[WAF-FLE v0.6.3] Web application firewall: fast log and event console

WAF-FLE is a OpenSource Console for ModSecurity, it allow the modsec admin to view and search events sent by mlogc modsecurity event log handler. Features : Central event console Support Modsecurity in “traditional” and “Anomaly Scoring” Able to receive events sent from mlogc in real time or in...

Qualcomm chown init scripts

Insecure owner/permission changes in init shell scripts CVE-2013-6124: During the device start-up phase, several init shell scripts are executed with root privileges to configure various aspects of the system. During this process, standard toolchain commands such as chown or chmod are used to,...

Confirmed: Samsung Galaxy S5 has a Fingerprint Scanner

After the huge success of Samsung galaxy S3, Samsung Galaxy S4 and Samsung Tablets, the world’s most successful Android manufacturer is going to reveal its brand new Smartphone Samsung Galaxy S5 next week at Mobile World. Early in 2014, rumors suggested that Samsung Galaxy S5 will have Fingerprin...

gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack

Werner Koch reports: CVE-2013-4576 has been assigned to this security bug. The paper describes two attacks. The first attack allows to distinguish keys: An attacker is able to notice which key is currently used for decryption. This is in general not a problem but may be used to reveal the...

DEBIAN-CVE-2013-2898

drivers/hid/hid-sensor-hub.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDSENSORHUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device...

UBUNTU-CVE-2013-2898

drivers/hid/hid-sensor-hub.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDSENSORHUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device...

CVE-2013-2898

The CVE-2013-2898 entry concerns the Linux kernel HID subsystem, specifically drivers/hid/hid-sensor-hub.c. When CONFIG_HID_SENSOR_HUB is enabled, the vulnerability affects the kernel up through version 3.11 and allows physically proximate attackers to obtain sensitive information from kernel mem...

CVE-2013-2898

drivers/hid/hid-sensor-hub.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDSENSORHUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device...

Design/Logic Flaw

The IP stack in Cisco Intrusion Prevention System IPS Software in ASA 5500-X IPS-SSP software and hardware modules before 7.15E4, IPS 4500 sensors before 7.16E4, and IPS 4300 sensors before 7.15E4 allows remote attackers to cause a denial of service MainApp process hang via malformed IPv4 packets...

Fedora Update for gpsd FEDORA-2013-7309

Check for the Version of gpsd OpenVAS Vulnerability Test Fedora Update for gpsd FEDORA-2013-7309 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Activating mobile malware with Music and Light Sensors

Researchers at the University of Alabama at Birmingham UAB presented the research that it is possible to trigger malware hidden in mobile devices using music, lighting, or vibration. In a research paper titled "Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices", th...

Activating mobile malware with Music and Light Sensors

Researchers at the University of Alabama at Birmingham UAB presented the research that it is possible to trigger malware hidden in mobile devices using music, lighting, or vibration. In a research paper titled “Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices”, th...

[SECURITY] Fedora 18 Update: gpsd-3.9-1.fc18

gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...

Researchers Use Music, Light to Trigger Mobile Malware

Calling it a paradigm shift, university researchers were able to trigger mobile-device malware using a modest amount of music, lighting, magnetic fields or sound vibrations. “When you go to an arena or Starbucks, you don’t expect the music to have a hidden message, so this is a big paradigm shift...

[SECURITY] Fedora 19 Update: gpsd-3.9-1.fc19

gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...

[WAF-FLE] Web application firewall: fast log and event console

WAF-FLE is a OpenSource Console for ModSecurity, it allow the modsec admin to view and search events sent by mlogc modsecurity event log handler. Features : Central event console Support Modsecurity in “traditional” and “Anomaly Scoring” Able to receive events sent from mlogc in real time or in...

Not getting hardware sensor alerts in a timely manner

Challenge You do not receive information about specific alerts regarding host hardware sensors quick enough for your environment, both in the Veeam ONE Monitor GUI and e-mails. For example, a host goes offline and you do not get any alerts for 20 minutes. Or there is another delayed alerting...

Low: Red Hat Security Advisory: OpenIPMI security, bug fix, and enhancement update

Updated OpenIPMI packages that fix one security issue, multiple bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...

CVE-2012-4621

The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service device reload via a DHCP packet, aka Bug ID CSCty96049...

Design/Logic Flaw

The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service device reload via a DHCP packet, aka Bug ID CSCty96049...