MySQL Query Browser Password Dump - Command-line Tool to Recover Lost or Forgotten Passwords from MySQL Query Browser

MySQL Query Browser Password Dump is the free command-line tool to instantly recover your lost or forgotten passwords from MySQL Query Browser software. MySQL Query Browser is a simple software to manage your MySQL database connections and queries. By default, it stores all the database login...

Problem with directory permissions in JP1/Automatic Operation

Overview There is a problem of permissions on file transfer directory in JP1/Automatic Operation. Impact Malicious local users might refer or modify transferred files. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

RHEL 7 : tomcat (RHSA-2015:0983)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0983 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was discovered that the ChunkedInputFilter in...

CentOS 7 : tomcat (CESA-2015:0983)

Updated tomcat packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

Autorize - Automatic Authorization Enforcement Detection (Extension for Burp Suite)

Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert at AppSec Labs. Autorize was designed to help security testers by performing automatic authorization tests. Installation 1. Download Burp...

[SECURITY] Fedora 21 Update: realmd-0.15.2-2.fc21

realmd is a DBus system service which manages discovery and enrollment in r ealms and domains like Active Directory or IPA. The control center uses realmd as the back end to 'join' a domain simply and automatically configure things corre ctly...

Threat Outbreak Alert RuleID15046: Email Messages Distributing Malicious Software on May 10, 2015

Medium Alert ID: 38681 First Published: 2015 May 6 12:48 GMT Last Updated: 2015 May 11 13:37 GMT Version: 3 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID15046 and...

[SECURITY] Fedora 22 Update: clamav-0.98.7-1.fc22

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 21 Update: clamav-0.98.7-1.fc21

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

Threat Outbreak Alert RuleID15020: Email Messages Distributing Malicious Software on May 11, 2015

Medium Alert ID: 38599 First Published: 2015 April 30 18:07 GMT Last Updated: 2015 May 13 12:49 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID15020 may...

F5 Networks BIG-IP : BIG-IP Automatic Update Check and ASM Automatic Signature Update man-in-the-middle vulnerability (K16090)

The automatic signature update functionality in the 1 Phone Home feature in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, GTM, and Link Controller 11.5.0 through 11.6.0, ASM 10.0.0 through 11.6.0, and PEM 11.3.0 through 11.6.0 and the 2 Call Home feature in ASM 10.0.0 through 11.6.0 and PEM 11.3.0...

SOL16090 - BIG-IP Automatic Update Check and ASM Automatic Signature Update man-in-the-middle vulnerability CVE-2014-9326

The BIG-IP Phone Home and ASM Call Home automatic signature update functionality is susceptible to Man-in-the-Middle type attacks due to improper validation of server SSL certificates. CVE-2014-9326...

The vulnerability of the Cisco IOS operating system, which allows a remote attacker to trigger a service failure

The vulnerability of the ANI interface allows a remote attacker to trigger a service failure by using specially crafted AN messages...

Fedora abrt competitive conditions vulnerability

Fedora is an open, innovative and forward-thinking operating system and platform based on Linux.ABRT is an automated bug detection and reporting tool. A competitive condition vulnerability exists in Fedora abrt. An attacker can exploit this vulnerability to gain privileges...

Threat Outbreak Alert RuleID14684: Email Messages Distributing Malicious Software on April 15, 2015

Medium Alert ID: 38388 First Published: 2015 April 15 13:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID14684 may contain the following files: Name | Si...

Novell ZENworks Configuration Management 11.3.1 - Remote Code Execution

Novell ZENworks Configuration Management 11.3.1 - Remote Code Execution Remote code execution in Novell ZENworks Configuration Management 11.3.1 Discovered by Pedro Ribeiro [email protected], Agile Information Security ===============================================================================...

Scientific Linux Security Update : postgresql on SL6.x, SL7.x i386/x86_64 (20150330)

An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the...

MS KB3050995: Improperly Issued Digital Certificates Could Allow Spoofing (deprecated)

The remote host is missing KB3050995, KB2677070 automatic updater, or the latest disallowed certificate update using KB2813430 manual updater. If KB2677070 has been installed, it has not yet obtained the latest auto-updates. Note that this plugin checks that the updaters have actually updated the...

Sina micro-activities there is fishing exploits user information for fear of disclosure-vulnerability warning-the black bar safety net

Through the vulnerability enables the system to automatically send the information to tell you have winning increasing confidence in! ! This is sent after the event within 3 minutes the recruitment of the user ! In ten minutes I'll gather up 3 0 0 name of the user information! Liar proof: 1 2 nex...

Microsoft Warns Fraudulent Certificate Could Lead to MiTM Attacks

Microsoft has blacklisted a phony SSL certificate that’s been making the rounds and is in the process of warning the general public that the certificate could be leveraged to stage man-in-the-middle attacks. In a security advisory published yesterday the company stressed that an improper...