EUVD-2004-0589

Malware in sbrugna...

Important: NetworkManager-libreswan security update

This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktop Security Fixes: NetworkManager-libreswan: Local privilege escalation via leftupdown CVE-2024-9050 For more details about the security issues, including the impact, a CVSS score,...

Important: Red Hat Security Advisory: NetworkManager-libreswan security update

An update for NetworkManager-libreswan is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated...

RHEL 7 : NetworkManager-libreswan (RHSA-2024:8357)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8357 advisory. This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktop Security Fixes:...

Important: NetworkManager-libreswan security update

This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktop Security Fixes: NetworkManager-libreswan: Local privilege escalation via leftupdown CVE-2024-9050 For more details about the security issues, including the impact, a CVSS score,...

Cisco Secure Client 安全漏洞

Cisco Secure Client is a software for connecting to virtual private networks from Cisco USA. A security vulnerability exists in Cisco Secure Client that stems from the presence of an integer underflow problem. An attacker could exploit the vulnerability to cause a denial of service on the system...

RHEL 8 : NetworkManager-libreswan (RHSA-2024:8354)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8354 advisory. This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktop Security Fixes:...

FreeBSD : SoftEtherVPN -- multiple vulnerabilities (d821956f-1753-11ee-ad66-1c61b4739ac9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d821956f-1753-11ee-ad66-1c61b4739ac9 advisory. - Daiyuu Nobori reports: The SoftEther VPN project received a high level code review and...

U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn

The launch of a standing offer to pay for Windows virtual private network VPN software zero-day exploits came to light this week, even as the U.S. mulls new regulations on the export of tools that could be used in cyberattacks against the U.S. or its interests. The developments signal that the U....

[SECURITY] [DLA 2212-1] openconnect security update

Package : openconnect Version : 6.00-2+deb8u2 CVE ID : CVE-2020-12823 Debian Bug : 960620 OpenConnect, a VPN software, had a buffer overflow, causing a denial of service application crash or possibly unspecified other impact, via crafted certificate data to getcertname in gnutls.c. For Debian 8...

Safe Remote Access to Critical Infrastructure Networks in a Time of Global Crisis

With governments closing down workplaces all over the world, telecommuting presents not just online administrative and capacity challenges for organizations, but also security challenges. As highlighted in a recent article by Andy Greenberg from Wired, when more and more employees are asked to VP...

CVE-2019-18909

The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...

CVE-2019-18909

HP ThinPro VPN command-injection (CVE-2019-18909) arises from unsafe handling of user input, enabling potential command execution with root privileges. Affected HP ThinPro Linux versions include 6.2, 6.2.1, 7.0, and 7.1 (Citrix-related component in 6.x/7.x). The issue is documented across multipl...

CVE-2019-18909

The VPN software within HP ThinPro does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with root privileges...

A week in security (April 15 – 21)

Last week, Malwarebytes Labs revealed multiple giveaway online scam campaigns banking on the popularity and generosity of Ellen DeGeneres, weighed in on the hack that compromised legacy Microsoft email service accounts like Hotmail and MSN, explained what “like-farming” means and how to spot it o...

Perfect Privacy VPN Manager v1.10.11 - DoS Vulnerability

Document Title: =============== Perfect Privacy VPN Manager v1.10.11 - DoS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2102 Ticket:...

Private Keys Stolen from OpenVPN Using Heartbleed

You can add OpenVPN to the growing list of products and services vulnerable to the Heartbleed OpenSSL vulnerability. Worse, researchers have been able to chain together exploits to steal private keys from traffic moving through the open source virtual private network software package. A Swedish V...

Large enterprises within the network penetration of the common software has a breaking point-vulnerability warning-the black bar safety net

Some enterprise-level network, especially in Europe and the United States of large companies, the network structure of the General characteristics is the dmz Zone and the internal network is substantially isolated from the domain into the clear, the permissions are set meticulous and strict,...

X4000 DoS: Details and workaround

System affected: --------------- BinTec X4000 Router All firmware versions as far as I know, only verified with latest release 5.1.6 Patch 10 Machines with activated additional VPN software license are NOT affected, neither are machines which filter 1723/tcp. Description: ----------- As mentioned...