12 matches found
EUVD-2018-13354
Malware in sbrugna...
CVE-2018-20812
An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel when Traffic Enforcement was enabled exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack IPv4/IPv6 endpoints...
CVE-2022-40988
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
Cisco Firepower Threat Defense (FTD) DNS Denial of Service (cisco-sa-asaftd-ipv6-67pA658k)
According to its self-reported version, Cisco Firepower Threat Defense FTD Software is affected by a denial of service DoS vulnerability in IPV6 DNS packet processing component due to insufficient validation of user-supplied input. An unauthenticated, remote attacker can exploit this issue, by...
PT-2020-2163 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to improper length validation of a field in an IPv6 D...
CVE-2018-20812
An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel when Traffic Enforcement was enabled exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack IPv4/IPv6 endpoints...
icebreaker - Gets Plaintext Active Directory Credentials If You'Re On The Internal Network
Break the ice with that cute Active Directory environment over there. Automates network attacks against Active Directory to deliver you piping hot plaintext credentials when you're inside the network but outside of the Active Directory environment. Performs 5 different network attacks for plainte...
Automate Network Attacks Against Active Directory: icebreaker
Break the ice with that cute Active Directory environment over there. Automates network attacks against Active Directory to deliver you piping hot plaintext credentials when you’re inside the network but outside of the Active Directory environment. Performs 5 different network attacks for plainte...
Fedora 25 : 2:qemu (2017-01925dba3c)
chardev data is dropped when host side closed bz 1352977 - CVE-2016-8667: dma: divide by zero error in setnexttick bz 1384876 - IPv6 DNS problems in qemu user networking bz 1401165 - Fix crash in qxl memslotgetvirt bz 1405847 - CVE-2017-5579: serial: fix memory leak in serial exit bz 1416161 -...
OracleVM 3.2 : openldap (OVMSA-2016-0069)
The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-6908 openldap: bergetnext denial of service vulnerability 1263170 - fix: syncprov psearch race condition 999811 - fix: CVE-2013-4449 segfault on certain queries with rwm overlay 1064146 - fix...
IPv6 DNS Guessing Notes
A hostname with an IPv6 address is stored as a AAAA resource record in DNS see AAAA record. There are many DNS hostname bruteforcing tools, personally I like Fierce. Suppose we have already run our hostname bruteforcing tool against a target domain e.g. facebook.com. Below we use dig to do a AAAA...
Fedora 16 : NetworkManager-0.9.1.90-3.git20110927.fc16 (2011-13425)
This update fixes security issue in ifcfg-rh plugin CVE-2011-3364. This update also fixes an applet and connection editor crash caused by mis-packaging of some UI-related files, and corrects the path of iscsiadm. This update further adds the ability to delete connections from nmcli, correctly...