Trusted Sites Zone

The Trusted sites zone is a security zone for sites that you think are safe to visit. You believe that the site is designed with security in mind and that it can be trusted not to contain malicious content. To add or remove sites from this zone, you can click the Sites button. This will open a...

CVE-2010-1703

creationtimestamp| type| source ---|---|--- 2010-04-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/12395...

LogMeIn Listening Server Detection

Binary data 5507.prm...

Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (wininet)

Inject the Meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Tunnel communication over HTTPS Windows wininet This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework modu...

[SECURITY] Fedora 13 Update: dsniff-2.4-0.9.b1.fc13

A collection of tools for network auditing and penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively moni tor a network for interesting data passwords, e-mail, files. Arpspoof, dnsspo of and macof facilitate the interception of network traffic normall...

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

[SECURITY] Fedora 11 Update: dsniff-2.4-0.9.b1.fc11

A collection of tools for network auditing and penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively moni tor a network for interesting data passwords, e-mail, files. Arpspoof, dnsspo of and macof facilitate the interception of network traffic normall...

[SECURITY] Fedora 12 Update: dsniff-2.4-0.9.b1.fc12

A collection of tools for network auditing and penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively moni tor a network for interesting data passwords, e-mail, files. Arpspoof, dnsspo of and macof facilitate the interception of network traffic normall...

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

Mandriva Update for rootcerts MDVA-2010:100 (rootcerts)

Check for the Version of rootcerts OpenVAS Vulnerability Test Mandriva Update for rootcerts MDVA-2010:100 rootcerts Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

cURL/libcURL CURLOPT_ENCODING选项缓冲区溢出漏洞

BUGTRAQ ID: 38162 cURL是命令行传输文件工具，支持FTP、FTPS、HTTP、HTTPS、GOPHER、TELNET、DICT、FILE和LDAP。 在下载数据时，libcurl库使用客户端软件所注册的回调函数将数据传送给应用程序，在完成传输之前会反复的调用该函数。回调函数可接收的最大数据大小为16K（CURLMAXWRITESIZE）。 在HTTP上使用libcurl库下载压缩的内容时应用程序可以要求libcurl自动解压数据。而解压期间libcurl可能错误的向回调函数发送最多可为64K的数据，因此盲目信任libcurl的最大缓冲区限制的应用可能会出现缓冲区溢出。...

CVE-2010-0660

Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging...

CVE-2010-0660

Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging...

CVE-2010-0660

CVE-2010-0660 affects Google Chrome prior to 4.0.249.78. The issue arises when Chrome sends an https URL in the Referer header of an http request during https→http redirection, enabling remote servers to log and potentially obtain sensitive information via standard HTTP logs. Affected component i...

CVE-2010-0660

Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging...

CVE-2010-0660

Removed by vendor...

Cisco IronPort Encryption Appliance multiple security vulnerabilities

Multiple vulnerabilities in HTTPS interface...

CVE-2010-0145

Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923...

CVE-2010-0144

Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka...