exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 3,656 RSS Feed

Protocol Files

Debian Security Advisory 5571-1
Posted Dec 4, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5571-1 - It was discovered that missing input sanitising in the HTTP API endpoint of RabbitMQ, an implementation of the AMQP protocol, could result in denial of service.

tags | advisory, web, denial of service, protocol
systems | linux, debian
advisories | CVE-2023-46118
SHA-256 | 7957822e1b93b14f04419323dbc94e28eb76fa05e363e9d72f263770555fc295
Debian Security Advisory 5570-1
Posted Dec 4, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5570-1 - It was discovered that libnghttp2, a library implementing the HTTP/2 protocol, handled request cancellation incorrectly. This could result in denial of service.

tags | advisory, web, denial of service, protocol
systems | linux, debian
advisories | CVE-2023-44487
SHA-256 | a361a8b094e0e37ca2ea5d4f587944cad91928be895d0bc0f7d06332bb7e2d37
Ubuntu Security Notice USN-6519-2
Posted Nov 30, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6519-2 - USN-6519-1 added IMDSv2 support to EC2 hibagent. This update provides the corresponding update for Ubuntu 16.04 LTS. The EC2 hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended.

tags | advisory, protocol
systems | linux, ubuntu
SHA-256 | 024464774f5ad6a8ef0d73dbedf9ba568379c0a46dcf950ee24cd4ff9b3a441b
Ubuntu Security Notice USN-6519-1
Posted Nov 29, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6519-1 - The EC2 hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended.

tags | advisory, protocol
systems | linux, ubuntu
SHA-256 | d8ce04e1d61cde48beba842b27d2655b79f1476b3a007cb7dd46ee137e8f510c
Ubuntu Security Notice USN-6500-1
Posted Nov 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6500-1 - Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04.

tags | advisory, remote, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2023-46724, CVE-2023-46728, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848
SHA-256 | 89e080ec0dca666e58acac5a17ad942076e2d2723e487a8ff043ca16623f5d78
Ubuntu Security Notice USN-6493-2
Posted Nov 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6493-2 - USN-6493-1 fixed a vulnerability in hibagent. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. On Ubuntu 18.04 LTS and Ubuntu 16.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended.

tags | advisory, protocol
systems | linux, ubuntu
SHA-256 | b13057304526d511463df4f04cba10f337f4992cdb6b55a730c51406ec3831ab
Ubuntu Security Notice USN-6493-1
Posted Nov 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6493-1 - On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended. In addition, on all releases, hibagent has been updated to do nothing if ODH is configured.

tags | advisory, protocol
systems | linux, ubuntu
SHA-256 | 790fee314a2b11eea708a1a104b708111a877a786380c337a1431994534d10ce
Debian Security Advisory 5559-1
Posted Nov 20, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5559-1 - A vulnerability was discovered in the SSH dissector of Wireshark, a network protocol analyzer, which could result in denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, protocol
systems | linux, debian
advisories | CVE-2023-6174, CVE-2023-6175
SHA-256 | f53cfd0c26249d59a5bc7c2d494baef81ce35819cea5f655aec41b69b294b168
Wireshark Analyzer 4.2.0
Posted Nov 16, 2023
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: This is the first major Wireshark release under the Wireshark Foundation, a nonprofit which hosts Wireshark and promotes protocol analysis education. Wireshark supports dark mode on Windows. A Windows installer for Arm64 has been added. Packet list sorting has been improved. Wireshark and TShark are now better about generating valid UTF-8 output. A new display filter feature for filtering raw bytes has been added. Various other updates and fixes have been added.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 0e428492f4c3625d61a7ccff008dc0e429d16ab8caccad4403157ea92b48a75b
Passive SSH Key Compromise Via Lattices
Posted Nov 13, 2023
Authored by Nadia Heninger, Keegan Ryan, Kaiwen He, George Arnold Sullivan

