USN-7550-5: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Sun RPC protocol; CVE-2024-56608, CVE-2024-56551, CVE-2024-53168...

F5 Networks BIG-IP : Diffie-Hellman key agreement protocol weaknesses (K83120834)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.4 / 17.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K83120834 advisory. The Diffie-Hellman Key Agreement Protocol allows remote attackers from the client side to send arbitrary...

Parlez-vous Machine?

Have you ever heard of the MQTT or CoAP protocols? No? Well the device on your wrist, and so many devices around you, could be using them right now. MQTT and CoAP are machine-to-machine or M2M protocols. With the rise of the internet of things IoT and operational technology OT, there’s increased...

TLS Version 1.0 Protocol Detection (PCI DSS)

The remote service accepts connections encrypted using TLS 1.0. This version of TLS is affected by multiple cryptographic flaws. An attacker can exploit these flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected service and clients. C Tenable Network...

Spoofing

The billing system for Parallels Plesk Panel 10.3.1build1013110726.09 does not disable the SSL 2.0 protocol, which makes it easier for remote attackers to conduct spoofing attacks by leveraging protocol weaknesses...

THC-ipv6 Toolkit – Attacking the IPV6 Protocol

THC-ipv6 Toolkit – Attacking the IPV6 Protocol A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. Please note to get full access to all the available tools you need to develop IPV6 tools yourself or submit patches,...

Mandrake Linux Security Advisory : openssh (MDKSA-2001:033-2)

There are several weaknesses in various implementations of the SSH Secure Shell protocols. When exploited, they let the attacker obtain sensitive information by passively monitoring encrypted SSH sessions. The information can later be used to speed up brute-force attacks on passwords, including t...

CVE-2003-0139

Certain weaknesses in the implementation of version 4 of the Kerberos protocol krb4 in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing."...

CVE-2003-0139

Certain weaknesses in the implementation of version 4 of the Kerberos protocol krb4 in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing."...

More problems with RADIUS (protocol and implementations)

Hello bugtraq, There are more problems in RADIUS protocol and some of implementations: 1. There is no way RADIUS server can validate Access-Request packet really originated by NAS RADIUS client before and even after, if packet has no User-Password attribute decoding all attributes. It opens a...

CVE-2001-0572

The SSH protocols 1 and 2 aka SSH-2 as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: 1 password lengths or ranges of lengths, which simplifies brute force password guessing, 2 whether RSA or DS...

PT-2001-1770 · Openssh +1 · Openssh +1

Name of the Vulnerable Software and Affected Versions: OpenSSH affected versions not specified Description: The SSH protocols 1 and 2 as implemented in OpenSSH have various weaknesses that can allow a remote attacker to obtain sensitive information via sniffing. This includes password lengths or...