5458 matches found
Design/Logic Flaw
Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
Legal Robot: Account profile shows encryption recovery box for all users
A security researcher discovered that the encryption recovery section on the Legal Robot account profile page was shown to all users, even those that were not using the feature. There was no security impact from any user seeing or using the feature - quite the opposite, in fact. However, when...
Two New Platforms Found Offering Cybercrime-as-a-Service to 'Wannabe Hackers'
Cybercrime has continued to evolve and today exists in a highly organised form. Cybercrime has increasingly been commercialised, and itself become big business by renting out an expanded range of hacking tools and technologies, from exploit kits to ransomware, to help anyone build threats and...
CVE-2017-2266
Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-2270
Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.2.0.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-2272
AttacheCase self-extracting encrypted files are affected by an untrusted DLL search path (CWE-427) vulnerability. Versions up to 3.2.2.6 are vulnerable; exploitation allows arbitrary code execution via a Trojan DLL loaded from an untrusted directory. Affected products include AttacheCase with CVE...
CVE-2017-2270
The CVE-2017-2270 issue affects FileCapsule Deluxe Portable and its Encrypted files in self-decryption format, with Vulnerability in DLL loading (CWE-427) that can allow arbitrary code execution. Affected versions include FileCapsule Deluxe Portable Ver.2.0.9 and earlier (and related encrypted-se...
CVE-2017-2266
CVE-2017-2266 concerns FileCapsule Deluxe Portable and its Encrypted Files in Self-Decryption Format. The vulnerability is an untrusted search path that could allow arbitrary code execution via a Trojan horse DLL loaded from an unspecified directory, with impact as described in the CVE records. A...
CVE-2017-2268
Untrusted search path vulnerability in Encrypted files in self-decryption format created by FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-1181
IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487...
DEBIAN-CVE-2017-11103
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...
JVN#42031953: FileCapsule Deluxe Portable and Encrypted Files in Self-Decryption Format created by FileCapsule Deluxe Portable may insecurely load Dynamic Link Libraries
FileCapsule Deluxe Portable is a file encryption software. FileCapsule Deluxe Portable contains the following vulnerabilities. FileCapsule Deluxe Portable insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2265, CVE-2017-2267, CVE-2017-2269 Version| Vector| Score ---|---|--- CVSS v3|...
UBUNTU-CVE-2017-11103
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...
WinPayloads: Generate Undetectable Windows Payloads!
PenTestIT RSS Feed An older post of mine - MicroSploit dealt with generating backdoored documents for the Office platform. This post is about another open source framework, called WinPayloads which helps you create custom malicious payloads for the Microsoft Windows operating system. What is...
Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack Exploit
Barracuda WAF V360 with firmware 8.0.1.014 suffers from a support tunnel hijacking vulnerability. Title: Barracuda WAF Support Tunnel Hijack 1. Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded...
Metasploit Wrapup
Metasploit Hackathon We were happy to host the very first Metasploit framework open source hackathon this past week in the Rapid7 Austin. Eight Metasploit hackers from outside of Rapid7 joined forces with the in-house team and worked on a lot of great projects, small and large. @bcook started the...
The Women of Bletchley Park
Really good article about the women who worked at Bletchley Park during World War II, breaking German Enigma-encrypted messages...
Linux/x86 - XOR encoded execve(/bin/sh) setuid(0) setgid(0) Shellcode (66 bytes)
Linux/x86 - XOR encoded execve/bin/sh setuid0 setgid0 Shellcode 66 bytes. Shellcode exploit for Linx86 platform ;Title: Linux/x86 - 66 byte - execve/bin/sh - setuid0 - setgid0 - XOR encrypted ;Author: nullparasite ;Contact: [email protected] ;Category: Shellcode ;Architecture: Linux x86...
Linux/x86 - XOR encoded execve(/bin/sh) setuid(0) setgid(0) Shellcode (66 bytes)
;Title: Linux/x86 - 66 byte - execve/bin/sh - setuid0 - setgid0 - XOR encrypted ;Author: nullparasite ;Contact: email protected ;Category: Shellcode ;Architecture: Linux x86 ;Description: This shellcode, first set uid and gid to zero then call shell using execve. Also, /bin/sh defined as a XOR...
Updated gajim packages fix security vulnerability
Gajim unconditionally implements the "XEP-0146: Remote Controlling Clients" extension, which may be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions CVE-2016-10376...