4752 matches found
Fedora Update for quagga FEDORA-2013-23504
Check for the Version of quagga OpenVAS Vulnerability Test Fedora Update for quagga FEDORA-2013-23504 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
[SECURITY] Fedora 19 Update: openssl-1.0.1e-36.fc19
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...
[SECURITY] Fedora 18 Update: openssl-1.0.1e-36.fc18
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...
[Harden SSL/TLS] Hardening the SSL/TLS settings
“Harden SSL/TLS” allows hardening the SSL/TLS settings of Windows 2000,2003,2008,2008R2, XP,Vista,7. It allows locally and remotely set SSL policies allowing or denying certain ciphers/hashes or complete ciphersuites. This tool specific allows setting policies with regards to what ciphers and...
[CommView for WiFi 7.0] Wireless Network Monitor and Analyzer
CommView for WiFi is a powerful wireless network monitor and analyzer for 802.11 a/b/g/n/ac networks. Loaded with many user-friendly features, CommView for WiFi combines performance and flexibility with an ease of use unmatched in the industry. CommView for WiFi captures every packet on the air t...
Santander BillPay Security Vulnerabilities Patched
Security weaknesses on the Santander Group BillPay website and mobile banking application have been addressed by the financial services organization’s developer Headland after they were exposed less than a week ago. U.K. consultant Paul Moore of Cresona Corp., reported a number of serious...
New IETF Group to Tackle TLS Implementation in Applications
The NSA surveillance scandal has created ripples all across the Internet, and the latest one is a new effort from the IETF to change the way that encryption is used in a variety of critical application protocols, including HTTP and SMTP. The new TLS application working group was formed to help...
wireshark security update
CentOS Errata and Security Advisory CESA-2013:1569 Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact...
Debian Security Advisory DSA 2803-1 (quagga - several vulnerabilities)
Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP routing daemon: CVE-2013-2236 A buffer overflow was found in the OSPF API-server exporting the LSDB and allowing announcement of Opaque-LSAs. CVE-2013-6051 bgpd could be crashed through BGP updates. This only affects Wheezy/stable...
Moderate: Red Hat Security Advisory: wireshark security, bug fix, and enhancement update
Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...
wireshark multiple security vulnerabilities
Vulnerabilities in different protocols dissectors...
Amazon Linux AMI : python26 (ALAS-2013-241)
It was discovered that multiple Python standard library modules implementing network protocols such as httplib or smtplib failed to restrict sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. CVE-2013-1752...
OSX Network Share Mounter
This module lists saved network shares and tries to connect to them using stored credentials. This does not require root privileges. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OSX Network...
How Dark Mail Plans to Build an Open, Secure Email Platform
The new Dark Mail Alliance formed this week by Lavabit and Silent Circle will offer an open platform for secure email that will use existing protocols and cloud storage as a way to evade surveillance. The new system, which should be available next year, is in some ways a throwback to the...
GnuTLS: Multiple vulnerabilities
Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers and Lucky Thirteen research paper referenced below for details. Impact A remote attacker could sent a...
Schneider Electric IGSS Buffer Overflow
Overview Independent researcher Aaron Portnoy of Exodus Intelligence has identified a buffer overflow vulnerability in Schneider Electric’s Interactive Graphical SCADA System IGSS application. Schneider Electric has produced a patch that fully resolves this vulnerability. Aaron Portnoy has...
SCADA ICS Bug Expose Critical Infrastructure to Attack
A trio of researchers have uncovered 25 security vulnerabilities in various supervisory control and data acquisition SCADA and industrial control system ICS protocols. The researchers, Adam Crain, Chris Sistrunk, and Adam Todorski–though Todorski has not yet been credited with finding any of the...
Oracle Java SE CVE-2013-5838 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: Java SE 7u25, Java SE Embedded 7u25 Technologies...
NSA Crypto Questions Resemble a 'Hall of Mirrors'
There’s been no shortage of discussion and debate in recent week about the possibility that the NSA has intentionally weakened some cryptographic algorithms and cipher suites in order to give it an advantage in its intelligence-gathering operations. If you subscribe to the worst-case scenario lin...
Experts Worry About Long-Term Implications of NSA Revelations
With all of the disturbing revelations that have come to light in the last few weeks regarding the NSA’s collection methods and its efforts to weaken cryptographic protocols and security products, experts say that perhaps the most worrisome result of all of this is that no one knows who or what...