Unspecified Vulnerability in the 802.11n Wireless Network Standard Frame Aggregation Mechanism

802.11 protocol group is the International Electrotechnical and Electronics Engineering Society IEEE for wireless local area network standard. 802.11n is in 802.11g and 802.11a above the development of a technology, the most important feature is the rate of enhancement, the theoretical rate of up...

Cisco IOS XE Software for 1000 Series Aggregation Services Routers H.323 DoS

Cisco IOS XE Software for 1000 Series Aggregation Services Routers ASR is affected by a flaw in the Embedded Services Processor ESP due to improper handling of malformed H.323 packets when the device is configured to use Network Address Translation NAT. An unauthenticated, remote attacker by...

Google Analytics by Yoast stored XSS #2

OVERVIEW ========== Google Analytics by Yoast is one of the most popular WordPress plug-ins with over 7 million downloads and "1+ million" active installs. Last month Yoast patched a stored XSS we reported in the plug-in. Shortly after this we identified another bug of a similar severity. The...

Race condition

Race condition in the Common Classification Engine CCE in the Measurement, Aggregation, and Correlation Engine MACE implementation in Cisco IOS 15.42T3 and earlier allows remote attackers to cause a denial of service device reload via crafted network traffic that triggers improper handling of the...

Open Source OpenSOC Security Analytics Framework Released

Cisco announced today that it has made available through open source a framework that integrates data analytics tools into security operations. “The OpenSOC framework helps organizations make big data part of their technical security strategy by providing a platform for the application of anomaly...

vtiger CRM 4.2 RSS Aggregation Module Feed XSS

No description provided by source. source: http://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HT...

NOKIA Siemens FlexiISN 3.1 - Multiple Auth Bypass Vulnerabilities

No description provided by source. NOKIA Siemens FlexiISN GGSN Multiple Authentication bypass Vulnerability: NOKIA Siemens FlexiISN Remote: Yes Local: No Class: Input Validation Error Critical: Moderately critical OS : FlexiISN GGSN FISN 3.1 URL 1 for bypassing authentication on AAA Configuration...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

Stanford Researchers Find Connecting Metadata With User Names is Simple

One of the key tenets of the argument that the National Security Agency and some lawmakers have constructed to justify the agency’s collection of phone metadata is that the information it’s collecting, such as phone numbers and length of call, can’t be tied to the callers’ names. However, some...

Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers (cisco-sa-20131030-asr1000)

Cisco IOS XE Software for 1000 Series Aggregation Services Routers ASR contains the following denial of service DoS vulnerabilities : - Cisco IOS XE Software TCP Segment Reassembly Denial of Service Vulnerability CVE-2013-5543 - Cisco IOS XE Software Malformed EoGRE Packet Denial of Service...

[OS X Auditor] free Mac OS X computer forensics tool

OS X Auditor parses and hashes the following artifacts on the running system or a copy of a system you want to analyze: the kernel extensions the system agents and daemons the third party's agents and daemons the old and deprecated system and third party's startup items the users' agents the user...

Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers (cisco-sa-20130410-asr1000)

Cisco IOS XE Software for 1000 Series Aggregation Services Routers ASR contains the following denial of service DoS vulnerabilities : - Cisco IOS XE Software IPv6 Multicast Traffic Denial of Service Vulnerability CVE-2013-1164 - Cisco IOS XE Software L2TP Traffic Denial of Service Vulnerability...

Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers

Cisco IOS XE Software for 1000 Series Aggregation Services Routers ASR contains the following denial of service DoS vulnerabilities: Cisco IOS XE Software IPv6 Multicast Traffic Denial of Service Vulnerability Cisco IOS XE Software MVPNv6 Traffic Denial of Service Vulnerability Cisco IOS XE...

CVE-2013-1164

Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers ASR does not properly implement the Cisco Multicast Leaf Recycle Elimination MLRE feature, which allows remote attackers to cause a denial of service card reload via fragmented IPv6 multicast packets, aka Bug...

Code injection

Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers ASR does not properly implement the Cisco Multicast Leaf Recycle Elimination MLRE feature, which allows remote attackers to cause a denial of service card reload via fragmented IPv6 multicast packets, aka Bug...

Code injection

Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers ASR, when bridge domain interface BDI is enabled, allows remote attackers to cause a denial of service card reload via packets that are not properly handled during the processing of encapsulation, aka...

Code injection

Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR, when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service card reload by sending many SIP packets, aka Bug ID CSCuc65609...

CVE-2013-2779

CVE-2013-2779 affects Cisco IOS XE on 1000‑series ASR: MLRE flaw that allows remote DoS via fragmented IPv6 MVPN/MVPNv6 packets. Vulnerable in IOS XE 3.4 before 3.4.5S and 3.5–3.7 before 3.7.1S; fix released in 3.4.5S and 3.7.1S/series guidance per advisory. Affected products and specific compone...

CVE-2013-1165

Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR allows remote attackers to cause a denial of service card reload by sending many crafted L2TP packets, aka Bug ID CSCtz23293...

Alliance Issues Guidance for Cloud-Based SIEM Services

The non-profit Cloud Security Alliance today released guidelines for the nascent Security as a Service SecaaS specialization within the broader realm of cloud computing. The goal, the group says, is to help companies and consumers gain a better handle on how best to evaluate, build and deploy...