SSH 1.2.x CRC-32 Compensation Attack Detector Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2347/info Secure Shell, or SSH, is an encrypted remote access protocol. SSH or code based on SSH is used by many systems all over the world and in a wide variety of commercial applications. An integer-overflow bug in the...

AT Computing atsar_linux 1.4 File Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1048/info atsar is a linux load monitoring software package released under the GPL by AT Computing. atsadc is a setuid root binary that is included in the atsar package. atsadc is setuid because it obtains informatin via...

Castle Rock Computing SNMPc < 7.1.1 (Community) Remote BOF PoC

No description provided by source. !usr/bin/perl -w Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service crash or execute arbitrary code via a long community string in an SNMP TRAP packet. Refer:...

Secure Computing e.iD Authenticator for Palm 2.0 PIN Brute-Force Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2105/info Summary: An attacker that obtains access to the sceiddb.pdb file, part of Secure Computing's e.iD Authenticator for Palm, can determine the user's PIN. Problem Description: Secure Computing's SafeWord is a syste...

TORQUE Resource Manager 2.5.x-2.5.13 - Stack Based Buffer Overflow Stub

Exploit for linux platform in category remote exploits !/usr/bin/env python Exploit Title: TORQUE Resource Manager 2.5.x-2.5.13 stack based buffer overflow stub Date: 27 May 2014 Exploit Author: bwall - @botnethunter Vulnerability discovered by: MWR Labs CVE: CVE-2014-0749 Vendor Homepage:...

Moderate: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

Updated openstack-nova packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring...

TORQUE Resource Manager 2.5.x &lt; 2.5.13 - Stack Buffer Overflow Stub

!/usr/bin/env python Exploit Title: TORQUE Resource Manager 2.5.x-2.5.13 stack based buffer overflow stub Date: 27 May 2014 Exploit Author: bwall - @botnethunter Vulnerability discovered by: MWR Labs CVE: CVE-2014-0749 Vendor Homepage: http://www.adaptivecomputing.com/ Software Link:...

Moscrack - Cluster Cracking Tool For WPA Keys

Moscrack is a PERL application designed to facilitate cracking WPA keys in parallel on a group of computers. This is accomplished by use of either Mosix clustering software, SSH or RSH access to a number of nodes. With Moscrack’s new plugin framework, hash cracking has become possible. SHA256/512...

CVE-2014-3261

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.41i, NX-OS 5.0 before 5.03U22 on Nexus 3000 devices, NX-OS 4.1 before 4.12E11l on Nexus 4000 devices, NX-OS 5.x before 5.13N11 on Nexus 5000 devices, NX-OS 5...

Buffer overflow

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.41i, NX-OS 5.0 before 5.03U22 on Nexus 3000 devices, NX-OS 4.1 before 4.12E11l on Nexus 4000 devices, NX-OS 5.x before 5.13N11 on Nexus 5000 devices, NX-OS 5...

CVE-2014-3261

CVE-2014-3261 details a buffer overflow in Cisco NX-OS Smart Call Home, exploitable via crafted SMTP replies to remote SMTP servers. Affected platforms include Cisco UCS NX-OS on Fabric Interconnects, Nexus 3000/4000/5000/7000, and CGOS CG4 (with specific version ranges provided in the Cisco and ...

CVE-2014-3261

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.41i, NX-OS 5.0 before 5.03U22 on Nexus 3000 devices, NX-OS 4.1 before 4.12E11l on Nexus 4000 devices, NX-OS 5.x before 5.13N11 on Nexus 5000 devices, NX-OS 5...

Important: Red Hat Bug Fix Advisory: Red Hat OpenShift Enterprise 2.1 Release Advisory

Red Hat OpenShift Enterprise release 2.1, which fixes several bugs and includes various enhancements, is now available. OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The OpenShift Enterpri...

[security bulletin] HPSBHF02946 rev.1 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04036775 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04036775 Version: 1 HPSBHF02946 rev....

Iowa State Hacked--To Mine Bitcoins

It’s an odd week these days when there isn’t a data breach at some university or college. These institutions are prime targets for attackers for several reasons, not the least of which are their open network environments and databases bulging with personal information. But now attackers are looki...

Eucalyptus Web Services拒绝服务漏洞

CVE ID:CVE-2013-4768 Eucalyptus是一款开源的软件基础结构，用来通过计算集群或工作站群实现弹性的、实用的云计算。 Eucalyptus web services网络清理代码存在错误，允许攻击者利用漏洞提交特殊的请求进行拒绝服务攻击。 0 Eucalyptus 3.x Eucalyptus 3.4.2版本已修复该漏洞，建议用户下载使用： https://www.eucalyptus.com...

OpenStack Nova RBAC安全绕过漏洞

Bugtraq ID:65753 CVE ID:CVE-2014-0167 OpenStack是由Rackspace和NASA共同开发的云计算平台，帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。OpenStack Nova提供虚拟计算服务。 OpenStack Nova EC2 API安全组实现存在安全漏洞，如addrules, removerules 和destroy方法，受限用户可使用EC2 API绕过限制对安全组进行未授权操作。 0 OpenStack Nova 2013.1 - 2013.2.3 用户可参考如下厂商提供的安全补丁以修复该漏洞：...

Microsoft Releases Free Threat Modeling Tool 2014

Threat modeling has been part of the security culture at Microsoft for the better part of a decade, an important piece of the Security Development Lifecycle that’s at the core of Trustworthy Computing. Today, Microsoft updated its free Threat Modeling Tool with a number of enhancements that bring...

[SECURITY] Fedora 19 Update: openstack-nova-2013.1.5-1.fc19

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...

OpenStack python-keystoneclient Cache安全绕过漏洞

OpenStack是由Rackspace和NASA共同开发的云计算平台，帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。 缓存处理多个，多次请求时存在错误，可被利用以另一个用户身份进行认证操作。 0 OpenStack python-keystoneclient 0.x OpenStack python-keystoneclient 0.7.0及之后版本以修复此漏洞，建议用户下载使用： https://launchpad.net/python-keystoneclient...