Beckwith Electric TCP Incorrectly Generates TCP ISN Values Security Bypass Vulnerability

Beckwith Electric is an American transformer. A security bypass vulnerability exists in multiple Beckwith Electric products due to a program failing to properly generate the TCP initial sequence number ISN value, allowing remote attackers to exploit the vulnerability to predict the ISN value to...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

InstaRecon - Automated Digital Reconnaissance

Automated basic digital reconnaissance. Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: DNS direct, PTR, MX, NS lookups Whois domains and IP lookups Google dorks in search of subdomains Shodan lookups Reverse DNS lookups on entire...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

Metasploit Project < 4.11.1 - Initial User Creation Cross-Site Request Forgery (Metasploit)

Exploit Title: Metasploit Project initial User Creation CSRF Google Dork: N/A Date: 14-2-2015 Exploit Author: Mohamed Abdelbaset Elnoby @SymbianSyMoh Vendor Homepage: http://www.metasploit.com/ Software Link: http://www.rapid7.com/products/metasploit/editions-and-features.jsp Version: Free/Pro...

CVE-2014-5409

CVE-2014-5409 affects GE Digital Energy Hydran M2 devices with the 17046 Ethernet option. The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL does not generate proper random TCP Initial Sequence Numbers, enabling an attacker to predict sequence values and spoof packets. Exploitation could b...

CVE-2014-5409 GE Hydran M2 Predictable Value Range from Previous Values

The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers ISNs, which makes it easier for remote attackers to spoof packets by predicting these values...

[SECURITY] [DLA 155-1] linux-2.6 security update

Package : linux-2.6 Version : 2.6.32-48squeeze11 CVE ID : CVE-2013-6885 CVE-2014-7822 CVE-2014-8133 CVE-2014-8134 CVE-2014-8160 CVE-2014-9420 CVE-2014-9584 CVE-2014-9585 CVE-2015-1421 CVE-2015-1593 This update fixes the CVEs described below. A further issue, CVE-2014-9419, was considered, but...

DEBIAN-CVE-2015-0222

ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when showhiddeninitial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries...

Server: Local Path Disclosure when using Asset Pipeline

ownCloud 7 introduced the so-called "Asset Pipeline". It is disabled by default, but can be enabled by setting asset-pipeline.enabled to true in config.php When the setting is enabled ownCloud concatenates all CSS and JS files into a single large blob file. Thus the amount of initial required...

LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)

Exploit Title: LeapFTP 3.1.0 URL Handling SEH Exploit Google Dork: "k3170makan is totally awesome" hehehe Date: 2014-08-28 Exploit Author: k3170makan Vendor Homepage: http://www.leapware.com/ Software Link: http://www.leapware.com/download.html Version: 3.1.0 Tested on: Windows XP SP0 DoS on...

Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)

Raritan PowerIQ 4.1.0 - SQL Injection Metasploit =begin Raritan PowerIQ suffers from an unauthenticated SQL injection vulnerability within an endpoint used during initial configuration of the licensing for the product. This endpoint is still available after the appliance has been fully configured...

Free Web Chat Initial Release UserManager.java Null Pointer DoS

No description provided by source. source: http://www.securityfocus.com/bid/10863/info Free Web Chat server is reported prone to multiple denial of service vulnerabilities. The following issues are reported: The first denial of service vulnerability reported results from a lack of sufficient...

Oracle Forms and Reports 11.1 - Remote Exploit

No description provided by source. !/usr/bin/env ruby Exploit Title: Oracle Reports 11.1 About: Automated exploit for CVE-2012-3153/CVE-2012-3152 Google Dork: inurl:/reports/rwservlet/ Date: 01/28/2014 Exploit Author: Mekanismen [email protected] Credits to: @misssudo for initial disclosure...

kernel: net: ping: refcount issue in ping_init_sock() function

A use-after-free flaw was found in the way the pinginitsock function of the Linux kernel handled the groupinfo reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system...

四川某大学老师帐号和密码泄漏，可以任意更改成绩

简要描述： 老师的密码是初始密码，未更改。 详细说明： 通过查询老师的工号，用初始密码123456即可登录，可随意更改成绩，危害极大。 google：inurl：/jwweb/ 有很多。 漏洞证明： 就拿我的学校来测试吧：http://jwc.scac.edu.cn/jwweb/ 通过课表查询老师的工号 可以...

Cannot find VM in the backup file specified for seeding

Challenge A replication job with seeding enabled fails with any of the following errors: Failed to create processing task for VM Error: VM VM not found in backup for initial sync !Screenshot of Failed to create processing task for VM VM Error: VM \VM\ not found in backup for initial sync...

Satellite: Interface to create the initial administrator user remains open after installation

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts...