EUVD-2020-5412

Malware in sbrugna...

Westermo L210-F2G Cleartext Transmission of Sensitive Information (CVE-2024-37183)

Plain text credentials and session ID can be captured with a network sniffer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503310;...

CVE-2024-37183

Plain text credentials and session ID can be captured with a network sniffer...

CVE-2020-13136

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...

CVE-2024-37183

Plain text credentials and session ID can be captured with a network sniffer...

CVE-2024-37183 Westermo L210-F2G Lynx Cleartext Transmission of Sensitive Information

Plain text credentials and session ID can be captured with a network sniffer...

CVE-2024-37183 Westermo L210-F2G Lynx Cleartext Transmission of Sensitive Information

Plain text credentials and session ID can be captured with a network sniffer...

CVE-2024-37183

Westermo L210-F2G Lynx (CVE-2024-37183) is affected. The vulnerability allows capture of plain text credentials and session IDs over the network due to cleartext transmission. CVSS v3.1 base score 7.5 indicates high severity with Network attack vector and low access complexity; confidentiality im...

PT-2024-27361 · Westermo · L210-F2G Lynx +2

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows plain text credentials and session ID to be captured with a network sniffer. Recommendations: At the moment, there is no information about a newer version that contains a...

Debian DLA-2547-1 : wireshark security update

Several vulnerabilities were fixed in Wireshark, a network sniffer. CVE-2019-13619 ASN.1 BER and related dissectors crash. CVE-2019-16319 The Gryphon dissector could go into an infinite loop. CVE-2019-19553 The CMS dissector could crash. CVE-2020-7045 The BT ATT dissector could crash. CVE-2020-94...

Debian: Security Advisory (DLA-2547-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2547-1] wireshark security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2547-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk February 06, 2021 https://wiki.debian.org/LTS -...

CVE-2020-13136

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...

Design/Logic Flaw

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...

CVE-2020-13136

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...

PT-2020-13350 · D Link · D-Link Dsp-W215

Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.26b03 Description: The issue concerns the transmission of an obfuscated hash by the device, which can be intercepted and decoded by a network sniffer. Recommendations: For D-Link DSP-W215 version 1.26b03, consider...

Hyperledger: many commands can be manipulated to delete identities or affiliations

Introduction: The Faric-ca data in http body and authorization header for many commands that send from client to server are protected by signature. But I find the identity and affiliation commands still have the risk to be manipulated. Hacker can manipulate most other commands to delete identitie...

The Slingshot APT FAQ

While analysing an incident which involved a suspected keylogger, we identified a malicious library able to interact with a virtual file system, which is usually the sign of an advanced APT actor. This turned out to be a malicious loader internally named 'Slingshot', part of a new, and highly...

Tcpdump BEEP Parser Buffer Overflow Vulnerability

Tcpdump is a set of sniffing tools developed by the Tcpdump team that run at the command line. The tools allow users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.BEEP parser is one of the Block Extensible Exchange Protocol parsers. ...

IBM BigFix Remote Control Encryption Issue Vulnerability

IBM BigFix Remote Control is a set of remote control systems from IBM in the United States. A security vulnerability exists in IBM BigFix Remote Control 9.1.2 and earlier versions, which stems from the program's use of weak encryption. The vulnerability can be exploited by an attacker to compromi...