ip-https-discover NSE Script

Checks if the IP over HTTPS IP-HTTPS Tunneling Protocol 1 is supported. IP-HTTPS sends Teredo related IPv6 packets over an IPv4-based HTTPS session. This indicates that Microsoft DirectAccess 2, which allows remote clients to access intranet resources on a domain basis, is supported. Windows...

isolana.es XSS vulnerability

Vulnerable URL: http://www.isolana.es/es/accesoclientes.php?d=1="'; Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 21:09 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 671373 Google Pagerank| 2 VIP website...

ratemyjob.com XSS vulnerability

Vulnerable URL: http://www.ratemyjob.com/article/search/%22%3E%3Csvg/onload=alert%28/XSSPOSED/%29%3E.html Details: Description| Value ---|--- Patched:| Yes, at 23.11.2015 Latest check for patch:| 23.11.2015 17:48 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

isimtescil.net XSS vulnerability

Vulnerable URL: https://www.isimtescil.net/SSLDetay.aspx?ssl=1=1=1;alert/XSSPOSED/; Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 21:03 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3998 Google Pagerank| 6...

girlsinlove.xxx XSS vulnerability

Vulnerable URL: http://girlsinlove.xxx/login.php Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 20:43 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3480342 Google Pagerank| 0 VIP website status:| No Check...

ethnixtours.com XSS vulnerability

Vulnerable URL: http://www.ethnixtours.com//search/site/?q= Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 20:34 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 18468151 Google Pagerank| 2 VIP website status:...

ZIB - The Open Tor Botnet

General information and instructions. The Open Tor Botnet requires the installation and configuration of bitcoind, however I neglect to detail this here out of a lack of time. This bot-net is fully undetectable and bypasses all antivirus through running on top of Python27's pyinstaller, which is...

Design/Logic Flaw

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

CVE-2015-5262

CVE-2015-5262 affects Apache HttpComponents HttpClient prior to 4.3.6 where the http.socket.timeout setting is ignored during SSL handshakes, enabling potential DoS via HTTPS call hangs. IBM-connected docs reference this CVE in IBM StreamSets Data Collector 6.4.0 with a fixed release path, noting...

Let's Encrypt Free SSL/TLS Certificate Now Trusted by Major Web Browsers

Yes, Let's Encrypt is now one step closer to its goal of offering Free HTTPS certificates to everyone. Let's Encrypt – the free, automated, and open certificate authority CA – has announced that its Free HTTPS certificates are Now Trusted and Supported by All Major Browsers. Let's Encrypt enables...

Let's Encrypt Free HTTPS Secures Cross-Signatures To Be A CA

The continued march toward encrypting every online connection hit a noteworthy milestone last night when Let’s Encrypt announced that it was officially a Certificate Authority. Let’s Encrypt is an open source movement to make HTTPS implementations simple and free of cost for domain owners. A mont...

How NSA successfully Broke Trillions of Encrypted Connections

Yes, it seems like the mystery has been solved. We are aware of the United States National Security Agency NSA powers to break almost unbreakable encryption used on the Internet and intercept nearly Trillions of Internet connections – thanks to the revelations made by whistleblower Edward Snowden...

recordbank.be XSS vulnerability

Vulnerable URL: https://www.recordbank.be/fr/search/node/999%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 20.10.2015 Latest check for patch:| 20.10.2015 09:56 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

Chrome 46 Patches, Mixed Content Warning Changes

Google has made some changes to the way it presents browser warnings in Chrome. Starting with Chrome 46, don’t expect to see the yellow warning icon on HTTPS pages with minor errors. Google announced on Tuesday that it would start marking those pages with the neutral icon it uses on unencrypted...

Antivirus Avast is exposed 0day vulnerabilities in users computer to execute malicious code-vulnerability warning-the black bar safety net

Google security expert Tavis Ormandy, found a Avast antivirus of 0day vulnerabilities, the vulnerabilities could lead to attackers invade a user's computer and the user computers to execute malicious code. Tavis Ormandy recently in the Avast antivirus found a serious 0day vulnerability. And just...

cairn.info XSS vulnerability

Vulnerable URL: https://www.cairn.info/resultatsrecherche.php?searchTerm=%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 28.10.2015 Latest check for patch:| 28.10.2015 19:24 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

New Attack Targeting Microsoft Outlook Web App (OWA) to Steal Email Passwords

Researchers have unearthed a dangerous backdoor in Microsoft's Outlook Web Application OWA that has allowed hackers to steal e-mail authentication credentials from major organizations. The Microsoft Outlook Web Application or OWA is an Internet-facing webmail server that is being deployed in...

Oracle: Security Advisory (ELSA-2014-0597)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

staragora.com XSS vulnerability

Vulnerable URL: http://www.staragora.com/search?query=%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 17:58 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...