INSTEON Hub 2242-222 - Lack of Web and API Authentication

No description provided by source. Trustwave SpiderLabs Security Advisory TWSL2013-023: Lack of Web and API Authentication Vulnerability in INSTEON Hub Published: 8/01/13 Version: 1.0 Vendor: INSTEON http://www.INSTEON.com/ Product: Hub Version affected: 2242-222 model discontinued Product...

Slack: Data exports stored on S3 can be scraped easily

The URLs that are used to download the exports can be guessed easily by an attacker. The location of the export file is based on a date, a team ID and a team name: http://s3-us-west-2.amazonaws.com/slack-files2//export//%20Slack%20export%20.zip The information an attacker needs, is the team its...

INSTEON Hub 2242-222 - Lack of Web and API Authentication

Exploit for hardware platform in category web applications The INSTEON Hub allows users to control their home automation devices from their home, and across the Internet. To allow control of the devices from the Internet requires that a user create a port forward from the Internet to the Hub on...

Important: Red Hat Security Advisory: openstack-keystone security update

Updated openstack-keystone packages that fix multiple security issues are now available for Red Hat OpenStack Essex. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

US CERT Warns on VxWorks Flaws

The U.S. Computer Emergency Readiness Team has issued two warnings on flaws in the embedded systems’ OS technology VxWorks as discovered by researcher HD Moore. One flaw deals with weakness in the hashing algorithm of the API authentication; The second regards debug settings being enabled by...

[SECURITY] Fedora 11 Update: perl-Net-OAuth-0.19-1.fc11

Perl implementation of OAuth, an open protocol to allow secure API authentication in a simple and standard method from desktop and web applications. In practical terms, a mechanism for a Consumer to request protected resources from a Service Provider on behalf of a user...

[SECURITY] Fedora 10 Update: perl-Net-OAuth-0.19-1.fc10

Perl implementation of OAuth, an open protocol to allow secure API authentication in a simple and standard method from desktop and web applications. In practical terms, a mechanism for a Consumer to request protected resources from a Service Provider on behalf of a user...