Polar Helpdesk 3.0 Cookie Based Authentication System Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10775/info Polar Helpdesk is reported prone to a cookie based authentication system bypass vulnerability. It is reported that the authentication and privilege system for Polar Helpdesk is based entirely on the values read...

5-year-old Boy discovers Microsoft Xbox Password Bypass vulnerability

A 5-year-old San Diego boy managed to hack one of the most popular gaming systems in the world, Xbox and has now been acknowledged as a security researcher by Microsoft. Kristoffer Von Hassel uncovered a vulnerability in Xbox Live's password system, that would allow someone to log into a Xbox...

[SECURITY] Fedora 19 Update: krb5-1.11.2-6.fc19

Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form...

Moderate: Red Hat Security Advisory: krb5 security update

Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Fedora Update for krb5 FEDORA-2012-8784

Check for the Version of krb5 OpenVAS Vulnerability Test Fedora Update for krb5 FEDORA-2012-8784 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

RedHat Update for krb5 RHSA-2011:0447-01

Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2011:0447-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Utah Data Breach of 181,000 Records Blamed on Configuration Error

Nearly 200,000 people who receive benefits from the Medicaid and Child Health Insurance Plan in Utah have had their personal information–including Social Security numbers in some cases–compromised as part of an intrusion on the network at the Utah Department of Technology Services. The 181,000...

CVE-2011-4801

SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System ASAS Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...

Authenex A-KeyASAS Web Management Control 3.1.0.2 - Blind SQL Injection

Authenex A-KeyASAS Web Management Control 3.1.0.2 - Blind SQL Injection ============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2011-002 - Original release date: September 21, 2011 - Discovered by: Jose Carlos de Arriba - Senior Security Analyst at...

CentOS Update for krb5-devel CESA-2009:0408 centos5 i386

Check for the Version of krb5-devel OpenVAS Vulnerability Test CentOS Update for krb5-devel CESA-2009:0408 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

CentOS Update for krb5-devel CESA-2010:0029 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 5 : krb5 (CESA-2011:0199)

Updated krb5 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation (CVE-2010-4333)

'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation CVE-2010-4333 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Pointter PHP Micro-Blogging Social Network' authentication system which allo...

Pointter PHP Content Management System 1.0 Privilege Escalation

'Pointter PHP Content Management System' Unauthorized Privilege Escalation CVE-2010-4332 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Pointter PHP Content Management System' authentication system which allows for...

Pointter PHP Micro-Blogging Social Network - Unauthorized Privilege Escalation

Pointter PHP Micro-Blogging Social Network - Unauthorized Privilege Escalation 'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation CVE-2010-4333 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in th...

Banking Botnet in Eastern Europe Steals, Disrupts

Banks in Russia and Ukraine are under continued siege by criminal gangs wielding a sophisticated, next-generation exploitation kit that hacks the financial institutions’ authentication system and then hits it with a denial-of-service attack. Read the full article. The Register...

RedHat Update for krb5 RHSA-2010:0343-01

Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2010:0343-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora Update for krb5 FEDORA-2010-4677

Check for the Version of krb5 OpenVAS Vulnerability Test Fedora Update for krb5 FEDORA-2010-4677 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Chip and PIN Security Completely Broken by New Attack

A group of researchers has found a significant flaw in the chip-and-PIN security system used by credit card companies in the UK. The weakness allows an attacker to use a card without the PIN associated with it. In a normal transaction using the chip-and-PIN system, the cardholder needs to enter a...

CVE-2009-0164

The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks...