469 matches found
[SECURITY] Fedora 26 Update: dnsdist-1.2.0-1.fc26
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in li fe is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...
Proxy Aware PowerShell C2 Framework: PoshC2
PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement. The tools and modules were developed off the back of our successful PowerShell sessions and payload types for the Metasploit Framework...
IPS as a Service Blocks WannaCry Spread Across the WAN
One of the most devastating aspects of the recent WannaCry ransomware attack was its self-propagating capability exploiting a vulnerability in the file access protocol, SMB v1. Most enterprises defences are externally-facing, focused on stopping incoming email and web attacks. But, once attackers...
Update to Microsoft Entra Connect causes SQL VSS issues
Article Applicability This article is specific to environments where the Azure AD Connect or Microsoft Entra Connect package is installed on the machine where Microsoft SQL Server is installed. Challenge You receive the following error during the guest processing: Unable to release guest. Error:...
Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability
Cisco Adaptive Security Appliance ASA CX Context-Aware Security is an add-on service module for extending the ASA platform from Cisco USA. A security vulnerability exists in the data plane IP fragment handler in the Cisco ASA CX Context-Aware Security module, which arises from the program's failu...
CVE-2016-9225
A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance ASA CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service DoS condition. The...
Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability
A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance ASA CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service DoS condition. The...
Windows 10 VM Hyper-V Guest processing skipped on 2012 R2 Host
Challenge A Backup Job for a Windows 10 VM running on a 2012 R2 Hyper-V Host will fail to engage VSS when application-aware image processing is enabled, generating the error: Error Guest processing skipped check guest OS VSS state and integration components version System.Exception Cause This...
Failed Load Library During Application Aware Processing of Oracle Running on Linux
Challenge When backing up a Linux VM running Oracle using Application-Aware Processing the following error occurs: Failed load library /u01/oracle/product/12.1.0.2/db1/lib/libclntsh.so. libmql1.so: cannot open shared object file: No such file or directory when performing a backup Solution Confirm...
Restoring Domain Controller from an Application-Aware backup
Article Applicability The details discussed in this article are related only to Domain Controllers that are not virtual machines in a Hyper-V environment. In Hyper-V environments, Domain Controller VMs are not modified to change the boot method during restore because the HV Integration Tools noti...
Release Notes for Veeam Backup & Replication 9.0 Update 1
More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup & Replication 9.0 Update 1 Cause Please confirm you are running version 9.0.0.902 prior to installing this update. You can che...
Cisco ASA-CX Content-Aware Security software and Cisco Prime Security Manager Arbitrary Password Change Vulnerability
Cisco ASA-CX Content-Aware Security software and Cisco Prime Security Manager PRSM are both products of Cisco, Inc.Cisco ASA CX Context-Aware Security Software Cisco ASA CX Context-Aware Security Software is an add-on service module that extends the ASA platform.PRSM is a multi-device management...
CVE-2016-1301
The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1112 and Cisco Prime Security Manager PRSM software before 9.3.1.1112 allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842...
CVE-2016-1301
The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1112 and Cisco Prime Security Manager PRSM software before 9.3.1.1112 allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842...
CVE-2016-1301
CVE-2016-1301 affects Cisco ASA-CX Content-Aware Security software prior to 9.3.1.1(112) and Cisco Prime Security Manager prior to 9.3.1.1(112). The RBAC implementation flaw allows remote authenticated users to change arbitrary passwords by sending a crafted HTTP request. Impact is elevated privi...
How to Change the Oracle Archive Log File Location During Application-Aware Backup
Purpose This article explains how to change the Oracle Archive log file location used during Application-Aware Backup. Note: These settings only affect the log file location for Application-Aware Backup operations. Solution Linux-based Oracle Server: In the location where the Veeam agent starts, ...
CVE-2015-5319
XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...
Xxe
XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...
CVE-2015-5319
XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...
Cisco Adaptive Security Appliance CX Context-Aware Security Information Disclosure Vulnerability
The Cisco Adaptive Security Appliance ASA CX Context-Aware Security Software is an add-on service module for extending the ASA platform from Cisco USA. An information disclosure vulnerability exists in Cisco Adaptive Security Appliance CX Context-Aware Security 9.3. It allows an authenticated...