57 matches found
Vulristics HTML Report Update: Table for Products, Table for Vuln. Types and “Prevalence”
Hi guys! I was on vacation this week. So I had time to work on my Vulristics project. For those who dont know, this is a framework for prioritizing known CVE vulnerabilities. I was mainly grooming the HTML report. I added a logo at the top, set a max width for the report, added a timestamp when t...
Exploit for CVE-2020-1938
CVE-2020-1938 Suricata 检测规则 suricata CNVD-2020-10487...
Exploit for Improper Input Validation in Nema Dicom_Standard
Bad-DICOM PoC of my handcrafted CVE-2019-11687's exploit tool...
CVE-2019-0708 vulnerability impact analysis and the use of a variety of rules to detect method-vulnerability warning-the black bar safety net
Recently, with the CVE-2019-0708 vulnerability of the publication, most of the security community will be the loopholes as the highest priority to addressing the vulnerability. Mentioned bug fixes, it is difficult not to associate this front WannaCry and NotPetya disastrous consequences. And...
Evolving Threat Hunting with the MITRE ATT&CK Framework at CB Connect
Evolving Threat Hunting with the MITRE ATT&CK Framework – Join me at CB Connect San Diego! There are a number of techniques you can use to uncover security gaps leveraging the MITRE ATT&CK matrix. At CB Connect San Diego, our annual user conference June 4-5th, I will speaking on “How to Evolve Yo...
What’s New in Wallarm Node 2.10
We have recently released a new version of Wallarm Node. After your next update window, you will see some new features your DevOps team is certain to like. Firstly, your monitoring and reporting got a lot livelier. Starting with this version in addition to JSON format metrics can be exported in...
Generic Signature Format for SIEM Systems: Sigma
Sigma is a generic and open signature format that allows you to describe relevant log events in a straight forward manner. The rule format is very flexible, easy to write and applicable to any type of log file. The main purpose of this project is to provide a structured form in which researchers ...
The best Burp plugin I’ve ever seen
Wanted to share with you what IMHO is the most promising Burp Suite plugin that just might transform it to the best penetration tool ever. It’s the Vulners plugin, available for free at github . If you are lazy like me, a build is available here: Installation It’s easy if you know how to deal wit...
Design/Logic Flaw
A vulnerability in the FTP Representational State Transfer Application Programming Interface REST API for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. Cisco Firepower System...
Cisco Firepower System Software FTP Malware Vulnerability
A vulnerability in the FTP Representational State Transfer Application Programming Interface REST API for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. SPDX-FileCopyrightText: 2016...
Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability
Overview Cisco Adaptive Security Appliance ASA Internet Key Exchange versions 1 and 2 IKEv1 and IKEv2 contains a buffer overflow vulnerability that may be leveraged to gain remote code execution. Description CWE-119: Improper Restriction of Operations within the Bound of a Memory Buffer -...
Cisco FireSIGHT Management Center SSL HTTP Attack Detection Vulnerability
A vulnerability in HTTP attack detection within decrypted SSL traffic of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to bypass HTTP attack detection. The traffic is SSL and the application is configured to decrypt the SSL connection and detect HTTP-based...
BlackBerry, Cisco Products Vulnerable to OpenSSL Bug
Vendors are continuing to check their products for potential effects from the OpenSSL heartbleed vulnerability, and both Cisco and BlackBerry have found that a variety of their products contain a vulnerable version of the software. BlackBerry on Thursday said that several of its software products...
Mandrake Security Advisory MDVSA-2009:259 (snort)
The remote host is missing an update to snort announced via advisory MDVSA-2009:259. OpenVAS Vulnerability Test $Id: mdksa2009259.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:259 snort Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
CVE-2008-1804
preprocessors/sppfrag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment...
CVE-2008-1804
preprocessors/sppfrag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment...
CVE-2008-1804
Removed by vendor...