Ubuntu Security Notice 4659-1 - It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Various other issues were also addressed.
37ee7c1e29761f04f52a270e013cd6edUbuntu Security Notice 4658-1 - It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Various other issues were also addressed.
172e17181d7ddc7028474879ff713778Ubuntu Security Notice 4657-1 - Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Various other issues were also addressed.
3aefcd5c22a1c13bbe2b3f9912ac8531THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
e4defd32df9b9318525772f85cac31efRed Hat Security Advisory 2020-5203-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
3082ea881792b635a1b852c2459835feRed Hat Security Advisory 2020-5201-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
766f0600dbf74cd91f0dd2db8f9fe7bdtestssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
2ba4ba9d50b056ddda260d039a124853testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
afcbd6001bd3128b99675f5eceab35ceRed Hat Security Advisory 2020-5129-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
b80fc43827b77988bff0d6cb51e8ac60Red Hat Security Advisory 2020-5002-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
e3c9b04c7505494aa3a26599542a0fe1Red Hat Security Advisory 2020-5011-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
20e0e91ba5953fd52a4ace31425e52a8Red Hat Security Advisory 2020-4999-01 - The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Issues addressed include a buffer overflow vulnerability.
de7e8ca6255adb8f20983c5d0b02b466Red Hat Security Advisory 2020-4992-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
2df526743f6f442491b3a751b481f962Red Hat Security Advisory 2020-4946-01 - The libX11 packages contain the core X11 protocol client library. Issues addressed include double free and integer overflow vulnerabilities.
109fbef2136275991fa47378e6124780Red Hat Security Advisory 2020-4908-01 - The libX11 packages contain the core X11 protocol client library. Issues addressed include double free and integer overflow vulnerabilities.
47d27477d257474f0afa5e4369c375f9Red Hat Security Advisory 2020-4545-01 - libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Issues addressed include a denial of service vulnerability.
bf3f82de4f778f4cd190a7b39cb2124fRed Hat Security Advisory 2020-4599-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
7e1e896e9ad45e544752eddcf839b36bRed Hat Security Advisory 2020-4514-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include an integer overflow vulnerability.
a9affcdbd3d6bb141fb3ea2aa37dba1aRed Hat Security Advisory 2020-4689-01 - Openwsman is a project intended to provide an open source implementation of the Web Services Management specification and to expose system management information on the Linux operating system using the WS-Management protocol. WS-Management is based on a suite of web services specifications and usage requirements that cover all system management aspects. Issues addressed include a denial of service vulnerability.
3dc93320c6e61ad7aff3d23da0296142Red Hat Security Advisory 2020-4500-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
3585a2e7b7818681ad2730848080ff11Red Hat Security Advisory 2020-4649-01 - Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications. OpenChange provides libraries to access Microsoft Exchange servers using native protocols.
005c9d52566781b3efa8ee761a8dc39eRed Hat Security Advisory 2020-4445-01 - The librabbitmq packages provide an Advanced Message Queuing Protocol client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Issues addressed include buffer overflow and integer overflow vulnerabilities.
786777a3f93c5d838bbb8345341624f6Red Hat Security Advisory 2020-4619-01 - FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Issues addressed include denial of service and information leakage vulnerabilities.
0edbca111a4f4b5b6e9df0234bfa4526Red Hat Security Advisory 2020-4647-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The vinagre packages provide the Vinagre remote desktop viewer for the GNOME desktop. Issues addressed include double free, integer overflow, and out of bounds read vulnerabilities.
e1662accdc6a902684fe77010a42fffcRed Hat Security Advisory 2020-4497-01 - The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer. SASL is a method for adding authentication support to connection-based protocols. Issues addressed include cross site scripting and denial of service vulnerabilities.
793c0f7343901fbff23b2c3579286abd
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed