Red Hat Security Advisory 2020-3464-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, denial of service, deserialization, improper authorization, and remote SQL injection vulnerabilities.
0f78f2c759322a21645f5e2cd7f1b6fcUbuntu Security Notice 4456-1 - It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. It was discovered that the Dovecot RPA mechanism incorrectly handled zero-length messages. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.
575687b073f155d6229f47d4d093a9f3Red Hat Security Advisory 2020-3422-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7. Security Fixes: .NET Core: ASP.NET Core Resource Consumption Denial of Service. Issues addressed include a denial of service vulnerability.
bfc2f4036f8d918be1ab666309a7b00bRed Hat Security Advisory 2020-3421-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.107 and .NET Core Runtime 3.1.7. Issues addressed include a denial of service vulnerability.
831c9d966d3500e6f4b044c2769032b1Ubuntu Security Notice 4454-2 - USN-4454-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Various other issues were also addressed.
28286858828b581194abde5675e0a025Ubuntu Security Notice 4454-1 - Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.
4d727511174b362f017cea4d57f55db7Two denial of service exploits for Cisco 7937G versions SIP-1-4-5-7 and below.
5534c1f0e1f875aee45b3734baba6fdbRed Hat Security Advisory 2020-3383-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package. Issues addressed include a denial of service vulnerability.
f6410d721cabef50d5751dc75362582dRed Hat Security Advisory 2020-3382-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages. Issues addressed include a denial of service vulnerability.
814ef709bbaa551c16356286466e716fGentoo Linux Security Advisory 202008-6 - A use-after-free was found in iproute2, possibly allowing a Denial of Service condition. Versions less than 5.1.0 are affected.
dd397a209e25d63bacec44e770ef754fUbuntu Security Notice 4453-1 - Johannes Kuhn discovered that OpenJDK 8 incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. Philippe Arteau discovered that OpenJDK 8 incorrectly verified names in TLS server's X.509 certificates. An attacker could possibly use this issue to obtain sensitive information. It was discovered that OpenJDK 8 incorrectly handled exceptions in DerInputStream class and in the DerValue.equals method. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
a0c890f204d84cac8ed235ff33fa9d9aQlikView version 12.50.20000.0 denial of service proof of concept exploit.
cdd13e0571ec5dbf02014ba7a5e24f8eACTi NVR3 Standard or Professional Server version 3.0.12.42 denial of service proof of concept exploit.
ddafde4ec60b225d8fa65e4b783b45f6Ubuntu Security Notice 4450-1 - Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. Seong-Joong Kim discovered that Whoopsie incorrectly handled parsing files. A local attacker could use this issue to cause Whoopsie to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
8a56b151952311fb68e4412ae9c9a5b1Ubuntu Security Notice 4448-1 - It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause Tomcat to hang, resulting in a denial of service. It was discovered that Tomcat incorrectly handled HTTP header parsing. In certain environments where Tomcat is located behind a reverse proxy, a remote attacker could possibly use this issue to perform HTTP Request Smuggling. Various other issues were also addressed.
f490bd6674a82d8af4d84ba15996c17fUbuntu Security Notice 4449-1 - Ryota Shiga discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. Ryota Shiga discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. Various other issues were also addressed.
ccdc98754ed6d235718171b799686bcaUbuntu Security Notice 4447-1 - It was discovered that libssh incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service.
cec1d8fcd7514e57e050ad3fee686a21Red Hat Security Advisory 2020-3308-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3.2 serves as a replacement for Red Hat JBoss Web Server 5.3.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.
64720b7761a12fb3a4767798c78ae258Red Hat Security Advisory 2020-3306-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3.2 serves as a replacement for Red Hat JBoss Web Server 5.3.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.
caecac300e64d3b48adb292d24855b6fRed Hat Security Advisory 2020-3305-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 10 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
6e1799e37ce5f20ef4e6ad6d064b44c3Red Hat Security Advisory 2020-3303-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 10 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
c3f05082eb8212198cca368d8f048dc0Red Hat Security Advisory 2020-3298-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.
1f9903312f31065b4efe8a3d1621d7e8Ubuntu Security Notice 4298-2 - USN-4298-1 fixed several vulnerabilities in SQLite. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
d1de1d9403a24bcb05ee45c057fd3d41Mocha Telnet Lite for iOS version 4.2 denial of service proof of concept exploit.
07006fb34c3849a7f8b2583b33f722deRTSP for iOS version 1.0 denial of service proof of concept exploit.
9deb3c878023b0b278fe006ec1c53422
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed