[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256610

 
 

909

 
 

199263

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 44374 Download | Alert*

This update for gd fixes the following issues: - CVE-2021-40812: Fixed out-of-bounds read caused by the lack of certain gdGetBuf and gdPutBuf return value checks .

This update for gd fixes the following issues: - CVE-2021-40812: Fixed out-of-bounds read caused by the lack of certain gdGetBuf and gdPutBuf return value checks .

[7.4p1-23.0.1] - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation [Orabug: 30448895] [7.4p1-23 + 0.10.3-2] - Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408

[8.0p1-19] - Release bump [8.0p1-18] - Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408

[8.7p1-30] - Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an attacker-controlled system . Exploitation can also be prevented by starting ssh-agent with an empty PKCS#11/FIDO allowlist or by configuring an allowlist that contains only specific provider libraries. NOTE: this ...

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an attacker-controlled system . Exploitation can also be prevented by starting ssh-agent with an empty PKCS#11/FIDO allowlist or by configuring an allowlist that contains only specific provider libraries. NOTE: this ...

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: Remote code execution in ssh-agent PKCS#11 support For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to ...

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: Remote code execution in ssh-agent PKCS#11 support For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to ...

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: Remote code execution in ssh-agent PKCS#11 support For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to ...


Pages:      Start    1430    1431    1432    1433    1434    1435    1436    1437    1438    1439    1440    1441    1442    1443    ..   4437

© SecPod Technologies