4.0esr-1deb8u1. We recommend that you...

Fedora 31 : python35 (2019-57462fa10d)

Python 3.5 has now entered 'security fixes only' mode, and as such the only changes since Python 3.5.4 are security fixes. https://www.python.org/downloads/release/python-358/ https://docs.python.org/3.5/whatsnew/changelog.htmlpython-3-5-8 Security fix for CVE-2019-9740, CVE-2019-10160,...

SUSE SLED15 / SLES15 Security Update : Linux Azure Kernel (SUSE-SU-2019:2068-1)

The SUSE Linux Enterprise 15 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-20855: An issue was discovered in createqpcommon, mlx5ibcreateqpresp was never initialized, resulting in a leak of stack memory to userspace...

Debian DLA-1782-1 : openjdk-7 security update

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, information disclosure or the execution of arbitrary code. For Debian 8 'Jessie', these problems have been fixed in version 7u221-2.6.18-1deb8u1...

EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1145)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the...

SUSE SLES12 Security Update : openssh (SUSE-SU-2018:3776-1)

This update for openssh fixes the following issues : Following security issues have been fixed : CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not...

Infiltrator Network Security Scanner 4.6 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Infiltrator Network Security Scanner 4.6 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: https://www.infiltration-systems.com/download.shtml Tested Version: 4.6 Tested on OS: Windows 7 32-bit Steps to Reproduc...

Infiltrator Network Security Scanner 4.6 Denial Of Service

Exploit Title: Infiltrator Network Security Scanner 4.6 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-09-12 Software Link: https://www.infiltration-systems.com/download.shtml Tested Version: 4.6 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit...

Infiltrator Network Security Scanner 4.6 - Denial of Service (PoC)

Infiltrator Network Security Scanner 4.6 - Denial of Service PoC Exploit Title: Infiltrator Network Security Scanner 4.6 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-09-12 Software Link: https://www.infiltration-systems.com/download.shtml Tested Version: 4.6 Tested o...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2106-1)

This update for the Linux Kernel 3.12.74-606488 fixes several issues. The following security issue was fixed : - CVE-2018-3665: System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially have allowed a local process to infer data fr...

Debian DLA-1436-1 : gosa security update

Fabian Henneke discovered a cross-site scripting vulnerability in the password change form of GOsa, a web-based LDAP administration program. For Debian 8 'Jessie', this problem has been fixed in version 2.7.4+reloaded2-1+deb8u3. We recommend that you upgrade your gosa packages. NOTE: Tenable...