84 matches found
WPS attack tool: Penetrator-WPS
This is experimental tool that is capable of attacking multiple WPS-enabled wireless access points in real time Penetrator-WPS utilizes the pixie-dust attack every time it receives M3 message, unless it is disabled with -P – pixie-dust requires pixiewps to be installed. Installation First, you ne...
Pixiewps - Bruteforce Offline the WPS Pin (Pixie Dust Attack)
Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs pixie dust attack. It is meant for educational purposes only. All credits for the research go to Dominique Bongard. DEPENDENCIES Pixiewps requires libssl. To install it:...
openssl security update
Package: openssl Version: 0.9.8o-4squeeze15 CVE ID: CVE-2014-0076 CVE-2014-0195 CVE-2014-0221 CVE-2014-3470 CVE-2014-0224 CVE-2014-0195 Jueri Aedla discovered that a buffer overflow in processing DTLS fragments could lead to the execution of arbitrary code or denial of service. CVE-2014-0221 Imre...
[SECURITY] [DSA 2908-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2908-1 [email protected] http://www.debian.org/security/ Raphael Geissert April 17, 2014 http://www.debian.org/security/faq -...
DSA-2908-1 openssl - security update
Bulletin has no description...
Debian Security Advisory DSA 2908-1 (openssl - security update)
Multiple vulnerabilities have been discovered in OpenSSL. The following Common Vulnerabilities and Exposures project ids identify them: CVE-2010-5298 A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a...
Mozilla Network Security Services释放后重利用内存破坏漏洞(CVE-2014-1490)
BUGTRAQ ID: 65335 CVECAN ID: CVE-2014-1490 Mozilla Network Security Services是一组库,用于支持跨平台开发安全的客户端和服务器应用。 Mozilla Network Security Services 3.15.4之前版本中,libssl存在竞争条件,可使远程攻击者用恢复握手触发会话票据错误重置,导致拒绝服务。 0 Mozilla Network Security Services = 3.15.4 厂商补丁: Mozilla -------...
Mozilla Thunderbird Multiple Vulnerabilities-01 (Feb 2014) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Mozilla Firefox Multiple Vulnerabilities-01 (Feb 2014) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Feb 2014) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
SeaMonkey Multiple Vulnerabilities-01 (Feb 2014) - Mac OS X
SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey"; ifdescription...
Mozilla Thunderbird Multiple Vulnerabilities-01 (Feb 2014) - Mac OS X
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Feb 2014) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
CVE-2014-1490
Race condition in libssl in Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service use-after-free or possibl...
CVE-2014-1490
Race condition in libssl in Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service use-after-free or possibl...
Race condition
Race condition in libssl in Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service use-after-free or possibl...
CVE-2014-1490
Race condition in libssl in Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service use-after-free or possibl...
CVE-2014-1490
CVE-2014-1490 : A race condition in NSS libssl session ticket processing (use-after-free) could allow remote attackers to cause a denial of service or, per the description, potentially other impact via a resumption handshake. Affected: NSS up to 3.15.4 and, by extension, Mozilla products (Firefox...
CVE-2014-1490
Race condition in libssl in Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service use-after-free or possibl...
SeaMonkey < 2.24 Multiple Vulnerabilities
The installed version of SeaMonkey is earlier than 2.24 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477, CVE-2014-1478 - An error exists relat...