FalconGate - A smart gateway to stop hackers and Malware attacks

A smart gateway to stop hackers, Malware and more... Motivation Cyber attacks are on the raise. Hacker and cyber criminals are continuously improving their methods and building new tools and Malware with the purpose of hacking your network, spying on you and stealing valuable data. Recently a new...

How to protect web applications on Google Cloud Platform with WAF?

Many of the developers we speak to are interested in taking advantage of Google Compute Cloud for developing and hosting their web applications. The advantages are many from reasonable costs to built in scalability to high level of availability built right into the platform. However, the develope...

Personalized User Focused Security: Stethoscope

Stethoscope is a web application that collects information from existing device data sources e.g., JAMF or LANDESK on a given user’s devices and gives them clear and specific recommendations for securing their systems. Stethoscope consists of two primary pieces: a Python-based back-end and a...

Airbnb: Nginx Version Disclosure

Hello, While i was testing airbnb i found nginx version disclosure in HTTP Response. Which can help attacker to gain information or an attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified. URL: https://www.airbnb.com/ Version: 1.7.12...

WTServer 17.02 DLL Hijacking

Title: WTServer-17.02 - DLL Loading Arbitrary Code Execution + Credits / Discovery: Nassim Asrir + Author Email: [email protected] + Author Company: Henceforth Vendor: =============== http://wtserver.wtriple.com/ Download: ===========...

Ubiquiti Inc.: Content Spoofing or Text Injection in (403 forbidden page injection) and Nginx version disclosure via response header

Hello there, I know that this is Non-critical issue but i want you guys to be aware of it. 1. I have found a Content Spoofing or Text Injection in This url http://dl-origin.ubnt.com/ Go to this url...

openSUSE Security Update : nginx (openSUSE-2017-192)

This update for nginx fixes the following vulnerability : - CVE-2016-4450: Remote attackers could have caused a denial of service NULL pointer dereference and worker process crash via a crafted request, involving writing a client request body to a temporary file. %NASLMINLEVEL 70300 C Tenable...

OPENSUSE-SU-2017:0362-1 Security update for nginx

This update for nginx fixes the following vulnerability: - CVE-2016-4450: Remote attackers could have caused a denial of service NULL pointer dereference and worker process crash via a crafted request, involving writing a client request body to a temporary file...

OPENSUSE-SU-2017:0361-1 Security update for nginx

This update for nginx fixes the following vulnerability: - CVE-2016-4450: Remote attackers could have caused a denial of service NULL pointer dereference and worker process crash via a crafted request, involving writing a client request body to a temporary file...

SUSE-SU-2017:0190-1 Security update for nginx-1.0

This update for nginx-1.0 fixes the following issues: This security issues fixed: - CVE-2016-4450: NULL pointer dereference while writing client request body bsc982505. - CVE-2016-1000105: Setting HTTPPROXY environment variable via Proxy header httpoxy bnc988491...

PHP LibGD Heap Buffer Overflow

!/usr/bin/env python2 PoC for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx. ,---- | $ python exploit.py --bind-port 5555 http://1.2.3.4/upload.php | this may take a while | offset 912 of 10000... | + connected to 1.2.3.4:5555 | id | uid=33www-data...

PHP LibGD Heap Buffer Overflow Exploit

Proof of concept exploit for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx. !/usr/bin/env python2 PoC for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx. ,---- | $ python exploit.py --bind-port 5555...

BROP Attack of the Nginx remote code execution vulnerabilities analysis and use-vulnerability and early warning-the black bar safety net

Blind ROP is a very interesting attack, in fact, many foreign chapters, as well as the original dark cloud in the Knowledge Base article has a description, I put these reference articles are placed in the end position, interested friends can study together the Exchange. As Flappy pig clan wars, I...

[ASA-201701-23] nginx: privilege escalation

Arch Linux Security Advisory ASA-201701-23 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-1247 Package : nginx Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-138 Summary ======= The package nginx before version...

[ASA-201701-24] nginx-mainline: privilege escalation

Arch Linux Security Advisory ASA-201701-24 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-1247 Package : nginx-mainline Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-139 Summary ======= The package nginx-mainline...

Yelp: Nginx version disclosure via forbidden page

This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Nginx. Impact: An attacker might use the disclosed information to harvest specific security vulnerabilities for the version...

GLSA-201701-22 : NGINX: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201701-22 NGINX: Privilege escalation It was discovered that Gentoos default NGINX installation applied similar problematic permissions on /var/log/nginx as Debian DSA-3701 and is therefore vulnerable to the same attack described ...

NGINX: Privilege escalation

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description It was discovered that Gentoo’s default NGINX installation applied similar problematic permissions on “/var/log/nginx” as Debian DSA-3701 and is therefore vulnerable to the same attack described i...

Skyport Systems: Nginx version disclosure via forbidden page

This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Nginx. Impact: An attacker might use the disclosed information to harvest specific security vulnerabilities for the version...

Robinhood: httponly flag not set + csrftoken in url

INFORMATION hello, i was looking into and found something interesting , i found that the httponly flag is not set which is really harmful as because httponly flag act as filter to stop client side script attacks like xss or session hijacking. so the csrftoken has no httponly flag at...