➠ Internet Bug Bounty: CVE-2023-23915: HSTS amnesia with --parallel
curl's HSTS cache saving behaves wrongly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recently completed transfer. A later HTTP-only transfer to the earlier host name would then not get upgraded properly to HSTS. Impact Bypass intended security......
Zur Startseite
➤ Ähnliche Beiträge für 'Internet Bug Bounty: CVE-2023-23915: HSTS amnesia with --parallel'
The July 2023 Security Update Review
vom 1016.87 Punkte
It’s the second Tuesday of the month, which means Adobe and Microsoft have released their latest security patches. Take a break from your regularly scheduled activities and join us as we review the details of their latest advisories. If you’d rat
The June 2023 Security Update Review
vom 832.89 Punkte
It’s the second Tuesday of the month, which means Adobe and Microsoft have released their latest security patches. Take a break from your regularly scheduled activities and join us as we review the details of their latest advisories. If you’d rat
The October 2023 Security Update Review
vom 812.73 Punkte
Twenty years ago this month, Microsoft introduced the concept of “Patch Tuesday” – although the marketing folks wanted it called “Update Tuesday” (they didn’t like the word “patch”). Over the years, more companies joined the Patch Tuesd
The April 2023 Security Update Review
vom 810.52 Punkte
It’s the second Tuesday of the month, which means Adobe and Microsoft (and others) have released their latest security patches. Take a break from your regularly scheduled activities and join us as we review the details of the latest offerings from Micros
The January 2023 Security Update Review
vom 749.17 Punkte
Welcome to the first patch Tuesday of the new year. As expected, Adobe and Microsoft have released their latest fixes and updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings.A
The August 2023 Security Update Review
vom 723.09 Punkte
Greetings from hacker summer camp! Black Hat and DEFCON start this week, but let’s kick everything off with Patch Tuesday and the latest security offerings from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as
The November 2023 Security Update Review
vom 693.55 Punkte
It’s the penultimate second Tuesday of 2023, and Microsoft and Adobe have released their latest security patches into the crisp, fall air. Take a break from your scheduled activities and join us as we review the details of their latest advisories. If you’d
The March 2023 Security Update Review
vom 688.15 Punkte
Happy Pi Day, and welcome to the third patch Tuesday of 2023 and the final patch Tuesday before Pwn2Own Vancouver. Take a break from your regularly scheduled activities and join us as we review the details of the latest security offerings from Microso
The February 2023 Security Update Overview
vom 619.18 Punkte
Welcome to the second patch Tuesday of 2023. On this romantic holiday, Microsoft and Adobe have released their latest security patches as Valentine’s gifts for us all. Take a break from your regularly scheduled activities (or Pwn2Own Miami) and join us as we review the details of their latest security offerings.Adobe Patches for February
USN-3415-1: tcpdump vulnerabilities
vom 593.76 Punkte
Ubuntu Security Notice USN-3415-1
13th September, 2017
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
Ubuntu 17.04
Ubuntu 16.04 LTS
Ubuntu 14.04 LTS
Summary
Several security issues were fixe
USN-3415-2: tcpdump vulnerabilities
vom 593.76 Punkte
Ubuntu Security Notice USN-3415-2
13th September, 2017
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
Ubuntu 12.04 LTS
Summary
Several security issues were fixed in tcpdump
Software description
tcpdump
The September 2023 Security Update Review
vom 581.45 Punkte
Hello and welcome to another patch Tuesday in what continues to be a hot 0-day summer, with new exploits being identified by Apple, Cisco, and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details of the la