CVE-2013-2178

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request...

CVE-2013-2178

The CVE-2013-2178 vulnerability affects Fail2ban before 0.8.10, where the files apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf do not properly validate log messages. This allows a remote attacker to block arbitrary IP addresses by crafting specific messages ...

Kelihos P2P Botnet Leveraging Composite Blocking Lists

Kelihos, the peer-to-peer botnet with nine lives, keeps popping up with new capabilities that enable it to sustain itself and make money for its keepers by pushing spam, harvesting credentials and even stealing Bitcoins. According to a number of sources, Kelihos is now leveraging legitimate and...

SuSE 11.2 / 11.3 Security Update : Apache2 (SAT Patch Numbers 8137 / 8138)

This collective update for Apache provides the following fixes : - Make sure that input that has already arrived on the socket is not discarded during a non-blocking read read2 returns 0 and errno is set to -EAGAIN. bnc815621 - Close the connection just before an attempted re-negotiation if data...

[SECURITY] Fedora 19 Update: squid-3.2.13-1.fc19

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities

Title: ====== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. VL-ID: ===== 727 Common Vulnerability Scoring...

Barracuda LB / SVF / WAF / WEF - Multiple Vulnerabilities

Title: ====== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. VL-ID: ===== 727 Common Vulnerability Scoring...

Barracuda LB / SVF / WAF / WEF Cross Site Scripting

Title: ====== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. VL-ID: ===== 727 Common Vulnerability Scoring...

Tri-PLC Nano-10 r81 Denial Of Service

Exploit Title: Tri-PLC Nano-10 DoS Date: 07/11/2013 Exploit Author: Sapling Vendor Homepage: www.tri-plc.com Version: Firmware Version r81 and prior CVE : CVE-2013-2784 ICSA: ICSA-13-189-02 / The vulnerability exists due to a flaw in the PLC's ability to handle a Modbus packet with the bit quanti...

Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2011-0856)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0856 advisory. - RH706250, S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win - RH706106, S6618658,...

Nginx 1.3.9/1.4.0 (x86) - Brute Force

nginx 1.3.9/1.4.0 x86 brute force remote exploit copyright c 2013 kingcope ---------------------------- fix for internet exploitation, set MTU: ifconfig mtu 60000 up !!! WARNING !!! this exploit is unlikely to succeed when used against remote internet hosts. the reason is that nginx uses a...

Firefox Adds Mixed Content Blocking by Default

The proliferation of SSL-protected sites has been a boon for security conscious Web users in the last couple of years, as more and more sites have taken the step of offering encrypted connections for sensitive sessions. But one of the problems that’s cropped up is that the dynamic nature of today...

[SECURITY] Fedora 18 Update: haproxy-1.4.24-1.fc18

HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...

Drupal Login安全模块安全绕过漏洞

Bugtraq ID:60683 Drupal是一个基于PHP语言编写的开发型CMF（内容管理框架），Drupal Login Security是一个用于Drupal的登录安全模块 Drupal Login Security模块在禁用'soft blocking'时存在安全漏洞，由于模块不正确使用字符串过滤，可导致模块忽略所有检查 0 Drupal Login Security 6.x-1.x Drupal Login Security 7.x-1.x 厂商解决方案 Drupal Login Security 6.x-1.3和7.x-1.3已经修复此漏洞，建议用户下载更新：...

New Dirt Jumper Variant 'Drive' More Refined Than Original

Researchers have detected new attacks originating from a souped-up variant of the DIY Dirt Jumper DDoS toolkit they’ve taken to calling Drive. While it hasn’t been seen spreading through any underground forums yet, the up-and-coming threat apparently boasts a “much more powerful DDoS engine than...

Debian Security Advisory DSA 2711-1 (haproxy - several vulnerabilities)

Multiple security issues have been found in HAProxy, a load-balancing reverse proxy: CVE-2012-2942 Buffer overflow in the header capture code. CVE-2013-1912 Buffer overflow in the HTTP keepalive code. CVE-2013-2175 Denial of service in parsing HTTP headers. OpenVAS Vulnerability Test $Id:...

OpenSMTPD TLS Blocking Socket Remote DoS

The remote OpenSMTPD mail server has a flaw that could result in further connections to it being blocked when a client holds open a TLS connection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid66586;...

Fedora 18 : curl-7.27.0-10.fc18 (2013-7813)

switch SSL socket into non-blocking mode after handshake 960765 - prevent an artificial timeout event due to stale speed-check data 906031 - show proper host name on failed resolve 957173 fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944 Note that Tenable Network Security has...

Toxin Based Brobot HTTP Request

Blocking specific Toxin Based Brobot HTTP requests. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

Fedora 18 : libuv-0.10.3-1.fc18 / nodejs-0.10.2-1.fc18 / v8-3.14.5.8-1.fc18 (2012-20578)

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...