LB-LINK多款产品 安全漏洞

LB-LINK BL-X26 and others are products of China Bilink LB-LINK.LB-LINK BL-X26 is a wireless router.LB-LINK BL-LTE300 is a wireless router.LB-LINK BL-AC2100 is a wireless Wi-Fi 6 router. A security vulnerability exists in several LB-LINK products, which stems from a command injection in the dns1 a...

Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage...

Bitwarden: Mailgun misconfiguration on email.bitwarden.com

Hi, While checking the subdomains i found that the subdomain email.bitwarden.com upon navigating downloads a file saying "Mailgun Magnificent API" And has the following DNS info DNS Records for email.bitwarden.com Hostname Type TTL Priority Content email.bitwarden.com SOA 899 ns-586.awsdns-09.net...

Sn1per - Automated Pentest Recon Scanner

Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features Automatically collects basic recon ie. whois, ping, DNS, etc. Automatically launches Google hacking queries against a target domain Automatically enumerates open ports...

cPanel 5-9 Killacct Script Customer Account DNS Information Deletion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10468/info cPanel is prone to a vulnerability that can allow a remote authenticated administrator to delete customer account DNS information for customers that are not administered by that administrator. This attack can...

Fiddler v2.3.3.3 New version released !

Fiddler is a Web Debugging Proxy which logs all HTTPS traffic between your computer and the Internet. Fiddler allows you to inspect all HTTPS traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended usi...

openswan: buffer overflow vulnerability in XAUTH client-side support

Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long 1 ciscodnsinfo or 2 ciscodomaininfo data in a packet...

PowerDNS Recursor Update Addresses Multiple Vulnerabilities

PowerDNS has released PowerDNS Recursor 3.1.7.2 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or spoof DNS information. US-CERT encourages users and administrators to review PowerDNS...

CPANEL Vuln : HTML injection

Cpanel Resellers just can use an exploit in the /scripts/killacct to delete one of my other customers accountsonly the DNS info not owned by him. All he had to do was create a fake account then delete it and look at the source code, view his cookies and discovered...