CVE-2012-2549

CVE-2012-2549 affects the Windows IP-HTTPS component. The IP-HTTPS server in Windows Server 2008 R2, R2 SP1, and Server 2012 does not properly validate certificates, enabling a remote attacker to bypass access restrictions by presenting a revoked certificate. The CVSS base score is 5.8 (Network, ...

Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2765809)

This host is missing an important security update according to Microsoft Bulletin MS12-083. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2012-2549

The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka "Revoked Certificate Bypass Vulnerability."...

Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability (2765809)

This host is missing an important security update according to Microsoft Bulletin MS12-083. OpenVAS Vulnerability Test $Id: secpodms12-083.nasl 5351 2017-02-20 08:03:12Z mwiegand $ Microsoft Windows IP-HTTPS Component Security Feature Bypass Vulnerability 2765809 Authors: Sharath S Copyright:...

Microsoft Windows IP-HTTPS Server Revoked SSL Certificate Validation Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability that affects the IP-HTTPS server component. Successful exploits may allow attackers to perform man-in-the-middle attacks or impersonate trusted clients, which will aid in further attacks. To exploit this issue an attacker...

MS12-083: Vulnerability in IP-HTTPS Component Could Allow Security Feature Bypass (2765809)

A security feature bypass vulnerability exists in Windows due to the way the IP-HTTPS Component handles certificates. The vulnerability could allow security feature bypass if an attacker presents a revoked certificate to an IP-HTTPS server commonly used in Microsoft DirectAccess deployments. To...

CVE-2012-4534 Apache Tomcat denial of service

CVE-2012-4534 Apache Tomcat denial of service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Tomcat 7.0.0 to 7.0.27 - Tomcat 6.0.0 to 6.0.35 Description: When using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading...

SVN wc.db Scanner

Scan for servers that allow access to the SVN wc.db file. Based on the work by Tim Meddin. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SVN wc.db Scanner', 'Description' = %q Scan for server...

Ubuntu Update for lynx-cur USN-1642-1

Ubuntu Update for Linux kernel vulnerabilities USN-1642-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16421.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for lynx-cur USN-1642-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Thi...

Ubuntu: Security Advisory (USN-1642-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

tomcat -- denial of service

The Apache Software Foundation reports: When using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading the response an infinite loop is entered leading to a denial of service...

iPhone Instagram users vulnerable to hackers

Instagram - Facebook's popular photo sharing app for iOS, is currently has a vulnerability that could make your account susceptible to hackers. A security researcher Carlos Reventlov published on Friday another attack on Facebook's Instagram photo-sharing service that could allow a hacker to seiz...

[USN-1642-1] Lynx vulnerabilities

========================================================================== Ubuntu Security Notice USN-1642-1 November 29, 2012 lynx-cur vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : lynx-cur vulnerabilities (USN-1642-1)

Dan Rosenberg discovered a heap-based buffer overflow in Lynx. If a user were tricked into opening a specially crafted page, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code as the user invoking the program. This issue only affected Ubunt...

Apache Tomcat 7.0.x < 7.0.28 Multiple DoS

Binary data 6623.pasl...

Apache Tomcat 6.0.x < 6.0.36 Multiple Vulnerabilities

Binary data 800612.prm...

Windows 8 Malware Using Google Docs to Target Brazilians

New malware targeting Windows 8 appears to be using Google Docs as a proxy server instead of directly connecting to a command and control C&C server. According to research done by Symantec and discussed in the company’s Security Response blog late last week, a Trojan, Backdoor.Makadocs, targets...

Facebook Enabling HTTPS by Default for North American Users

Facebook this week will begin turning on secure browsing be default for its millions of users in North America. The change will make HTTPS the default connection option for all Facebook sessions for those users, a shift that gives them a good baseline level of security and will help prevent some...

Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll Code Execution

Novell NetIQ Privileged User Manager version 2.3.1 suffers from a perl code evaluation remote command execution vulnerability in ldapagnteval in ldapagnt.dll. The secure web interface contains a flaw which allows, without prior authentication, to execute a Perl script with SYSTEM privileges. This...

Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnt_eval() Perl Code Evaluation Remote Code Execution

Novell NetIQ Privileged User Manager 2.3.1 - ldapagnt.dll ldapagnteval Perl Code Evaluation Remote Code Execution Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnteval Perl Code Evaluation RCE pre auth/SYSTEM Tested against: Microsoft Windows 2003 r2 sp2 download url:...