27 matches found
Acadmic Microsoft - (API) Filter Cross Site Vulnerability
Document Title: =============== Acadmic Microsoft - API Filter Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2056 MSRC ID: 0001010174 Release Date: ============= 2018-01-20 Vulnerability Laboratory ID VL-ID:...
Splunk Enterprise Splunk Web Security Bypass Vulnerability
Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze machine-generated data, including data generated by all IT systems and infrastructures physical, virtual, and cloud.Splunk Enterprise is...
Deliberately Insecure Web Application: OWASP WebGoat
WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat in either J2EE or WebGoat for .Net in ASP.NET. In each lesson, users must demonstrate their understanding of a security issue by...
Vimeo: unvalid open authentication with facebook
Hi, vimeo site is using facebook for open authentication . The authentication url is in this way https://www.facebook.com/dialog/oauth?clientid=19884028963&redirecturi=https://vimeo.com/facebook/join?ssl=0&iframe=0&popup=0&player=0&productid=0&scope=email,basicinfo,readstream,publishactions&state...
[SECURITY] Fedora 21 Update: oath-toolkit-2.4.1-6.fc21
The OATH Toolkit provide components for building one-time password authentication systems. It contains shared libraries, command line tools an d a PAM module. Supported technologies include the event-based HOTP algorithm RFC4226 and the time-based TOTP algorithm RFC6238. OATH stands for Open...
[SECURITY] Fedora 19 Update: oath-toolkit-2.4.1-1.fc19
The OATH Toolkit provide components for building one-time password authentication systems. It contains shared libraries, command line tools an d a PAM module. Supported technologies include the event-based HOTP algorithm RFC4226 and the time-based TOTP algorithm RFC6238. OATH stands for Open...
Ability to Downgrade Encryption Weakens Kerberos
Significant weaknesses in the common configuration of Kerberos-based authentication servers could allow attackers to more easily circumvent security measures in networks that rely on the open authentication standard, according to research presented at Black Hat. Read the full article. Dark Readin...