[SECURITY] Fedora 43 Update: rpki-client-9.8-1.fc43

The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...

EUVD-2014-8407

Malware in sbrugna...

Malicious code in vrp-tools (npm)

The package vrp-tools was found to contain malicious code...

PT-2024-36693 · Gueststream · Gueststream Vrpconnector

Name of the Vulnerable Software and Affected Versions: Gueststream VRPConnector versions n/a through 2.0.1 Description: The issue is related to the deserialization of untrusted data, which allows object injection in the Gueststream VRPConnector. This is a type of vulnerability where an attacker c...

Improper RPKI Origin Validation

github.com/cloudflare/cfrpki is vulnerable to Improper RPKI Origin Validation. The vulnerability is caused by emitting an invalid VRP MaxLength value through validator/lib/roa.go causing RTR sessions to terminate. This flaw allows an attacker disable RPKI Origin Validation which can result in BGP...

CVE-2021-43114

FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation...

[SECURITY] Fedora 34 Update: rpki-client-7.4-1.fc34

The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...

Google to Pay Hackers $31,337 for Exploiting Patched Linux Kernel Flaws

Google on Monday announced that it will pay security researchers to find exploits using vulnerabilities, previously remediated or otherwise, over the next three months as part of a new bug bounty program to improve the security of the Linux kernel. To that end, the company is expected to issue...

CVE-2021-3761

Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network for example AS 13335 - Cloudflare prior to launching a BGP hijack which...

CVE-2021-3761

Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network for example AS 13335 - Cloudflare prior to launching a BGP hijack which...

Input validation

Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network for example AS 13335 - Cloudflare prior to launching a BGP hijack which...

CVE-2021-3761

CVE-2021-3761 affects Cloudflare’s RPKI validator (OctoRPKI) prior to 1.3.0, where any CA issuer can trigger an invalid VRP MaxLength value, causing RTR sessions to terminate. This can disable RPKI Origin Validation in a victim network and potentially enable a subsequent BGP hijack; RTR session f...

RPKI 缓冲区错误漏洞

RPKI is Resource Public Key Infrastructure RPKI, also known as Resource Certification Resource Certification, the full name in Chinese is "Internet Code Resource Public Key Infrastructure", is a public key infrastructure PKI framework designed to make the Internet routing infrastructure more...

OctoRPKI lacks contextual out-of-bounds check when validating RPKI ROA maxLength values

Any CA issuer in the RPKI can trick OctoRPKI prior to https://github.com/cloudflare/cfrpki/commit/a8db4e009ef217484598ba1fd1c595b54e0f6422 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. Impact An attacker can use this to disable RPKI Origin Validation in a vict...

HackerOne: "Bounty splitting enabled" can discloses if public VDPs are running private VRP

Hello Everyone, I hope all is safe and you're safe in this pandemic, and I hope this won't bother you like my previous submitions lol , Description : The "allowsprivatedisclosure" resource in team for private team that have a public profile is shown there which discloses that this program have a...

Android Studio Privilege Escalation

Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0 When you open a project in android studio, if gradle-wrapper.properties set distributionUrl=https:// services.gradle.org/distributions/gradle-2.6-all.zip , then android studio will download and extract gradle-2.6-all.zip, jar file i...

Huawei Data Communication: Read current-configuration configuration section include multicast routing-enable

Get the sections with multicast routing-enable of the VRP device. Note: This script only stores information for other Policy Controls. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Huawei Data Communication: Read current-configuration configuration interface

Get the current configurations for the interfaces of the VRP device. Note: This script only stores information for other Policy Controls. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Huawei Data Communication: Read and parse arp speed-limit

Get the current arp speed-limit configuration of the VRP device. Please set screen-length of user-interface to 0, otherwise not all configurations are returned. Note: This script only stores information for other Policy Controls. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions...

Huawei Data Communication: Read and parse current bgp configuration

Get the current bgp configuration of the VRP device. Please set screen-length of user-interface to 0, otherwise not all configurations are returned. Note: This script only stores information for other Policy Controls. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be...