The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
d31527afa2a315ceba02e2ca7e2d5dbd07c4113febaed60752affef4c79f7233
Red Hat Security Advisory 2023-0479-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
d5a8a460836a1434a477fb5c4989e348088a2cd4c81068198b4abc49a30ab0ac
Red Hat Security Advisory 2023-0333-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
bd289a2fa2e1a33cbfb8e8eba477c0aa660f2e89cda2d1d059db45b1930f32cf
Ubuntu Security Notice 5815-1 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.
7f3d477e507b66b0daafcca7953d74f1ea4a8753942924b204034c093c0c71b0
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
6c51e15bcc0afb93734e686dbff354ffd159f570bd2904bcbbad6f3feb7e9511
Ubuntu Security Notice 5791-3 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.
bea4157756a0d933dd299dae28bd0050fa218f5e44ba4864a54ee5c6b82a4669
Ubuntu Security Notice 5791-2 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.
af31e2f0f32d49436b8b155fc82a87ba9e92d354b8a376c8215264292ec1c748
Ubuntu Security Notice 5791-1 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.
c620604793b568d88ed5f96e800d17e391508664ad2fb783107dcfa6afb9a3f2
Debian Linux Security Advisory 5307-1 - ZeddYu Lu discovered that the FTP client of Apache Commons Net, a Java client API for basic Internet protocols, trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client.
41b44ea9f6994bb126334a021ce554f5d235573bf2cf4cf42ab4a2effd6c874d
Red Hat Security Advisory 2022-8976-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.
bbe3aa3f342b7a8e6ccd7bc0c0292da8f315a318ac9c2aea8e06827835a06dd7
Red Hat Security Advisory 2022-8863-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.
59534817e9e5c4ed208e21817cc8d384718759ee9feaec332ee49ea7ba65f1b5
Red Hat Security Advisory 2022-8845-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.
a6a2060126d1be99be2aca8297f1257ee4619fcacb1e48e24b430da0c6b1eb8c
Red Hat Security Advisory 2022-8886-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
070cc2e7e028467b23d693e67b2052c2ebf2a45e6ed2cb6ca60c870c001b227f
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
f35915699f2f9b28ddb211202d40ec8984e5834d3c911483144a4984ba44411d
Red Hat Security Advisory 2022-8876-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a denial of service vulnerability.
dd653c1e0ad52e5524dc257ed3b3491dcdb1dcd93451da4187a377acfe1bde05
Red Hat Security Advisory 2022-8680-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
c220eab95e2af8d1ee487903c3b78ffa3023b0e9770403994f85980302585792
This Metasploit module utilizes the Remote Control Server's protocol to deploy a payload and run it from the server. Remote Control Collection by Steppschuh version 3.1.1.12 was tested and affected at the time of the module writing.
8ec54480d8b7f9ded99d2b49657f9832dc3a324e3a72069c93377bd06f3766c0
Ubuntu Security Notice 5747-1 - It was discovered that Bind incorrectly handled large query name when using lightweight resolver protocol. A remote attacker could use this issue to consume resources, leading to a denial of service. It was discovered that Bind incorrectly handled large zone data size received via AXFR response. A remote authenticated attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS.
e0fa90d43b033818a5541fa0052dd3b5c0b63540bf52851fc17c004941501d36
Red Hat Security Advisory 2022-8162-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include denial of service and memory leak vulnerabilities.
4dc397ccf924d964d2de315c2bf8ddab8c92565237c1fb2931dcb388d4c43805
Red Hat Security Advisory 2022-8068-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.
78e3d58d4d1eb9466ef6c8b562787c6ffcba6ecbec9891354c2e4d2422922fb6
Red Hat Security Advisory 2022-8299-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
a7f7fcf98e999d0931aba5aef36d366a166dff4034077e3b16c4194a65319bdc
Red Hat Security Advisory 2022-8219-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include a buffer overflow vulnerability.
fefbdd46533f31ed13f8f99f50cde55d7df767b954e1842332f8cf2d52392e38
Red Hat Security Advisory 2022-8317-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include information leakage and null pointer vulnerabilities.
cd1bc6027226f05da07f40a32ff1908d1c9ee1aec1a503fd557af6396135efd0
Red Hat Security Advisory 2022-7970-01 - The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data.
d8a05ff671413be224620e6c3813884616e172849c5a949ff84c8878de53506a
Red Hat Security Advisory 2022-8385-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.
1ae66722e326f26ac06c449818fa0dddd506883c1732f07c68b27d8dfa23dbc5