Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the gRPC management server. An attacker can access sensitive BGP configuration and manipulate routing decisions by sending unauthorized gRPC requests from any pod within the cluster. This...

PT-2024-21885 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data-race issue has been identified around sysctl netrom routing control in the netrom component of the Linux kernel. Recommendations: At the moment, there is no information about a...

BGP Routing Explained. How Border Gateway Protocol Works❓

What is BGP? BGP, fully known as Border Gateway Protocol is the postal help of the Internet. At the point when somebody drops a letter into a post box, the postal help measures that piece of mail and picks a quick, effective course to convey that letter to its beneficiary. Additionally, when...

Server: Insufficient RSA Host Key validation in files_external (SFTP driver)

The SFTP external storage driver was verifying the RSA Host Key after logging in. This allows for a man-in-the-middle MITM attack even if the host key is already known and can be validated. Basically, at the point where the host key was validated, the secret has already been given away. It should...

IPv6 Type 0 Route Headers allow sender to control routing

Overview IPv6 Type 0 Route Headers allow the sender to control packet routing. This vulnerability may allow an attacker to cause a denial-of-service condition. Description Routing header options provided by IPv6 allow packet senders to indicate specific nodes through which the packet should trave...