BSA-2016-134

Security Advisory ID : BSA-2016-134 Component : Crypto Revision : 2.0: Final The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to...

Legal Robot: Non-secure requests are not automatically upgraded to HTTPS

Non-secure requests to legalrobot.com/ e.g. http://www.legalrobot.com/ are not automatically upgraded to HTTPS. This is not something you would notice when you use the latest version of modern web browsers such as Google Chrome or Firefox, because legalrobot.com is HSTS preloaded. When a domain i...

WiFi-Pumpkin v0.8.1 - Framework for Rogue Wi-Fi Access Point Attack

Framework for Rogue Wi-Fi Access Point Attack Description WiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5 Python 2.7 git clone...

Security update for phpMyAdmin (important)

phpMyAdmin was updated to version 4.4.15.8 2016-08-16 to fix the following issues: - Upstream changelog for 4.4.15.8: Improve session cookie code for openid.php and signon.php example files Full path disclosure in openid.php and signon.php example files Unsafe generation of BlowfishSecret when no...

Legal Robot: 2 vulns

the first report is concerning AWS S3 bucket Readable for authenticated aws users , the same as this report 163476 the bucket is sdk.amazonaws.com , i believe it's yours because i found it in a Head request to https://app.legalrobot.com/ : F115189 listing the bucket : 115190 i don't have any...

e-commerce.amadeus.fr XSS vulnerability

Vulnerable URL: http://e-commerce.amadeus.fr/aria/3.2/swf/charts/ScrollLine2D.swf?%domid=%22%29%29catch%28e%29;alert%28%27OPENBUGBOUNTY%27%29//=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

HTTPS best practices: pshtt

HTTPS best practices “pshtt” is the sound you make when you feel mildly astonished. pshtt “pushed” is a tool to scan domains for HTTPS best practices. It saves its results to a CSV or JSON. pshtt was developed to push organizations— especially large ones like the US Federal Government — to adopt...

OpenSSL < 1.0.2i Default Weak 64-bit Block Cipher (SWEET32)

According to its banner, the version of OpenSSL running on the remote host is prior to 1.0.2i. It is, therefore, affected by a vulnerability, known as SWEET32, in the 3DES and Blowfish algorithms due to the use of weak 64-bit block ciphers by default. A man-in-the-middle attacker who has sufficie...

SSL 64-bit Block Size Cipher Suites Supported (SWEET32)

Binary data 7222.pasl...

macOS < 10.11.5 Multiple Vulnerabilities

Binary data 802004.prm...

Certly: Non secure requests at guard.certly.io not upgrading to https

The issue is of http requests not upgrading to https at before mentioned domain. Thus can allow an attack to steal important info like credentials and all other type of info. Your domain is hsts preloaded so automatically upgraded to https , but the browsers who don't have this mentioned support...

LocalTapiola: Non-secure requests to www.lahitapiola.fi are not automatically upgraded to HTTPS

To reproduce, send a HEAD request to http://www.lahitapiola.fi like so: curl -I http://www.lahitapiola.fi HTTP/1.1 301 Moved Permanently Date: Fri, 19 Aug 2016 22:11:59 GMT Location: http://www.lahitapiola.fi/henkilo Cache-Control: max-age=60 Expires: Fri, 19 Aug 2016 22:12:59 GMT Content-Type:...

Tianrongxin TopSec Firewall Cookie Stack Buffer Overflow Vulnerability

TopSec is a firewall appliance from Skyrunner. A stack buffer overflow vulnerability exists in the HTTPS server of the Skyrun Firewall when processing the authid parameter in a cookie, where the return address is overwritten when the length of the parameter exceeds 60 bytes. An attacker exploited...

Supported Architectures Between NetScaler and XenMobile Server

This article has information on supported architectures between NetScaler and XenMobile Server. Note : You should choose between HTTPS or HTTP no mix and match supported. HTTPS Deployment Type| NetScaler Load Balancing Method| SSL Re-encryption| XenMobile Server Port ---|---|---|--- MDM| SSL...

Actiontec T2200H Remote Reverse Root Shell

Device Details Vendor: Actiontec Telus Branded, but may work on others Model: T2200H but likely affecting other similar models of theirs Affected Firmware: T2200H-31.128L.03 Device Manual: http://static.telus.com/common/cms/files/internet/telust2200husermanual.pdf Reported: November 2015 Status:...

JavaScript TCP Windows Compromise Information Gathering

Several JavaScript implementations are used over HTTPS to gather information and analyzing TCP windows as used in SSL and TLS TCP Windows Compromise, also known as HEIST. Successful exploitation might result in disclosure of confidential or private information...

amg.biz XSS vulnerability

Vulnerable URL: https://www.amg.biz/index.php?page=keycontacts=2" Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 23:30 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2864696 VIP website status:| No Check...

Raptor WAF v0.2 - Web Application Firewall using DFA

Raptor WAF is a simple web application firewall made in C, using KISS principle, to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path traversal. No more words, look at the following : WAF...

Linux TCP Flaw allows Hackers to Hijack Internet Traffic and Inject Malware Remotely

If you are using the Internet, there are the possibilities that you are open to attack. The Transmission Control Protocol TCP implementation in all Linux systems deployed since 2012 version 3.6 and above of the Linux kernel poses a serious threat to Internet users, whether or not they use Linux...

HackerOne: Non-secure requests are not automatically upgraded to HTTPS

Non-secure requests to hackerone.com e.g. http://hackerone.com are not automatically upgraded to HTTPS. This is not something you would notice when you use the latest version of modern web browsers such as Google Chrome or Firefox, because hackerone.com is HSTS preloaded. When a domain is...