Lucene search
K

250 matches found

kitploit
kitploit
added 2014/01/15 12:47 a.m.15 views

[DNSRecon v0.8.6] DNS Enumeration Script

Just updated DNSRecon to check if it can pull the Bind Version by doing a query for the TXT Record version.bind and it will now check if the RA Flag is set in responses from each of the NS servers it detects. If the server has recursion enabled it could be used for DDoS attacks and for performing...

7AI score
Exploits0References1
thn
thn
added 2013/12/11 10:35 a.m.18 views

France Government used Rogue Google SSL Digital Certificates to Spy on users

Google has found that the French government agency using unauthorized digital certificates for some of its own domains to perform man-in-the-middle attacks on a private network. Google security engineer Adam Langley described the incident as a "Serious Security breach", which was discovered in...

6.5AI score
Exploits0
osv
osv
added 2013/03/07 3:55 p.m.1 views

DEBIAN-CVE-2013-2481

Integer signedness error in the dissectmountdirpathcall function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfsfilenamesnooping is enabled, allows remote attackers to cause a denial of service application crash via a...

2.9CVSS7.3AI score0.00973EPSS
Exploits0References1
osv
osv
added 2013/03/07 3:55 p.m.2 views

UBUNTU-CVE-2013-2481

Integer signedness error in the dissectmountdirpathcall function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfsfilenamesnooping is enabled, allows remote attackers to cause a denial of service application crash via a...

2.9CVSS7.1AI score0.00973EPSS
Exploits0References8
nvd
nvd
added 2013/02/28 11:55 p.m.17 views

CVE-2013-1141

The mDNS snooping functionality on Cisco Wireless LAN Controller WLC devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service device reload via crafted mDNS packets, aka Bug ID CSCue04153...

6.1CVSS6.4AI score0.00566EPSS
Exploits0References2
prion
prion
added 2013/02/28 11:55 p.m.15 views

Code injection

The mDNS snooping functionality on Cisco Wireless LAN Controller WLC devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service device reload via crafted mDNS packets, aka Bug ID CSCue04153...

6.1CVSS6.9AI score0.00566EPSS
Exploits0References2Affected Software1
cve
cve
added 2013/02/28 11:0 p.m.58 views

CVE-2013-1141

CVE-2013-1141 affects Cisco Wireless LAN Controller (WLC) devices running software 7.4.1.54 and earlier. The issue is in the mDNS snooping feature where improper buffer handling can be exploited by crafted mDNS packets to trigger a denial of service (device reload) by remote authenticated users. ...

6.1CVSS6.6AI score0.00566EPSS
Exploits0References2Affected Software2
attackerkb
attackerkb
added 2012/08/06 6:55 p.m.5 views

CVE-2012-1357

The igmpsnooporibfillsourceupdate function in the IGMP process in NX-OS 5.0 and 5.1 on Cisco Nexus 5000 series switches allows remote attackers to cause a denial of service device reload via IGMP packets, aka Bug ID CSCts46521...

5CVSS5.6AI score0.01232EPSS
Exploits0References2
threatpost
threatpost
added 2012/07/17 1:55 a.m.5 views

Skype Privacy Bug Sends IMs to Random Recipients

Skype users who are chatting online when their client crashes may later find the last instant message they sent to someone actually ended up with someone else. The privacy bug surfaced after users began reporting strange activity in a community forum. Today Skype’s Leonas Sendrauskas issued a...

0.9AI score
Exploits0References3
threatpost
threatpost
added 2012/06/27 5:59 p.m.12 views

Assange's Asylum In The Balance, Researcher Warns Ecuador's Deliberations Are Vulnerable To Online Snooping

With Wikileaks founder Julian Assange anxiously awaiting word from the government of Ecuador on his request for political asylum, a security researcher warns that the country’s Ministry of Foreign Affairs, which is handling the Assange asylum request, is using a video conferencing system that is...

