5096 matches found
CVE-2012-3798
The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks...
CVE-2012-2727
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...
Open redirect
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...
CVE-2012-3798
The CVE-2012-3798 issue affects the Janrain Capture module for Drupal (versions 6.x-1.0 and 7.x-1.0). During local user account creation, part of the initial input used to generate passwords is exposed, which can simplify brute-force password guessing attacks. Exploitation details, specific vulne...
CVE-2012-3798
The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks...
CVE-2012-2727
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter...
CVE-2012-2727
Open redirect vulnerability in the Janrain Capture module for Drupal (versions 6.x-1.0 and 7.x-1.0). The issue stems from an endpoint used to re-synchronize user data between Drupal and Janrain Capture, where an input parameter controlling redirection was not constrained to internal paths, enabli...
SA-CONTRIB-2012-098 - Janrain Capture - Open Redirect
This module allows for authentication through the cloud user-management platform Janrain Capture. Part of the module exposes an endpoint to re-synchronize user data between Drupal and Capture and allows for passing an optional parameter to redirect the user back to an original location. This...
CVE-2012-2942
Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via...
DEBIAN-CVE-2012-2942
Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via...
CVE-2012-2942
Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via...
Forget 'Brogrammers,' Women Have The Edge In DEFCON Social Engineering Contest
Men may dominate the ranks of vulnerability researchers and hackers. But could women be the superior social engineers? Its a question that the organizers of the annual Social Engineering Capture the Flag CTF contest at DEFCON will try to answer. In a break from recent years, the third annual DEFC...
Wireshark ANSI A MAP Files Denial of Service Vulnerability (Mac OS X)
This host is installed with Wireshark and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbwiresharkansimapdosvulnmacosx.nasl 5988 2017-04-20 09:02:29Z teissa $ Wireshark ANSI A MAP Files Denial of Service Vulnerability Mac OS X Authors: Madhuri D Copyright: Copyrigh...
NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI
======= Summary ======= Name: Websense Triton 7.6 reflected XSS in report management UI Release Date: 30 April 2012 Reference: NGS00137 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: Medium Status: Fixed ======== TimeLine ========...
wireshark: multiple file parser vulnerabilities (wnpa-sec-2012-01)
The dissectpacket function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service application crash via a long packet in a capture file, as demonstrated by an airopeek file...
Wireshark: Dos via large buffer allocation request
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service application crash via a long packet in a 1 Accellent 5Views aka .5vw file, 2 I4B trace file, or 3 NETMON 2 capture file...
Iran Replicating Captured U.S. Drone RQ-170 Sentinel
Iran Replicating Captured U.S. Drone RQ-170 Sentinel Iranian military aerospace chief General Amir Ali Hajizadeh was quoted having said:"The Americans should be aware to what extent we have infiltrated the plane." Iran has broke the encryption codes and begun construction of a replica of the Unit...
Fedora Update for wireshark FEDORA-2012-5243
Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2012-5243 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Fedora Update for wireshark FEDORA-2012-5256
Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2012-5256 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Screen Capture
Added: 04/18/2012 Background This tool captures the screen of a remote target. Limitations An existing connection to the remote target is required. For Unix and Linux systems, the xwd utility must be present on the remote target. Platforms Windows Linux Unix...