Facebook Says 95 Percent of Notification Email Encrypted

All that’s missing from the organic encrypt the web movement seems to be a hashtag. Otherwise, no one can accuse major web providers of slacking as leading players such as Microsoft and Yahoo, prompted by the Snowden leaks, have made noteworthy leaps in the last 15 months to encrypt everything fr...

Fedora 19 : phpMyAdmin-4.2.6-1.fc19 (2014-8577)

phpMyAdmin 4.2.6.0 2014-07-17 =============================== - Undefined index warning with referenced column. - $cfg'MaxExactCount' is ignored when BROWSING is back - Multi Column sorting improved user experience - Server validation does not work while in setup/mysqli - Undefined variable when...

TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF Vulnerability

No description provided by source. Exploit Title: TOSHIBA e-Studio 232/233/282/283 Change Admin Password CSRF Vulnerability Date: 02.10.2013 Exploit Author: Hubert Gradek PL Affected version: firmware T377SY0EXXX Tested on: TOSHIBA e-Studio 232 T377SY0E354 / 233 T377SY0E331 CVE : No CVE exists -...

VLC 2.1.2 - (.asf file) Crash PoC

No description provided by source. !/usr/bin/python VLC Media Player up to 2.1.2 DOS POC Integer Division By zero in ASF Demuxer VLC Media Player is prone to DOS utilizing a division by zero error if minimium data packet size is equal to zero. this was tested on windows XP sp3 and affects all...

YASAT - Yet Another Stupid Audit Tool

YASAT Yet Another Stupid Audit Tool is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies only sed, grep and cut Second goal is to document each test with maximum information and links to official documentation. It do many tests for checking...

DEBIAN-CVE-2014-2287

channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when chansip has a certain configuration, allows remote authenticated users to cause a denial of service...

DEBIAN-CVE-2014-1684

The ASFReadObjectfileproperties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service divide-by-zero error and crash via a zero minimum and maximum data packet size in an ASF file...

VLC 2.1.2 (.asf) - Crash PoC

Exploit for multiple platform in category dos / poc !/usr/bin/python VLC Media Player up to 2.1.2 DOS POC Integer Division By zero in ASF Demuxer VLC Media Player is prone to DOS utilizing a division by zero error if minimium data packet size is equal to zero. this was tested on windows XP sp3 an...

IT-Grundschutz M4.098: Kommunikation durch Paketfilter auf Minimum beschränken (Windows)

IT-Grundschutz M4.098: Kommunikation durch Paketfilter auf Minimum beschränken Windows. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94213 Stand: 13...

Microsoft .NET Framework CVE-2013-3134 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service condition. Technologies Affected...

ipa security, bug fix and enhancement update

3.0.0-25.el6 - Filter generated winbind dependencies so the right version of samba can be installed. 905594 3.0.0-24.el6 - Add certmonger condrestart to server post scriptlet 903758 - Make certmonger a pre Requires 903758 - Add selinux-policy to Requirespre to avoid post scriptlet AVCs 903758 - S...

Mac OS X : Java for Mac OS X 10.6 Update 9

The remote Mac OS X host is running a version of Java for Mac OS X 10.6 that is missing Update 9, which updates the Java version to 1.6.033. As such, it is affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...

kernel: install_special_mapping skips security_file_mmap check

The installspecialmapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected securityfilemmap function call, which allows local users to bypass intended mmapminaddr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-languag...

kernel: install_special_mapping skips security_file_mmap check

The installspecialmapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected securityfilemmap function call, which allows local users to bypass intended mmapminaddr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-languag...

kernel: install_special_mapping skips security_file_mmap check

The installspecialmapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected securityfilemmap function call, which allows local users to bypass intended mmapminaddr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-languag...

PT-2010-5429 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37-rc6 Description: The issue is related to the install special mapping function in mm/mmap.c, which fails to make an expected security file mmap function call. This allows local users to bypass intended mma...

DEBIAN-CVE-2010-3173

The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral DHE mode, which makes it easier for remote attackers to defeat...

NSS: insecure Diffie-Hellman key exchange

The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral DHE mode, which makes it easier for remote attackers to defeat...

Insecure Diffie-Hellman key exchange — Mozilla

Mozilla cryptographer Nelson Bolyard reported that the SSL implementation was permitting servers to use Diffie-Hellman Ephemeral mode DHE with too short of a minimum key length. DHE keys of such lengths are trivially breakable on modern hardware so SSL servers operating in this mode were providin...

IT-Grundschutz M4.098: Kommunikation durch Paketfilter auf Minimum beschränken (Windows)

IT-Grundschutz M4.098: Kommunikation durch Paketfilter auf Minimum beschränken Windows. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94213 Diese Prüfung bezieht sich...