87 matches found
Android Package Inspector: Inspeckage
Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to functions of the Android API, Inspeckage will help you understand what an Android application is doing at runtime. Inspeckage will let you interact with some elements of the app, such as...
Amazon Linux AMI : glibc (ALAS-2016-660)
It was discovered that the calloc implementation in glibc could return memory areas which contain non-zero bytes. This could result in unexpected application behavior such as hangs or crashes. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Automattic: Verification code issues for Two-Step Authentication
Hi there, I noticed two issues regarding the verification code that is sent to the phone as Two-Step Authentication for Wordpress accounts. I found out that verification code sent as SMS while enabling Two-Step Authentication can be reused infinitely for login. Issue1 The application does not...
Privacyware Privatefirewall 7.0 Privilege Escalation
Privacyware Privatefirewall 7.0 Unquoted Service Path Privilege Escalation Vendor: PWI, Inc. Product web page: http://www.privacyware.com Affected version: 7.0.30.3 Summary: Privatefirewall multi-layered endpoint security software protects 32 and 64 bit Windows desktops and servers from malware a...
App-ID Cache Poisoning
An evasion technique that takes advantage of the App-ID cache function has recently been published. In certain circumstances, a knowledgeable user can bypass security policy that restricts the use of certain applications by sending numerous specially crafted requests over the network in order to...
Fedora 13 : DeviceKit-power-0.9.0-2.fc13 / dbus-glib-0.86-4.fc13 (2010-12863)
It was discovered that dbus-glib did not enforce the 'access' flag on exported GObject properties. If such a property were read/write internally but specified as read-only externally, a malicious, local user could use this flaw to modify that property of an application. Such a change could impact...
Ubuntu Update for php5 vulnerabilities USN-549-1
Ubuntu Update for Linux kernel vulnerabilities USN-549-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5491.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for php5 vulnerabilities USN-549-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...