14899 matches found
[SECURITY] Fedora 33 Update: remmina-1.4.21-1.fc33
Remmina is a remote desktop client written in GTK+, aiming to be useful for system administrators and travelers, who need to work with lots of remote computers in front of either large monitors or tiny net-books. Remmina supports multiple network protocols in an integrated and consistent user...
[SECURITY] Fedora 34 Update: remmina-1.4.21-1.fc34
Remmina is a remote desktop client written in GTK+, aiming to be useful for system administrators and travelers, who need to work with lots of remote computers in front of either large monitors or tiny net-books. Remmina supports multiple network protocols in an integrated and consistent user...
Password usage analysis of brute force attacks on honeypot servers
As Microsoft’s Head of Deception, Ross Bevington is responsible for setting up and maintaining honeypots that look like legitimate systems and servers. Honeypot systems are designed to pose as an attractive target for attackers. Sometimes they are left vulnerable to create a controllable and safe...
Dell Technologies Dell PowerScale OneFS 日志信息泄露漏洞
Dell PowerScale OneFS is an operating system from Dell Technologies, Inc. Dell EMC PowerScale OneFS version 8.1.2 contains an information disclosure vulnerability that could be exploited by an attacker with ISIPRIVLOGINSSH and ISIPRIVLOGINCONSOLE privileges to access sensitive information in log...
ThreatBox - A Standard And Controlled Linux Based Attack Platform
ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why no...
libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL
A flaw was found in libssh. A NULL pointer dereference in tftpserver.c if sshbuffernew returns NULL...
FBI Issues Flash Alert on Actively Exploited FatPipe VPN Zero-Day Bug
The U.S. Federal Bureau of Investigation FBI has disclosed that an unidentified threat actor has been exploiting a previously unknown weakness in the FatPipe MPVPN networking devices at least since May 2021 to obtain an initial foothold and maintain persistent access into vulnerable networks,...
[SECURITY] Fedora 35 Update: remmina-1.4.21-1.fc35
Remmina is a remote desktop client written in GTK+, aiming to be useful for system administrators and travelers, who need to work with lots of remote computers in front of either large monitors or tiny net-books. Remmina supports multiple network protocols in an integrated and consistent user...
Cisco Firepower Threat Defense Software SSH Connections DoS (cisco-sa-ftd-dos-rUDseW3r)
According to its self-reported version, Cisco FTD Software is affected by a vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition o...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2021-2753)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2021-2787)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.0 : libssh (EulerOS-SA-2021-2787)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime...
EulerOS Virtualization 2.9.1 : libssh (EulerOS-SA-2021-2753)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime...
CVE-2021-42114
Modern DRAM devices PC-DDR4, LPDDR4X are affected by a vulnerability in their internal Target Row Refresh TRR mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips o...
kexec-tools security, bug fix, and enhancement update
2.0.20-57.0.3 - Merge 8.4 extra patches for SB boot environment Orabug: 33512440 2.0.20-57.0.2 - Merge SRPM/ol8-u4 orabug patches into SRPM/ol8-u5 Orabug: 33471981 2.0.20-57.0.1 - makedumpfile: Add support for newer kernels up to v5.12 Orabug: 33250117 2.0.20-57 - kdumpctl: enable secure boot on...
IBM System x servers operating system command injection vulnerability
IBM System x servers are a server from International Business Machines Corporation IBM, and an operating system command injection vulnerability exists in the Integrated Management Module IMM of IBM System x 3550 M3 and IBM System x 3650 M3 servers, which could be exploited by an attacker to execu...
openssh security update
8.0p1-10 - sshd -T requires -C when 'Match' is used in sshdconfig 1836277 8.0p1-9 - CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak in the algorithm negotiation 1882252 - Hostbased ssh authentication fails if session ID contains a '/' 1944125 8.0p1-8 - ssh doesnt...
mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0...
Airangel Hsmx Gateway Credential Disclosure Vulnerability
Airangel Hsmx Gateway is a platform from Airangel UK. Used to manage authentication and billing in the network, a credential disclosure vulnerability exists in versions prior to Airangel Hsmx Gateway 5.2.04, which stems from the presence of weak SSH credentials in Airangel HSMX Gateway devices. A...
CVE-2021-3723
A command injection vulnerability was reported in the Integrated Management Module IMM of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session...