EulerOS 2.0 SP8 : curl (EulerOS-SA-2022-2217)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections...

EulerOS 2.0 SP10 : curl (EulerOS-SA-2022-2251)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an...

CVE-2022-24950

EternalTerminal vulnerability CVE-2022-24950 exists in versions prior to 6.2.0. The issue is a race condition in UserTerminalRouter::getInfoForId() that lets an authenticated attacker hijack other users’ SSH authorization sockets, enabling logins to other systems as targeted users. The problem is...

SUSE: Security Advisory (SUSE-SU-2022:2813-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Progress WS_FTP Server Detection Consolidation

Consolidation of Progress WSFTP Server detections. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if description...

CVE-2022-38133

CVE-2022-38133 affects JetBrains TeamCity pre-2022.04.3 where private SSH keys could be written to server logs under certain conditions. The vulnerability stems from logging behavior; impact could be leakage of private SSH material if logs are exposed. Affected software is JetBrains TeamCity prio...

Debian DSA-5203-1 : gnutls28 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5203 advisory. Jaak Ristioja discovered a double-free vulnerability in GnuTLS, a library implementing the TLS and SSL protocols, during verification of pkcs7 signatures. A remote attacke...

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute...

CVE-2022-36881

A flaw was found in the Git-Client Jenkins plugin. The affected versions of the Jenkins Git client Plugin do not perform SSH host key verification when connecting to Git repositories via SSH, enabling Man-in-the-middle attacks...

CentOS 7 : kernel (RHSA-2022:5232)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5232 advisory. - net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root...

Fedora: Security Advisory for vultr (FEDORA-2022-5038c3236c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for shellz (FEDORA-2022-5038c3236c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for podman-tui (FEDORA-2022-5038c3236c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: vultr-2.0.3-6.fc36

Vultr CLI is a command line tool for using the Vultr API. It allows you to create and manage your virtual machines, SSH public keys, snapshots, and startup scripts on your Vultr account. You can also use it to directly SSH into a Vultr virtual machine through the vultr ssh command...

[SECURITY] Fedora 36 Update: shellz-1.5.0-8.fc36

Shellz is a small utility to track and control your ssh, telnet, web and cust om shells and tunnels...

[SECURITY] Fedora 36 Update: podman-tui-0.5.0-2.fc36

podman-tui is a terminal user interface for Podman v4. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

Jenkins Git client plugin 3.11.0 does not perform SSH host key verification

Jenkins Git client plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks. Git client Plugin 3.11.1 provides strategies for performing host key verification for administrators to select the one that meet...

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

Design/Logic Flaw

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...