Superfish-like Vulnerability Found in Over 12 More Apps

'SuperFish' advertising software recently found pre-installed on Lenovo laptops is more widespread than what we all thought. Facebook has discovered at least 12 more titles using the same HTTPS-breaking technology that gave the Superfish malware capability to evade rogue certificate. The Superfis...

Adtrustmedia PrivDog fails to validate SSL certificates

Overview Adtrustmedia PrivDog fails to validate SSL certificates, making systems broadly vulnerable to HTTPS spoofing. Description Adtrustmedia PrivDog is a Windows application that advertises "... safer, faster and more private web browsing." Privdog installs a Man-in-the-Middle MITM proxy as we...

Lenovo Admits and Released an Automatic Superfish Removal Tool

The computer giant Lenovo has released a tool to remove the dangerous "SuperFish" adware program that the company had pre-installed onto many of its consumer-grade Lenovo laptops sold before January 2015. The Superfish removal tool comes few days after the story broke about the nasty Superfish...

CVE-2015-0631

Cisco IPS CVE-2015-0631 is a race-condition vulnerability in the SSL/TLS subsystem used by the web management interface. During image upgrading, key/certificate regeneration can be disrupted by a rapid sequence of HTTPS connections to the management interface, allowing a remote attacker to cause ...

Lenovo Computers Vulnerable to HTTPS Spoofing

Lenovo consumer personal computers employing the pre-installed Superfish VisualDiscovery software contain a critical vulnerability through a compromised root CA certificate. Exploitation of this vulnerability could allow a remote attacker to read all encrypted web browser traffic HTTPS,...

Komodia SSL Digestor Root CA Certificate Installed (Superfish)

The remote Windows host has an application installed that uses the Komodia SSL Digestor SDK e.g. Superfish Visual Discovery and KeepMyFamilySecure. It is, therefore, affected by an HTTPS man-in-the-middle vulnerability due to the installation of a non-unique root CA certificate associated with th...

Lenovo Shipping PCs with Pre-Installed 'Superfish Malware' that Kills HTTPS

One of the most popular computer manufacturers Lenovo is being criticized for selling laptops pre-installed with invasive marketing software, or malware that, experts say, opens up a door for hackers and cyber crooks. The software, dubbed ‘Superfish Malware’, analyzes users’ Internet habits and...

Komodia Redirector with SSL Digestor fails to properly validate SSL and installs non-unique root CA certificates and private keys

Overview Komodia Redirector with SSL Digestor installs non-unique root CA certificates and private keys, making systems broadly vulnerable to HTTPS spoofing Description Komodia Redirector SDK is a self-described "interception engine" designed to enable developers to integrate proxy services and w...

Fedora Update for rubygem-actionpack FEDORA-2014-15342

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-0580

Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Access Control System ACS before 5.5 patch 7 allow remote authenticated administrators to execute arbitrary SQL commands via crafted HTTPS requests, aka Bug ID CSCuq79027...

CVE-2015-0580

Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Access Control System ACS before 5.5 patch 7 allow remote authenticated administrators to execute arbitrary SQL commands via crafted HTTPS requests, aka Bug ID CSCuq79027...

CVE-2015-0580

Summary: CVE-2015-0580 affects Cisco Secure Access Control System (ACS) prior to 5.5 patch 7, via multiple SQL injection flaws in the ACS View reporting interface. An authenticated remote attacker can craft HTTPS requests to disclose or modify data in ACS View databases due to improper input sani...

Microsoft Internet Explorer Universal Cross-Site Scripting Flaw

A serious vulnerability has been discovered in all the latest versions of Microsoft's Internet Explorer that allows malicious hackers to inject malicious code into users' websites and steal cookies, session and login credentials. UNIVERSAL XSS BUG WITH SAME ORIGIN POLICY BYPASS The vulnerability ...

ClearSCADA - Remote Authentication Bypass

ClearSCADA - Remote Authentication Bypass !/usr/bin/python cs-auby.py ClearSCADA Remote Authentication Bypass Exploit Jeremy Brown jbrown3264/gmail Oct 2010 released Jan 2015 There is an authentication bypass vulnerability in ClearSCADA that can be exploited by triggering an exception in...

Firefox Meta Referrer A Move Toward Browser Privacy

The HTTP Referer header is a marketer’s dream, and a privacy nightmare all in one. The header contains tracking information that organizations can use for statistical traffic analysis and naturally to promote services to the right audience. It started out by including just the last page the user...

Oracle Solaris Third-Party Patch Update : rubygems (cve_2012_2125_https_to)

The remote Solaris system is missing necessary patches to address security updates : - RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack. CVE-2012-2125 - RubyGems...

Vimeo: USER PRIVACY VIOLATED (PRIVATE DATA GETTING TRANSFER OVER INSECURE CHANNEL )

Hello Team , Description : this report is about how a users private data is getting exploded over insecure channel . while testing the iOS App of Vimeo , i am analyzing all the traffics and came to know the video which is uploaded in my account and which privacy setting is private only is getting...

USN-2474-1: curl vulnerability

Andrey Labunets discovered that curl incorrectly handled certain URLs when using a proxy server. If a user or automated system were tricked into using a specially crafted URL, an attacker could possibly use this issue to inject arbitrary HTTP requests...

Disable SSLv3 in outgoing HTTPS connections from Confluence

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-36165. panel SSLv3 is an old protocol and has been superseded by TLSv1.0, TLSv1.1 and TLSv1.2. TLSv1.0 was first defined in...

Disable SSLv3 in outgoing HTTPS connections from Confluence

SSLv3 is an old protocol and has been superseded by TLSv1.0, TLSv1.1 and TLSv1.2. TLSv1.0 was first defined in January 1999 and java 6 supports and uses it as the default client version in TLS handshake. SSLv3 is old and limits the ciphers that can be used. SSLv3 is also vulnerable to POODLE. We...