Google engineers NeelMehta is how to find heart blood vulnerability-vulnerability warning-the black bar safety net

Heartbleed computer security vulnerabilityis by Google engineers NeelMehta found, has always been unwilling to accept media to interview him today for the first time to the media to say how he found this serious vulnerability; and why would go the first time to find the vulnerabilities, and he...

[SECURITY] Fedora 19 Update: cscope-15.8-5.fc19

cscope is a mature, ncurses based, C source code tree browsing tool. It allows users to search large source code bases for variables, functions, macros, etc, as well as perform general regex and plain text searches. Results are returned in lists, from which the user can select individual matches...

CVE-2014-4761

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code...

Code injection

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code...

CVE-2014-4761

CVE-2014-4761 affects IBM WebSphere Portal versions 6.1.0.x, 6.1.5.x, 7.0.x, 8.0 before 8.0.0.1, and 8.5.0 through 8.5.0.0. It allows remote authenticated users to discover credentials by reading HTML source code. The vulnerability is triggered by exposing credential information via HTML source, ...

CVE-2014-4761

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code...

[SECURITY] [DSA 3042-1] exuberant-ctags security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3042-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 04, 2014 http://www.debian.org/security/faq -...

Belkin Router Information Disclosure

Remote administrator password Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

ShopEx某wiki系统弱密码导致大量敏感信息和源码泄漏

简要描述： ShopEx某wiki系统弱密码导致大量敏感信息和源码泄漏 详细说明： http://workspace.ec-ae.com/wiki/index.php 帐号：lixiaoli 密码：19731125 然后通过wiki 找出3个svn帐号 wangyan:326459 wangyan 51086858 Bellawy 123456 get 了大量源码 http://scm.ec-ae.com/platform/branches/current http://scm.ec-ae.com/ecaepartner/branches/current...

Lunar CMS 3.3 File Upload

File upload vulnerability in Lunar CMS Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

IBM Sametime Meet Server 8.5 Password Disclosure

Exploit Title: IBM Sametime Meet Server 8.5 Password Disclosure Google Dork: intitle:"Meeting Center - IBM Lotus Sametime" Date: 11/08/2014 CVSS Score: http://nvd.nist.gov/cvss.cfm?calculator&version=2&vector=AV:L/AC:L/Au:N/C:P/I:N/A:N CVE-ID:...

Dan Geer: Security at the Forefront of Policy Decisions

LAS VEGAS – Dan Geer carried his version of computer security’s Ten Commandments to a rapt Black Hat 2014 audience today, offering up 10 personal recommendations and observations related to the current state of security in the context of government surveillance and eroding privacy. Adorned in...

Wordpress xmlrpc. php brute force vulnerability-a vulnerability warning-the black bar safety net

wordpress is very popular open source blog, which provides remote POST method is used with pathxmlrpc.phpthis file recently broke xmlrpc vulnerability, the vulnerability principle is through the xmlrpc authentication, even when authentication fails, it will not be Wordpress to install the securit...

QuasiBot - Webshell Manager aka HTTP Botnet

QuasiBot is a complex webshell manager written in PHP, which operate on web-based backdoors implemented by user himself. Using prepared php backdoors, quasiBot will work as C&C trying to communicate with each backdoor. Tool goes beyond average web-shell managers, since it delivers useful function...

Russian Government Asks Apple to Hand Over iOS and Mac Source Code

Just few days after the announcement that Russian government will pay almost 4 million ruble approximately equal to $111,000 to the one who can devise a reliable technology to decrypt data sent over the Tor, now the government wants something which is really tough. APPLE & SAP, HAND OVER YOUR...

CVE-2014-4747

The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser...

CVE-2014-4747

IBM Sametime Classic Meeting Server 8.x up to 8.5.2.1 is affected by CVE-2014-4747, where a physically proximate attacker can read the HTML source in a victim’s browser to discover a meeting password hash. The vulnerability is described as a local issue arising from access to an unattended workst...

CVE-2014-4747

The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser...

aNmap - Android Network Mapper (Nmap for Android)

Nmap is one of the most improtant tools for every cracker white, grey black hat "hacker". Nmap is a legendary hack tool and probably the prevelent networt security port scanner tool over the last 10 years on all major Operating Systems. So far it was available in windows, linux and Mac OS X. But...

Aerohive HiveOS 5.1r5 - 6.1r5 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Aerohive HiveOS XSS and limited LFI Date: 11-07-2014 Exploit Author: Rik van Duijn - DearBytes dearbytes.com Vendor Homepage: http://www.aerohive.com/products/overview.html Version: 5.1r5 - 6.1r5 possibly earlier versions...