850 matches found
JIRA REST API makes it easy to harvest email addresses
The JIRA REST API makes it easy to harvest email addresses as an anonymous user. 1. Go to https://jira.atlassian.com/browseJRA-22053 as anonymous. Note that you can't extract email addresses from this page unless the user has used an email address as her username. 2. Now go to...
Satanic Socks Server: RDot edition
Satanic Socks Server - sss.c v0.66 by drmist/STNC mod for rdot.org v1.1 Отличия от Satanic Socks Server v0.66.170506 sss.c by drmist\STNC: -убрана поддержка windows +добавлено ограничение на подключения только с заданного IP +маскировка списке процессов +режим агрессивного закрытия отработавших...
Is It Time to Stop Password Masking?
From SANS AppSec Street Fighter Blog Jason Montgomery I just ran across Jakob Nielsen‘s Alert Box post titled Stop Password Masking and wanted to provide some feedback from a security vs. usability perspective. I have great respect for Nielsen’s contribution to the usability of the web. Back in t...
[NEWS] Wireshark DNP3 Dissector Infinite Loop Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
rt-sa-2005-15.txt
Advisory: BSD Securelevels: Circumventing protection of files flagged immutable By mounting an arbitrary filesystem, it is possible to mask files flagged immutable with any user-defined files. Details ======= Product: FreeBSD up to 6.0-STABLE and 7.0-CURRENT OpenBSD up to 3.8 DragonFly up to 1.2...
[Full-disclosure] BSD Securelevels: Circumventing protection of files flagged immutable
Advisory: BSD Securelevels: Circumventing protection of files flagged immutable By mounting an arbitrary filesystem, it is possible to mask files flagged immutable with any user-defined files. Details ======= Product: FreeBSD up to 6.0-STABLE and 7.0-CURRENT OpenBSD up to 3.8 DragonFly up to 1.2...
CVE-2005-4351
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running...
CVE-2004-1802
Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page...
CVE-2002-1431
Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to acce...
Новый вид сканирования - Pixie scan
Используется факт линейного изменения IP ID, что позволяет просканировать открытые порты даже за маскарирующим сервером используя пакет с внутреннего адреса и проверяя прирощение IP ID...