eFile Wifi Transfer Manager 1.0 - Multiple Vulnerabilities

Title: ====== eFile Wifi Transfer Manager 1.0 iOS - Multiple Vulnerabilities Date: ===== 2013-06-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=982 VL-ID: ===== 982 Common Vulnerability Scoring System: ==================================== 6.8 Introduction:...

Mobile USB Drive HD 1.2 - Arbitrary File Upload Vulnerability

Document Title: =============== Mobile USB Drive HD 1.2 - Arbitrary File Upload Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=989 Release Date: ============= 2013-06-26 Vulnerability Laboratory ID VL-ID: ==================================...

eFile Wifi Transfer Manager 1.0 iOS - Multiple Vulnerabilities

Document Title: =============== eFile Wifi Transfer Manager 1.0 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=982 Release Date: ============= 2013-06-23 Vulnerability Laboratory ID VL-ID:...

CVE-2013-2173

wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service CPU consumption via a crafted value of a certain wp-postpass cookie...

Unprotected Windows CE Console (Telnet)

The remote Windows CE Telnet Console is not protected by a password. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities

Wireless Disk PRO 2.3 iOS - Multiple Vulnerabilities Title: ====== Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities Date: ===== 2013-02-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=883 VL-ID: ===== 883 Common Vulnerability Scoring System:...

LivingSocial Ups its Password Encryption After Breach

The popular daily deal site LivingSocial announced Monday it has abandoned the SHA1 hash for Blowfish’s bcrypt following a massive data breach that impacted 50 million customers. The company confirmed last weekend that its computer systems were attacked and thieves gained access to names, e-mail...

Belkin 2307 Unprotected Console (HTTP)

The remote Belkin 2307 Web Console is not protected by a password. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moxa NPort Unprotected Console (Telnet)

The remote Moxa NPort Telnet Console is not protected by a password. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Business Partners Give Hackers Easy Access to Secure Firms

As frequently targeted, high-value companies continue fortifying their defenses, FireEye researchers claim that attackers are increasingly setting their sights on the affiliated but not-as-well-protected third-party organizations that do business with them. By aiming phishing email campaigns at...

RHEL 6 : virt-v2v (RHSA-2011:1615)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2011:1615 advisory. - virt-v2v: vnc password protection is missing after vm conversion CVE-2011-1773 Note that Nessus has not tested for this issue but has instead relie...

Multi Gather GnuPG Credentials Collection

This module will collect the contents of all users' .gnupg directories on the targeted machine. Password protected secret keyrings can be cracked with John the Ripper JtR. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...

Microsoft IIS protection bypass

Password protection bypass, script files content access...

Trivial Password Flaw Leaves MySQL Databases Exposed

There is a trivially exploitable vulnerability in MySQL that enables an attacker to gain root access to the database server. The bug, which recently was patched, stems from an error in the way that MySQL and MariaDB handle passwords, giving an attacker a chance of getting root access by supplying...

ESHOP network operators treasure Mall 1.0 GetWebshell-vulnerability warning-the black bar safety net

A day Wake up late, get up found on the ground a flyer. See is an online shop. So want to see with what program, find out where to see the html comments,css comments, and file name. Find is ESHOP network operators treasure Mall. google under exploits, found eshop exploits, test the next, not. But...

Low: Red Hat Security Advisory: Red Hat Network Satellite spacewalk-backend security and bug fix update

Updated spacewalk-backend packages that fix one security issue and two bugs are now available for Red Hat Network Satellite 5.4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Analysis of STRATFOR Passwords Reveals Shoddy Security

A partial analysis of another massive leak of user passwords has again shone a light on the scourge of weak passwords used to protect sensitive data in online accounts, according to a report by The Tech Herald. Using the leaked password list from STRATFOR, the open source intelligence service tha...

Low: Red Hat Security Advisory: virt-v2v security and bug fix update

An updated virt-v2v package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

WordPress.Com Hacked, Hacker root the Server !

WordPress.Com Hacked, Hacker Root the Server ! The parent company that operates WordPress, made an announcement this morning that it has hacked, resulting what the company said was a low-level root break-in to several of their servers. The company warned that potentially anything on those servers...

Amazon Cloud Can Be Used to Hack Into Networks !

A Germany-based security researcher says he can hack into protected networks using software that runs on Amazon's cloud-based computers, according to a Reuters report. Thomas Roth, a computer security consultant based in Cologne, Germany, says he has "figured out a quick and inexpensive way to...