Javier García

16 octubre, 2021

Eclipse Jetty vulnerability CVE-2021-28165

Eclipse Jetty vulnerability CVE-2021-28165 Security Advisory Security Advisory Description In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can ... More info: https://support.f5.com/csp/article/K15338344?utm_source=f5support&utm_medium=RSS

15 octubre, 2021

VMware Carbon Black Workload 1.1 General Availability

This piece was written by Arjun Narang and Ashwin Manekar Workload 1.1 Updates and New Features We’re excited to announce the general availability of Workload 1.1. This release includes user experience and usability feature enhancements, and a new tagging feature with NSX-T. With this new release, you’ll see our continued focus on helping customers with their security and IT modernization needs. Update – Enhanced Proxy Support Many VMware Carbon Black Workload customers are More info: https://blogs.vmware.com/security/2021/10/vmware-carbon-black-workload-1-1-general-availability.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-carbon-black-workload-1-1-general-availability

14 octubre, 2021

JSA11220 – 2021-10 Security Bulletin: Junos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portal (CVE-2021-31355)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11220&actp=RSS

14 octubre, 2021

JSA11219 – 2021-10 Security Bulletin: Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE) (CVE-2021-31354)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11219&actp=RSS

14 octubre, 2021

JSA11218 – 2021-10 Security Bulletin: Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update (CVE-2021-31353)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11218&actp=RSS

14 octubre, 2021

JSA11217 – 2021-10 Security Bulletin: SRC Series: NETCONF over SSH allows negotiation of weak ciphers (CVE-2021-31352)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11217&actp=RSS

14 octubre, 2021

JSA11216 – 2021-10 Security Bulletin: Junos OS: MX Series: Receipt of specific packet on MS-MPC/MS-MIC causes line card reset (CVE-2021-31351)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11216&actp=RSS

14 octubre, 2021

Apache HTTPD vulnerability CVE-2021-34798

Apache HTTPD vulnerability CVE-2021-34798 Security Advisory Security Advisory Description Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP ... More info: https://support.f5.com/csp/article/K72382141?utm_source=f5support&utm_medium=RSS

14 octubre, 2021

MSA-21-0034: Authentication bypass risk when using external database authentication

by Michael Hawkins. An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability.Severity/Risk:SeriousVersions affected:3.11 to 3.11.2, 3.10 to 3.10.6, 3.9 to 3.9.9 and earlier unsupported versionsVersions fixed:3.11.3, 3.10.7 and 3.9.10Reported by:Amit EyalCVE identifier:CVE-2021-40693Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71160Tracker issue:MDL-71160 More info: https://moodle.org/mod/forum/discuss.php?d=427105&parent=1719327

14 octubre, 2021

JSA11211 – 2021-10 Security Bulletin: Junos OS Evolved: BGP and LDP sessions with TCP MD5 authentication established with peers not configured for authentication (CVE-2021-0297)

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11211&actp=RSS