For recent“Bo global eye OAuth vulnerability”analysis and preventive recommendations-vulnerability warning-the black bar safety net

! 5 According to Cnet reports, Nanyang Technological University, Singapore named Wang Jing PhD student, found that the OAuth and OpenID open source login tools the“covert redirect”vulnerabilityCovert Redirect to. First of all need to clear point is that the vulnerability is not present in the OAu...

Debian Security Advisory DSA 2922-1 (strongswan - security update)

A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE/IPsec suite used to establish IPsec protected links. By sending a crafted IDDERASN1DN ID payload to a vulnerable pluto or charon daemon, a malicious remote user can provoke a null pointer dereference in the daemon parsing th...

Click-Fraud Sefnit Variant Shuns Tor for SSH

Sefnit was the first malware family to shed light on the problem of botnets and other malicious code using the Tor anonymity network as a communication protocol. While others before and since have done the same, Sefnit made the biggest splash at the end of last summer when the botnet caused a 600...

SSL/TLS: PostgreSQL SSL/TLS Support Detection (PostgreSQL Protocol)

Checks if the remote PostgreSQL server supports SSL/TLS. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...

BACnet Protocol Detection

Binary data scadabacnetdetect.nbin...

[SECURITY] Fedora 20 Update: libinfinity-0.5.5-1.fc20

libinfinity is an implementation of the Infinote protocol written in GObjec t-based C...

Default configuration

The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses 1 SCP, 2 SFTP, 3 POP3, 4 POP3S, 5 IMAP, 6 IMAPS, 7 SMTP, 8 SMTPS, 9 LDAP, and 10 LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015...

[SECURITY] [DSA 2894-1] openssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2894-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 05, 2014 http://www.debian.org/security/faq -...

IE 12 to Support HSTS Encryption Protocol

Microsoft confirmed today it will support HTTPS Strict Transport Protocol HSTS in Internet Explorer 12, bringing its browser in line with other major vendors in its support of the protocol. Browsers supporting HSTS force any sessions sent over HTTP to be sent instead over HTTPS, encrypting...

Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability

A vulnerability in the implementation of the IP version 6 IPv6 protocol stack in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause I/O memory depletion on an affected device that has IPv6 enabled. The vulnerability is triggered when an affected...

CentOS Update for net-snmp CESA-2014:0322 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[Nsdtool] Toolset of scripts used to detect netgear switches in local networks

Nsdtool is a toolset of scripts used to detect netgear switches in local networks. The tool contains some extra features like bruteforce and setting a new password. Netgear has its own protocol called NSDP Netgear Switch Discovery Protocol, which is implemented to support security tests on the...

Fedora Update for net-snmp FEDORA-2014-3427

Check for the Version of net-snmp OpenVAS Vulnerability Test Fedora Update for net-snmp FEDORA-2014-3427 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 19 Update: net-snmp-5.7.2-14.fc19

SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...

[SECURITY] Fedora 20 Update: net-snmp-5.7.2-17.fc20

SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...

Fedora 19 : chrony-1.29.1-1.fc19 (2014-1916)

This update fixes the following security vulnerability : - Modify chronyc protocol to prevent amplification attacks CVE-2014-0021 incompatible with previous protocol version, chronyc supports both Note that Tenable Network Security has extracted the preceding description block directly from the...

Home Network Administration Protocol (HNAP) Detection

The script sends a connection request to the server and attempts to determine if the Home Network Administration Protocol HNAP is supported. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

finch, libpurple, pidgin security update

CentOS Errata and Security Advisory CESA-2014:0139 Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVS...

WellinTech KingSCADA KingAlarm & Event KAEManageServer Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingSCADA KingAlarm&Event.; Authentication is not required to exploit this vulnerability. The specific flaw exists within KAEManageServer.exe, which listens by default on TCP port 8130...

libotr downgrade attacks

It's possible to downgrade protocol to 1st version...