9 matches found
CVE-2026-32634
Glances Central Browser mode vulnerability (CVE-2026-32634): prior to 4.5.2, Zeroconf advertising can mislead the browser into using an untrusted server name to create connection URIs, and to look up saved passwords. If a dynamic server reports itself as protected, the untrusted name is also used...
Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements
Impact An attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 on the kernel cmdline, it wi...
BazaLoader Masquerades as Movie-Streaming Service
There’s a new, fake movie-streaming service in town called BravoMovies, and the offerings are utter garbage. Despite its pretty pictures and fun-sounding titles, it’s got nothing to offer for download besides BazaLoader malware. BazaLoader is a loader used to deploy ransomware or other types of...
CVE-2020-11091
In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 ...
The vulnerability of the Modbus protocol implementation in the “Communication Server” software of the EKRASMS-SP program suite for microprocessor-based EKRA 200 terminals allows a perpetrator to execute any command they desire.
The vulnerability of the Modbus protocol implementation in the “Communication Server” software of the EKRASMS-SP suite for microprocessor-based EKRA 200 terminals exists due to insufficient filtering of symbols in file paths. Exploiting this vulnerability allows a malicious actor to execute...
Threat Outbreak Alert: Fake Service Providers Notification Email Messages on January 28, 2014
Medium Alert ID: 32616 First Published: 2014 January 29 17:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a service provider notification for the recipient. The text in the email message attempts to convince the...
Authentication Capture: MSSQL
This module provides a fake MSSQL service that is designed to capture authentication credentials. The modules supports both the weak encoded database logins as well as Windows logins NTLM. This module requires Metasploit: https://metasploit.com/download Current source:...
Authentication Capture: Telnet
This module provides a fake Telnet service that is designed to capture authentication credentials. DONTs and WONTs are sent to the client for all option negotiations, except for ECHO at the time of the password prompt since the server controls that for a bit more realism. This module requires...
Authentication Capture: POP3
This module provides a fake POP3 service that is designed to capture authentication credentials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Authentication Capture: POP3', 'Description' = %...