7.1AI score
Exploits0References6
threatpost
threatpost
added 2012/04/18 2:41 a.m.7 views

Critics Continue Pushing for Bigger Probe into Google Street View Practices

Privacy advocates continue urging for a wider federal investigation into Google Street View practices following Google’s $25,000 fine for stonewalling federal officials during an earlier probe of Wi-Fi snooping allegations. The Federal Communications Commission late last week gave the Internet...

6.8AI score
Exploits0
threatpost
threatpost
added 2011/08/12 3:46 p.m.13 views

Video: Researchers Knock Out a $3K First Responder's Radio With a $30 Children's Toy

During the Reagan Administration, the ‘government waste’ meme was all about $600 toilet seats and $300 hammers. Those looking for a more contemporary example of how government procurement gets it wrong might point, instead, to Project 25 P25, a decade old effort to provide first responders and...

0.9AI score
Exploits0References1
openvas
openvas
added 2011/06/01 12:0 a.m.31 views

Nmap NSE net: dns-cache-snoop

Performs DNS cache snooping against a DNS server. There are two modes of operation, controlled by the 'dns-cache-snoop.mode' script argument. In 'nonrecursive' mode the default, queries are sent to the server with the RD recursion desired flag set to 0. The server should respond positively to the...

Exploits0
nessus
nessus
added 2010/12/03 12:0 a.m.21 views

Fedora 13 : udev-153-5.fc13 (2010-17912)

It was discovered that /dev/systty device file created by dracut-generated initramfs scripts used an insecure file permissions. This could possibly allow local user to snoop on other user's terminal. Updated dracut no longer creates this file as device file, rather creates it a symbolic link to...

4CVSS7.3AI score0.02323EPSS
Exploits0References3
nmap
nmap
added 2010/06/12 2:25 a.m.519 views

dns-cache-snoop NSE Script

Performs DNS cache snooping against a DNS server. There are two modes of operation, controlled by the dns-cache-snoop.mode script argument. In nonrecursive mode the default, queries are sent to the server with the RD recursion desired flag set to 0. The server should respond positively to these...

10CVSS9.3AI score0.99448EPSS
Exploits33
threatpost
threatpost
added 2010/06/03 5:39 p.m.7 views

Google Seeks Patent on WiFi Snooping Tech

Google’s secret Wi-Fi snooping used in the StreetView-mapping legal cases was powered by new sniffing technology that the company wants to patent, court documents filed allege. Read the full article. Computerworld...

1.3AI score
Exploits0References2
openvas
openvas
added 2008/09/04 12:0 a.m.39 views

FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite

The remote host is missing an update to the system as announced in the referenced advisory. VID 265c8b00-d2d0-11d8-b479-02e0185c0b53 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

5CVSS6.3AI score0.17961EPSS
Exploits3References3
securityvulns
securityvulns
added 2008/01/16 12:0 a.m.55 views

FreeBSD Security Advisory FreeBSD-SA-08:01.pty

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:01.pty Security Advisory The FreeBSD Project Topic: pty snooping Category: core Module: libcstdlib / libutil Announced: 2008-01-14 Credits: John Baldwin Affect...

6.9CVSS5.9AI score0.00313EPSS
Exploits1
freebsd_advisory
freebsd_advisory
added 2008/01/14 12:0 a.m.13 views

FreeBSD-SA-08:01.pty

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:01.pty Security Advisory The FreeBSD Project Topic: pty snooping Category: core Module: libcstdlib / libutil Announced: 2008-01-14 Credits: John Baldwin...

6.9CVSS5.8AI score0.00313EPSS
Exploits1
securityvulns
securityvulns
added 2007/06/04 12:0 a.m.36 views

[Full-disclosure] Assorted browser vulnerabilities

Hello, Will keep it brief. A couple of browser bugs, fresh from the oven, hand crafted with love: 1 Title : MSIE page update race condition CRITICAL Impact : cookie stealing / setting, page hijacking, memory corruption Demo : http://lcamtuf.coredump.cx/ierace/ ...aka the bait & switch...

7.6AI score
Exploits0
Rows per page
Query Builder