1871 matches found
Microsoft Interflow Information-Sharing Platform Preview Open
Much like the Year of PKI that has never come to be, information sharing has been one of security’s more infamous non-starters. While successful in heavily siloed environments such as financial services, enterprises industry-wide are hesitant to share threat and security data for fear of losing a...
IBM WebSphere MQ 7.1 < 7.1.0.5 / 7.5 < 7.5.0.3 Multiple Vulnerabilities
The version of IBM WebSphere MQ server 7.1 / 7.5 installed on the remote Windows host is missing fix pack 7.1.0.5 / 7.5.0.3 or later. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists due to a failure to sanitize user-supplied input in...
CVE-2014-0923
IBM MessageSight 1.0 and 1.1 are affected by CVE-2014-0923. The issue is triggered by crafted MQTT authentication data, causing the MessageSight daemon to restart (Denial of Service) due to vulnerability in the MQTT handling path. IBM's remediation is to upgrade to firmware 1.1.0.0-IBM-IMA-IT0101...
IBM WebSphere MQ Telemetry安全绕过漏洞
Bugtraq ID:65897 CVE ID:CVE-2013-4054 IBM WebSphere MQ Telemetry将WebSphere MQ提供的通用信息主干扩展到了大范围的远程遥感器、传动器和遥测设备。 IBM WebSphere MQ Telemetry不正确过滤用户提交的URL请求,允许远程攻击者利用漏洞绕过限制访问WebContent目录之外的文件内容。 0 IBM WebSphere MQ Telemetry 7.5 厂商补丁: IBM ----- IBM WebSphere MQ Telemetry 7.5.0.3已经修复该漏洞,建议用户下载更新:...
Microsoft Expands MAPP Program to Incident Response Teams
Microsoft is expanding its MAPP program that shares attack and protection information with other security vendors and will now be sharing some data with incident responders, as well. The new system will enable organizations such as CERTs and internal IR teams to exchange information on specific...
Schneider Electric Accutech Manager Heap Overflow
Schneider Electric Accutech Manager Server Heap Overflow PoC RFManagerService - Port: 2537 I think this is the same vuln that ExodusIntel discovered. Credit also goes to Aaron Portnoy, ExodusIntel. The patch has not been released yet. Evren Yalcin, Signalsec Ltd. www.signalsec.com Download app:...
Schneider Electric Accutech Manager - Heap Overflow (PoC)
Schneider Electric Accutech Manager Server Heap Overflow PoC RFManagerService - Port: 2537 I think this is the same vuln that ExodusIntel discovered. Credit also goes to Aaron Portnoy, ExodusIntel. The patch has not been released yet. Evren Yalcin, Signalsec Ltd. www.signalsec.com Download app:...
Predictive Security Analytics Tool Available Free to Researchers
SAN JUAN, Puerto Rico – Dan Hubbard has lately been a regular face at a lot of big data meet-ups. He’s also often been the lone security face at these meet-ups, which are dominated by analytics, search, social media and advertising professionals. That may change soon for the CTO of DNS and securi...
War Texting : Hackers Unlock Car Doors Via SMS
War Texting : Hackers Unlock Car Doors Via SMS Don Bailey and Mathew Solnik, Two hackers have found a way to unlock cars that use remote control and telemetry systems like BMW Assist, GM OnStar, Ford Sync, and Hyundai Blue Link. These systems communicate with the automaker's remote servers via...
Security update 1970-01-01
...
Security update 1970-01-01
...