Yahoo Mail turns on HTTPS encryption by default to protect users

After the release of NSA Secret spying over Internet communications, I am expecting from all tech companies to make surveillance significantly harder. Yahoo has HTTPS encryption support since late 2012, but users had to opt in to use the feature. Documents revealed by the Edward Snowden shows tha...

Fedora Update for thunderbird FEDORA-2013-23291

Check for the Version of thunderbird OpenVAS Vulnerability Test Fedora Update for thunderbird FEDORA-2013-23291 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

RedHat Update for xorg-x11-server RHSA-2013:1868-01

Check for the Version of xorg-x11-server OpenVAS Vulnerability Test RedHat Update for xorg-x11-server RHSA-2013:1868-01 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

USN-2058-1: curl vulnerability

Marc Deslauriers discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled in the GnuTLS backend. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a machine-in-the-middle...

rubygems: Two security fixes in v1.8.23

RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack...

CVE-2013-6926

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a 1 guest or 2 operator account...

CVE-2013-6925

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to hijack web sessions by predicting a session id value...

Design/Logic Flaw

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a 1 guest or 2 operator account...

Design/Logic Flaw

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to hijack web sessions by predicting a session id value...

CVE-2013-6925

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to hijack web sessions by predicting a session id value...

CVE-2013-6926

The CVE concerns Siemens RuggedCom ROS prior to v3.12.2, where the integrated HTTPS server on port 443/TCP could allow remote authenticated attackers to bypass restrictions and perform limited administrative actions by using a guest or operator account. The vulnerability stems from an authenticat...

CVE-2013-6925

CVE-2013-6925 affects Siemens RuggedCom ROS prior to version 3.12.2, where the integrated HTTPS Web server on Port 443 could allow remote attackers to hijack active Web sessions by predicting a session ID value. Root cause is use of insufficiently random values (CWE-330), enabling session predict...

CVE-2013-6926

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a 1 guest or 2 operator account...

[THC-Hydra 7.5] Fast Parallel Network Logon Cracker

Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast. Features IPv6 Support Graphic User Interface Internationalized support RFC 4013 HTTP proxy support SOCKS proxy support The tool suppor...

Fedora Update for nss-util FEDORA-2013-23301

Check for the Version of nss-util OpenVAS Vulnerability Test Fedora Update for nss-util FEDORA-2013-23301 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for firefox FEDORA-2013-23127

Check for the Version of firefox OpenVAS Vulnerability Test Fedora Update for firefox FEDORA-2013-23127 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Safari Stores Previous Browsing Session Data Unencrypted

Users of Apple’s Safari browser are at risk for information loss because of a feature common to most browsers that restores previous sessions. The problem with Safari is that it stores session information including authentication credentials used in previous HTTPS sessions in a plaintext XML file...

Fedora 19 : monitorix-3.4.0-1.fc19 (2013-22677)

3.4.0 - 02-Dec-2013 ==================== - Added a complete statistical Memcached graph. 27 - Added support for different BIND stats versions 2 and 3 right now. thanks to Ivo Brhel, ivb AT volny.cz - Added two new alerts in the 'disk' graph in order to know if a disk drive has exceeded or reached...

ANSSI Improperly Issued Digital Certificates HTTPS Spoofing

Several improperly issued CA certificates could be used in HTTPS spoofing attacks...

EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet Remote Code Execution

EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution tested against: Microsoft Windows Server 2008 r2 sp1 EMC Data Protection Advisor 5.8 sp5 vulnerability: the "DPA Illuminator" service DPAIlluminator.exe listening on public port 8090 tcp/http and 8453 tcp/https is...