Secure Socket Layer (SSL) Version 3.0 (CVE-2014-3566)

Secure Socket Layer SSL is a cryptographic protocol that provides security and data integrity for communications over TCP/IP networks. This protection may be used to prevent attacks exploiting the Poodle vulnerability...

From the DHCP and then dug the broken shell exploits-vulnerability warning-the black bar safety net

Broken shell vulnerabilityShellshockfar-reaching, the use of up seems not so easy, so for the broken shell vulnerability study using the new method will intermittently appear. It is well known, the use of broken shell loophole attacks the Web application has been a popular object of study, and by...

F5 Networks BIG-IP : TLS/DTLS 'Lucky 13' vulnerability (K14190)

A vulnerability exists in the TLS and DTLS protocols that may allow an attacker to recover plaintext from TLS/DTLS connections that use CBC-mode encryption. CVE-2013-0169 Note: Stream ciphers, such as RC4, are not vulnerable to this issue. C Tenable Network Security, Inc. The descriptive text and...

UBUNTU-CVE-2014-6427

Off-by-one error in the isrtsprequestorreply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service application crash via a crafted packet that triggers parsing of a token...

[SECURITY] Fedora 19 Update: net-snmp-5.7.2-15.fc19

SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...

Telnet TN3270 Protocol Detection

Binary data 8379.prm...

WooCommerce Store Exporter 1.7.5 Cross Site Scripting

Exploit Title: WooCommerce Store Exporter v1.7.5 Stored XSS Google Dork: inurl:"woocommerce-exporter" Date: 26/08/2014 Exploit Author: Mike Manzotti @ Dionach Vendor Homepage: http://www.visser.com.au/plugins/store-exporter/ Software Link:...

Moderate: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix multiple security issues are now available for Red Hat Storage 2.1. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for ea...

Moderate: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

[SECURITY] Fedora 19 Update: mosquitto-1.3.2-1.fc19

Mosquitto is an open source BSD licensed message broker that implements t he MQ Telemetry Transport protocol version 3.1. MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power...

OpenSSL multiple security vulnerabilities

DoS and protocol version downgrades in client and server code, memory corruptions and information leaks in client code...

FreeBSD : OpenSSL -- multiple vulnerabilities (8aff07eb-1dbd-11e4-b6ba-3c970e169bc2)

The OpenSSL Project reports : A flaw in OBJobj2txt may cause pretty printing functions such as X509nameoneline, X509nameprintex et al. to leak some information from the stack. CVE-2014-3508 The issue affects OpenSSL clients and allows a malicious server to crash the client with a NULL pointer...

perl LWP::Protocol::https certificates check vulnerability

Certificate check is completely disabled if hostname check was disabled...

Moderate: Red Hat Security Advisory: samba and samba3x security update

Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

NoseRub <= 0.5.2 Login SQL Injection Vulnerability

No description provided by source. -- ---------- ---- - ---------------------------- ---------- ---- -- ----------------------------- ------------- ---seclog- ------------------ ------------ -- --- ------------------- --------- ---- ------------------- ------- -------------------------- ---...

Kerberos 4 4.0/5 5.0 KDC Spoofing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1616/info Kerberos is a cryptographic authentication protocol that allows users of a network to access services without transmitting cleartext passwords. A common implementation of the protocol includes a login service...

HP HP-UX <= 10.34 rlpdaemon Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/150/info A number of vulnerabilities exist in Hewlett Packard's rlpdaemon under HPUX 9.x and 10.x. These vulnerabilities may allow for a remote attacker to access the system under the lp user account, as well as execute...

FreeBSD <= 3.0 UNIX-domain panic Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/168/info A vulnerability in FreeBSD's UNIX-domain protocol implementation of file descriptor passing can cause the kernel to panic. include stdio.h include sys/types.h include sys/socket.h include sys/un.h include fcntl.h...

QNX phrelay/phindows/phditto Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: QNX phrelay/phindows/phditto http://www.qnx.com http://www.qnx.com/developers/docs/6.5.0/topic/com.qnx.doc.phindows/topic/coverpage.html http://www.qnx.com/developers/docs/6.4.1/neutrino/utilities/p/phrelay.html Versions: current...

Nokia N70 and N73 Malformed OBEX Name Header Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32796/info Multiple Nokia phones are prone to a remote denial-of-service vulnerability in their handling of the Object Exchange protocol. Attackers may exploit this issue to crash a vulnerable phone, creating a...