Fedora: Security Advisory (FEDORA-2023-327346caa5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for podman-tui (FEDORA-2023-e359fd31d2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5559-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5559-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 19, 2023 https://www.debian.org/security/faq -...

CVE-2023-46446

A flaw was found in python-synch before the 2.14.1 versions, where the client can log in to the attacker's account without the client being able to detect this. This flaw allows an attacker to control the remote end of the SSH session completely, resulting in a complete break of the confidentiali...

cloud-init security, bug fix, and enhancement update

23.1.1-10.0.1 - Added missing services in rhel/systemd/cloud-init.service Orabug: 32183938 - Add IPv6 IMDS and dhcp6 support for Oracle Datasource Orabug: 35470783 - Increase retry value and add timeout for OCI Orabug: 35329883 - Fix log file permissions Orabug: 35302985 - Update detection logic...

CVE-2023-6174

An invalid memory block read was found in Wireshark's SSH dissector. This issue may lead to an application crash and denial of service via packet injection or crafted capture file...

CVE-2023-6174

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

DEBIAN-CVE-2023-6174

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

CVE-2023-6174

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

Design/Logic Flaw

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

CVE-2023-6174

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

Leaving Authentication Credentials in Public Code

Interesting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000...

CVE-2023-6174 Out-of-bounds Read in Wireshark

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

CVE-2023-6174

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

CVE-2023-6174

Wireshark SSH dissector (CVE-2023-6174) crashes in versions 4.0.0–4.0.10, allowing denial of service via crafted captures or packet injection. Debian security advisory DSA-5559-1 notes a fix in version 4.0.11-1~deb12u1; other advisories reference 4.0.12+ releases. No exploitation details are prov...

CVE-2023-6174 Out-of-bounds Read in Wireshark

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

CVE-2023-6174

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

Wireshark Security Vulnerabilities

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in Wireshark versions 4.0.0 through 4.0.10, which stems from a...

New SSH Vulnerability

This is interesting: For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being...

KLA62771 DoS vulnerability in Wireshark

Denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Wireshark • wnpa-sec-2023-28 SSH dissector crash Related products Wireshark CVE list CVE-2023-6174 high Solution Update to the latest version...