Ubuntu Security Notice 5416-1 - Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service.
7fdbee8afc9e35d51c815cc5cf37dff16b83556969d0fb1ee6bfdc2a05f5d92cRed Hat Security Advisory 2022-2210-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration. Issues addressed include a denial of service vulnerability.
f7cfe142be300e0543c65804cacffd8c136506e51bc9d8cdf64d990f4c7723d1Red Hat Security Advisory 2022-1964-01 - Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet for retrieval. Then Fetchmail forwards the mail through SMTP so the user can read it through their favorite mail client. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.
56a9423de5b90a5b76974fef202cb8350dc94cd1c401b9fb36ecb0edbd6e7fedRed Hat Security Advisory 2022-1934-01 - The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. Issues addressed include an open redirection vulnerability.
cd22467c5deb02cfb2a99534037b75de668bae052a0c6acc812a499eab8dc198Red Hat Security Advisory 2022-2074-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include information leakage and null pointer vulnerabilities.
2d52674dfcaed1f26597914b479f44cf4035e5edfcf4d33b36ee71c6d642ddceRed Hat Security Advisory 2022-1930-01 - The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include a bypass vulnerability.
76947cf8d24f0cc01edc970c03b76ca139059d4c8da0b51ff3856d60cefacc15Red Hat Security Advisory 2022-2031-01 - libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Issues addressed include a buffer overflow vulnerability.
99f67d3e5873587a717a66b1ddacad59122c8692e3fefaf1169520a8c0bbacd6Red Hat Security Advisory 2022-2013-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a privilege escalation vulnerability.
13bc1420d8a6b3ab9e7cc3edb50bece9071c44dfad388f8f4a9f1a3ec25f6121Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
a2d741d60ff3516137d4b9f38cdc07eee54a56ec36046f4c3afee6bfb4f6eaa1OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.
ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0bOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
9384a2b0570dd80358841464677115df785edb941c71211f75076d72fe6b438fRed Hat Security Advisory 2022-1646-01 - Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail servers and more. Issues addressed include a HTTP request smuggling vulnerability.
edafd374bc7080d26a801370b03b76f7d43b88ef319ac614fe523e26bd1f10a3Red Hat Security Advisory 2022-1645-01 - Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail servers and more. Issues addressed include a HTTP request smuggling vulnerability.
18a104826aa895a03c52b3bcd258ce538f2ba0cb7eb0dbcd17064e049546f4ceRed Hat Security Advisory 2022-1644-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.
6411512a574d6fff515bffc7e82e7304682cd0252c57acb85779335db74418bbRed Hat Security Advisory 2022-1643-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.
f8d15676020a9ab3d565cd4406a7e5da73416bf14c9546ee5307f620eab24745Red Hat Security Advisory 2022-1626-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.6 serves as a replacement for Red Hat AMQ Broker 7.8.5, and includes security and bug fixes, and enhancements.
cf23715c7a49b1b422a8dd3431c0faec96815dd29d9f97e6c4f6ca4a69adff20Red Hat Security Advisory 2022-1627-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.4 serves as a replacement for Red Hat AMQ Broker 7.9.3, and includes security and bug fixes, and enhancements.
e7a268e7f07128928c027246058e455341baf0e5b1887f67be9e6741f0490effRed Hat Security Advisory 2022-1540-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.
487dc3b2d93eedc2fcb87a4be267ba9c311893cb909e4c7b26d1da9002b99fcaRed Hat Security Advisory 2022-1539-01 - XML-RPC is a remote procedure call protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML. Issues addressed include a code execution vulnerability.
277e754c3ed3d2b26c37fd443267b87858fb3e04b24fca3b9a4d3ce2a33ad8a1Red Hat Security Advisory 2022-1410-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a double free vulnerability.
00d8f263c5a67a6419cc49d447c3b30bc580046d7f899df5f48c7064a3b97bdaMicrosoft HTTP protocol stack denial of service exploit that leverages the vulnerability in CVE-2022-21907.
0035e8f68394e431f30fc5f6c1453975239fafaabddd9ec475fac32868642729Red Hat Security Advisory 2022-1112-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
4facf3061c3a84ecb0734a25ebed56e7815402d157677e7fa4f26f506cb210edRed Hat Security Advisory 2022-1091-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
547e0428253fe19394e4d502af2ba7da74aa3bbac454474bed040a5c67725505Red Hat Security Advisory 2022-1082-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
d898a0c13cc407147b874cb1b50be23da843d83fd704701a8e7b41db4bc64860Red Hat Security Advisory 2022-1073-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
438038ad6ed50efa80195af5adc8d2b5a061f35165a47e2b53af912e6fcd3c0f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed