106 matches found
Tracking People Without GPS
Interesting research: The trick in accurately tracking a person with this method is finding out what kind of activity they're performing. Whether they're walking, driving a car, or riding in a train or airplane, it's pretty easy to figure out when you know what you're looking for. The sensors can...
CVE-2017-11927
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an information vulnerability due to the way the Windows its:// protocol handler determines...
How to solve the Malwarebytes CrackMe: a step-by-step tutorial
The topic of this post is a Malwarebytes CrackMe—an exercise in malware analysis that I recently created. First, the challenge was created to serve internal purposes, but then it was released to the community on Twitter and triggered a lot of positive response. Thanks to all of you who sent in yo...
NetScaler SD-WAN Troubleshooting Guide
Citrix SD-WAN, formerly NetScaler SD-WAN This articles helps you diagnose, troubleshoot, and resolve common issue encountered on NetScaler SD-WAN. Note : This is a master overview article. The detailed information for each topic is covered in its individual articles. CTX236987 - Information to Ke...
How to determine the version of Citrix license server installed
This article describes how to determine the version of the Citrix license server...
How to debug Citrix Gateway connector logs (XNC)
In order to determine an issue with Citrix Gateway connector formerly known as XNC, we would need to enable debug logging...
FCKeditor upload vulnerability summary-vulnerability warning-the black bar safety net
0x01 FCKeditor profile FCKeditor is a specialized use on a web page belonging to the open source WYSIWYG text editor. It logs in lightweight, does not require complicated installation steps can be used. It can be PHP, JavaScript, ASP, ASP.NET and ColdFusion, Java, and ABAP and other different...
Gentoo Security Advisory GLSA 201403-03
Gentoo Linux Local Security Checks GLSA 201403-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
CVE-2015-1356
Siemens SIMATIC STEP 7 TIA Portal before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file...
SuidPerl 5.6 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6282/info An information disclosure vulnerability has been reported for SuidPerl. Reportedly, it is possible for an attacker to determine whether files exist in non-accessible directories. An attacker can exploit this...
Ensnare Web Application Attack Detection Utility Released
BOSTON – Two engineers from Netflix this week released to open source a security tool that detects attacks against web applications—and also reacts to those attacks with responses they hope will flummox a hacker to the point that he moves on to his next target. The utility is called Ensnare and i...
CVE-2013-5596
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
frontpage_version
This plugin searches for the FrontPage Server Info file and if it finds it will try to determine the version of the Frontpage Server Extensions. The file is located inside the web server webroot. For example: http://localhost/vtiinf.html Plugin type Infrastructure Options This plugin doesnt have...
phpinfo
This plugin searches for the PHP Info file in all the directories and subdirectories that are sent as input and if it finds it will try to determine the version of the PHP. The PHP Info file holds information about the PHP and the system version, environment, modules, extensions, compilation...
metasploit-info NSE Script
Gathers info from the Metasploit rpc service. It requires a valid login pair. After authentication it tries to determine Metasploit version and deduce the OS type. Then it creates a new console and executes few commands to get additional info. References: Metasploit RPC API Guide See also:...
Host Details
This scripts aggregates the OS detection information gathered by several VTs and store it in a structured and unified way. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2010-1258
Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability."...
Days of the edge of the school website system v1. 3 upload vulnerability-vulnerability warning-the black bar safety net
Open the admin directory, and found there a upload. asp, this file is submitted and the documents submitted for judgment, which has such a sentence if Uprequest. form"fileErr"0 then select case Uprequest. form"fileErr" But I saw a half day also did not see it this fileErr read what it is, and...
CVE-2010-2252
GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL wit...
IBM Db2 db2pd Denial Of Service Vulnerability - Windows
IBM Db2 and is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2"; ifdescriptio...