471 matches found
Xxe
XML external entity XXE vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job...
Cisco Adaptive Security Appliance CX Context-Aware Security Information Disclosure Vulnerability
The Cisco Adaptive Security Appliance ASA CX Context-Aware Security Software is an add-on service module for extending the ASA platform from Cisco USA. An information disclosure vulnerability exists in Cisco Adaptive Security Appliance CX Context-Aware Security 9.3. It allows an authenticated...
CVE-2015-6344
The web-based GUI in Cisco Adaptive Security Appliance ASA CX Context-Aware Security 9.34.1.11 allows remote authenticated users to bypass intended access restrictions and obtain sensitive user information via an unspecified HTTP request, aka Bug ID CSCuv74105...
Design/Logic Flaw
The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware CX Software before 9.3.2.1-9 allows remote attackers to cause a denial of service device reload by rapidly sending crafted packets to the management interface, aka Bug IDs...
CVE-2015-0678
The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware CX Software before 9.3.2.1-9 allows remote attackers to cause a denial of service device reload by rapidly sending crafted packets to the management interface, aka Bug IDs...
How to Perform a Manual Failback (Reverse Replication)
Challenge This article explains the steps to perform a manual failback using reverse replication when a normal failback fails or is not possible because the replica was powered on outside of the Veeam console. This process turns replication on its head and uses it as a tool to synchronize the...
CVE-2015-2078
The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker alpha 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5.8, and other products, does not properly verify X.509 certificates from SSL servers, which allows...
CVE-2015-2077
The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker alpha 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5.8, and other products, uses the same X.509 certificate private key for a root CA certificate across...
KLA10461 Security bypass vulnerability in multiple products
Using of the same certificate was found in multiple products. By exploiting this vulnerability malicious users bypass security restrictions. This vulnerability can be exploited remotely via a man-in-the-middle attack. Original advisories - Related products VisualDiscovery CVE list CVE-2015-2077...
SubBrute - Subdomain Bruteforcer
SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting https://www.us-cert.gov/ncas/alerts/TA13-088A. This desig...
[SECURITY] Fedora 21 Update: libhtp-0.5.16-1.fc21
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; 2. Permissive parsing; 3. Awareness of evasion techniques; 4. Performance;...
Log and Event Manager now with File Integrity Monitoring
Security pros everywhere rely on SolarWinds Log & Event Manager for powerful, affordable, and efficient Security Information and Event Management SIEM. Our All-In-One SIEM combines log management, event correlation, visualization, reporting, File Integrity Monitoring, USB defense, SQL database...
Application-Aware Image Processing failure with SQL 2012 SP2 case-sensitive collation database
Job using Application-Aware Image Processing fails during VSS processing with: Unfreeze error: Backup job failed. Cannot create a shadow copy of the volumes containing writer's data. A VSS crit...
[SECURITY] Fedora 19 Update: jakarta-commons-httpclient-3.1-15.fc19
The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...
Passera - Tool to generate strong unique passwords for each website
A simple tool that allows users to have strong unique passwords for each website, without the need to store them either locally or with an online service. It is available as a command-line tool for Linux/Mac/Windows and an Android app. Passera turns any entered text into a strong password up to 6...
kernel security and bug fix update
kernel 2.6.18-371.11.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...
Veeam Backup & Replication - SQL Backup Guide: Using Microsoft SQL Server Agent With Application - Aware Image Processing
This guide was created to assist you with successfully backing up, and restoring, Microsoft SQL databases...
Cisco Secure Desktop 3.x 'translation' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37960/info Cisco Secure Desktop is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
VM Uptime in Hyper-V Manager Might Reset During Backup
Article Applicability This article is relevant only to Hyper-V on Server 2012 and Server 2012 R2. Note: Server 2012 R2 reached end-of-life on October 10, 2023. Offline backup or saved state backup is a native Microsoft Hyper-V approach to quiesce VMs before taking a volume snapshot. Offline backu...
NSF Awards $15m for New Secure Internet Architecture
The National Science Foundation NSF is awarding $15 million in grants for the development, deployment and testing of future Internet architectures that are designed to enhance security, respond to emerging service challenges, and increase scalability. In 2010, the NSF Directorate for Computer and...