New Locky Variant 'IKARUSdilapidated' Strikes Again

A second wave of the Locky ransomware variant called IKARUSdilapidated has been identified by security experts. The source of the ransomware is a botnet of zombie computers coordinated to launch phishing attacks that send emails and attachments appearing to come from a targeted recipient’s truste...

JVN#95996423: MFC-J960DWN vulnerable to cross-site request forgery

MFC-J960DWN provided by BROTHER INDUSTRIES, LTD. is a MultiFunction Printer. MFC-J960DWN contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page, unintended operations such as changing settings of the device may be performed. Solution Apply a Workaroun...

Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability

A vulnerability in the command-line interface CLI command parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to inject arbitrary shell commands that are executed ...

Cisco RV110W/RV130W/RV215W Router Remote Code Execution Vulnerability

The Cisco RV130W Wireless-N is a multifunction VPN router; the Cisco RV110W/RV215W is a router that combines wired/wireless network connectivity, VPN, and firewall features. A remote code execution vulnerability exists in the Cisco RV110W/RV130W/RV215W routers, which can be exploited by an attack...

Cisco RV110W, RV130W, and RV215W Routers Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco RV215W Wireless-N VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

Threat Outbreak Alert RuleID16226: Email Messages Distributing Malicious Software on June 26, 2015

Medium Alert ID: 39530 First Published: 2015 June 29 12:38 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID16226 may contain the following files: Name | Siz...

XEROX Multiple Product Unauthenticated Remote Firmware Injection Vulnerability

Added: 12/19/2014 BID: 52483 OSVDB: 80096 Background Some Xerox Multifunction Printers MFP utilize Dynamic Loadable Modules DLM for patching, upgrading and cloning. The DLMs can be delivered to the printer via the Jet Direct printer service on TCP port 9100. Problem Multiple Xerox products are...

CVE-2014-7875

Unspecified vulnerability on the HP LaserJet CM3530 Multifunction Printer CC519A and CC520A with firmware before 53.236.2 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2014-7875

The CVE-2014-7875 entry affects HP LaserJet CM3530 Multifunction Printer models CC519A/CC520A with firmware older than 53.236.2. The vulnerability is described as a remote, network-exploitable issue that could allow an attacker to obtain sensitive information, modify data, or cause a Denial of Se...

Konica Minolta Password Extractor

This module will extract FTP and SMB account usernames and passwords from Konica Minolta multifunction printer MFP devices. Tested models include C224, C280, 283, C353, C360, 363, 420, C452, C452, C452, C454e, and C554. This module requires Metasploit: https://metasploit.com/download Current...

Xerox Multifunction Printers (MFP) "Patch" DLM Vulnerability

This module exploits a vulnerability found in Xerox Multifunction Printers MFP. By supplying a modified Dynamic Loadable Module DLM, it is possible to execute arbitrary commands under root privileges. This module requires Metasploit: https://metasploit.com/download Current source:...

RHEL 5 : hplip3 (RHSA-2013:0133)

Updated hplip3 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

CentOS Update for hpijs CESA-2011:0154 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

HP MFP Digital Sending Software 4.91.0 Local Authentication Bypass

The remote Windows host contains HP MFP Digital Sending Software version 4.91.0. This version is potentially affected by an authentication bypass vulnerability related to device configuration templates. A local attacker, exploiting this flaw, reportedly can gain unauthorized access to functionali...

CVE-2011-0279

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

Authentication flaw

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

CVE-2011-0279

HP Multifunction Peripheral MFP Digital Sending Software DSS 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to access these devices via actions that were intended to require authentication...

HP MFP Digital Sending Software Detection

The remote Windows host contains HP MFP Digital Sending Software, an application that enables an HP Multifunction Peripheral MFP to send scanned documents directly to several types of destinations. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid46675;...

CVE-2010-1558

Unspecified vulnerability in HP Multifunction Peripheral MFP Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors...

CVE-2010-1558

Unspecified vulnerability in HP Multifunction Peripheral MFP Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors...