Tor anonymizing network Compromised by French researchers

Tor anonymizing network Compromised by French researchers French researchers from ESIEA, a French engineering school, have found and exploited some serious vulnerabilities in the TOR network. They performed an inventory of the network, finding 6,000 machines, many of whose IPs are accessible...

Company Offers Tool To Break iPhone Encryption

ElcomSoft, a Russian security firm, claims that a new encryption cracking tool can decode data encrypted on mobile devices running Apple’s iOS operating system. Elcomsoft says it has developed the first ever commercially available password and encryption cracking tool. The company has made a phon...

Cipher API information disclosure in pidgin

cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents...

NASA Computer Networks Have Potentially Catastrophic Security Holes !

NASA's internal computer network is full of holes and is extremely vulnerable to an external cyberattack, an audit by the Office of the Inspector General has found. Even worse, it appears several of the vulnerabilities have been known for months, yet remained unpatched. "Six computer servers...

Report: Big Cracks in NASA's Network Defenses

A recent audit of NASA’s computer network found the agency’s infrastructure fraught with security holes, many of which have been known about for months, yet remain unpatched, according to a report by the space agency’s Office of the Inspector General OIG. The audit found vulnerabilities that coul...

Accellion File Transfer Appliance MPIPE2 Command Execution

$Id: accellionftampipe2.rb 11935 2011-03-11 17:37:23Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Accellion File Transfer Appliance MPIPE2 - Command Execution (Metasploit)

$Id: accellionftampipe2.rb 11935 2011-03-11 17:37:23Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities

R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities February 7, 2011 -- Vulnerability Details: The Accellion File Transfer Appliance, prior to version FTA80562, suffers from a number of security flaws that can lead to a remote root compromise. 1. Message Routing Daemon Default...

Accellion File Transfer Appliance Multiple Vulnerabilities

R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities February 7, 2011 -- Vulnerability Details: The Accellion File Transfer Appliance, prior to version FTA80562, suffers from a number of security flaws that can lead to a remote root compromise. 1. Message Routing Daemon Default...

Sony Sues PlayStation 3 Jailbreakers

Sony has filed a lawsuit against a group of hackers who were able to bypass the DRM protections in the company’s PlayStation 3, compromised the root key and later published tools allowing others to follow in their footsteps and play pirated software on the console. On Tuesday, Sony filed suit in...

RSA Key Manager SQL injection Vulnerability ( CVE-2010-1904 )

Product: RSA Key Manager Vendor: EMC/RSA Vulnerable Component: Key Manager Client Vulnerable Component Version: 1.5.x Vulnerability Type: SQL injection Vendor Contact Date: 4/20/2010 Status: Vendor does not want to fix the vulnerability. Vulnerability Details: RSA Key Manager Client software uses...

CVE-2010-1149

probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKSDMTARGETSPARAMS information to udev even for a crypt UDISKSDMTARGETSTYPE, which allows local users to discover encryption keys by 1 running a certain udevadm command or 2 reading a certain file under /dev/.udev/db/...

Design/Logic Flaw

probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKSDMTARGETSPARAMS information to udev even for a crypt UDISKSDMTARGETSTYPE, which allows local users to discover encryption keys by 1 running a certain udevadm command or 2 reading a certain file under /dev/.udev/db/...

CVE-2010-1149

probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKSDMTARGETSPARAMS information to udev even for a crypt UDISKSDMTARGETSTYPE, which allows local users to discover encryption keys by 1 running a certain udevadm command or 2 reading a certain file under /dev/.udev/db/...

CVE-2010-1149

probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKSDMTARGETSPARAMS information to udev even for a crypt UDISKSDMTARGETSTYPE, which allows local users to discover encryption keys by 1 running a certain udevadm command or 2 reading a certain file under /dev/.udev/db/...

CVE-2010-1149

CVE-2010-1149 affects udisks prior to 1.0.1. The issue is in probers/udisks-dm-export.c which exports UDISKS_DM_TARGETS_PARAMS information to udev even for crypt UDISKS_DM_TARGETS_TYPE, allowing local users to discover encryption keys by (1) running a particular udevadm command or (2) reading a f...

Ubuntu Update for openssl-blacklist update USN-612-9

Ubuntu Update for Linux kernel vulnerabilities USN-612-9 OpenVAS Vulnerability Test $Id: gbubuntuUSN6129.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for openssl-blacklist update USN-612-9 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu Update for openvpn regression USN-612-10

Ubuntu Update for Linux kernel vulnerabilities USN-612-10 OpenVAS Vulnerability Test $Id: gbubuntuUSN61210.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for openvpn regression USN-612-10 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu Update for openvpn vulnerability USN-612-3

Ubuntu Update for Linux kernel vulnerabilities USN-612-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN6123.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for openvpn vulnerability USN-612-3 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-612-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...