WPA WPA2 Phishing Tool: Linset

WPA WPA2 Phishing Tool: Linset Linset Is Not a Social Enginering Tool To run linset in Kali-linux, only two2 additional programs are requiredrqr. They are lighttpd and php5-cgi. apt-get install lighttpd apt-get install php5-cgi After you unzip the download, place the linset folder found in the...

MGASA-2016-0316 Updated curl packages fix security vulnerability

The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The provided string length arguments were not properly checked and due to arithmetic in...

CVE-2016-7138

Cross-site scripting XSS vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:2012-1)

This update for java-180-openjdk fixes the following issues : - Upgrade to version jdk8u101 icedtea 3.1.0 - New in release 3.1.0 2016-07-25 : - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 -...

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the drivers/char/adsprpc.c file in Qualcomm’s Android operating system is related to insufficient checking of parameters and returned values. Exploiting this vulnerability can allow a remote attacker to obtain confidential information through a specially created application...

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c file of Qualcomm’s Android operating system is related to insufficient checking of input parameters. Exploiting this vulnerability can allow a remote attacker to obtain confidential information through a specially created...

Debian DLA-602-1 : gnupg security and hardening update

CVE-2016-6313 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. A first analysis on the impac...

[SECURITY] [DLA 602-1] gnupg security and hardening update

Package : gnupg Version : 1.4.12-7+deb7u8 CVE ID : CVE-2016-6313 Debian Bug : 834893 CVE-2016-6313 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPGs random number generator. An attacker who obtains 4640 bits from the...

SAP NetWeaver SAPSTARTSRV Remote Buffer Overflow Vulnerability

SAP NetWeaver is an integrated, service-oriented application platform that provides a development and runtime environment for SAP applications. A remote buffer overflow vulnerability exists in SAP NetWeaver SAPSTARTSRV due to the program failing to adequately filter the bounds-check parameter. An...

DLA-602-1 gnupg - security update

Bulletin has no description...

CVE-2016-4973

It was found that targets using gcc's libssp library for Stack Smashing Protection among others: Cygwin, MinGW, newlib, RTEMS; but not Glibc, Bionic, NetBSD which provide SSP in libc, are missing the Object Size Checking feature, even when explicitly requested with FORTIFYSOURCE. Vulnerable...

Cisco Firepower Management Center Remote Command Execution Vulnerability

A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance ASA 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to perform unauthorized remote command execution on the affected device. The vulnerability is due...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-977)

This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...

WinSCP ftp client memory corruption vulnerability

WinSCP is a Windows environment using SSH open source graphical SFTP client . It also supports the SCP protocol. Its main function is to securely copy files between local and remote computers. A memory corruption vulnerability exists in WinSCP ftp client due to the software's lax input checking...

Lexmark Perceptive Document Filters Stack Buffer Overflow Vulnerability (CNVD-2016-06324)

Lexmark Perceptive Document Filters is an SDK for converting unstructured documents from Lexmark USA. A stack buffer overflow vulnerability exists in Lexmark Perceptive Document Filters, which stems from the program's failure to perform bounds checking on user-submitted input. A remote attacker...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-976)

This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...

Ruby: Attacker can smuggle a malicious domain in a URI object.

Simple example: userprovidedredirecturi = "http:////malware.com/real/path" eviluri = URI.parseuserprovidedredirecturi eviluri.host = nil eviluri.tos = "http://malware.com/real/path" In many common URI-validation scenarios, the target system will likely parse a user provided URI, and then check th...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-37.6.2 - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24393865 CVE-2016-4470 - ovl: fix permission checking for setattr Miklos Szeredi Orabug: 24393742 CVE-2015-8660...

Hancom Hangul Office HShow!NXDeleteLineObj+0x53692 Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0146 Hancom Hangul Office HShow!NXDeleteLineObj+0x53692 Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4291 Description This vulnerability was discovered within the Hangul HShow application which is part of the Hangul Office Suite. Hangul...

Troubleshoot Issues that Arise When Joining StoreFront Server to a Group

Complete the following steps to troubleshoot issues that arise when joining a StoreFront server to a group. 1. Validate that all machines are on the same version of Storefront. Open the StoreFront MMC Help About Citrix StoreFront Version. 2. Confirm that all StoreFront servers have the same date...