975 matches found
MICROSENS Profi Line Modular switches authentication bypass
Authentication results are not checked by server...
[Ncrack] High-Speed Network Authentication Cracker
Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a...
Fedora Update for pidgin FEDORA-2014-1999
Check for the Version of pidgin OpenVAS Vulnerability Test Fedora Update for pidgin FEDORA-2014-1999 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
jboss-as-server: Unchecked access to MSC Service Registry under JSM
In Red Hat JBoss Enterprise Application Platform, when running under a security manager, it was possible for deployed code to get access to the Modular Service Container MSC service registry without any permission checks. This could allow malicious deployments to modify the internal state of the...
jboss-as-server: Unchecked access to MSC Service Registry under JSM
In Red Hat JBoss Enterprise Application Platform, when running under a security manager, it was possible for deployed code to get access to the Modular Service Container MSC service registry without any permission checks. This could allow malicious deployments to modify the internal state of the...
jboss-as-server: Unchecked access to MSC Service Registry under JSM
In Red Hat JBoss Enterprise Application Platform, when running under a security manager, it was possible for deployed code to get access to the Modular Service Container MSC service registry without any permission checks. This could allow malicious deployments to modify the internal state of the...
Tor Exit Relay Scanner: Exitmap
Tor is one of the best and freely available privacy software that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship. An exit node, the final destination in the series of servers Tor users hop through...
[aidSQL] PHP Application For SQL Injection Detection & Exploitation
aidSQL a PHP application provided for detecting security holes in your website/s. It’s a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. The tool provides pen-testing capabilities for MS-SQL 2000, MySQL 5 and the author promises ...
[FoxOne] Free OSINT Tool - Server Reconnaissance Scanner
FoxOne is a free OSINT tool, described by the author th3j35t3r as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel o...
Debian Security Advisory DSA 2783-1 (librack-ruby - several vulnerabilities)
Several vulnerabilities were discovered in Rack, a modular Ruby webserver interface. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2011-5036 Rack computes hash values for form parameters without restricting the ability to trigger hash collisions...
[Arachni v0.4.5.1-0.4.2] Open Source Web Application Security Scanner Framework
Arachni is a Free/Open Source project, the code is released under the Apache License Version 2.0 and you are free to use it as you see fit. Initially started as an educational exercise, it has since evolved into a powerful and modular framework allowing for fast, accurate and flexible...
DEBIAN-CVE-2013-4207
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a differe...
CVE-2013-4207
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a differe...
Buffer overflow
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a differe...
CVE-2013-4207
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a differe...
CVE-2013-4206
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting...
[SECURITY] Fedora 18 Update: libtomcrypt-1.17-20.fc18
A comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines. Designed from the ground...
[Zarp v0.1.3] Local Network Attack Tool
Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...
[Patator v0.5] Multi-purpose brute-forcer, with a modular design and a flexible usage
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. Currently it supports the following modules: ftplogin : Brute-force FTP sshlogin : Brute-force SSH telnetlogin : Brute-force Telnet smtplogin : Brute-force SMTP smtpvrfy : Enumerate valid users using the SMTP VRF...
Most Sophisticated Android malware ever detected
A new piece of sophisticated Android malware has been discovered by security researchers at Kaspersky Labs. Dubbed as Backdoor.AndroidOS.Obad.a, it is the most sophisticated piece of Android malware ever seen. It exploits multiple vulnerabilities, blocks uninstall attempts, attempts to gain root...