[월:] 2020년 08월

No Image

USN-4450-1: Whoopsie vulnerabilities

2020-08-05 KENNETH 0

USN-4450-1: Whoopsie vulnerabilities Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. (CVE-2020-11937) Seong-Joong Kim discovered that Whoopsie incorrectly handled parsing files. A local attacker could use this issue to cause Whoopsie to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12135) Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. (CVE-2020-15570) Source: USN-4450-1: Whoopsie vulnerabilities

[도서] 인스타그램 셀프 마케팅

2020-08-05 KENNETH 0

[도서] 인스타그램 셀프 마케팅 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]인스타그램 셀프 마케팅 조영빈 저 | 디지털북스 | 2020년 08월 판매가 14,400원 (10%할인) | YES포인트 800원(5%지급) 자영업자 폐업률 80퍼센트 시대!(개인창업자 5년 이내 폐업률) 대한민국에서 소상공인으로 살아남기 위한, 0원으로 할 수 있는 마케팅 방법을 공개한다! 자영업자 폐업률 80퍼센트 시대, 마케팅은 소상공인으로 Source: [도서] 인스타그램 셀프 마케팅

No Image

USN-4449-1: Apport vulnerabilities

2020-08-05 KENNETH 0

USN-4449-1: Apport vulnerabilities Ryota Shiga discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. (CVE-2020-11936) Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. (CVE-2020-15701) Ryota Shiga discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2020-15702) Source: USN-4449-1: Apport vulnerabilities

No Image

USN-4448-1: Tomcat vulnerabilities

2020-08-05 KENNETH 0

USN-4448-1: Tomcat vulnerabilities It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause Tomcat to hang, resulting in a denial of service. (CVE-2020-13935) It was discovered that Tomcat incorrectly handled HTTP header parsing. In certain environments where Tomcat is located behind a reverse proxy, a remote attacker could possibly use this issue to perform HTTP Reqest Smuggling. (CVE-2020-1935) It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2020-9484) Source: USN-4448-1: Tomcat vulnerabilities

Optimize Your NGINX Plus Deployment with Arm-Based Amazon EC2 M6g Instances

2020-08-05 KENNETH 0

Optimize Your NGINX Plus Deployment with Arm-Based Amazon EC2 M6g Instances At NGINX Conf 2019, we showcased the cost savings you can achieve by deploying NGINX Plus on Amazon Elastic Cloud Computing (EC2) A1 instances powered by the AWS Graviton processor, which has 64‑bit Arm Neoverse cores and custom silicon designed by AWS. Recently, AWS introduced the Graviton2 processor and launched new M6g, C6g, and R6g EC2 instance types powered by it. These new instances offer significantly better price‑performance than current x86‑based instances for a broad spectrum of workloads including application servers, microservices, high‑performance computing, electronic design automation, gaming, open source databases, and in‑memory caches. These instances also have very broad software support, so you can run them on any supported OS and container type to leverage AWS tools and services. Many customers are already deploying their production applications on these new [ more… ]