CVE-2013-0957

Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox...

Code injection

Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox...

CVE-2013-0957

Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox...

CVE-2013-0957

CVE-2013-0957 affects Apple iOS prior to 7, where a privilege-separation issue in Data Protection allowed a third‑party sandboxed app to repeatedly attempt passcode entry, bypassting the device’s Erase Data setting. The root cause is a failure to enforce passcode‑attempt limits across app sandbox...

Apple iOS < 7 Multiple Vulnerabilities

Binary data appleios70check.nbin...

Zoho Information Disclosure / Mixed Content

ZOHO INTERNAL INFORMATION DISCLOSURE Content type is not specified /INSECURE TRANSITION FROM HTTP TO HTTPS IN FORM ================================================================================================================================================== Report-Timeline: ================...

The Controversial CISPA Is Back in Congress

Updated 4/10/13: The U.S. House Intelligence Committee voted 18-2 for the new version of CISPA, with the two dissents coming from Democrat members of the committee. “This is clearly not a theoretical threat – the recent spike in advanced cyber attacks against the banks and newspapers makes that...

DoD Inspector General Calls Out Army CIO For Poor Mobile Device Security

The CIO of the U.S. Army failed to put in place a comprehensive security program capable of protecting data stored on commercial mobile devices such as iPhones and Androids, leaving sensitive information in key Army installations exposed. The Inspector General of the Department of Defense took th...

Google Privacy Director Alma Whitten Leaving

Alma Whitten, the director of privacy at Google, is stepping down from that role and leaves behind her a complicated legacy in regards to user privacy. Whitten has been the company’s top product and engineering privacy official since 2010 and was at the helm as the company navigated a number of...

Evernote Compromised, But Says No User Data Affected

Evernote, the online service that enables users to store and sync all kinds of data across multiple devices, has become the latest major Web property to suffer a serious intrusion. The company said on Saturday that attackers had compromised some user information, including email addresses and...

RSA Conference 2013: Experts Say It's Time to Prepare for a 'Post-Crypto' World

SAN FRANCISCO–In the current climate of continuous attacks and intrusions by APT crews, government-sponsored groups and others organizations, cryptography is becoming less and less important and defenders need to start thinking about new ways to protect data on systems that they assume are...

EMC Data Protection Advisor Web UI Directory Traversal

According to its build date, the EMC Data Protection Advisor Web UI on the remote host is affected by a directory traversal vulnerability that may allow a remote, unauthenticated attacker to copy and read files from the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

EMC Data Protection Advisor Web UI Detection

The report web server is the Web UI for EMC Data Protection Advisor, an automated analysis and alerting system for backup and replication infrastructure. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid64702; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/25";...

EMC Data Protection Advisor CXML Service Detection

The CXML service for EMC Data Protection Advisor, an automated analysis and alerting system for backup and replication infrastructure, was detected on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description...

EMC Data Protection Advisor information leakage

It's possible to access files remotely...

ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability.

ESA-2012-060.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability. EMC Identifier: ESA-2012-060 CVE Identifier: CVE-2012-4616 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected Products: EMC Data...

Directory traversal

Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor DPA 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors...

CVE-2012-4616

Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor DPA 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors...

CVE-2012-4616

Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor DPA 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors...

CVE-2012-4616

CVE-2012-4616 affects EMC Data Protection Advisor (DPA) Web UI. A directory traversal vulnerability in the DPA Web UI enables remote attackers to copy/read arbitrary files from the server. Affected products/versions include DPA 5.6 (SP1), 5.7 (SP1), and 5.8 (SP1–SP4). The root cause is a Web UI d...