9528 matches found
CiscoWorks Common Services Installed
CiscoWorks Common Services, the foundation of application infrastructure for CiscoWorks network management solutions, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69468; scriptversion"1.9";...
Black Hat 2013: What Have We Learned
LAS VEGAS–The Black Hat conference is one of the best opportunities each year to see new and innovative research, commune with some of the smartest folks in the industry and generally get a sense of where things stand and where they’re going. This year’s conference was one of the larger in histor...
Chinese Hackers Caught by US water control system Honeypots
A notorious Chinese hacker collective known as APT1 or Comment Crew, possibly linked to the Chinese Army, have been caught red handed breaking into a fake United States water control system i.e. known as a Honeypot. Kyle Wilhoit, a researcher with security company Trend Micro has just revealed th...
Online Ad Networks Leverages to Launch Javascript Attacks
LAS VEGAS – Researchers have figured out how to leverage the reach of online advertising networks to distribute javascript of their choosing, creating the equivalent of a botnet of ad impressions capable of crashing underlying webservers or distributing malware on a massive scale for pennies on t...
CVE-2013-3746
Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite 3.2, 3.3, and 4 prior to 4.1 SRU 3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Zone Cluster Infrastructure...
Design/Logic Flaw
Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite 3.2, 3.3, and 4 prior to 4.1 SRU 3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Zone Cluster Infrastructure...
CVE-2013-3746
Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite 3.2, 3.3, and 4 prior to 4.1 SRU 3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Zone Cluster Infrastructure...
Oracle Linux 5 : Important: / kernel (ELSA-2008-0089)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0089 advisory. 2.6.18-53.1.6.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 621936...
Updated opera packages replace code signing certificate
Opera 12.16 contains a replaced code signing certificate. Opera Software recently experienced an attack on the internal infrastructure. Following best practices, Opera Software is replacing signing certificates in Opera with newly issued certificates. Certificates in Opera include the code signin...
Replaced code signing certificate
Opera Software recently experienced an attack on the internal infrastructure. Following best practices, Opera Software is replacing signing certificates in Opera with newly issued certificates. Certificates in Opera include the code signing certificate for desktop binaries and the signing...
General Talks Security at Brookings Institution
General Martin Dempsey, Chairman of the Joint Chiefs of Staff, made clear yesterday in a speech to the Brookings Institution that the military, government, and private sector each has a role to play in hardening the U.S. against cyberattacks. General Dempsey also called out the maintainers of...
Stolen Opera Code-Signing Certificate Used to Sign Malware
Opera Software said it was able to contain the impact of a security breach that resulted in the theft of an expired code-signing certificate used to sign malware distributed to Windows users during a 36-minute stretch on June 19. Opera developer Sigbjorn Vik said the browser maker was victimized ...
Chinese Hackers group 'Comment Crew' is still active and operating under cover
Security experts are confident that the Chinese hackers group known as Comment Crew is still operating under cover. “The Comment Crew is back again” this is the rumor within Intelligence community, researchers suspect the involvement of the group of hackers in the recent cyber dispute between U.S...
Microsoft June 2013 Patch Tuesday updates IE Again
Microsoft took advantage today of its lightest batch of Patch Tuesday security updates this year to release an update to its certificate handling infrastructure. Meanwhile, administrators looking for a patch for a recently disclosed vulnerability by Google engineer Tavis Ormandy will have to wait...
Improved cryptography infrastructure and the June 2013 bulletins
It was just over one year ago, May 28, 2012, to be exact, that I transitioned from running active MSRC cases and writing bulletins to my current role managing software security incidents. A lot has changed in that year- and I’ve dealt with some interesting issues during my tenure - but our goal o...
detect_reverse_proxy
This plugin tries to determine if the remote end has a reverse proxy installed. The procedure used to detect reverse proxies is to send a request to the remote server and analyze the response headers, if a Via header is found, chances are that the remote site has a reverse proxy. Plugin type...
finger_pks
This plugin finds mail addresses in PGP PKS servers. Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood: Plugin...
server_header
This plugin GETs the server header and saves the result to the knowledge base. Nothing strange, just do a GET request to the url and save the server headers to the kb. A smarter way to check the server type is with the hmap plugin. Plugin type Infrastructure Options This plugin doesnt have any us...
dns_wildcard
This plugin compares the contents of www.site.com and site.com and tries to verify if the target site has a DNS wildcard configuration or not. Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated...
php_eggs
This plugin tries to find the documented easter eggs that exist in PHP and identify the remote PHP version using the easter egg content. The easter eggs that this plugin verifies are: PHP Credits, Logo, Zend Logo, PHP Logo 2: http://php.net/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000...