EUVD-2016-1206

Malware in sbrugna...

RLSA-2021:1609 Moderate: p11-kit security, bug fix, and enhancement update

The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides certificate anchors and black lists based on configuration files. The following packages have been upgraded to a later upstream version: p11-kit 0.23.22...

Debian DLA-2513-1 : p11-kit security update

Several memory safety issues affecting the RPC protocol were fixed in p11-kit, a library providing a way to load and enumerate PKCS11 modules. CVE-2020-29361 Multiple integer overflows CVE-2020-29362 Heap-based buffer over-read For Debian 9 stretch, these problems have been fixed in version...

Debian DSA-4822-1 : p11-kit - security update

David Cook reported several memory safety issues affecting the RPC protocol in p11-kit, a library providing a way to load and enumerate PKCS11 modules. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4822. Th...

Fedora: Security Advisory for p11-kit (FEDORA-2020-edcc40be4b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 Networks BIG-IP : OpenSSH vulnerability (K31440025)

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket. CVE-2016-10009 C Tenable Network Security, Inc. The descriptive text and package checks in...

Ubuntu 14.04 LTS / 16.04 LTS : OpenSSH vulnerabilities (USN-3538-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3538-1 advisory. Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this iss...

Medium: openssh

Issue Overview: A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses. CVE-2016-6210 It was found that OpenSSH...

Design/Logic Flaw

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...

CVE-2016-10009

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...

CVE-2016-10009

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...

FreeBSD : openssh -- multiple vulnerabilities (2aedd15f-ca8b-11e6-a9a5-b499baebfeaf)

The OpenSSH project reports : - ssh-agent1: Will now refuse to load PKCS11 modules from paths outside a trusted whitelist run-time configurable. Requests to load modules could be passed via agent forwarding and an attacker could attempt to load a hostile PKCS11 module across the forwarded agent...

CVE-2016-10009

It was found that ssh-agent could load PKCS11 modules from arbitrary paths. An attacker having control of the forwarded agent-socket on the server, and the ability to write to the filesystem of the client host, could use this flaw to execute arbitrary code with the privileges of the user running...

CentOS Update for seamonkey CESA-2009:1432 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 4 : thunderbird (RHSA-2010:0154)

The remote Redhat Enterprise Linux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2010:0154 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content. An...

CentOS 4 : thunderbird (CESA-2010:0154)

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

RHEL 4 / 5 : firefox (RHSA-2009:1430)

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime...

RHEL 4 : seamonkey (RHSA-2009:1431)

Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client,...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime...

OpenSC: Multiple vulnerabilities

Background OpenSC provides a set of libraries and utilities to access smart cards. Description Multiple vulnerabilities were found in OpenSC: b.badrignans discovered that OpenSC incorrectly initialises private data objects CVE-2009-0368. Miquel Comas Marti discovered that src/tools/pkcs11-tool.c ...