24 matches found
EUVD-2018-17473
Malware in sbrugna...
CVE-2018-5704
Open On-Chip Debugger OpenOCD 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site...
Cross-site Scripting (XSS)
openocd is vulnerable to cross-site scripting XSS. The library does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, allowing a malicious user to inject and execute arbitrary web scripts...
Fedora 28 : openocd (2019-f0add5eed0)
fix for CVE-2018-5704 RHBZ 1534844 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Netwo...
Fedora 29 : openocd (2019-0a5e82cea8)
fix for CVE-2018-5704 RHBZ 1534844 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Netwo...
[SECURITY] Fedora 29 Update: openocd-0.10.0-11.fc29
The Open On-Chip Debugger OpenOCD provides debugging, in-system programmi ng and boundary-scan testing for embedded devices. Various different boards, targets, and interfaces are supported to ease development time. Install OpenOCD if you are looking for an open source solution for hardware...
[SECURITY] Fedora 28 Update: openocd-0.10.0-11.fc28
The Open On-Chip Debugger OpenOCD provides debugging, in-system programmi ng and boundary-scan testing for embedded devices. Various different boards, targets, and interfaces are supported to ease development time. Install OpenOCD if you are looking for an open source solution for hardware...
Fedora Update for openocd FEDORA-2019-f0add5eed0
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] [DSA 4093-1] openocd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4093-1 [email protected] https://www.debian.org/security/ January 21, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
[SECURITY] [DSA 4093-1] openocd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4093-1 [email protected] https://www.debian.org/security/ January 21, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
Debian DSA-4093-1 : openocd - security update
Josef Gajdusek discovered that OpenOCD, a JTAG debugger for ARM and MIPS, was vulnerable to Cross Protocol Scripting attacks. An attacker could craft a HTML page that, when visited by a victim running OpenOCD, could execute arbitrary commands on the victims host. This fix also sets the OpenOCD...
Debian DLA-1253-1 : openocd security update
OpenOCD, an on-chip JTAG debug solution for ARM and MIPS systems, does not block attempts to use HTTP POST for sending data to localhost, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted website. For Debian 7...
[SECURITY] [DLA 1253-1] openocd security update
Package : openocd Version : 0.5.0-1+deb7u1 CVE ID : CVE-2018-5704 Debian Bug : 887488 OpenOCD, an on-chip JTAG debug solution for ARM and MIPS systems, does not block attempts to use HTTP POST for sending data to localhost, which allows remote attackers to conduct cross-protocol scripting attacks...
DSA-4093-1 openocd - security update
Bulletin has no description...
DLA-1253-1 openocd - security update
Bulletin has no description...
Debian: Security Advisory (DLA-1253-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-4093-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Open On-Chip Debugger Command Execution Vulnerability
Open On-Chip Debugger OpenOCD is an open source provides JTAG/SWD access from GDB to processors based on ARM and MIPS cores. A security vulnerability exists in OpenOCD version 0.10.0 that stems from the program's failure to prevent data from being sent to 127.0.0.1:4444 using an HTTP POST request...
CVE-2018-5704
Open On-Chip Debugger OpenOCD 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site...
Design/Logic Flaw
Open On-Chip Debugger OpenOCD 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site...