LinkedIn Intro App a Man in the Middle Attack

This is one introduction you may not want to make. LinkedIn’s release of its Intro app yesterday for Apple iOS mobile devices raised more than a few eyebrows for behaviors that are causing security experts to worry. Intro is an integrated service that works hand-in-hand with the Apple Mail app...

CVE-2013-2961

The internal web server in the Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1 before...

Code injection

The internal web server in the Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1 before...

CVE-2013-2961

The internal web server in the Basic Services component in IBM Tivoli Monitoring ITM 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business formerly Tivoli Foundations Application Manager 1.2.1 before...

Debian DSA-2664-1 : stunnel4 - buffer overflow

Stunnel, a program designed to work as an universal SSL tunnel for network daemons, is prone to a buffer overflow vulnerability when using the Microsoft NT LAN Manager NTLM authentication 'protocolAuthentication = NTLM' together with the 'connect'protocol method 'protocol = connect'. With these...

Debian Security Advisory DSA 2664-1 (stunnel4 - buffer overflow)

Stunnel, a program designed to work as an universal SSL tunnel for network daemons, is prone to a buffer overflow vulnerability when using the Microsoft NT LAN Manager NTLM authentication protocolAuthentication = NTLM together with the connect protocol method protocol = connect. With these...

nginx 'ngx_http_close_connection()'远程整数溢出漏洞

BUGTRAQ ID: 59496 nginx是HTTP及反向代理服务器，同时也用作邮件代理服务器，由Igor Sysoev编写。 nginx在实现上存在远程整数溢出漏洞，当 r-count 小于0或大于255时，Nginx ngxhttpcloseconnection函数会存在整数溢出错误，远程攻击者通过恶意http请求利用此漏洞，可能在应用上下文中执行任意代码。 0 Igor Sysoev nginx 1.1.19 Igor Sysoev nginx 1.1.17 Igor Sysoev nginx 1.0.9 Igor Sysoev nginx 1.0.8 Igor Sysoev...

Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

Pakistan Government servers messed up after security breach

Today a cyber attack on Pakistan Government servers crash many Government departments's official websites including Ministry of Information Technology, Ministry of Railways, Ministry of Economic Affairs & Statistics, Ministry of Interior, Ministry of Religious Affairs, Ministry of Science and...

Privoxy 3.0.20-1 Credential Exposure

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

Design/Logic Flaw

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer overflow...

FreeBSD : stunnel -- Remote Code Execution (c97219b6-843d-11e2-b131-000c299b62e1)

Michal Trojnara reports : 64-bit versions of stunnel with the following conditions : NTLM authentication enabled CONNECT protocol negotiation enabled Configured in SSL client mode An attacker that can either control the proxy server specified in the 'connect' option or execute MITM attacks on the...

Oracle Java contains multiple vulnerabilities

Overview Oracle Java 7 Update 15, Java 6 Update 41, Java 5.0 Update 40, and earlier versions contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java Runtime Environment JRE allows users to run Java...

squid security update

CentOS Errata and Security Advisory CESA-2013:0505 Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring Syst...

CentOS Update for thunderbird CESA-2013:0272 centos5

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2013:0272 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

RHEL 6 : squid (RHSA-2013:0505)

Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

PayPal Credentials For Sale, Access Offered Via Proxy Server

An enterprising cybercriminal has opened an underground shop that peddles access to American PayPal accounts which are then accessible through an anonymous proxy service. Webroot’s Dancho Danchev claims that the shop currently has access to 1,543 accounts along with an additional 14 sets of PayPa...

CVE-2013-0776

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web...

Cross site scripting

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web...

CVE-2013-0776

CVE-2013-0776 affects Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16. The flaw allows a man-in-the-middle attacker to spoof the address bar by using a proxy server that returns a 407 HTTP status...