128 matches found
Mandriva Linux Security Advisory : imapsync (MDVSA-2014:060)
Updated imapsync package fixes security vulnerabilities : Imapsync, by default, runs a release check when executed, which causes imapsync to connect to http://imapsync.lamiral.info and send information about the version of imapsync, the operating system and perl CVE-2013-4279. The imapsync packag...
TP-Link Cross Site Request Forgery Vulnerability
This write up goes into detail about how real world cross site request forgery attacks can be used to hijack DNS on TP-Link routers. I. Introduction Today the majority of wired Internet connections is used with an embedded NAT router, which allows using the same Internet connection with several...
CVE-2013-0510
IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a security test that sends session cookies to a specific external server, which allows man-in-the-middle attackers to hijack the test account by capturing these cookies...
Design/Logic Flaw
IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a security test that sends session cookies to a specific external server, which allows man-in-the-middle attackers to hijack the test account by capturing these cookies...
Facebook hacking accounts using another OAuth vulnerability
Remember the last OAuth Flaw in Facebook, that allow an attacker to hijack any account without victim's interaction with any Facebook Application, was reported by white hat Hacker 'Nir Goldshlager'. After that Facebook security team fixed that issue using some minor changes. Yesterday Goldshlager...
Microsoft.com.br (Brasil) hacked by TG hacker
Microsoft.com.brBrasil hacked byTG hacker Microsoft Brasil https://microsoft.com.br/ Got defaced by Hacker named "TG ". Hacker redirect server address microsoft.com.br to the page of Microsoft Brazil. Instead of being sent to the developer page of Windows, the Internet user that accesses the...
squid -- Denial of Service vulnerability in DNS handling
Squid security advisory 2010:1 reports: Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted DNS packets. This problem allows any trusted client or external server who can determine the squid receiving port to perform a short-term...
squid -- several remote denial of service vulnerabilities
Squid security advisory 2009:2 reports: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when...