EUVD-2013-3342

Malware in sbrugna...

CVE-2013-3407

The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 and earlier does not require authentication for unspecified pages, which allows remote attackers to obtain sensitive information via a direct request, aka Bug ID CSCug65664...

TACACS+: Remote Code Execution

Background An updated version of Cisco's TACACS+ server. Description A vulnerabilitiy has been discovered in TACACS+. Please review the CVE identifier referenced below for details. Impact A lack of input validation exists in tacplus which, when pre or post auth commands are enabled, allows an...

Cisco BroadWorks CommPilot Application Software Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device or obtain confidential information from the Cisco BroadWorks server and other devices on...

vpn.thaiairways.com Improper Access Control vulnerability OBB-1241246

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Authentication flaw

The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 and earlier does not require authentication for unspecified pages, which allows remote attackers to obtain sensitive information via a direct request, aka Bug ID CSCug65664...

Report: Service Offers Cheap Access to Hacked Servers

An online service that sells fairly cheap access to compromised corporate machines creates a pay-to-play scenario for criminals seeking access to the networks of high-profile organizations, according to a Krebs on Security report. Brian Krebs writes that Dedicatexpress.com currently has access to...

Russians selling access to private company servers in just $4

We have already seen vulnerability in Remote Desktop Protocol RDP is a potential dangers of desktop remote-access tools commonly used by IT departments to handle help-desk issues and by administrators to manage virtualized machines. According to reports from krebsonsecurity, A Russian company...

Cisco Unity Connection Exhaustion Denial of Service Vulnerability

Cisco Unity contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability exists due to improper handling of network messages. An unauthenticated, remote attacker to exploit this vulnerability to render the Cisco Unity...