CVE-2011-0633

The Net::HTTPS module in libwww-perl LWP before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof...

Debian: Security Advisory (DSA-2199-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2200-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 2200-1. OpenVAS Vulnerability Test $Id: deb22001.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2200-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian Security Advisory DSA 2203-1 (nss)

The remote host is missing an update to nss announced via advisory DSA 2203-1. OpenVAS Vulnerability Test $Id: deb22031.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2203-1 nss Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian: Security Advisory (DSA-2200-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2203-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fiddler v2.3.3.3 New version released !

Fiddler is a Web Debugging Proxy which logs all HTTPS traffic between your computer and the Internet. Fiddler allows you to inspect all HTTPS traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended usi...

RedHat Update for nss RHSA-2011:0472-01

Check for the Version of nss OpenVAS Vulnerability Test RedHat Update for nss RHSA-2011:0472-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

RedHat Update for nss RHSA-2011:0472-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

openSUSE Security Update : seamonkey (seamonkey-4204)

Mozilla SeaMonkey was updated to version 2.0.13 to fix the following security issue : MFSA 2011-11 Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4202)

Mozilla XULRunner 1.9.1 was updated to version 1.9.1.18 to fix the following security issue : MFSA 2011-11 Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-4201)

MozillaFirefox was updated to version 3.6.16 to fix the following security issue : MFSA 2011-11 Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

CentOS 4 / 5 : nss (CESA-2011:0472)

Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. Network Security Services NSS is a set of libraries designed to support the development of...

Pangolin 3.2.3 - Automatic SQL injection penetration testing tool New Release !

Pangolin 3.2.3 - Automatic SQL injection penetration testing tool New Release ! Pangolin is an automatic SQL injection penetration testing Pen-testing tool for Website manager or IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications...

nss security update

CentOS Errata and Security Advisory CESA-2011:0472 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2011-April/079620.html https://lists.centos.org/pipermail/centos-announce/2011-April/079621.html...

Fedora 13 : kdenetwork-4.5.5-2.fc13 (2011-5211)

The new package fixes the security in kget. For more info please take a look at http://www.kde.org/info/security/advisory-20100513-1.txt Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

ZDI-11-132: CA Total Defense Suite UNC Management Console DeleteReportLayout SQL Injection Vulnerability

ZDI-11-132: CA Total Defense Suite UNC Management Console DeleteReportLayout SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-132 April 13, 2011 -- CVE ID: CVE-2011-1653 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: CA -- Affected Products: CA Total...

ZDI-11-134: CA Total Defense Suite UNC Management Console RegenerateReport SQL Injection Vulnerability

ZDI-11-134: CA Total Defense Suite UNC Management Console RegenerateReport SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-134 April 13, 2011 -- CVE ID: CVE-2011-1653 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: CA -- Affected Products: CA Total...

CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Endpoint. Authentication is not required to exploit this vulnerability. The specific flaw exists within CA.Itm.Server.ManagementWS.dll. Due to a failure to properly sanitize...

CA Total Defense Suite UnassignFunctionalUsers Stored Procedure SQL Injection Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UnAssignFunctionalRoles stored procedure, accessed via the management.asmx...