Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass

Exploit for unknown platform in category remote exploits ====================================================================================== Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability...

Conficker Infects 7 Million Systems in a Year

The Shadowserver Foundation reported that it has discovered 7 million unique IP addresses infected by Conficker and its variants. Tracking of the attack was accomplished by cracking the algorithm that the worm uses to find instructions on the Internet. Shadowserver then used sinkhole servers to l...

CVE-2009-3633

Cross-site scripting XSS vulnerability in the t3libdiv::quoteJSvalue API function in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the sanitizing...

AspBar V3. 0 the entire Station management system 0day-vulnerability warning-the black bar safety net

AspBar V3. 0 the entire Station management system for the presence of Cookies injection vulnerability Kugo. asp problem code: %id=request"kuid" set rsl=server. createobject"adodb. recordset" sqll="update kulink set hits=hits+1 where ID="&ID&"" rsl. open sqll,conn,1,3 set rs=server...

openSUSE 10 Security Update : ruby (ruby-6339)

This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...

SuSE9 Security Update : ruby (YOU Patch Number 12452)

This update for ruby fixes the following security issues : - Improve return value checks for OpenSSL function OCSPbasicverify to refuse usage of revoked certificates. CVE-2009-0642 - Increase entropy of DNS identifiers to avoid spoofing attacks. CVE-2008-3905 - Fix denial of service DoS...

SuSE 11 Security Update : ruby (SAT Patch Number 1073)

This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...

Mandrake Security Advisory MDVSA-2009:197-2 (nss)

The remote host is missing an update to nss announced via advisory MDVSA-2009:197-2. OpenVAS Vulnerability Test $Id: mdksa20091972.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:197-2 nss Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mandrake Security Advisory MDVSA-2009:197-2 (nss)

The remote host is missing an update to nss announced via advisory MDVSA-2009:197-2. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Get fterm saved passwords-vulnerability warning-the black bar safety net

Excerpt from: the tombkeeper of the harmony Blog Is estimated in order to usher in the holiday, the WEB actually put Guest are suspended. However my password has been saved in the fterm, early forget. I remember a small sea has been involved in the development of cterm, so I asked him if he had n...

Twitter Security Experiment Goes Live

DarkReading is reporting on the launch of a new experimental service set up to detect spam and threats on the popular Twitter microblogging service. The experiment, called TwiGUARD, lets Twitter users check if a follower is a spammer or if a link embedded in a tweet is malicious. From the article...

RedHat Security Advisory RHSA-2009:1428

The remote host is missing updates announced in advisory RHSA-2009:1428. The XML Security Library is a C library based on libxml2 and OpenSSL. It implements the XML Signature Syntax and Processing and XML Encryption Syntax and Processing standards. HMAC is used for message authentication using...

RedHat Security Advisory RHSA-2009:1428

The remote host is missing updates announced in advisory RHSA-2009:1428. The XML Security Library is a C library based on libxml2 and OpenSSL. It implements the XML Signature Syntax and Processing and XML Encryption Syntax and Processing standards. HMAC is used for message authentication using...

CVE-2009-3086

A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x before 2.3.4, leaks information about the complexity of message-digest signature verification in the cookie store, which might allow remote attackers to forge a digest via multiple attempts...

Moderate: Red Hat Security Advisory: xmlsec1 security update

Updated xmlsec1 packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The XML Security Library is a C library based on libxml2 and OpenSSL. It implements the...

Opera Multiple URL Spoofing Vulnerabilities - Sep09 (Linux)

This host is installed with Opera Web Browser and is prone to Multiple Spoof URL vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamulturlspoofvulnsep09lin.nasl 4869 2016-12-29 11:01:45Z teissa $ Opera Multiple URL Spoofing Vulnerabilities - Sep09 Linux Authors: Sharath S Copyright: Copyrig...

Opera Multiple URL Spoofing Vulnerabilities (Sep 2009) - Linux

Opera Web Browser is prone to Multiple Spoof URL vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera Multiple URL Spoofing Vulnerabilities (Sep 2009) - Windows

Opera Web Browser is prone to Multiple Spoof URL vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Code injection

Opera before 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted server certificate...

CVE-2009-3045

Opera before 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted server certificate...