RomPager 4.07 Denial Of Service

Software: "RomPager/4.07 UPnP/1.0" Issue: A reboot can be caused when a special crafted http request is sent. Other Details: This version of RomPager is seen on a number of residential routers that are shipped by a number of different ISP's. The router I personal know it effects is the d-link...

Fedora Update for openconnect FEDORA-2010-13034

Check for the Version of openconnect OpenVAS Vulnerability Test Fedora Update for openconnect FEDORA-2010-13034 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

HTTPS Everywhere : Another Tool to Protect from Firesheep !

HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. The EFF launched a new version of HTTPS Everywhere, a security tool that offers enhanced protection...

4) "S" stands for Safe(r)

Browsing a Web site for offers is one thing. Actually buying merchandise is another matter entirely. Online transactions should be carried out securely, using encryption to scramble the sensitive financial data you’re sending to the merchant’s Web site and that they’re sending to you. Before...

[SECURITY] Fedora 14 Update: openconnect-2.26-4.fc14

This package provides a client for Cisco's "AnyConnect" VPN, which uses HTTPS and DTLS protocols...

[SECURITY] Fedora 13 Update: openconnect-2.26-2.fc13

This package provides a client for Cisco's "AnyConnect" VPN, which uses HTTPS and DTLS protocols...

[SECURITY] Fedora 12 Update: openconnect-2.26-1.fc12

This package provides a client for Cisco's "AnyConnect" VPN, which uses HTTPS and DTLS protocols...

Fiddler v2.3.1.0 ( Web Debugging Proxy tool ) - Latest Version Download

"Fiddler is a Web Debugging Proxy which logs all HTTPS traffic between your computer and the Internet. Fiddler allows you to inspect all HTTPS traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended...

New Browsing Tool Keeps Firesheep At Bay

Weeks after researchers unveiled Firesheep, the Firefox Web browser plugin that makes it easy to snoop on strangers’ Facebook, Flickr and other Web 2.0 sessions, a software update from the Electronic Frontier Foundation promises to secure more Web sessions from Firesheep-enabled snooping. The...

eBlog 1.7 - Multiple SQL Injections

eBlog 1.7 Multiple SQL Injection Vulnerabilities Name eBlog Vendor https://emuci.com Versions Affected 1.7 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-11-10 X. INDEX I. ABOUT THE APPLICATION II. DESCRIPTION III...

FireSheep Fallout: Microsoft Adds HTTPS Option for Hotmail

Three weeks after researchers unveiled a plugin that allows Firefox Web browser users to snoop on the Webmail and social networking sessions of those around them, Microsoft has announced an option that will allow users of its Hotmail Web e-mail program to browse securely. The company said on...

New Firefox add-on "Firesheep" - hijacks Facebook, Twitter sessions

A new Firefox add-on called "Firesheep," developed by Seattle-based freelance Web application developer Eric Butler, enables almost anyone to scan a Wi-Fi network and hijack others' access to popular services like Facebook, Twitter, and others. Butler unveiled Firesheep at the ToorCon security...

Fedora 13 : sepostgresql-9.0.1-20101007.fc13 (2010-16004)

Upgrade base version to v9.0.1 which contains various bug and security fixes. - http://www.postgresql.org/docs/9.0/static/release-9-0.ht ml - http://www.postgresql.org/docs/9.0/static/release-9-0- 1.html Note that Tenable Network Security has extracted the preceding description block directly fro...

Plugin, FireSheep, Lays Open Web 2.0 Insecurity

HED: New Tool, FireSheep, Lays Open Web 2.0 Insecurity DEK: The Browser Plug In Offers One Click Session Hijacking for Popular Social Networking Apps. Creators call for better session security. It’s no secret that Web sessions that use the bare HTTP protocol to transmit and receive data are...

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

CVE-2010-3900

Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312...

CVE-2010-3312

Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificat...

CVE-2010-3312

Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificat...

Open redirect

Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312...

CVE-2010-3312

CVE-2010-3312 affects Epiphany (2.28/2.29) when using WebKit and LibSoup, where the UI unconditionally shows a closed-lock icon for any https URL, potentially enabling MITM via a crafted X.509 certificate. Related advisories mention Midori pre-0.2.5 and OpenSUSE/openSUSE libwebkit/WebKitGTK+ vers...