Juniper Firewalls with ScreenOS Backdoored Since 2012

Juniper Networks has announced that it has discovered "unauthorized code" in ScreenOS, the operating system for its NetScreen firewalls, that could allow an attacker to decrypt traffic sent through Virtual Private Networks VPNs. It's not clear what caused the code to get there or how long it has...

Multiple Security issues with ScreenOS (JSA10713)

ScreenOS is vulnerable to an unauthorized remote administrative access to the device over SSH or telnet and to unauthorized decrypting of VPN traffic SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respectiv...

Juniper Patches ScreenOS Backdoor

Juniper Networks today has released an emergency patch that removes what it’s calling “unauthorized code” from ScreenOS that could allow attackers to decrypt VPN traffic from NetScreen devices. Juniper has not commented on the origin of the code it found. However, Juniper’s products were singled...

Juniper Releases Out-of-band Security Advisory for ScreenOS

Juniper has discovered unauthorized code in ScreenOS which could allow an attacker to take control of NetScreen devices and to decrypt VPN connections. US-CERT recommends that users and administrators review Juniper Security Bulletin 2015-12 and update all affected ScreenOS versions. This product...

openSUSE Security Update : mbedtls (openSUSE-2015-898)

This update for mbedtls fixes the following security and non-security issues : - Update to 1.3.15 - Fix potential double free if sslsetpsk is called more than once and some allocation fails. Cannot be forced remotely. Found by Guido Vranken, Intelworks. - Fix potential heap corruption on windows...

Avast! - Heap Overflow Unpacking MoleBox Archives

Avast! - Heap Overflow Unpacking MoleBox Archives Source: https://code.google.com/p/google-security-research/issues/detail?id=552 Trivial fuzzing of molebox archives revealed a heap overflow decrypting the packed image in moleboxMaybeUnpack. This vulnerability is obviously exploitable for remote...

Atlassian JIRA < 6.4.10 / 7.0.0-OD-02 MitM Plaintext Disclosure (Bar Mitzvah)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 6.4.10 or 7.0.0-OD-02. It is, therefore, potentially affected by a security feature bypass vulnerability, known as Bar Mitzvah, due to improper combination of state data with...

Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware

Beware Internet Users! Cryptowall 4.0 – the newest version of the world's worst Ransomware – has surfaced in the Nuclear exploit kit, one of the most potent exploit kits available in the underground market for hacking into computers. Ransomware threat has emerged as one of the biggest threats to...

Embedded devices use non-unique X.509 certificates and SSH host keys

Overview Embedded devices use non-unique X.509 certificates and SSH host keys that can be leveraged in impersonation, man-in-the-middle, or passive decryption attacks. Description CWE-321: Use of Hard-coded Cryptographic Key - Multiple CVEsResearch by Stefan Viehbཬk of SEC Consult has found that...

Dell Foundation Services Root Certificate Man-in-the-Middle Attack

A security bypass vulnerability exists in Dell Foundation Services, as a result of using an insecure certificate eDellRoot. Successful exploitation would allow attackers to decrypt and manipulate online traffic between other parties...

CVE-2015-8329

SAP Manufacturing Integration and Intelligence aka MII, formerly xMII uses weak encryption Base64 and DES, which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274...

Information disclosure

SAP Manufacturing Integration and Intelligence aka MII, formerly xMII uses weak encryption Base64 and DES, which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274...

CVE-2015-8329

SAP Manufacturing Integration and Intelligence (MII) is affected by an encryption downgrade vulnerability due to the use of Base64 and DES. The issue allows downgrade attacks and potential password decryption. Reported impact references are tied to SAP MII versions 12.2, 14.0 and 15.0 (and possib...

Dell Foundation Services installs root certificate and private key (eDellRoot)

Overview Dell Foundation Services installs the eDellRoot certificate into theTrusted Root Certificate Store on Microsoft Windows systems. The certificate includes the private key. This allows attackers to create trusted certificates and perform impersonation, man-in-the-middle MiTM, and passive...

Dell System Detect installs root certificate and private key (DSDTestProvider)

Overview Dell System Detect installs the DSDTestProvider certificate into theTrusted Root Certificate Store on Microsoft Windows systems. The certificate includes the private key. This allows attackers to create trusted certificates and perform impersonation, man-in-the-middle MiTM, and passive...

Bitlocker Master Key (FVEK) Extraction

This module enumerates ways to decrypt Bitlocker volume and if a recovery key is stored locally or can be generated, dump the Bitlocker master key FVEK This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

ntp: vallen in extension fields are not validated

A stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash...

The first Linux ransomware 马失前蹄: encryption vulnerabilities can be compromised-the vulnerability warning-the black bar safety net

In Windows have long had ransomware（ransom ransomware, until Linux in Linux. Encoder. 1, which is the first linux ransomware. This software acts with CryptoWall And TorLocker and other infamous Trojan horse software is very similar. Hackers use ransomware cases In hack remote use of popular...

Security feature bypass

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles password changes, which allows physically proximate attackers to bypass...

CVE-2015-6095

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles password changes, which allows physically proximate attackers to bypass...