SA123 : OpenSSL Vulnerabilities 3-May-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to intercept and decrypt TLS sessions, obtain arbitrary data from the target's memory stack, or execute arbitrary code through buffer...

SA119 : Multiple NSS Vulnerabilities

SUMMARY Blue Coat products that include affected versions of NSS are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to trigger arbitrary code execution. The attacker can also cause denial of service through application crashes and memory corruption...

SA117 : OpenSSL Vulnerabilities 1-Mar-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to decrypt live and recorded SSL sessions, cause denial of service through application crashes, and possibly execute arbitrary code. A...

SA114 : GNU C Library (glibc) Remote Code Execution February 2016

SUMMARY Blue Coat products using an affected version of the GNU C Library glibc are susceptible to a remote execution attack. A remote attacker can send a crafted DNS response to the glibc DNS resolver and cause the resolver to crash or execute arbitrary code. AFFECTED PRODUCTS The following...

SA111 : OpenSSL Vulnerabilities 28-Jan-2016

SUMMARY Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, and 0.9.8 are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to obtain ephemeral Diffie-Hellman DHE private key information and perform man-in-the-middle attacks on SSL/TLS...

SA110 : Java Deserialization Vulnerabilities

SUMMARY Blue Coat products that deserialize unsafe Java objects from untrusted sources are susceptible to one or more vulnerabilities. A remote attacker can exploit these vulnerabilities to cause the target to execute arbitrary code. AFFECTED PRODUCTS Cloud Data Protection for Salesforce CDP-SFDC...

SA100 : Apache Tomcat Vulnerabilities

SUMMARY Blue Coat products using affected versions of Tomcat 8.x, 7.x, and 6.x are susceptible to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to gain unauthorized read access or escalated privileges, or to conduct denial of service, HTTP request smuggling, or...

SA98 : OpenSSL Security Advisory 11-June-2015

SUMMARY Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, 1.0.0, and 0.9.8 are vulnerable to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to cause a denial of service, memory corruption, application crash, or downgrade in the Diffie-Hellman...

Cuckoo Sandbox v1.1 - Automated Malware Analysis

Cuckoo Sandbox is a malware analysis system. It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment. Cuckoo generates a handful of differen...

CVE-2014-2565

The commandline interface in Blue Coat Content Analysis System CAS 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection."...

Command injection

The commandline interface in Blue Coat Content Analysis System CAS 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection."...

CVE-2014-2565

The commandline interface in Blue Coat Content Analysis System CAS 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection."...

[MIDAS] Mac Intrusion Detection Analysis System

MIDAS is a framework for developing a Mac Intrusion Detection Analysis System, based on work and collaborative discussions between the Etsy and Facebook security teams. This repository provides a modular framework and a number of helper utilities, as well as an example module for detecting...

Important: Red Hat Security Advisory: logwatch security update

An updated logwatch package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

On the web Trojan automated analysis of two small ideas-vulnerability warning-the black bar safety net

Author: rayh4c 80sec Now online web Trojans and more are several sets of a fixed code, The changes are not many, including script code encryption methods, almost all is to explain the type of encryption, since the hack is performed the process of hanging horse, Inglés for the automated analysis o...

CVE-2006-0181

Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command...