5448 matches found
USN-3032-1 ecryptfs-utils vulnerability
It was discovered that eCryptfs incorrectly configured the encrypted swap partition for certain drive types. An attacker could use this issue to discover sensitive information...
[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-5.fc24
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
HP Data Protector Encrypted Communications Arbitrary Command Execution Vulnerability
HP Data Protector is prone to an arbitrary command execution vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
The vulnerability of the Simatic WinCC software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability exists in the implementation of the Web Navigator interface in Siemens WinCC, due to the presence of a strictly encrypted user account. Exploiting this vulnerability allows malicious individuals operating remotely to gain access to the system through a specially crafted request...
Securing a travel iPhone
These are dry notes I took in the process of setting up a burner iPhone SE as a secure travel device. They are roughly in setup order. I believe iOS to be the most secure platform one can use at this time, but there are a lot of switches and knobs. This list optimizes for security versus...
Vulnerabilities of the enterprise automation system 1C:Enterprise, allowing a malicious individual to trigger service failures or gain access to encrypted data without knowing the encryption key
Multiple vulnerabilities in the OpenSSL cryptographic package of the 1C: enterprise automation system allow a malicious actor to remotely cause service failures or gain access to encrypted data without knowing the encryption key...
XML signature wrapping attack
ruby-saml prior to version 1.3.0 is vulnerable to an XML signature wrapping attack in the specific scenario where there was a signature that referenced at the same time 2 elements but past the scheme validator process since 1 of the element was inside the encrypted assertion. ruby-saml users must...
HP Data Protector Encrypted Communication Remote Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' require 'openssl' class MetasploitModule "HP Data Protector Encrypted Communication Remote Command Execution",...
jenkins: Encrypted secrets (e.g. passwords) were leaked to users with permission to read configuration (SECURITY-266)
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration...
HP Data Protector Encrypted Communication Remote Command Execution
This module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executin...
squid: SegFault from ESIInclude::Start
A NULL pointer dereference flaw was found in the way Squid processes ESI responses. If Squid was used as a reverse proxy or for TLS/HTTPS interception, a malicious server could use this flaw to crash the Squid worker process...
HP Data Protector missing authentication
Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...
HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)
HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution Metasploit Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/...
Man-in-the-middle attack vulnerabilities in multiple DMM products
DMM FX Trade for Android and others are Android-based applications developed by DMM Securities Inc. of Japan for foreign exchange trade transactions. A security vulnerability exists in several DMM products, which stems from the program's failure to validate SSL server certificates. An attacker...
HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)
Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and earlier Tested on: Windows Server 2008 CVE : CVE-2016-2004 This module...
HP Data Protector A.09.00 - Arbitrary Command Execution
HP Data Protector A.09.00 - Arbitrary Command Execution !/usr/bin/python Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and...
HP Data Protector A.09.00 - Arbitrary Command Execution
Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and...
HP Data Protector A.09.00 - Arbitrary Command Execution
!/usr/bin/python Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and earlier Tested on: Windows Server 2008 CVE : CVE-2016-20...
TOR Mail Encrypted Server: OnionMail
TOR Mail Encrypted Server for Hidden Services OnionMail is an anonymous, encrypted mail server made to run on TOR network without losing the ability to communicate with the Internet. All OnionMail servers are configured as TOR hidden services and use SSL via STARTTLS. To use OnionMail all you nee...
Cisco UCS Invicta Software Default GPG Key Vulnerability
A vulnerability in Cisco UCS Invicta Software could allow an unauthenticated, remote attacker to access some encrypted information, if the attacker can intercept communication between an affected system and a Cisco UCS Invicta Autosupport server. The vulnerability is due to the presence of a...