Microsoft Windows CVE-2018-8309 Local Denial of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to restart the affected system, denying service to legitimate users. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 f...

jira.interactive-pioneers.de XSS vulnerability

Open Bug Bounty ID: OBB-638358 Description| Value ---|--- Affected Website:| jira.interactive-pioneers.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

The OSINT Omnibus

An Omnibus is defined as a volume containing several novels or other items previously published separately and that is exactly what the InQuest Omnibus project intends to be for Open Source Intelligence collection, research, and artifact management. By providing an easy to use interactive command...

Security Bulletin: Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1819, CVE-2015-5600, CVE-2015-7183, CVE-2015-7181, CVE-2015-7182)

Summary Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-1819 DESCRIPTION: Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error in the...

Security Bulletin: Vulnerability in SSLv3 affects IBM Monitoring and Diagnostic Tools for Java - Interactive Diagnostic Data Explorer (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 may be used in connections between Interactive Diagnostic Data Explorer client and the server running in IBM Support Assistant Team Server Vulnerability...

Microsoft Windows: Service: Remote Desktop Services

The service SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.109271";...

Omnibus - Open Source Intelligence Collection, Research, And Artifact Management

An Omnibus is defined as a volume containing several novels or other items previously published separately and that is exactly what the InQuest Omnibus project intends to be for Open Source Intelligence collection, research, and artifact management. By providing an easy to use interactive command...

Microsoft Windows: Interactive logon: Number of previous logons to cache

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winilnumpreviouslogoncache.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for nteractive logon: Number of previous logons to cache in case domain controller is not available Authors: Emanuel Moss Copyright: Copyright ...

Microsoft Windows: Interactive logon: Message text for users attempting to log on

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winilmessageusersattemptlogon.nasl 11098 2018-08-23 14:32:47Z emoss $ Check value for Interactive logon: Message text for users attempting to log on Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Microsoft Windows: Interactive logon: Message title for users attempting to log on

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winilmessagetitleuserslogon.nasl 11098 2018-08-23 14:32:47Z emoss $ Check value for Interactive logon: Message title for users attempting to log on Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Microsoft Windows: Interactive logon: Do not require CTRL+ALT+DEL

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winildisablecad.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Interactive logon: Do not require CTRL+ALT+DEL Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net Thi...

Microsoft Windows: Interactive logon: Machine inactivity limit

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winilmachineinactivitylimit.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Interactive logon: Machine inactivity limit Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

HCL legacy IVR system security vulnerability

HCL legacy IVR systems are a set of interactive voice inter-response systems. A security vulnerability exists in HCL legacy IVR systems, which originates from a program that executes commands and functions with the help of audio signals. The vulnerability can be exploited by an attacker to open...

Microsoft Windows: Do not display last user name

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winildisplaylastuser.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Interactive logon: Do not display last user name Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Microsoft Windows: Interactive logon: Machine account lockout threshold

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winilmachineacclockoutthreshold.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Interactive logon: Machine account lockout threshold Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Security update for bash (moderate)

This update for bash fixes the following issues: Security issues fixed: - CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed bsc1001299 - CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed bsc1000396 Non-security issues fixed: - Fix repeating...

Open Source Deception Framework: DejaVU

Deception techniques if deployed well can be very effective for organizations to improve network defense and can be a useful arsenal for blue teams to detect attacks at very early stage of cyber kill chain. But the challenge we have seen is deploying, managing and administering decoys across larg...

SUSE SLED12 / SLES12 Security Update : bash (SUSE-SU-2018:1398-1)

This update for bash fixes the following issues: Security issues fixed : - CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed bsc1001299 - CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed bsc1000396 Non-security issues fixed : - Fix repeating...

Two Romanian Hackers Extradited to the U.S. Over $18 Million Vishing Scam

Two Romanian hackers have been extradited to the United States to face 31 criminal charges including computer fraud and abuse, wire fraud conspiracy, wire fraud, and aggravated identity theft. Described as "international computer hackers" by the United States Department of Justice, Teodor Laurent...

Two Romanian Hackers Extradited to the U.S. Over $18 Million Vishing Scam

Two Romanian hackers have been extradited to the United States to face 31 criminal charges including computer fraud and abuse, wire fraud conspiracy, wire fraud, and aggravated identity theft. Described as "international computer hackers" by the United States Department of Justice, Teodor Laurent...