Remote code execution

galenframework-cli is the node wrapper for the Galen Framework. galenframework-cli below 2.3.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled...

CVE-2016-10563

During the installation process, the go-ipfs-deps module before 0.4.4 insecurely downloads resources over HTTP. This allows for a MITM attack to compromise the integrity of the resources used by this module and could allow for further compromise...

CVE-2016-10560

galenframework-cli is the node wrapper for the Galen Framework. galenframework-cli below 2.3.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled...

CVE-2016-10557

CVE-2016-10557 affects the Node.js wrapper library appium-chromedriver . Versions below 2.9.4 download binary resources over HTTP, creating susceptibility to man-in-the-middle (MITM) attacks. If an attacker in a privileged network position replaces the downloaded chromedriver binary, remote code ...

CVE-2016-10563

CVE-2016-10563 concerns the go-ipfs-deps package, where versions before 0.4.4 download resources over HTTP. The root cause is insecure HTTP downloads that enable a MITM attacker to modify or read resources, compromising integrity and potentially enabling further impact, including remote code exec...

Man In The Middle (MitM)

strider-sauce is vulnerable to man-in-the-middleMitM attack. The vulnerability exists because it allows downloading of requested executable files via HTTP if the attacker's network position is between the remote server and client. It can subsequently open up a loophole for remote code execution...

CVE-2016-10659

poco - The POCO libraries, downloads source file resources used for compilation over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network o...

CVE-2016-10591

Prince is a Node API for executing XML/HTML to PDF renderer PrinceXML via prince1 CLI. prince downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled...

CVE-2017-16003

The CVE-2017-16003 entry affects the Windows tool Windows-build-tools (npm module for installing C++ Build Tools). Versions below 1.0.0 download resources over HTTP, which enables MITM interception of the downloaded executables. An attacker on the network could swap the requested resources with m...

CVE-2016-10658

The CVE-2016-10658 entry concerns the native-opencv npm package, which downloads binary resources over HTTP. This insecure download path allows a network-positioned attacker to MITM and replace the requested binary with a malicious version, potentially leading to remote code execution on the host...

Pet Trackers Open to MITM Attacks, Interception

UPDATE Family pets are near and dear to us, so smart collars and other devices for animals that track their locations are becoming popular; a world without the need for lost-pet flyers is after all a wonderful thing. The problem, according to researchers, is that these devices can leak sensitive...

CVE-2018-0591

The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3.1.2 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Man-in-the-Middle (MitM)

ansible is vulnerable to man-in-the-middle MitM attack. The attack exists because SSH host key management is not done properly by default, failing to cache and check SSH host keys...

Ed: Session Cookie Without Secure Flag

Hi Ed, The bug mentioned in the report 343095 is not yet correctly patched I believe. Previously, the Researcher reports that the cookiegitlabsession is not Secure Missing Secure Flag and u closed that report as Informative and said that "Expoitability of this issue is so low that it does not...

CVE-2017-12196

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the...

CVE-2017-12196

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the...

Authorization

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the...

CVE-2017-12196

CVE-2017-12196 affects Undertow when using Digest authentication. The vulnerability exists because Undertow does not ensure that the URI in the Authorization header matches the HTTP request line, enabling a MITM-like scenario to access content. Affected are Undertow releases prior to 1.4.18.SP1, ...

CVE-2017-12196

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the attacker to cause a MITM attack and access the...

CVE-2018-1348

NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack...