[월:] 2020년 09월

No Image

USN-4532-1: Netty vulnerabilities

2020-09-23 KENNETH 0

USN-4532-1: Netty vulnerabilities It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. (CVE-2019-16869) It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header that lacks a colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. (CVE-2019-20444) It was discovered that Netty incorrectly handled certain HTTP headers. By sending a Content-Length header accompanied by a second Content-Length header, or by a Transfer-Encoding header, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. (CVE-2019-20445) Source: USN-4532-1: Netty vulnerabilities

No Image

USN-4530-1: Debian-LAN vulnerabilities

2020-09-23 KENNETH 0

USN-4530-1: Debian-LAN vulnerabilities Wolfgang Schweer discovered that Debian-LAN did not properly handle ACLs for the Kerberos admin server. A local attacker could possibly use this issue to change the passwords of other users, leading to root privilege escalation. (CVE-2019-3467) Source: USN-4530-1: Debian-LAN vulnerabilities

No Image

What’s New in Web Experiences, Ignite 2020: Need to secure your remote workers? Choose Microsoft Edge as your browser for business

2020-09-23 KENNETH 0

What’s New in Web Experiences, Ignite 2020: Need to secure your remote workers? Choose Microsoft Edge as your browser for business The post What’s New in Web Experiences, Ignite 2020: Need to secure your remote workers? Choose Microsoft Edge as your browser for business appeared first on Windows Blog. Source: What’s New in Web Experiences, Ignite 2020: Need to secure your remote workers? Choose Microsoft Edge as your browser for business