309 matches found
Security update for rsync
This update for rsync fixes the following issues: Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
SUSE-SU-2025:0340-1 Security update for rsync
This update for rsync fixes the following issues: - Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities...
PT-2025-5680 · Rsync · Rsync
Name of the Vulnerable Software and Affected Versions: rsync affected versions not specified Description: The issue concerns recent vulnerabilities in rsync. An update bumps the rsync protocol version to 32, indicating that the server is patched against these vulnerabilities. Recommendations: At...
The vulnerability of the Juniper Tunnel Driver (JTD) driver for Juniper Networks’ Junos OS Evolved operating systems allows a hacker to induce a service failure.
The vulnerability of the Juniper Tunnel Driver JTD driver for Juniper Networks’ Junos OS Evolved operating systems is related to the lack of memory release after the effective lifespan of the driver. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending...
CVE-2025-21598
An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon rpd allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects:...
PT-2025-4310
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue concerns the Linux kernel's handling of IPv6 packets with extension headers. Specifically, it affects devices that advertise NETIF F IPV6 CSUM, which is a feature for checksumming pla...
The vulnerability of the Linux operating system’s kernel’s ipv6 component, which allows a hacker to trigger a service failure
The vulnerability of the ipv6 component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...
Contiki-NG 安全漏洞
Contiki-NG is a Contiki-NG open source operating system for resource-constrained devices in the Internet of Things. A security vulnerability exists in Contiki-NG 4.9 and earlier versions, which stems from a lack of valid validation of the next-hop address, which could result in uncontrolled...
PT-2024-37063
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, involving IPv6 and device removal. The issue occurred during device removal in the pmtu.sh self-test, causing an aperiodic hangup...
mod_http2: DoS by null pointer in websocket over HTTP/2
A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process...
kernel: tunnels: fix out of bounds access when building IPv6 PMTU error
A flaw was found in the Linux kernel. This issue occurs due to the improper handling of non-linear skbs socket buffers when calculating checksums for ICMPv6 PMTU error messages. This vulnerability can lead to out-of-bounds access, potentially causing memory corruption or crashes...
kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
This CVE addresses a race condition in the Linux kernel's IPv6 subsystem, specifically between the ipv6getifaddr and ipv6deladdr functions. This race condition can lead to use-after-free scenarios, potentially causing system instability or crashes...
TeamTalk Gather Credentials
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TeamTalk Gather Credentials', 'Description' = %q This module retrieves user credentials from BearWare TeamTalk. Valid administrator credentials a...
The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily e.g. leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.
...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential race condition issue in the ipv6 component in the fib6droppcpufrom function that could lead to...
kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
This CVE addresses a race condition in the Linux kernel's IPv6 subsystem, specifically between the ipv6getifaddr and ipv6deladdr functions. This race condition can lead to use-after-free scenarios, potentially causing system instability or crashes...
Hfinger - Fingerprinting HTTP Requests
Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :- Its main objective is to provide unique representations fingerprints of malware requests, which help in their identification. Unique means here that each fingerprint should be seen...
The vulnerability of the __fib6_rule_action() function in the Linux operating system’s IPv6 kernel implementation allows a hacker to induce a service failure.
The vulnerability of the fib6ruleaction function in the net/ipv6/fib6rules.c module of the Linux operating system’s IPv6 kernel implementation is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
OpenSSL 0.9.7 < 0.9.7h Vulnerability
The version of OpenSSL installed on the remote host is prior to 0.9.7h. It is, therefore, affected by a vulnerability as referenced in the 0.9.7h advisory. - The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option,...