764 matches found
SkypeHide to Send secret messages into silence of Skype Calls
Polish Researchers have discovered a clever way to send secret messages during a phone call on Skype. We know that, by default skype calls use 256-bit advanced encryption, but researchers find that is not enough. So they find out this new way to communicate messages more secretly by using silence...
Social Site Formspring Says 420k User Password Hashes Posted Online
Hackers broke into a development server at Formspring, a social Q&A site, and made off with the password hashes for 420,000 users and later posted them online. The company has reset all of the users’ passwords and said it also has changed the way that it handles passwords. Formspring officials sa...
Ubuntu Update for openssl USN-1357-1
Ubuntu Update for Linux kernel vulnerabilities USN-1357-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13571.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for openssl USN-1357-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
CVE-2011-4354
OpenSSL vulnerability CVE-2011-4354 affects OpenSSL before 0.9.8h on 32-bit platforms, in the ECDH/ECDHE handshake with P-256 and P-384 curves, due to an incorrect modular reduction algorithm in bn_nist.c. This design flaw allows remote attackers to obtain the TLS server private key after multipl...
CVE-2011-4354
crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...
Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow
$Id: cytelstudiocy3.rb 14041 2011-10-24 01:39:11Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Novell iPrint Client ActiveX Control <= 5.52 Buffer Overflow
$Id: novelliprintgetdriversettings2.rb 11886 2011-03-06 20:27:06Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Novell iPrint <= 5.52 ActiveX GetDriverSettings() Exploit (ZDI-10-256)
Exploit for windows platform in category remote exploits // Calc.exe shellcode = unescape'%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+ '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+ '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+...
Novell iPrint 5.52 ActiveX GetDriverSettings() Exploit
// Calc.exe shellcode = unescape'%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+ '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+ '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+ '%u873a%u9894%u843c%u61b5%u1206%u917a%ua348%ucad5%u4719%uf3b5'+...
Novell iPrint 5.52 - ActiveX 'GetDriverSettings()' Command Execution
// Calc.exe shellcode = unescape'%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+ '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+ '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+ '%u873a%u9894%u843c%u61b5%u1206%u917a%ua348%ucad5%u4719%uf3b5'+...
WP-Forum Cross Site Scripting / SQL Injection
Multiple Vulnerabilities in WP Forum WordPress Plugin 1. Advisory Information Title: Multiple Vulnerabilities in WP-Forum Advisory URL: http://www.charleshooper.net/advisories/ Date Published: 12/17/2010 Vendors Contacted: WordPress. Maintainer of plugin is unreachable. 2. Summary WP Forum is a...
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
Overview The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions. An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password. Description An attacker with a known username and access to a...
Fedora 12 : maniadrive-1.2-21.fc12 / php-5.3.2-1.fc12 (2010-4212)
This is a maintenance release in the 5.3 series, which includes a large number of bug fixes. Security Enhancements and Fixes in PHP 5.3.2: - Improved LCG entropy. Rasmus, Samy Kamkar - Fixed safemode validation inside tempnam when the directory path does not end with a /. Martin Jansen - Fixed a...
Adobe Flash Reader - Live Malware
Adobe Flash Reader - Live Malware Exploit-DB Note - Live POC originally found at http://qoop.org/security/poc/cve-2010-1297/ File is malicious! Taken from the wild! Beware! To decrypt the file: openssl aes-256-cbc -d -a -in adobe-0day-2010-1297.tar.enc -out adobe-0day-2010-1297.tar Password is...
RSA 2010: Experts Expect Several Ciphers to Be Cracked Soon
Cryptographers are expecting several of the major cryptographic systems in use today to be broken in the near future. In the Cryptographers Panel session at the RSA Conference Tuesday, Adi Shamir said that he is working with a team of researchers who have put together a paper that describes an...
CVE-2010-0228
Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...
Design/Logic Flaw
Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...
Design/Logic Flaw
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...
CVE-2010-0222
Kingston DataTraveler BlackBox DTBB, DataTraveler Secure Privacy Edition DTSP, and DataTraveler Elite Privacy Edition DTEP USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data...
CVE-2010-0225
SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key...