UBUNTU-CVE-2015-4644

The phppgsqlmetadata function in pgsql.c in the PostgreSQL aka pgsql extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service NULL pointer dereference and...

RAWR - Rapid Assessment of Web Resources

Features A customizable CSV containing ordered information gathered for each host, with a field for making notes/etc. An elegant, searchable, JQuery-driven HTML report that shows screenshots, diagrams, and other information. A report on relevent security headers, courtesy of SmeegeSec. a CSV Thre...

CapTipper - Malicious HTTP traffic explorer tool

CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic. CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations...

CeWL - Custom WordList Generator Tool for Password Cracking

CeWL is a ruby app which spiders a given url to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper. CeWL also has an associated command line app, FAB Files Already Bagged which uses the same meta...

Smartphones cache poses huge risk for Cloud Storage Security

A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you're using. Whether you're using a PC, laptop, tablet, smartphone, television, or...

Smartphones cache poses huge risk for Cloud Storage Security

A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you’re using. Whether you’re using a PC, laptop, tablet, smartphone, television, or...

Debian Security Advisory DSA 2559-1 (libexif)

The remote host is missing an update to libexif announced via advisory DSA 2559-1. OpenVAS Vulnerability Test $Id: deb25591.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2559-1 libexif Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian DSA-2559-1 : libexif - several vulnerabilities

Several vulnerabilities were found in libexif, a library used to parse EXIF meta-data on camera files. - CVE-2012-2812 : A heap-based out-of-bounds array read in the exifentrygetvalue function allows remote attackers to cause a denial of service or possibly obtain potentially sensitive informatio...

DSA-2559-1 libexif - several

Bulletin has no description...

Microsoft Windows Kernel Denial of Service Vulnerability (2556532)

This host is missing an important security update according to Microsoft Bulletin MS11-068. OpenVAS Vulnerability Test $Id: secpodms11-068.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft Windows Kernel Denial of Service Vulnerability 2556532 Authors: Veerendra GG Copyright: Copyright c 2011 SecPod...

Design/Logic Flaw

Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for...

CVE-2011-1183

Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for...

Microsoft Help Files (.CHM): 'Locked File' Feature Bypass

No description provided by source. Changes made with Windows XP introduced additional origin validation for files downloaded from the Internet when saved to an NTFS volume. This 'feature' is present in Windows XP, Vista and 7. When a user downloads a .CHM file using Internet Explorer or another...

Microsoft Help Files (.CHM): 'Locked File' Feature Bypass

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. Microsoft Help Files .CHM: 'Locked File' Bypass Versions Affected: Windows XP, Windows Vista, Windows 7 pdf: http://www.security-assessment.com/files/advisories/WindowsLockedHelpFiles.pdf...

Fedora Update for xar FEDORA-2010-7631

Check for the Version of xar OpenVAS Vulnerability Test Fedora Update for xar FEDORA-2010-7631 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

[SECURITY] Fedora 13 Update: xar-1.5.2-6.fc13

The XAR project aims to provide an easily extensible archive format. Import ant design decisions include an easily extensible XML table of contents for ran dom access to archived files, storing the toc at the beginning of the archive to allow for efficient handling of streamed archives, the abili...

[SECURITY] Fedora 12 Update: xar-1.5.2-6.fc12

The XAR project aims to provide an easily extensible archive format. Import ant design decisions include an easily extensible XML table of contents for ran dom access to archived files, storing the toc at the beginning of the archive to allow for efficient handling of streamed archives, the abili...

Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)

This host is missing a critical security update according to Microsoft Bulletin MS09-047. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of malformed cell comments. When Excel...

Debian Security Advisory DSA 998-1 (libextractor)

The remote host is missing an update to libextractor announced via advisory DSA 998-1. Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in libextractor, a library to extract arbitrary meta-data from files. The old stable distribution woody does not contai...