991 matches found
[Patator Brute Forcer] v 0.4
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. Currently it supports the following modules: ftplogin : Brute-force FTP sshlogin : Brute-force SSH telnetlogin : Brute-force Telnet smtplogin : Brute-force SMTP smtpvrfy : Enumerate valid users using the SMTP VRF...
XWiki 4.2-milestone-2 - Multiple Persistent Cross-Site Scripting Vulnerabilities
XWiki 4.2-milestone-2 - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit Title: Multiple Stored XSS Vulnerabilities in XWiki. Date: 26/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://www.xwiki.org Software Link:...
Modular Site Manager <= Arbitrary Delete Vulnerability
Exploit for php platform in category web applications Exploit Title: Modular Site Manager 0day.today 2018-03-20...
New Gauss Malware, Descended From Flame and Stuxnet, Found On Thousands of PCs in Middle East
A new piece of malware dubbed Gauss, that experts say is a direct descendant of Flame and also related to Stuxnet and Duqu, has been found on thousands of PCs in the Middle East, mostly in Lebanon. Gauss contains some of the same code as Flame, but is markedly different in a number of respects,...
[SECURITY] Fedora 16 Update: pidgin-2.10.5-1.fc16
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...
Microsoft Windows Worm.Win32.Flame.A Information Collection
An information collection vulnerability has been reported in all versions of Microsoft Windows. Worm.Win32.Flame.A is a computer worm that targets Windows users. The worm propagates via removable drives and network shares. Once resident, Flame can compromise user privacy using methods such as...
[SECURITY] Fedora 17 Update: pidgin-2.10.2-1.fc17
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...
GroupWare epesiBIM CRM 1.2.1 Cross Site Scripting
Title: ====== GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=501 VL-ID: ===== 501 Introduction: ============= epesi BIM stands for Business Information Manager. We just did not like the...
Fedora Update for unbound FEDORA-2011-17282
Check for the Version of unbound OpenVAS Vulnerability Test Fedora Update for unbound FEDORA-2011-17282 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for pidgin FEDORA-2012-4595
Check for the Version of pidgin OpenVAS Vulnerability Test Fedora Update for pidgin FEDORA-2012-4595 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : openssl vulnerabilities (USN-1357-1)
It was discovered that the elliptic curve cryptography ECC subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm ECDSA for the ECDHEECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timi...
USN-1357-1: OpenSSL vulnerabilities
It was discovered that the elliptic curve cryptography ECC subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm ECDSA for the ECDHEECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timi...
CVE-2011-4354
crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...
CVE-2011-4354
OpenSSL vulnerability CVE-2011-4354 affects OpenSSL before 0.9.8h on 32-bit platforms, in the ECDH/ECDHE handshake with P-256 and P-384 curves, due to an incorrect modular reduction algorithm in bn_nist.c. This design flaw allows remote attackers to obtain the TLS server private key after multipl...
HP Intelligent Management Center img Buffer Overflow (CVE-2011-1848)
HP Intelligent Management Center IMC is a stand-alone, comprehensive management platform developed by HP that delivers integrated and modular network management capabilities. IMC Enterprise Edition is designed on a service-oriented architecture SOA using a business application flow model as the...
SSHtrix - Fastest Multithreaded SSHv1 and SSH1v2 login cracker
SSHtrix - Fastest Multithreaded SSHv1 and SSH1v2 login cracker sshtrix is a very fast multithreaded SSH login cracker. It supports SSHv1 and SSHv2.sshtrix was designed to automate rapid bruteforce attacks against SSH authentification screens. Unlike other public tools, the aim is to keep it...
Fedora Update for pidgin FEDORA-2011-11595
Check for the Version of pidgin OpenVAS Vulnerability Test Fedora Update for pidgin FEDORA-2011-11595 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
2011 DDoS Botnet Landscape
Botnets have been a problem for more than a decade now, but in recent years they’ve become a serious security threat, delivering exploit kits, malware and mass Web site injections. In this video, Jose Nazario of Arbor Networks discusses the current botnet landscape and the adoption of new modular...
[SECURITY] Fedora 15 Update: pidgin-2.10.0-1.fc15
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...
OpenEMR 4.0.0 Cross Site Scripting
Exploit Title: OpenEMR 4.0.0 Multiple Cross Site Scripting XSS Author: Houssam Sahli = backtronuxgmailcom Date : August 3rd 2011 Product: OpenEMR 4.0.0 Vulnerable Version: 4.0.0with the 2nd patch 04/15/2011 Developer : OEMR Download & Installation instructions link :...