1344 matches found
CVE-2016-8495
An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle MITM attack via the Fortisandbox devices probing feature...
Input validation
An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle MITM attack via the Fortisandbox devices probing feature...
Man-in-the-Middle (MitM)
flink-mesos is susceptible to man-in-the-middle attacks. The attack is possible because it does not use canonical hostname verification in SSL validation for client-to-server connections...
Nextcloud: HTTP-Basic Authentication on logs.nextcloud.com
Greetings, While visiting https://logs.nextcloud.com/ , I noticed that this server use HTTP-Basic Authentication. F152730 POC : ------ GET https://logs.nextcloud.com/ HTTP/1.1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.11; rv:50.0 Gecko/20100101 Firefox/50.0 Accept:...
Explained — What's Up With the WhatsApp 'Backdoor' Story?
What is a backdoor? By definition: "Backdoor is a feature or defect of a computer system that allows surreptitious unauthorized access to data, " either the backdoor is in encryption algorithm, a server or in an implementation, and doesn't matter whether it has previously been used or not...
CVE-2016-10138
An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute t...
Design/Logic Flaw
An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute t...
CVE-2016-10138
An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute t...
CVE-2016-10125
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session...
MS15-031: Vulnerability in SChannel could allow security feature bypass: March 10, 2015
MS15-031: Vulnerability in SChannel could allow security feature bypass: March 10, 2015 Summary This security update resolves a vulnerability in Microsoft Windows that facilitates exploitation of the publicly disclosed FREAK technique, an industry-wide issue that is not specific to Windows...
MS15-089: Vulnerability in WebDAV could allow security feature bypass: August 11, 2015
MS15-089: Vulnerability in WebDAV could allow security feature bypass: August 11, 2015 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if an attacker forces an encrypted Secure Socket Layer SSL 2.0 session and uses a...
Man In The Middle (MitM)
arcanist is vulnerable to man-in-the-middle MitM attacks via downloading resources over HTTP. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the...
Man-in-the-Middle (MitM)
react-native-baidu-voice-synthesizer is vulnerable to man-in-the-middle attacks. The library downloads binaries via HTTP, potentially causing a remote code execution RCE vulnerability by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or...
Man In The Middle (MitM)
nw is vulnerable to man-in-the-middle MitM attacks. This is because the library downloads zipped resources via HTTP, allowing MitM attacks. It may also cause remote code execution RCE by swapping out the requested zip file with an attacker controlled zip file if the attacker is on the network or...
Apple macOS 10.12.1/iOS 10 SecureTransport SSL handshake OCSP MiTM and DoS Vulnerabilities
Exploit for macOS platform in category dos / poc Apple macOS 10.12.1/iOS 10 SecureTransport SSL handshake OCSP MiTM and DoS Credit: Maksymilian Arciemowicz https://cxsecurity.com/ --- 0. Description ---- The latest macOS and iOS have weak OCSP validation process which allow attacker to send OCSP...
USN-3156-1 apt vulnerability
Jann Horn discovered that APT incorrectly handled InRelease files. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to install altered packages...
USN-3124-1 firefox vulnerabilities
Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a special...
Ubuntu: Security Advisory (USN-3124-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Android Proxy Auto Config (PAC) Crash
Original at: https://wwws.nightwatchcybersecurity.com/2016/11/07/crashing-android-devices-with-large-pac-files-cve-2016-6723/ Summary Android devices can be crashed forcing a halt and then a soft reboot by downloading a large proxy auto config PAC file when adjusting the Android networking...
Update request kernel-linus-4.4.26-1 fixes security issues
This update is based on the upstream 4.4.26 kernel and fixes at least these security issues: An issue with ASN.1 DER decoder was reported that could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files CVE-2016-0758...