5096 matches found
[SECURITY] Fedora 17 Update: wireshark-1.6.10-1.fc17
Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...
Design/Logic Flaw
The Web Post Protection feature in McAfee Host Data Loss Prevention DLP 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files...
Airport VPN hacked using Citadel malware
It sounds like an air traveler's nightmare, Researchers at Trusteer recently uncovered a variant of the Citadel Trojan targeting the virtual private network VPN credentials used by employees at a major airport.The firm would not disclose the name of the airport because the situation is being...
DarkComet RAT Used in New Attack on Syrian Activists
There is a new attack campaign that’s targeting dissidents in Syria by enticing them to install an alleged security tool called AntiHacker, but instead installs the infamous DarkComet remote access tool that has the ability to log keystrokes, capture webcam images and take other surreptitious...
Citadel Malware Used to Infiltrate Airport VPN
The Citadel Trojan is really starting to become kind of a pain in the neck. Not content to sit by and watch while its more well-known rivals Zeus and SpyEye get all the attention, the Citadel malware has begun showing up in some interesting places, with the latest example being the discovery of t...
Spytech NetVizor 6.1 - 'services.exe' Denial of Service
Author: loneferret of Offensive Security Product: Spytech VetVizor Version: Build Release 6.1 Vendor Site: hhttp://www.spytech-web.com/ Software Download: http://www.spytech-web.com/download.shtmlnetvizor Descriptions: NetVizor is the latest in network monitoring software. Monitor your entire...
CVE-2012-4045
Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the 1 strf chunk in BIRGB or 2 UYVY video data in an AVI file, or 3 decompressed TechSmith Screen Capture Codec TSCC data in an AVI file...
CVE-2012-4045
Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the 1 strf chunk in BIRGB or 2 UYVY video data in an AVI file, or 3 decompressed TechSmith Screen Capture Codec TSCC data in an AVI file...
CVE-2012-1743
Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround...
CVE-2012-1743
Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround...
CVE-2012-1743
CVE-2012-1743 concerns the Oracle Clinical Remote Data Capture Option in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3. The description notes an unspecified vulnerability related to HTML Surround that allows remote authenticated users to affect confidentiality. The connected documents pr...
MySQL Server 5.5 < 5.5.23 Multiple Unspecified Vulnerabilities
Binary data 801129.prm...
Authentication Capture: MySQL
This module provides a fake MySQL service that is designed to capture authentication credentials. It captures challenge and response pairs that can be supplied to Cain or JtR for cracking. This module requires Metasploit: https://metasploit.com/download Current source:...
The zend framework xxe injection analysis-vulnerability warning-the black bar safety net
A few days ago online broke a zend framework vulnerability author: mkods Specifically described as follows: ; according to the description, the vulnerability occurs in the zend Framework xmlrpc module of an xxeXML external entity injection vulnerability this vulnerability can be read on server...
Authentication Capture: VNC
This module provides a fake VNC service that is designed to capture authentication credentials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Authentication Capture: VNC', 'Description' = %q...
Authentication Capture: MSSQL
This module provides a fake MSSQL service that is designed to capture authentication credentials. The modules supports both the weak encoded database logins as well as Windows logins NTLM. This module requires Metasploit: https://metasploit.com/download Current source:...
Authentication Capture: DRDA (DB2, Informix, Derby)
This module provides a fake DRDA DB2, Informix, Derby server that is designed to capture authentication credentials. -- coding: binary -- This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
[SECURITY] Fedora 16 Update: wireshark-1.6.8-1.fc16
Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...
Wireshark Multiple Denial of Service Vulnerabilities (Jun 2011) - Mac OS X
Wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...