Vulnerabilità: CVE-2019-9512

di

Alcuni / 2 implementazioni HTTP sono vulnerabili alle inondazioni ping, che potrebbe condurre ad una negazione del servizio. L’attaccante invia ping continui a un 2 pari / HTTP, causando il peer per costruire una coda interna di risposte. A seconda di come in modo efficiente questi dati è in coda, questo può consumare in eccesso di CPU, memoria, o entrambi.

https://seclists.org/bugtraq/2019/Aug/24
https://seclists.org/bugtraq/2019/Aug/31
https://seclists.org/bugtraq/2019/Aug/43
https://seclists.org/bugtraq/2019/Sep/18
https://kb.cert.org/vuls/id/605641/
https://kc.mcafee.com/corporate/index?page=content&id=SB10296
https://security.netapp.com/advisory/ntap-20190823-0001/
https://security.netapp.com/advisory/ntap-20190823-0004/
https://security.netapp.com/advisory/ntap-20190823-0005/
https://support.f5.com/csp/article/K98053339
https://support.f5.com/csp/article/K98053339?utm_source=f5support&utm_medium=RSS
https://www.synology.com/security/advisory/Synology_SA_19_33
https://www.debian.org/security/2019/dsa-4503
https://www.debian.org/security/2019/dsa-4508
https://www.debian.org/security/2019/dsa-4520
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/
http://seclists.org/fulldisclosure/2019/Aug/16
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
http://www.openwall.com/lists/oss-security/2019/08/20/1
https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E
https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E
https://access.redhat.com/errata/RHSA-2019:2594
https://access.redhat.com/errata/RHSA-2019:2661
https://access.redhat.com/errata/RHSA-2019:2682
https://access.redhat.com/errata/RHSA-2019:2690
https://access.redhat.com/errata/RHSA-2019:2726
https://access.redhat.com/errata/RHSA-2019:2766
https://access.redhat.com/errata/RHSA-2019:2769
https://access.redhat.com/errata/RHSA-2019:2796
https://access.redhat.com/errata/RHSA-2019:2861
https://access.redhat.com/errata/RHSA-2019:2925
https://access.redhat.com/errata/RHSA-2019:2939
https://access.redhat.com/errata/RHSA-2019:2955
https://access.redhat.com/errata/RHSA-2019:2966
https://access.redhat.com/errata/RHSA-2019:3131
https://access.redhat.com/errata/RHSA-2019:3245
https://access.redhat.com/errata/RHSA-2019:3265
https://access.redhat.com/errata/RHSA-2019:3892
https://access.redhat.com/errata/RHSA-2019:3906
https://access.redhat.com/errata/RHSA-2019:4018
https://access.redhat.com/errata/RHSA-2019:4019
https://access.redhat.com/errata/RHSA-2019:4020
https://access.redhat.com/errata/RHSA-2019:4021
https://access.redhat.com/errata/RHSA-2019:4040
https://access.redhat.com/errata/RHSA-2019:4041
https://access.redhat.com/errata/RHSA-2019:4042
https://access.redhat.com/errata/RHSA-2019:4045
https://access.redhat.com/errata/RHSA-2019:4269
https://access.redhat.com/errata/RHSA-2019:4273
https://access.redhat.com/errata/RHSA-2019:4352
https://access.redhat.com/errata/RHSA-2020:0406
https://access.redhat.com/errata/RHSA-2020:0727
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
https://usn.ubuntu.com/4308-1/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512


Vulnerabilità: CVE-2019-9494

by ignistech

Vulnerabilità: CVE-2019-9531

by ignistech

E' possibile lasciare un commento come utenti registrati al sito, accedendo tramite social, account wordpress oppure come utenti anonimi. Nel caso in cui si desideri lasciare un commento come utenti anonimi si verrà avvisati via email di un'eventuale risposta solo se si inserisce l'indirizzo email (facoltativo). L'inserimento di qualsiasi dato nei campi dei commenti è totalmente facoltativo. Chiunque decida di inserire un qualsiasi dato accetta il trattamento di questi ultimi per i fini inerenti al servizio ovvero la risposta al commento e le comunicazioni strettamente necessarie.


Rispondi