7648 matches found
CVE-2010-0597
CVE-2010-0597 affects Cisco Network Building Mediator (NBM) products via the Mediator Framework. Vulnerable are Cisco NBM-2400/4800 and Richards‑Zeta Mediator 2500 firmware releases: Mediator Framework 1.5.x before 1.5.1.build.14-eng, 2.2.x before 2.2.1.dev.1, and 3.0.x before 3.0.9.release.1. An...
CVE-2010-0597
Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the...
CVE-2010-0596
Unspecified vulnerability in Cisco Mediator Framework 2.2 before 2.2.1.dev.1 and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain...
CVE-2010-0600
Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not properly restrict network access to an unspecified configuration file, which...
[SECURITY] Fedora 11 Update: aria2-1.9.3-1.fc11
aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy...
[SECURITY] Fedora 12 Update: aria2-1.9.3-1.fc12
aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy...
[SECURITY] Fedora 13 Update: aria2-1.9.3-1.fc13
aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy...
Trusted Sites Zone
The Trusted sites zone is a security zone for sites that you think are safe to visit. You believe that the site is designed with security in mind and that it can be trusted not to contain malicious content. To add or remove sites from this zone, you can click the Sites button. This will open a...
CVE-2010-1703
creationtimestamp| type| source ---|---|--- 2010-04-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/12395...
LogMeIn Listening Server Detection
Binary data 5507.prm...
Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (wininet)
Inject the Meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Tunnel communication over HTTPS Windows wininet This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework modu...
[SECURITY] Fedora 13 Update: dsniff-2.4-0.9.b1.fc13
A collection of tools for network auditing and penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively moni tor a network for interesting data passwords, e-mail, files. Arpspoof, dnsspo of and macof facilitate the interception of network traffic normall...
TLS: MITM attacks via session renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...
[SECURITY] Fedora 11 Update: dsniff-2.4-0.9.b1.fc11
A collection of tools for network auditing and penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively moni tor a network for interesting data passwords, e-mail, files. Arpspoof, dnsspo of and macof facilitate the interception of network traffic normall...
[SECURITY] Fedora 12 Update: dsniff-2.4-0.9.b1.fc12
A collection of tools for network auditing and penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively moni tor a network for interesting data passwords, e-mail, files. Arpspoof, dnsspo of and macof facilitate the interception of network traffic normall...
TLS: MITM attacks via session renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...
TLS: MITM attacks via session renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...
Mandriva Update for rootcerts MDVA-2010:100 (rootcerts)
Check for the Version of rootcerts OpenVAS Vulnerability Test Mandriva Update for rootcerts MDVA-2010:100 rootcerts Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
cURL/libcURL CURLOPT_ENCODING选项缓冲区溢出漏洞
BUGTRAQ ID: 38162 cURL是命令行传输文件工具,支持FTP、FTPS、HTTP、HTTPS、GOPHER、TELNET、DICT、FILE和LDAP。 在下载数据时,libcurl库使用客户端软件所注册的回调函数将数据传送给应用程序,在完成传输之前会反复的调用该函数。回调函数可接收的最大数据大小为16K(CURLMAXWRITESIZE)。 在HTTP上使用libcurl库下载压缩的内容时应用程序可以要求libcurl自动解压数据。而解压期间libcurl可能错误的向回调函数发送最多可为64K的数据,因此盲目信任libcurl的最大缓冲区限制的应用可能会出现缓冲区溢出。...
CVE-2010-0660
Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging...