Ubuntu USN-810-2 (fixed)

The remote host is missing an update to fixed announced via advisory USN-810-2. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of...

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : fetchmail vulnerability (USN-816-1)

Matthias Andree discovered that fetchmail did not properly handle certificates with NULL characters in the certificate name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Note that Tenable Network Securi...

USN-816-1: fetchmail vulnerability

Matthias Andree discovered that fetchmail did not properly handle certificates with NULL characters in the certificate name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

USN-810-1: NSS vulnerabilities

Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service via application crash or execute arbitrary code as the user invoking the program. CVE-2009-2404 Moxie...

Compromise of SSL-protected communication — Mozilla

IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities CA which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid...

CVE-2009-2407

Heap-based buffer overflow in the parsetag3packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service system crash or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a...

Encrypted tunnels enable users to circumvent security controls

In the previous article, I talked a bit about how employees are using external proxies to hide web activity from the prying eyes of the IT department. This article discusses the use of encrypted tunnel applications to hide from detection. To someone like myself an admitted web 1.2 kinda guy, usin...

SquirrelMail: Multiple cross site scripting issues

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 certain encrypted strings in e-mail headers, related to contrib/decryptheaders.php; 2 PHPSELF; and 3 the que...

Encrypted passwords in osuser.xml

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-17317. panel We need to set a crypted password instead plain text password in java.naming.security.credentials within osuser.xml...

Encrypted passwords in osuser.xml

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-17317. panel We need to set a crypted password instead plain text password in java.naming.security.credentials within osuser.xml...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 certain encrypted strings in e-mail headers, related to contrib/decryptheaders.php; 2 PHPSELF; and 3 the que...

CVE-2009-1578

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 certain encrypted strings in e-mail headers, related to contrib/decryptheaders.php; 2 PHPSELF; and 3 the que...

CVE-2009-1578

CVE-2009-1578 affects SquirrelMail < 1.4.18 and NaSMail

How employees evade IT security controls

Prior to January of 2007, I had very little exposure to the vast array of applications that employees use while at work. Sure, I used IM, webmail and listened to music online, but I was being paid to do a job, not entertain myself. After joining Palo Alto Networks, and analyzing 18 months worth o...

Formshield Captcha - Older Version vulnerable to replay attacks

Replay attack on CAPTCHA Libraries Summary A CAPTCHA implementation that we tested were found to be vulnerable to replay attacks. The attack is explained in detail for Formshield – A popular DOT NET CAPTCHA implementation. NOTE: We discovered this during a Black Box engagement with one of our...

Mandriva Linux Security Advisory : evolution (MDVSA-2008:063)

Ulf Harnhammar of Secunia Research discovered a format string flaw in how Evolution displayed encrypted mail content. If a user were to open a carefully crafted email message, arbitrary code could be executed with the permissions of the user running Evolution. The updated packages have been patch...

What's on the cover of that Verizon breach report?

Psst! Psst! Ryan here. Did you notice that all the text on the cover of Verizon’s 2009 data breach report pdf is selectable? A little birdie tells me that’s no coincidence. Encrypted message, etc. Even better, the report contains some obvious clues to decrypt. And something about cash prizes for...

Code injection

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services SES 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain 1 application server configuration, 2 database server configuration including encrypted passwords...

CVE-2008-6706

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services SES 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain 1 application server configuration, 2 database server configuration including encrypted passwords...

CVE-2008-6706

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services SES 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain 1 application server configuration, 2 database server configuration including encrypted passwords...