CVE-2016-4554

An input validation flaw was found in Squid's mimegetheaderfield function, which is used to search for headers within HTTP requests. An attacker could send an HTTP request from the client side with specially crafted header Host header that bypasses same-origin security protections, causing Squid...

Htcap - web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes

htcap is a web application scanner able to crawl single page application SPA in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it's focused mainly on the crawling process and uses external tools to discover vulnerabilities. It'...

BlackBerry CEO Defends Lawful Access Principles, Supports Phone Hack

BlackBerry’s CEO made the company’s stance on lawful access requests clear this week and is defending actions to provide Canadian law enforcement with what it needed to decrypt communications between devices. The company’s CEO John Chen penned a statement on Monday, reiterating that one of...

CVE-2016-0787

The diffiehellmansha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."...

CVE-2016-0787

The CVE-2016-0787 entry concerns libssh2 (before 1.7.0) where the diffie_hellman_sha256 function truncates ephemeral DH secrets to 128 or 256 bits, enabling potential man-in-the-middle decryption/interception of SSH sessions. Root cause: truncated DH secret length. Impact: weakened SSH handshake ...

CVE-2016-0739

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...

samba: Smb signing not required by default when smb client connection is used for ipc usage

It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client...

CVE-2016-3676

Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to a fake network...

Transparent SSL TLS interception: SSLsplit

Transparent SSL TLS interception: SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis, web application security testing, network security auditing, penetration testing and...

DIY Web Proxy: proxenet

proxenet is a multi-threaded proxy which allows you to manipulate your HTTP requests and responses using your favorite scripting language. No need to learn Java like for Burp or Python like for mitmproxy . proxenet supports heaps of languages and more can be added easily. proxenet is a C-based...

Security Advisory - Integrity Protection Vulnerability in Huawei E3276s Products

The Huawei E3276s products have an integrity protection vulnerability. As a result, user communication can be intercepted, spoofed, and injected with traffic. Vulnerability ID: HWPSIRT-2016-02019 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2016-3676...

LocalTapiola: Posting modified information in 'Investment section' will cause unintended information change in verkkopalvelu.tapiola.fi

Hello, Some strange account information modification is ongoing when intercepting and making small modifications to requests in 'investment section'. Login to portal and go to buy shares https://verkkopalvelu.tapiola.fi/jb2/ltvr/purchases or similar and pic 2025 A shares, intercept requests and...

Apple iOS Messages Message Disclosure Vulnerability

Apple iOS, OS X, and watchOS are all products of Apple Inc. Apple iOS is an operating system developed for mobile devices; watchOS is a smartwatch operating system; and Apple OS X is an Apple operating system. An information disclosure vulnerability exists in the implementation of Messages in iOS...

Than 3 1 5 party exciting! Touch under the ass, the“flash pay,”the Bank card information can be“Flash to steal it!” - Vulnerability warning-the black bar safety net

! /Article/UploadPic/2016-3/2016317103231926.jpg Yesterday, the CCTV 3 1 5 party exposure has a presence in the POSS machine vulnerabilities, criminals do not need Bank card password can also brush away the user card on the funds. Today I'll introduce a superb steal credit card and debit card...

[SECURITY] [DSA 3487-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3487-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2016 https://www.debian.org/security/faq -...

UBUNTU-CVE-2016-0739

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...

firefox: same-origin policy bypass

Jason Pang of OneSignal reported that service workers intercept responses to plugin network requests made through the browser. Plugins which make security decisions based on the content of network requests can have these decisions subverted if a service worker forges responses to those requests...

DLA-413-1 gajim - security update

Bulletin has no description...

New Relic: Basic Authorization over HTTP

Hi New Relic Team, While reviewing your host http://newrelic.com/ it was discovered that you are basic authorization over http , which is not a good practice If an attacker can intercept traffic on the network, he/she might be able to steal the user's credentials. Request:- GET /styleguide-layout...

TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)

A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to...