SSL Enabled but some link point to http:// instead of https://

This scenario will happen if enable both HTTP8090 and HTTPS8433 and 'Server Base Url' is set to HTTP. Reproduce procedures 1. Access confluence via HTTPS 2. Click menu 'Space' at the top menu 3. At 'Space Directory' page, click any of the menu at the left side eg. All spaces etc. then click link ...

SSL Enabled but some link point to http:// instead of https://

This scenario will happen if enable both HTTP8090 and HTTPS8433 and 'Server Base Url' is set to HTTP. Reproduce procedures 1. Access confluence via HTTPS 2. Click menu 'Space' at the top menu 3. At 'Space Directory' page, click any of the menu at the left side eg. All spaces etc. then click link ...

SSL Enabled but some link point to http:// instead of https://

This scenario will happen if enable both HTTP8090 and HTTPS8433 and 'Server Base Url' is set to HTTP. Reproduce procedures 1. Access confluence via HTTPS 2. Click menu 'Space' at the top menu 3. At 'Space Directory' page, click any of the menu at the left side eg. All spaces etc. then click link ...

Sophos Web Protection Appliance 3.7.8.1 XSS / Command Execution

Sophos Web Protection Appliance version 3.7.8.1 suffers from OS command injection, cross site scripting, and file disclosure vulnerabilities. ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable...

[SSLyze v0.6] SSL Server Configuration Scanning Tool

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers. Features SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility...

Apple App Store was vulnerable for more than Half year

A Google developer helps Apple to fixed a security flaw in its application store that for years has allowed attackers to steal passwords and install unwanted or extremely expensive applications. Security loophole allowed attacker to hijack the connection, because Apple neglected to use encryption...

Apple Finally Fixes App Store Vulnerabilities

Apple has fixed several App Store security issues that first arose last summer, but it hasn’t explained why it took so long to start encrypting communications using public Wi-Fi networks. A Google researcher working on his own time discovered in July 2012 that Apple was serving up data over an...

[SSL Certificate Downloader] Command-line Tool to grab SSL Certificate from Server Remotely

SSL Cert Downloader is a free command-line tool to grab SSL certificate from server remotely. It can be used to download certificate from any of the SSL enabled services including HTTPS 443 LDAPS 636 SMTPS 465 POPS 995 IMAPS 993 You can either specify IP address or host name of the server. Also y...

RHEL 5 / 6 : openssl (RHSA-2013:0587)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0587 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a...

Fedora Update for curl FEDORA-2013-2098

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2013-2098 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora Update for openconnect FEDORA-2013-2498

Check for the Version of openconnect OpenVAS Vulnerability Test Fedora Update for openconnect FEDORA-2013-2498 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

OpenSSL TLS 1.1 and 1.2 AES-NI DoS

The AES-NI implementation of OpenSSL 1.0.1c does not properly compute the length of an encrypted message when used with a TLS version 1.1 or above. This leads to an integer underflow which can cause a DoS. The vulnerable function aesnicbchmacsha1cipher is only included in the 64-bit versions of...

[SECURITY] Fedora 18 Update: openconnect-4.08-1.fc18

This package provides a client for Cisco's "AnyConnect" VPN, which uses HTTPS and DTLS protocols...

[SECURITY] Fedora 17 Update: openconnect-4.08-1.fc17

This package provides a client for Cisco's "AnyConnect" VPN, which uses HTTPS and DTLS protocols...

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, https response spoofing, information leakage, protection bypass, DoS...

Microsoft Azure Cloud Storage Suffers Major Outage Over Expired SSL Certificate

Various news outlets reported late Friday that Microsoft’s public cloud storage service suffered a global outage due to a lapsed security certificate. Beginning around 4 p.m. EST, developers and other Azure customers began being blocked from accessing files. “Storage is currently experiencing a...

SeaMonkey < 2.16 Multiple Vulnerabilities

Binary data 6693.prm...

Mozilla SeaMonkey < 2.16 Multiple Vulnerabilities

Binary data 801258.prm...

Firefox 19 Fixes HTTPS Phishing Issue, Adds Built-In PDF Viewer

Mozilla has released Firefox 19, the latest version of its flagship browser, which includes not only fixes for a number of serious security vulnerabilities but also a built-in PDF viewer. The native PDF viewer in Firefox could help protect against some of the ongoing attacks that use...

Mozilla Thunderbird < 17.0.3 Multiple Vulnerabilities

Binary data 6692.prm...