7691 matches found
Apple Blocks Sites From Abusing HSTS Security Standard to Track Users
If you are unaware, the security standard HTTP Strict Transport Security HSTS can be abused as a 'supercookie' to surreptitiously track users of almost every modern web browser online without their knowledge even when they use "private browsing." Apple has now added mitigations to its open-source...
GetAltName - Get Subject Alt Name From SSL Certificates
GetAltName it's a little script that can extract Subject Alt Names for SSL Certificates directly from HTTPS web sites which can provide you with DNS names or virtual servers. It's useful in a discovery phase of a pen-testing assessment, this tool can provide you with more information about your...
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution Exploit
Exploit for windows platform in category remote exploits !/usr/bin/env python import argparse import urllib import requests, random from bs4 import BeautifulSoup from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning...
USN-3598-1: curl vulnerabilities
Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2018-1000120 Dario Weisser discovered that curl incorrectly handled certain LDAP URLs. An attacker could possibly use this issue t...
JoomScan 0.0.5 - OWASP Joomla Vulnerability Scanner Project
OWASP JoomScan short for Joomla Vulnerability Scanner is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis them. WHY OWASP JOOMSCAN ? If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever! This Project is bei...
CVE-2016-0275
IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM for Corporate Payment Services CPS for...
CVE-2016-0275
IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM for Corporate Payment Services CPS for...
Information disclosure
IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM for Corporate Payment Services CPS for...
CVE-2016-0275
IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM for Corporate Payment Services CPS for...
openSUSE Security Update : shotwell (openSUSE-2018-239)
This update for shotwell fixes the following issues : Security issue fixed : - CVE-2017-1000024: Use HTTPS encryption all over the publishing plugins bsc1054311. This update was imported from the SUSE:SLE-12-SP2:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
SUSE SLED12 Security Update : shotwell (SUSE-SU-2018:0637-1)
This update for shotwell fixes the following issues: Security issue fixed : - CVE-2017-1000024: Use HTTPS encryption all over the publishing plugins bsc1054311. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
SUSE-SU-2018:0637-1 Security update for shotwell
This update for shotwell fixes the following issues: Security issue fixed: - CVE-2017-1000024: Use HTTPS encryption all over the publishing plugins bsc1054311...
CTFR - Get subdomains of an HTTPS website abusing Certificate Transparency logs
Do you miss AXFR technique? This tool allows to get the subdomains from a HTTPS website in a few seconds. How it works? CTFR does not use neither dictionary attack nor brute-force, it just abuses of Certificate Transparency logs. For more information about CT logs, check...
Make way for HTTPS - Starting July 2018, Google Chrome will mark all HTTP sites as "not secure"
Days of clear-text HTTP, the original but insecure foundation for data communication over the web, are numbered. Over the past few years, Google and others such as the Internet Architecture Board, Mozilla, and Apple have nudged developers to encrypt and authenticate their websites using HTTPS whi...
Advanced Network Monitoring & MITM Attack Framework: Bettercap
Evil socket just announced the release of the second generation of bettercap , a complete re-implementation of the most complete and advanced Man-in-the-Middle attack framework. This release not only brings MITM attacks to the next level, but it aims to be the reference framework for network...
ClipBucket <= 4.0.0 Multiple Vulnerabilities
ClipBucket is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oxygenz:clipbucket"; if...
Microsoft Identity Manager Detection
Detection of Microsoft Identity Manager. The script sends a connection request to the server and attempts to detect Microsoft Identity Manager and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrig...
Node.js third-party modules: `https-proxy-agent` passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak
I would like to report a Buffer allocation vulnerability in https-proxy-agent. In setups where auth argument is user-controlled, it allows to: 1. cause Denial of Service by trivially consuming all the available CPU resources 2. extract uninitialized memory chunks from the server on Node.js This...
Free and Open Source Interactive HTTPS Proxy: mitmproxy
mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols. You can prettify and decode a variety of...
Design/Logic Flaw
IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. IBM X-Force ID:...