Logitech K520 Crypto Issues / Replay Attacks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-044 Product: K520 Keyboard of Wireless Combo MK520 Manufacturer: Logitech Affected Versions: Model Y-R0012 Tested Versions: Model Y-R0012 Vulnerability Type: Cryptographic Issues CWE-310 Insufficient Protection against Replay...

[SECURITY] Fedora 24 Update: openssh-7.2p2-10.fc24

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Fedora 24 : ecryptfs-utils (2016-41301e2187)

ecryptfs-utils updated to 111 - fix ecryptfs-setup-swap improperly configures encrypted swap when using GPT partitioning on a NVMe or MMC drive CVE-2016-6224, rhbz1356828 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

USN-3032-1 ecryptfs-utils vulnerability

It was discovered that eCryptfs incorrectly configured the encrypted swap partition for certain drive types. An attacker could use this issue to discover sensitive information...

[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-5.fc24

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

HP Data Protector Encrypted Communications Arbitrary Command Execution Vulnerability

HP Data Protector is prone to an arbitrary command execution vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

The vulnerability of the Simatic WinCC software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability exists in the implementation of the Web Navigator interface in Siemens WinCC, due to the presence of a strictly encrypted user account. Exploiting this vulnerability allows malicious individuals operating remotely to gain access to the system through a specially crafted request...

Securing a travel iPhone

These are dry notes I took in the process of setting up a burner iPhone SE as a secure travel device. They are roughly in setup order. I believe iOS to be the most secure platform one can use at this time, but there are a lot of switches and knobs. This list optimizes for security versus...

Vulnerabilities of the enterprise automation system 1C:Enterprise, allowing a malicious individual to trigger service failures or gain access to encrypted data without knowing the encryption key

Multiple vulnerabilities in the OpenSSL cryptographic package of the 1C: enterprise automation system allow a malicious actor to remotely cause service failures or gain access to encrypted data without knowing the encryption key...

XML signature wrapping attack

ruby-saml prior to version 1.3.0 is vulnerable to an XML signature wrapping attack in the specific scenario where there was a signature that referenced at the same time 2 elements but past the scheme validator process since 1 of the element was inside the encrypted assertion. ruby-saml users must...

HP Data Protector Encrypted Communication Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' require 'openssl' class MetasploitModule "HP Data Protector Encrypted Communication Remote Command Execution",...

jenkins: Encrypted secrets (e.g. passwords) were leaked to users with permission to read configuration (SECURITY-266)

Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration...

HP Data Protector Encrypted Communication Remote Command Execution

This module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executin...

squid: SegFault from ESIInclude::Start

A NULL pointer dereference flaw was found in the way Squid processes ESI responses. If Squid was used as a reverse proxy or for TLS/HTTPS interception, a malicious server could use this flaw to crash the Squid worker process...

HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)

HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution Metasploit Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/...

HP Data Protector missing authentication

Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...

Man-in-the-middle attack vulnerabilities in multiple DMM products

DMM FX Trade for Android and others are Android-based applications developed by DMM Securities Inc. of Japan for foreign exchange trade transactions. A security vulnerability exists in several DMM products, which stems from the program's failure to validate SSL server certificates. An attacker...

HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)

Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and earlier Tested on: Windows Server 2008 CVE : CVE-2016-2004 This module...

HP Data Protector A.09.00 - Arbitrary Command Execution

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and...

HP Data Protector A.09.00 - Arbitrary Command Execution

!/usr/bin/python Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and earlier Tested on: Windows Server 2008 CVE : CVE-2016-20...