CVE-2009-3584

CVE-2009-3584 involves SQL-Ledger 2.8.24 where the session cookie’s secure flag is not set in HTTPS, enabling potential cookie interception in HTTP sessions. The available connected sources confirm the affected product (SQL-Ledger 2.8.24) and the vulnerability class (cookie security flag misconfi...

CVE-2009-3584

SQL-Ledger 2.8.24 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...

Trango Broadband Wireless Interception

-------------------------------------------------------------------------- Trango Broadband Wireless M5830 Series Rogue SU Authentication Bug Date : 15 December, 2009 By: Blair - [email protected] -------------------------------------------------------------------------- Background ----------...

Trango Broadband Wireless Rogue SU Authentication Bug

-------------------------------------------------------------------------- Trango Broadband Wireless M5830 Series Rogue SU Authentication Bug Date : 15 December, 2009 By: Blair - [email protected] -------------------------------------------------------------------------- Background ----------...

Transport Layer Security Renegotiation Remote Man-in-the-Middle Attack Vulnerability

Multiple Transport Layer Security TLS implementations contain a vulnerability when renegotiating a TLS session that could allow an unauthenticated, remote attacker to conduct a man-in-the-middle attack. The vulnerability exists during a TLS renegotiation process. If an attacker can intercept...

nginx Proxy DNS Cache Domain Spoofing Vulnerability

The 'nginx' program is prone to a vulnerability that may allow attackers to spoof domains because the software fails to properly compare domains when referencing an internal DNS cache. This issue can be exploited when nginx is configured to act as a forward proxy, but this is a nonstandard and...

Can record windows login password stuff-vulnerability warning-the black bar safety net

from: t00ls.net ========Principle: windows Authentication in General are ultimately in the lsass process 默认 模块 是 msv10.dll while critical in its export function LsaApLogonUserEx2, the The present program by injecting code into the lsass process hook LsaApLogonUserEx2, the interception of the...

DECT cordless telephone security test-use-vulnerability warning-the black bar safety net

Disclaimer: This article tests the use of the DECT phone are has himself, strongly opposed any who used to be discord, or even break the law.! Just use the "hack DECT cordless phone" as keyword Google the following. Found this 2 articles: hack crack DECT cordless telephone security system...

An Analysis of the BlackBerry Spyware

From Zero in a Bit Chris Eng Yesterday it was reported by various media outlets that a recent BlackBerry software update from Etisalat a UAE-based carrier contained spyware that would intercept emails and text messages and send copies to a central Etisalat server. We decided to take a look to fin...

Breakthrough class to intercept the upload limit-vulnerability warning-the black bar safety net

by:Prius special In our invasion of the site,sometimes submitted to our Malaysian or other ASP file,will be first-class information surveillance system The intercept,this is because it set a limit to submit a character,since it does not allow us to submit,that we can use the download method. This...

CVE-2009-1474

The ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not 1 encrypt mouse events, which makes it easier for man-in-the-middle attackers to perform mouse operations on machines connected to the switch by injecting network traffic; and do not 2 s...

Session fixation

The ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 do not 1 encrypt mouse events, which makes it easier for man-in-the-middle attackers to perform mouse operations on machines connected to the switch by injecting network traffic; and do not 2 s...

Formshield Captcha - Older Version vulnerable to replay attacks

Replay attack on CAPTCHA Libraries Summary A CAPTCHA implementation that we tested were found to be vulnerable to replay attacks. The attack is explained in detail for Formshield – A popular DOT NET CAPTCHA implementation. NOTE: We discovered this during a Black Box engagement with one of our...

CVE-2009-1211

Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet...

CVE-2009-0803

SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and...

CVE-2009-0801

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a...

CVE-2009-0802

Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

CVE-2009-0804

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...

CVE-2009-0801

CVE-2009-0801 affects Squid when transparent interception is enabled. The vulnerability arises because the HTTP Host header is used to identify the remote endpoint, allowing an attacker to bypass access controls for Flash/Java/Silverlight and potentially reach restricted intranet sites via a craf...

CVE-2009-0801

Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a...