7629 matches found
CVE-2014-2259
Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service defect-mode transition via crafted HTTPS packets...
Code injection
Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service defect-mode transition via crafted HTTPS packets...
CVE-2014-2259
Siemens SIMATIC S7-1500 CPU PLCs were affected by CVE-2014-2259: devices running firmware before 1.5.0 could be forced into defect mode (DoS) by specially crafted HTTPS packets. The issue stems from the web/server handling in the CPU firmware, enabling remote DoS without authentication. Siemens r...
CVE-2014-2259
Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service defect-mode transition via crafted HTTPS packets...
Squid SSL-Bump HTTPS请求处理拒绝服务漏洞
CVE ID:CVE-2014-0128 Squid Cache简称为Squid是一个流行的代理服务器和Web缓存服务器软件。 Squid SSL-Bump中相关状态管理处理存在错误,允许攻击者提交特制的HTTP请求触发断言错误,造成拒绝服务攻击。 0 Squid 3.x 厂商补丁: Squid ----- Squid 3.3.12或3.4.4已经修复该漏洞,建议用户下载更新: http://www.squid-cache.org...
Fedora Update for kernel FEDORA-2014-3448
Check for the Version of kernel OpenVAS Vulnerability Test Fedora Update for kernel FEDORA-2014-3448 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Command Shell, Android Reverse HTTPS Stager
Spawn a piped command shell sh. Tunnel communication over HTTPS This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Stager include Msf::Payload::Android...
Android Meterpreter, Android Reverse HTTPS Stager
Run a meterpreter server in Android. Tunnel communication over HTTPS This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Stager include...
Hacking Facebook User 'Access Token' with Man-in-the-Middle Attack
Facebook has several security measures to protect users' account, such as a user "access token" is granted to the Facebook application like Candy Crush Saga, Lexulous Word Game, when the user authorizes it, it provides temporary and secure access to Facebook APIs. To make this possible, users hav...
HTTPS Traffic Attacks Leak Sensitive Personal Details
One thing that’s been made abundantly clear by mathematicians and cryptographers alike is that despite the NSA’s dragnet surveillance of phone calls and Internet traffic, the spy agency has not been able to crack the math holding up encryption technology. Those who wish to spy and steal on the...
HTTPS can leak your Personal details to Attackers
Explosive revelations of massive surveillance programs conducted by government agencies by the former contractor Edward Snowden triggered new debate about the security and privacy of each individual who is connected somehow to the Internet and after the Snowden’s disclosures they think that by...
GnuTLS certificate verification security vulnerability found
GnuTLS, an open source SSL and TLS implementation used in hundreds of software packages including Red Hat desktop and server products and all Debian and Ubuntu Linux distributions, is the latest crypto package to improperly verify digital certificates as authentic. The vulnerability, discovered a...
[Responder] a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server
Responder is a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. This tool is first an LLMNR and NBT-NS responder, it will answer to specific NBT-NS NetBIOS Name...
CVE-2011-3634
methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors...
Webuzo 2.1.3 - Multiple Vulnerabilities
Exploit Title: Webuzo Multiple Vulnerabilities Date: 7 October 2013 Exploit Author: Mahendra Vendor Homepage: www.webuzo.com Software Link: http://downloads.webuzo.com/va.php Version: 2.1.3, other version might be vulnerable. Tested on: CentOS release 6.2 FINAL CVE : CVE-2013-6041, CVE-2013-6042,...
Fedora Update for apache-commons-fileupload FEDORA-2014-2175
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Reflective DLL Injection, Reverse Hop HTTP/HTTPS Stager
Inject a DLL via a reflective loader. Tunnel communication over an HTTP or HTTPS hop point. Note that you must first upload data/hop/hop.php to the PHP server you wish to use as a hop. This module requires Metasploit: https://metasploit.com/download Current source:...
VNC Server (Reflective Injection), Reverse Hop HTTP/HTTPS Stager
Inject a VNC Dll via a reflective loader staged. Tunnel communication over an HTTP or HTTPS hop point. Note that you must first upload data/hop/hop.php to the PHP server you wish to use as a hop. This module requires Metasploit: https://metasploit.com/download Current source:...
Windows Meterpreter (Reflective Injection), Reverse Hop HTTP/HTTPS Stager
Inject the Meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Tunnel communication over an HTTP or HTTPS hop point. Note that you must first upload data/hop/hop.php to the PHP server you wish to use as a hop. This module requires Metasploit:...
[SECURITY] Fedora 19 Update: curl-7.29.0-13.fc19
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...