spacewalk-proxy: Path traversal in proxy authentication cache

A path traversal flaw was found in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary code in the context of the httpd process...

PivotSuite - A Network Pivoting Toolkit

PivotSuite is a portable, platform independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. PivotSuite as a Server : If the...

Cisco Wide Area Application Services (WAAS) HTTPS Proxy Authentication Bypass Vulnerability

Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An authentication bypass vulnerability exists in the HTTP...

CVE-2016-4642

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings...

Authentication flaw

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings...

CVE-2016-4642

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings...

CVE-2016-4642

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings...

CVE-2016-4642

CVE-2016-4642 affects CFNetwork Proxies in iOS 9.3.3 and later, tvOS 9.2.2, and OS X El Capitan 10.11.6/Security Update 2016-004. The flaw: proxy authentication incorrectly reported HTTP proxies received credentials securely, with an impact described as possible leakage of sensitive user informat...

November 8, 2016 — KB3198586 (OS Build 10586.679)

November 8, 2016 — KB3198586 OS Build 10586.679 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Improved the reliability of the Windows shell, Microsoft Edge, and Internet Explorer 11...

Arachni v1.5.1 - Web Application Security Scanner Framework

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is...

Virtuozzo 7 : java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc (VZLSA-2017-0061)

An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives...

Description of the security update for Outlook 2013: June 13, 2017

Description of the security update for Outlook 2013: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

Description of the security update for Office 2013: June 13, 2017

Description of the security update for Office 2013: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)

A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication...

How to disable the prompt "Authentication is required to set the network proxy used for downloading"

After logon to Linux VDA ICA session,you will receive a prompt "Authentication is required to set the network proxy used for downloading" as below, which would annoy users...

CVE-2016-7579

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "CFNetwork Proxies" component, which allows man-in-the-middle attackers to spoof a proxy password authentication requirement and...

CVE-2016-7579

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "CFNetwork Proxies" component, which allows man-in-the-middle attackers to spoof a proxy password authentication requirement and...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2017-795)

It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. CVE-2016-558...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20170113)

Security Fixes : - It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives...