Debian Archives - Securezoo

Cisco says telnet vulnerability affects IOS XE software (CVE-2020-10188)

Configuration Management, Identity & Access Management, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 26, 2020 / Appgate, Cisco, CVE-2020-10188, Debian, Fedora, IOS XE, SSH, Telnet, TTY

Cisco has released a High severity security advisory for a telnet vulnerability that affects Cisco IOS XE software.

GnuTLS patches TLS vulnerability that could cause MITM attack

Cryptography / By Frank Crast / June 11, 2020 / CVE-2020-13777, Debian, DTLS, Fedora, Gentoo, GitLab, GnuTLS, OpenSUSE, SSL, TLS, TLS 1.3, Ubuntu

The GNU Transport Layer Security Library (GnuTLS) patched a vulnerability hidden in code for nearly two years. The issue applies to a flaw in how TLS 1.3 session resumption works without a master key. As a result, an attacker could exploit and launch man-in-the-middle (MITM) attacks.

SaltStack, multiple vendors fix Critical vulnerabilities in Salt

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 12, 2020 / CVE-2020-11651, CVE-2020-11652, Debian, F-Secure, OpenSUSE, Salt, Salt Stack, VMware

In case you missed it last week, SaltStack released security updates to fix two critical Salt vulnerabilities. Multiple vendors that integrate Salt into their products have also released patches or workarounds to address the flaws.