nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass

It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server's headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Update Rollup 8 for System Center 2016 Data Protection Manager

Update Rollup 8 for System Center 2016 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 8 for Microsoft System Center 2016 Data Protection Manager. This article also contains the installation instructions for this update.Note Existing Data...

CVE-2018-21018

Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions...

Code injection

Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions...

CVE-2018-21018

CVE-2018-21018 affects Mastodon prior to 2.6.3. The issue is described as mishandling timeouts of incompletely established sessions, with CVSS metrics indicating HIGH to CRITICAL impact (CVSS 2.0: 7.5; CVSS 3.1: 9.8). Affected software is Mastodon before 2.6.3; the root cause relates to session t...

CVE-2018-21018

Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions...

U.S. Dept Of Defense: [CVE-2018-0296] Cisco VPN path traversal on the https://███████/ (████.███.mil)

The CVE-2018-0296 vulnerability was discovered in a Cisco VPN system. It allowed an unauthenticated attacker to perform path traversal and disclose sensitive information such as VPN sessions and user files. The issue was addressed by updating to a patched version that returned a 404 "File not...

U.S. Dept Of Defense: [CVE-2018-0296] Cisco VPN path traversal on the https://███ (████████████████)

A path traversal vulnerability was discovered in Cisco VPN that could allow unauthenticated users to disclose sensitive information such as VPN sessions and files. The vulnerability was assigned CVE-2018-0296. The vulnerability was fixed in updated versions of the software...

Linux kernel out-of-bounds access vulnerability (CNVD-2019-31653)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An out-of-bounds access vulnerability exists in the ath6klwmipstreamtimeouteventrx and ath6klwmicaceventrx functions in drivers/net/wireless/ath/ath6kl/wmi.c in versio...

DEBIAN-CVE-2019-15926

An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6klwmipstreamtimeouteventrx and ath6klwmicaceventrx in the file drivers/net/wireless/ath/ath6kl/wmi.c...

Missing default timeout on HTTP requests (NC-SA-2020-005)

Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long...

Fedora 30 : mod_http2 (2019-63ba15cc83) (0-Length Headers Leak) (Data Dribble) (Internal Data Buffering)

Rebuilt with newer nghttp2 ---- This update includes the latest upstream release of modhttp2, version 1.15.3. Upstream changes include : - fixes Timeout vs. KeepAliveTimeout behaviour, see PR 63534. - Fixes stream cleanup when connection throttling is in place. - Counts stream resets by client on...

Node.js: Http response is not ended although underlying socket is already destroyed

Summary: When node server receives http request and hooks to end, finish and error events are attached on response object to handle cases when response is closed/ended but underlying socket is abruptly terminated then none of those events is fired. This leads to state when response seems to be...

polkit security and bug fix update

0.112-22.0.1 - Increase timeout to avoid defunct processes Orabug: 26930744 0.112-22 - pkttyagent: polkit-agent-helper-1 timeout leaves tty echo disabled - Resolves: rhbz1325512 0.112-21 - Mitigation of regression caused by fix of CVE-2018-19788 - Resolves: rhbz1656377 0.112-20 - Fix of...

Oracle Linux 7 : curl (ELSA-2019-1880)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1880 advisory. - CVE-2016-8615 cookie injection for other servers https://curl.haxx.se/docs/CVE-2016-8615.html - CVE-2016-8616 case insensitive password comparison...

SilverSHielD 6.x - Local Privilege Escalation

SilverSHielD 6.x - Local Privilege Escalation This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit Title: extenua SilverSHielD 6.x local priviledge escalation Google Dork: na Date: 31 Jul 2019 Exploit Author: Ian...

nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass

It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server's headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of...

CVE-2017-8227

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. However, if the same brute force attempt is performed using the ONVIF specification which...

Qualys Cloud Platform (VM, PC) 8.20 New Features

This new release of the Qualys Cloud Platform VM, PC, version 8.20, includes several new features in Qualys Cloud Platform and additional support for multiple technologies in Qualys Policy Compliance. Feature Highlights Qualys Cloud Platform Configure Password Expiration Notification – Now users...