69 matches found
XenMobile: How to migrate the Cert Based Auth from existing CA to a new PKI-Infrastructure (With a new Root CA and Issuing CA)?
Existing working two-factor-authentication for XenMobile using cert based auth as the second factor are XenMobile-certificates that are issued by a Windows Enterprise Root CA. This Root CA will be decommissioned and replaced by a new Windows Enterprise Issuing CA that is signed by a new Root CA...
PT-2018-5368 · Moxa · Moxa Edr-810
Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317 Description: A password storage issue exists in the operating system functionality, allowing an attacker with shell access to extract passwords in clear text from the device. Recommendations: For Moxa...
Excerpts from Building a High Speed SOC: Introduction
Carbon Black recently published an in-depth guide on what it takes to develop a "high speed" security operations center, or SOC; this is an excerpt from that guide, which you can find here. For more information on building high speed SOCs, including how to eliminate the "response gap," check out...
Petya/NotPetya: What It Is, and What You Can Do Right Now
Just when we thought there were no more tears left in the wake of WannaCry, its time to pull out the tissues yet again for the latest global cyber incident: introducing "NotPetya," the most recent ransomware variant to creep across continents and affect companies across many industries. Please re...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7169. Reason: This candidate is a reservation duplicate of CVE-2014-7169 because the CNA for this ID did not follow multiple procedures that are intended to minimize duplicate CVE assignments. Notes: All CVE users should...
CVE-2014-3427 CRLF Injection and CVE-2014-3428 XSS Injection in Yealink VoIP Phones
I. ADVISORY CVE-2014-3427 CRLF Injection in Yealink VoIP Phones CVE-2014-3428 XSS vulnerabilities in Yealink VoIP Phones Date published: 06/12/2014 Vendor Contacted: 05/08/2014 II. BACKGROUND Yealink is a manufacturer of VoIP and Video products. To minimize noise read more at:...
Microsoft Windows Media Player And Media Center '.dvr-ms' Files Remote Code Execution Vulnerability
Description Microsoft Windows Media Player and Windows Media Center are prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a malicious file with the vulnerable application. A successful exploit will allow arbitrary code...
rsaUnDumper[sql] – универсальный дампер SQL INJECTION
Версия 1.5 Нововведения по сравнению с версией 1.0: добавлена поддержка прокси http; socks4 и sokcs5 - с авторизацией возможно указывать приоритет для потоков фак по ним позже, щас можно почитать msdn теперь вы указываете не url, а HTTP запрос, т.е. есть возможность дампить sql inj с уюзвимым pos...
Mini-Nuke<=1.8.2 SQL injection (6)
//mini-nuke board turk have many sql injection founded by Moroccan Security Team //Creetz to: Moroccan Security Team Dr.E-vil,Dr.Erase,H0550N,|ucifer,DaBDouB-MoSiKaR OverclockiX,ki11er ,Dranzelz,Esp!onLeRaVaGe,ameer,www.lezr.com and all muslim morocco 1...