ownCloud: apps.owncloud.com: SSL Session cookie without secure flag set

URL: https://apps.owncloud.com/usermanager/login.php Issue detail The following cookie was issued by the application and does not have the secure flag set: PHPSESSID=27caghhkfjvuso3mmiqajqt2n4; path=/; HttpOnly The cookie appears to contain a session token, which may increase the risk associated...

DSA-3240-1 curl - security update

Bulletin has no description...

WordPress Marketplace 2.4.0 Add Administrator

!/usr/bin/python Exploit Name: WP Marketplace 2.4.0 Remote Command Execution Vulnerability discovered by Kacper Szurek http://security.szurek.pl Exploit written by Claudio Viviani -------------------------------------------------------------------- The vulnerable function is located on...

Automattic: Serving Transitions From: HTTP Protocol (not secure)

Dear Sir, I've Noticed from your SourceCode that you are using HTTP Protocol, and that will makes Insecure served for data transition. we will give the attacker a chance for "MIMT" man in the middle attack as you know that the name of the attack itself explain the steps. -check the source code of...

WordPress Cookie handling process can lead to account hijacking-vulnerability warning-the black bar safety net

! Write ahead: This is actually a cookie transmission does not use the https problem, the most natural of seemingly unrelated picture, but in front of a burst of lead to ebay account disclosure of intrusion events, also has this vulnerability in the shadow. ps: looks like this hack was a girl...

A jingdong log security vulnerabilities-vulnerability warning-the black bar safety net

Table of Contents 1 Introduction 2 the inspection process 3 Summary 1 Introduction Recently looking at an open source site code, found if the login page via the http Protocol requests, will be redirected to use the https Protocol of the url, so you can ensure login security. Today a whim, want to...

NASA SSL Digital Certificate hacked by Iranian Hackers

NASA SSL Digital Certificate hacked by Iranian Hackers Iranian hackers 'Cyber Warriors Team' announced in an online post that it compromised an SSL certificate belonging to NASA and subsequently accessed information on thousands of NASA researchers. A space agency representative revealed that...

Iran Shutdown Google ,Yahoo & other Major sites using Https Protocol

Iran Shutdown Google ,Yahoo & other Major sites using Https Protocol We Received latest reports from Iran ,Governments has blocked access to the major sites plus websites using certain Https protocol like Gmail, Google ,Yahoo. On the eve of the anniversary of the revolution that overthrew the...

Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet Advisory ID: cisco-sa-20080924-ssl http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml Revision 1.0 For Public Release 2008 September 24 1600 UTC GMT -...

Advanced Poll 2.0.5-dev - Remote Admin Session Generator

!/usr/bin/perl -w Advanced Poll 2.0.0 = 2.0.5-dev textfile admin session gen. 0day! KEEP IT PRIVATE 0day! date: 30/07/06 diwou PHCKSEC c 2001-2006. see templates for code execution ;. use strict; use warnings; use LWP::UserAgent; use MD5; my...