4752 matches found
UK Cryptographers Call For Publication of Deliberately Weakened Protocols, Products
A group of cryptographers in the UK has published a letter that calls on authorities in that country and the United States to conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries’ intelligence services. The letter,...
Debian Security Advisory DSA 2756-1 (wireshark - several vulnerabilities)
Multiple vulnerabilities were discovered in the dissectors for LDAP, RTPS and NBAP and in the Netmon file parser, which could result in denial of service or the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb2756.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from...
IETF Discussing Ways to Protect Internet Against Pervasive Surveillance
The IETF is considering a range of options to help reengineer some of the fundamental protocols that underpin the Internet in response to revelations that the NSA and other intelligence agencies are conducting widespread, dragnet-style surveillance online. The group, which is responsible for...
Questions About Crypto Security Follow Latest NSA Revelations
As security experts and cryptographers continue to debate and discuss the implications of the revelations of the NSA’s capabilities against various encryption protocols and systems, some of the larger Internet companies are taking steps to protect their users’ data against the new threat. Google,...
[Yersinia v0.7.3] The network protocols assessment tool
Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, there are some network protocols implemented, but others are coming tell us which one...
Fedora Update for strongswan FEDORA-2013-14510
Check for the Version of strongswan OpenVAS Vulnerability Test Fedora Update for strongswan FEDORA-2013-14510 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
VLC Player 2.0.8 (.m3u) - Local Crash PoC
VLC Player is prone to a remote denial-of-service vulnerability. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition. VLC Player 2.0.8 is vulnerable; other versions may also be affected...
VideoLAN VLC Media Player 2.0.8 - '.m3u' Local Crash (PoC)
Exploit Title: VLC Player 2.0.8 ", "inj3ct0rs.m3u"; print fi...
Oracle Linux 5 : bind97 (ELSA-2013-1115)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1115 advisory. 32:9.7.0-17.P2.2 - fix for CVE-2013-4854 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...
FreeBSD-SA-13:07.bind
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:07.bind Security Advisory The FreeBSD Project Topic: BIND remote denial of service Category: contrib Module: bind Announced: 2013-07-26 Credits: Maxim Shudrak...
Oracle Linux 3 : imap (ELSA-2009-0275)
From Red Hat Security Advisory 2009:0275 : Updated imap packages to fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The imap package provides server daemons for both the IMA...
Oracle Linux 4 : bind (ELSA-2009-1180)
"From Red Hat Security Advisory 2009:1180 : Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain BIND is a...
Oracle Linux 4 : gnutls (ELSA-2008-0492)
From Red Hat Security Advisory 2008:0492 : Updated gnutls packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The GnuTLS Library provides support for...
Oracle Linux 5 : bind97 (ELSA-2012-0717)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0717 advisory. 32:9.7.0-10.P2.1 - fix CVE-2012-1667 and CVE-2012-1033 Tenable has extracted the preceding description block directly from the Oracle Linux security...
CentOS 5 : bind97 (CESA-2011:0845)
"Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
CentOS 5 : bind97 (CESA-2012:1122)
"Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Ubuntu: Security Advisory (USN-1808-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
samba -- ACLs are not checked on opening an alternate data stream on a file or directory
The Samba project reports: Samba versions 3.2.0 and above all versions of 3.2.x, 3.3.x, 3.4.x, 3.5.x, 3.6.x, 4.0.x and 4.1.x do not check the underlying file or directory ACL when opening an alternate data stream. According to the SMB1 and SMB2+ protocols the ACL on an underlying file or director...
Internet Systems Consortium Resolves Critical BIND Flaw
The Internet Systems Consortium ISC published a security advisory yesterday resolving a high priority, remotely exploitable denial-of-service vulnerability in BIND 9, the de facto software standard for implementing domain name system protocols online. There is a defect in BIND 9 that could...
Apple QuickTime multiple security vulnerabilities
Memory corruptions on different formats and protocols parsing...