[SECURITY] Fedora 20 Update: pam-1.1.8-2.fc20

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

Linux Modules Connected to Turla APT Attacks Discovered

The Turla APT campaigns have a broader reach than initially anticipated after the recent discovery of two modules built to infect servers running Linux. Until now, every Turla sample in captivity was designed for either 32- or 64-bit Windows systems, but researchers at Kaspersky Lab have discover...

Multiple Schneider Electric Modicon M340 Ethernet Modules Remote Denial of Service

Binary data 7161.pasl...

Multiple Schneider Electric Modicon PLC Modules Directory Traversal

Binary data 7154.pasl...

Hash Manager - Recovering passwords to hashes

The software is designed for recovering passwords to hashes, and it features the following: Supports over 330 hashing algorithms. Contains over 50 additional utilities for handling hashes, passwords, and dictionaries. Unlimited loadable hashes, dictionaries, rules, and masks. Multithreading. 64...

[SECURITY] [DLA 97-1] eglibc security update

Package : eglibc Version : 2.11.3-4+deb6u2 CVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817 CVE-2012-6656 Fix validation check when converting from ibm930 to utf. When converting IBM930 code with iconv, if IBM930 code which includes invalid multibyte character "0xffff" is specified, then iconv...

Passively Sniff Wireless Devices: iSniff GPS

Passively Sniff Wireless Devices iSniff GPS passively sniffs for SSID probes, ARPs and MDNS Bonjour packets broadcast by nearby iPhones, iPads and other wireless devices. The aim is to collect data which can be used to identify each device and determine previous geographical locations, based sole...

DLA-97-1 eglibc - security update

Bulletin has no description...

RHEL 6 : kernel (RHSA-2014:0419)

Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...

Expanding Use of PKI in Variety of Devices Holds Challenges

LAS VEGAS–One of the longest running jokes in the security industry is that each coming year finally will be The Year of PKI. While that one huge year never materialized, the use of PKI and digital certificates has become an integral part of how the Internet works today. But there are some...

ZMap 1.2.1 - The Internet Scanner

ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical...

HumHub Modules Mail 0.5.8 Cross Site Scripting

Title: HumHub Modules Mail v0.5.8 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2014/10/31 Download: https://github.com/humhub/humhub-modules-mail Contacted authors: 2014/10/15 ---------------------------------------------------------- Description: "Private messaging system to...

F5 Networks BIG-IP : Linux kernel vulnerability (SOL15732)

The translatedesc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging Kernel-base Virtual Machine KVM guest OS privileges. C Tenable Network Security, Inc. The...

Important: Red Hat Security Advisory: openstack-packstack security, bug fix, and enhancement update

Updated openstack-packstack packages that fix one security issue, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System...

CVE-2014-8379

Multiple cross-site scripting XSS vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to field titles to the 1 Webform or 2 User sub-modules...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to field titles to the 1 Webform or 2 User sub-modules...

CVE-2014-8379

Multiple cross-site scripting XSS vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to field titles to the 1 Webform or 2 User sub-modules...

Browser Exploitation Framework: BeEF

Browser Exploitation Framework The Browser Exploitation Framework BeEF is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security frameworks, BeEF focuses on leveraging...

F5 Networks BIG-IP : BIND denial-of-service attack (SOL14201)

A vulnerability exists in the BIND DNS server process that may allow a remote attacker to initiate a denial-of-service DoS attack against the DNS service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution...

OWASP Xenotix XSS Exploit Framework 6

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting XSS vulnerability detection and exploitation framework. Xenotix provides Zero False Positive XSS Detection by performing the Scan within the browser engines where in real world, payloads get reflected. Xenotix Scanner Module ...