Security update for MozillaFirefox, mozilla-nss (important)

Mozilla Firefox was updated to 48.0 to fix security issues, bugs, and deliver various improvements. The following major changes are included: - Process separation e10s is enabled for some users - Add-ons that have not been verified and signed by Mozilla will not load - WebRTC enhancements - The...

Multi Manage File Compressor

This module zips a file or a directory. On Linux, it uses the zip command. On Windows, it will try to use remote target's 7Zip if found. If not, it falls back to its Windows Scripting Host. This module requires Metasploit: https://metasploit.com/download Current source:...

[SECURITY] Fedora 23 Update: p7zip-16.02-1.fc23

p7zip is a port of 7za.exe for Unix. 7-Zip is a file archiver with a very h igh compression ratio. The original version can be found at http://www.7-zip.or g/...

Android OS issue where it is affected by the CRIME attack

Overview The implementation of the TLS protocol in Android OS contains a vulnerability where plaintext HTTP headers may be obtained. The TLS protocol contains a function that compresses data for communications between the client and server. This function does not properly obfuscate the length of...

CVE-2016-4630

ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted EXR image with B44 compression...

CVE-2016-4630

ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted EXR image with B44 compression...

Memory corruption

ImageIO in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted EXR image with B44 compression...

CVE-2016-4630

CVE-2016-4630 : Apple ImageIO on OS X (EXR/B44 compression) is affected by a memory-corruption vulnerability that can enable remote code execution when processing crafted EXR images. Disclosed in 2016 with public exploit details showing a heap-based overflow risk due to improper handling of B44 c...

[SECURITY] Fedora 24 Update: p7zip-16.02-1.fc24

p7zip is a port of 7za.exe for Unix. 7-Zip is a file archiver with a very h igh compression ratio. The original version can be found at http://www.7-zip.or g/...

Apple Image I/O EXR Compression Remote Code Execution Vulnerability

SUMMARY An exploitable heap based buffer overflow exists in the handling of EXR images on OS X. A crafted EXR document can lead to a heap based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved EXR file delivered by other means when opened in any...

Fedora 22 : nfdump (2016-3b49c9aa49)

nfdump 1.6.15 released. --- - Fix Security issue http://www.security-assessment.com/files/documents/advis ory/Nfdump%20nfcapd%201.6.14%20-%20Multiple%20Vulnerabil ities.pdf - Fix obyte, opps and obps output records - Fix wrong bps type case in cvs output. Fix opbs ipbs typos nfdump 1.6.14 release...

Fedora 24 : nfdump (2016-a771d67ba0)

nfdump 1.6.15 released. --- - Fix Security issue http://www.security-assessment.com/files/documents/advis ory/Nfdump%20nfcapd%201.6.14%20-%20Multiple%20Vulnerabil ities.pdf - Fix obyte, opps and obps output records - Fix wrong bps type case in cvs output. Fix opbs ipbs typos nfdump 1.6.14 release...

Fedora 23 : nfdump (2016-54dfd21f15)

nfdump 1.6.15 released. --- - Fix Security issue http://www.security-assessment.com/files/documents/advis ory/Nfdump%20nfcapd%201.6.14%20-%20Multiple%20Vulnerabil ities.pdf - Fix obyte, opps and obps output records - Fix wrong bps type case in cvs output. Fix opbs ipbs typos nfdump 1.6.14 release...

Open-source compression library Libarchive exposed high-risk vulnerabilities, affect the Debian Linux, FreeBSD, etc. a large number of products-vulnerability warning-the black bar safety net

! The recent Libarchive has been exposed security vulnerabilities--Libarchive is an open source compression Library, for a variety of different file archive formats. Libarchive application range is very wide, therefore, so a large number of natural also will be affected, such as Debian Linux,...

OracleVM 3.2 : rpm (OVMSA-2016-0077)

The remote OracleVM system is missing necessary patches to address critical security updates : - Add missing files in /usr/share/doc/ - Fix warning when applying the patch for 1163057 - Fix race condidition where unchecked data is exposed in the file system CVE-2013-64351163057 - Fix segfault on...

BurpSuiteJSBeautifier - Burp Suite JavaScript Beautifier

Most of the websites compress their resources such as JS files in order to increase the loading speed. However, security testing and debugging a compressed resource is not an easy task. This is a Burp Suite open source extension which makes it possible to beautify most of the resources properly...

Apple TV < 9.1 Multiple Vulnerabilities

Binary data 9334.prm...

drchrono: SSL/TLS BEAST ATTACK

Supported versions: TLSv1.0 TLSv1.1 TLSv1.2 Deflate compression: no Supported cipher suites ORDER IS NOT SIGNIFICANT: TLSv1.0 RSAWITH3DESEDECBCSHA RSAWITHAES128CBCSHA RSAWITHAES256CBCSHA TLSECDHERSAWITH3DESEDECBCSHA TLSECDHERSAWITHAES128CBCSHA TLSECDHERSAWITHAES256CBCSHA TLSv1.1: idem TLSv1.2...

Apple OS X El Capitan Disk Utility Denial of Service Vulnerability

Apple OS X El Capitan is an operating system on Apple devices. A security vulnerability in Apple OS X El Capitan Disk Utility allows attackers to exploit the vulnerability to prevent the program from compressing and encrypting disk images...

Compression Side-Channel Attack Framework: Rupture

A COMPRESSION SIDE-CHANNEL ATTACK FRAMEWORK Rupture is a framework for easily conducting BREACH and other compression-based attacks Rupture is a framework for conducting network attacks against web services. It is focused on compression-attacks, but provides a generalized scalable system for...