Hippo CMS: source code security analysis report

Several vulnerabilities were discovered in Hippo 'Hippo CMS' software: Using XSL Transformation to Execute Any Code Violating the Java Object Model Missing XML document schema validation Using Broken or Risky Cryptographic Algorithm Incorrect Permissions for External Entities During XML Document...

Magnet Networks Tesley CPVA 642 Router - Weak WPA-PSK Passphrase Algorithm

Magnet Networks Tesley CPVA 642 Router - Weak WPA-PSK Passphrase Algorithm Exploit Title: Magnet Networks – Weak WPA-PSK passphrases used in Tesley CPVA 642 Router Google Dork: Date: 01/06/2016 Author: Matt O'Connor Advisory Link: https://www.rgb.ie/magnet-broadband-weak-wpa-psk-algorithm.pdf...

Uber: Authentication Issue for easter egg on bonjour.uber.com

This probably ok, almost definitely is just informative but thought I would throw it out here anyways. : bonjour.uber.com hosts an easter egg view source and scroll down where the passcode is insecurely stored as a javascript variable. The source for the easter egg is: html //error easter egg -...

Internet Bug Bounty: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize

https://bugs.php.net/bug.php?id=72434 This vulnerability was discovered during the auditing of a vendor on Hackerone. Similar to our other submission on bugs.php.net and here, this vulnerability is remotely exploitable. Please feel free to ask for more technical details if necessary. Thank you fo...

Internet Bug Bounty: Use After Free Vulnerability in PHP's GC algorithm and unserialize

https://bugs.php.net/bug.php?id=72433 This vulnerability was discovered during the auditing of a vendor on Hackerone and could be successfully remotely exploited. The required conditions are a normal PHP setup with a PHP version = 5.3 and 7. Further, it is enough if the remote side uses code like...

DEBIAN-CVE-2016-2178

The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack...

ALPINE-CVE-2016-2178

The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack...

OpenSSL DSA Design Vulnerability

OpenSSL is the OpenSSL team developed an open source capable of implementing the Secure Sockets Layer SSL v2/v3 and Secure Transport Layer TLS v1 protocols of the general cryptographic library, which supports a variety of cryptographic algorithms , including symmetric ciphers , hash algorithms ,...

CVE-2016-4511

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...

CVE-2016-4511

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...

Design/Logic Flaw

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...

CVE-2016-4511

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...

CVE-2016-4511

CVE-2016-4511 concerns ABB PCM600 prior to version 2.7, where the main application password stored in ACTConfig is hashed with a weak function. This enables local attackers with read access to ACTConfig to obtain sensitive cleartext information. The vulnerability is described as a password hash/i...

CryptXXX Jumps From Angler to Neutrino Exploit Kit

Crooks behind the revamped CryptXXX 3.100 ransomware have switched its distribution from the Angler Exploit Kit to the Neutrino Exploit Kit. The sudden change in distribution was spotted on Monday by researchers at the SANS Internet Storm Center. “This is not the first time we’ve seen campaigns...

Facebook CEO Zuckerberg's Twitter, Pinterest accounts Hacked! And the Password was...

The man who runs the biggest social network and continuously implements new security measures to boost its billion users security, himself failed to follow basics of Internet security for his own online accounts. Yes, I’m talking about Facebook CEO Mark Zuckerberg, who had his Twitter and Pintere...

TLS Certificate Signed Using Weak Hashing Algorithm - SHA-1

Binary data 7200.pasl...

TLS Certificate Signed Using Weak Hashing Algorithm - MD5

Binary data 7201.pasl...

Botan Downgrade Vulnerability

Botan is a C++ library of cryptographic algorithms that supports AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A degradation vulnerability exists in Botan versions 1.11.x prior to 1.11.29, which stems from the program's failure to enforce a TLS policy on the signature algorithm and the ECC ellipt...

Mageia: Security Advisory (MGASA-2016-0149)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Botan ECDSA Bypass Attack Vulnerability

Botan is a C++ library of cryptographic algorithms that supports AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability exists in Botan that allows remote attackers to exploit the vulnerability to perform a bypass attack on ECDSA...