This whitepaper demonstrates that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation. In prior work, this was not believed to be possible for the SSH protocol because the signature included information like the shared Diffie-Hellman secret that would not be available to a passive network observer. The paper shows that for the signature parameters commonly in use for SSH, there is an efficient lattice attack to recover the private key in case of a signature fault. The authors provide a security analysis of the SSH, IKEv1, and IKEv2 protocols in this scenario, and use their attack to discover hundreds of compromised keys in the wild from several independently vulnerable implementations.

tags | paper, cryptography, protocol
SHA-256 | 481aab67e2963f899f4d0981c2be3f03e3ff14965119cb78e929b36c27b58597
Debian Security Advisory 5540-1
Posted Oct 31, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5540-1 - Two remotely exploitable security vulnerabilities were discovered in Jetty 9, a Java based web server and servlet engine. The HTTP/2 protocol implementation did not sufficiently verify if HPACK header values exceed their size limit. Furthermore the HTTP/2 protocol allowed a denial of service (server resource consumption) because request cancellation can reset many streams quickly. This problem is also known as Rapid Reset Attack.

tags | advisory, java, web, denial of service, vulnerability, protocol
systems | linux, debian
advisories | CVE-2023-36478, CVE-2023-44487
SHA-256 | 19d34104164c646ad6b0f2161a5af11a88009b06f4e5e247a2834dd69e90401a
Red Hat Security Advisory 2023-5838-01
Posted Oct 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5838-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | 661a5486f1b6133a1f208827ecb5aeee5c0b4fc74bb0e11f6f492153c369c54e
Red Hat Security Advisory 2023-5837-01
Posted Oct 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5837-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | a7d1f6674241395f921d519fcf10788d9a04a763c61a853c5dc4c3f09249d8a1
Red Hat Security Advisory 2023-5771-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5771-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-3341
SHA-256 | af194c6df8cfaa1ab3dbeb343af35d63f04ba586031d82f0f4a5fc2d225b5647
Red Hat Security Advisory 2023-5770-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5770-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | e238cc36d09269ca4b5139b9de071c83fddb9c788bd67536b39781e141297847
Red Hat Security Advisory 2023-5769-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5769-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | 7cbefc8e4028ece01017318ee2c6828ba7abe47ed0937477140142efd1f56a06
Red Hat Security Advisory 2023-5768-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5768-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | 0d85cd26379ad3cc0ef4486eaf98abf09d84069f7d8cf1f9f276dc9fa28c5d4c
Red Hat Security Advisory 2023-5767-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5767-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | a3df9223e0ce271f60e7dbb42c178a6ba04b57fe5239c9d1b6d911a6c9846fc2
Red Hat Security Advisory 2023-5766-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5766-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | 82a4740fbe239e3a078172d2cfec64659b2caa388387d8382d9bc439d9f8685c
Red Hat Security Advisory 2023-5763-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5763-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2023-38545
SHA-256 | 510c6724745c0651fdfcdb28c913292f03ad32f78e765fb9849dd2ced54a1233
Red Hat Security Advisory 2023-5720-01
Posted Oct 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5720-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | f56ae5623e2241867f4fc0485f75e5ef9f5e1859b13cc3b41a12c91545350256
Red Hat Security Advisory 2023-5714-01
Posted Oct 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5714-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | a94dbe3add5d27b474a7e19885bdf0916c7ec1c74980d7fed45915178f06c5b3
Red Hat Security Advisory 2023-5713-01
Posted Oct 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5713-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | 30de2472e72b721bf7c437f31b51e6cfbb2bb56d3e80c42656395d2983758a42
Red Hat Security Advisory 2023-5711-01
Posted Oct 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5711-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service, protocol
systems | linux, redhat
advisories | CVE-2023-44487
SHA-256 | 2c4da744261b683374e720cf294d6944b7a84c1e8ae1303e5f240fb4687cb3d1
Red Hat Security Advisory 2023-5700-01
Posted Oct 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5700-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow, protocol
systems | linux, redhat
advisories | CVE-2023-38545
SHA-256 | 43a3801f3c1efdcc6ec83fd26a2db345717038d202709cc98bd394c86f9fc238
Page 1 of 147
Back12345Next

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    32 Files
  • 5
    Dec 5th
    10 Files
  • 6
    Dec 6th
    14 Files
  • 7
    Dec 7th
    24 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close