what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2022-32208

Status Candidate

Overview

When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.

Related Files

Red Hat Security Advisory 2022-8840-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8840-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include buffer overflow, bypass, code execution, denial of service, double free, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-2068, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-30522, CVE-2022-31813, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221
SHA-256 | 5b7994ef1ac893da1796d6f141c46df2497e2f625c087c27f1b69c902e826051
Red Hat Security Advisory 2022-8841-01
Posted Dec 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8841-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-2068, CVE-2022-22721, CVE-2022-23943, CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-30522, CVE-2022-31813, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221
SHA-256 | 222fd306b69d048e15681a3ca9c45ddbb178b2c60ccd178af9bd088b1604a60b
Red Hat Security Advisory 2022-6560-01
Posted Sep 26, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6560-01 - An update is now available for OpenShift Logging 5.3.12 Red Hat Product Security has rated this update as having a security impact of Moderate.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-29154, CVE-2022-30631, CVE-2022-32206, CVE-2022-32208, CVE-2022-34903
SHA-256 | d134f436fdff639de70a03b7b3975885bf861fbed06c5479cdbcb07453bd6f5d
Red Hat Security Advisory 2022-6507-01
Posted Sep 14, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6507-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1012, CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-29154, CVE-2022-31129, CVE-2022-32206, CVE-2022-32208, CVE-2022-32250
SHA-256 | 75e089711468232e4bcdf04ef4e769e7d5a865f427fde9d59fd2c9c9691dd6f8
Red Hat Security Advisory 2022-6422-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6422-01 - Multicluster Engine for Kubernetes 2.0.2 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-1586, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-29154, CVE-2022-31129, CVE-2022-32206, CVE-2022-32208, CVE-2022-36067
SHA-256 | f9f497cd32f3eec88a2d2917982db7ed736ec611fb5beef51d8ac5bf18b4848e
Red Hat Security Advisory 2022-6287-01
Posted Sep 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6287-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.3. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2022-2526, CVE-2022-29154, CVE-2022-32206, CVE-2022-32208
SHA-256 | cdfa110c52d5f36c1043dcb84bbdac933a90042102886ff5182c1c46a467e01f
Red Hat Security Advisory 2022-6182-01
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6182-01 - Openshift Logging Bug Fix Release. Issue addressed include a stack exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-32206, CVE-2022-32208
SHA-256 | 4099c4aee454dfe06715c49e580c20892cb9106441a44fb59f068ac2c01cd719
Red Hat Security Advisory 2022-6183-01
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6183-01 - Logging Subsystem 5.4.5 for Red Hat OpenShift has been released. Issue addressed include a stack exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1292, CVE-2022-1586, CVE-2022-1705, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-32148, CVE-2022-32206, CVE-2022-32208
SHA-256 | deb14193a53634d9562af8ba160cd856b0498c98c238f89208e101f38e1c3aec
Red Hat Security Advisory 2022-6344-01
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6344-01 - Logging Subsystem 5.5.1 for Red Hat OpenShift has been released. Issue addressed include a stack exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1705, CVE-2022-2526, CVE-2022-29154, CVE-2022-30631, CVE-2022-32148, CVE-2022-32206, CVE-2022-32208
SHA-256 | 9f699527ab1ebb891364aada3736d49b37fffd23024040057f1a711405164e80
Red Hat Security Advisory 2022-6157-01
Posted Aug 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6157-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2022-32206, CVE-2022-32207, CVE-2022-32208
SHA-256 | e9e5d55bd85dfcf2e681da8fd234620791cf321e5c8e0c9b48d83908028d13c6
Red Hat Security Advisory 2022-6159-01
Posted Aug 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6159-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2022-32206, CVE-2022-32208
SHA-256 | ad86155e8626cdb361b2241ecd3e5872860c0bcf36326a96dfb770c9e7674024
Ubuntu Security Notice USN-5499-1
Posted Jul 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5499-1 - Florian Kohnhuser discovered that curl incorrectly handled returning a TLS server’s certificate chain details. A remote attacker could possibly use this issue to cause curl to stop responding, resulting in a denial of service. Harry Sintonen discovered that curl incorrectly handled certain FTP-KRB messages. An attacker could possibly use this to perform a machine-in-the-middle attack.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-27781, CVE-2022-32208
SHA-256 | 579ac0d4fbdd6b3c4bbc8ad5e07aa9f74a39a82dc0fe5bff37ac34f9fa633de5
Ubuntu Security Notice USN-5495-1
Posted Jun 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5495-1 - Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. Harry Sintonen discovered that curl incorrectly handled certain HTTP compressions. An attacker could possibly use this issue to cause a denial of service. Harry Sintonen incorrectly handled certain file permissions. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208
SHA-256 | 1fe65184779786d3ab56c3974f55e77232c7046926fa263b44ad43d6389575e2
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close