McAfee Cloud Single Sign On目录遍历漏洞

CVE ID: CVE-2014-2536 McAfee Cloud Single Sign On是一款基于云的单点登录解决方案。 McAfee Cloud Single Sign On不正确过滤用户提交的输入，允许远程攻击者利用漏洞提交特制的目录遍历请求，读取任意文件内容。 0 McAfee Cloud Single Sign On formerly McAfee Cloud Identity Manager 4.x McAfee Cloud Single Sign On 4.0.1已经修复该漏洞，建议用户下载更新：...

Microsoft Office 365 Outlook - Persistent Vulnerability

Document Title: =============== Microsoft Office 365 Outlook - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=811 Microsoft Security Response Center MSRC ID: 14095 Release Date: ============= 2014-02-28 Vulnerability Laboratory ...

Microsoft Office 365 Outlook - Persistent Vulnerability

Document Title: =============== Microsoft Office 365 Outlook - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=811 Microsoft Security Response Center MSRC ID: 14095 Release Date: ============= 2014-02-28 Vulnerability Laboratory ...

Microsoft Office 365 Outlook Filter Bypass

Document Title: =============== Microsoft Office 365 Outlook - Filter Bypass & Persistent Editor Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=811 Microsoft Security Response Center MSRC ID: 14095 Release Date: ============= 2014-02-28...

Microsoft SharePoint 2013 - Persistent Web Vulnerability

Document Title: =============== Microsoft SharePoint 2013 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft Security...

Microsoft SharePoint 2013 - Persistent Web Vulnerability

Document Title: =============== Microsoft SharePoint 2013 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft Security...

New Jigsaw Hacking Tool Spotted in Attacks

If you’ve run an internal phishing exercise, chances are you may have used Jigsaw, an open source penetration testing tool that enables security teams to automatically generate email address combinations from a minimal amount of public information. As with other open source security and networkin...

Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities

Title: ====== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. VL-ID: ===== 727 Common Vulnerability Scoring...

Barracuda LB / SVF / WAF / WEF Cross Site Scripting

Title: ====== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. VL-ID: ===== 727 Common Vulnerability Scoring...

Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities

Document Title: =============== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. Release Date: =============...

General Talks Security at Brookings Institution

General Martin Dempsey, Chairman of the Joint Chiefs of Staff, made clear yesterday in a speech to the Brookings Institution that the military, government, and private sector each has a role to play in hardening the U.S. against cyberattacks. General Dempsey also called out the maintainers of...

Microsoft Sharepoint (Cloud) Persistent Script Insertion

Title: ====== Microsoft SharePoint Cloud - Persistent Exception-Handling Web Vulnerability Date: ===== 2013-06-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=812 Microsoft Security Response Center MSRC ID: 14096 Microsoft Security Response Center MSRC MANAGER: JT MS...

Microsoft Office 365 Outlook - CS Redirect Vulnerability

Document Title: =============== Microsoft Office 365 Outlook - CS Redirect Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=815 Microsoft Security Response Center MSRC ID: 14091 Microsoft Security Response Center MSRC MANAGER: JT Release Dat...

Microsoft Office 365 Outlook - CS Redirect Vulnerability

Document Title: =============== Microsoft Office 365 Outlook - CS Redirect Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=815 Microsoft Security Response Center MSRC ID: 14091 Microsoft Security Response Center MSRC MANAGER: JT Release Dat...

Dropbox Users Reporting More Spam Following Last Summer's Breach

It appears the breach of cloud-based storage service Dropbox last year has spurned another wave of spam over the last week or so. Users began posting complaints on the service’s Bugs and Troubleshooting forum yesterday claiming that their Dropbox-specific accounts started receiving spam again las...

nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities

Title: ====== nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities Date: ===== 2013-01-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=795 nCircle Tracking ID: 20130117-US11337 VL-ID: ===== 795 Common Vulnerability Scoring System:...

Incapsula introduces 'Backdoor Protect' feature in Cloud-based Website Security

Incapsula announced this week that they're offering an intriguing Backdoor Protection feature for sites using their cloud-based website security and performance services. What's a Backdoor? A backdoor is a malicious function that enables hackers to remotely operate a site or server, even after...

Incapsula introduces 'Backdoor Protect' feature in Cloud-based Website Security

Incapsula announced this week that they’re offering an intriguing Backdoor Protection feature for sites using their cloud-based website security and performance services. What’s a Backdoor? A backdoor is a malicious function that enables hackers to remotely operate a site or server, even after...

nCircle PureCloud Vulnerability Scanner - Vulnerabilities

Document Title: =============== nCircle PureCloud Vulnerability Scanner - Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=795 nCircle Tracking ID: 20130117-US11337 Release Date: ============= 2013-01-28 Vulnerability Laboratory ID VL-ID:...

nCircle PureCloud Vulnerability Scanner Bypass / Injection

Title: ====== nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities Date: ===== 2013-01-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=795 nCircle Tracking ID: 20130117-US11337 VL-ID: ===== 795 Common Vulnerability Scoring System:...