110 matches found
CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2015:1228) (Bar Mitzvah) (Logjam)
Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
java security update
CentOS Errata and Security Advisory CESA-2015:1228 Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...
java security update
CentOS Errata and Security Advisory CESA-2015:1229 Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System...
Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update
Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
SSL/TLS Suffers ‘Bar Mitzvah Attack’vulnerability detection method and repair recommendations-vulnerability warning-the black bar safety net
0x01 introduction April Fool's Day is coming, and SSL again due to the Bar Mitzvah Attack vulnerability to get everyone to not mind. Held in Singapore's Black Hat Asia Security Conference, the Imperva security Director Itsik Mantin detailed description of how to use the attack principle,the...
Phase Botnet SQL Injection
import requests import time import sys waitdelay = 5 Depending on connection delay and server speed, you may need to make this a larger number KnockString = 'g=a&w=a&b=a&d=a&p=a&m=a' lol no integrity verification PostData = "" def rc4cryptdata , key: S = listrange256 j = 0 out = for i in range256...
Phase Botnet - Blind SQL Injection
import requests import time import sys waitdelay = 5 Depending on connection delay and server speed, you may need to make this a larger number KnockString = 'g=a&w=a&b=a&d=a&p=a&m=a' lol no integrity verification PostData = "" def rc4cryptdata , key: S = listrange256 j = 0 out = for i in range256...
openSUSE Security Update : opera (openSUSE-SU-2013:0686-1)
Opera 12.15 is a recommended upgrade offering security and stability enhancements. It provides : -fixed an issue where the search bar's default engine could be overridden by third-party apps; -fixed a moderately severe issue; -added safeguards against attacks on the RC4 encryption protocol; see o...
Bifrost 1.2d - Remote Buffer Overflow
Bifrost 1.2d - Remote Buffer Overflow !/usr/bin/python2.7 By : Mohamed Clay import socket from time import sleep from itertools import izip, cycle import base64 import threading import sys def rc4cryptdata, key: x = 0 box = range256 for i in range256: x = x + boxi + ordkeyi % lenkey % 256 boxi,...
Bifrost 1.2.1 - Remote Buffer Overflow
Bifrost 1.2.1 - Remote Buffer Overflow !/usr/bin/python2.7 By : Mohamed Clay import socket from time import sleep from itertools import izip, cycle import base64 import sys def rc4cryptdata, key: x = 0 box = range256 for i in range256: x = x + boxi + ordkeyi % lenkey % 256 boxi, boxx = boxx, boxi...
Bifrost 1.2.1 - Remote Buffer Overflow
!/usr/bin/python2.7 By : Mohamed Clay import socket from time import sleep from itertools import izip, cycle import base64 import sys def rc4cryptdata, key: x = 0 box = range256 for i in range256: x = x + boxi + ordkeyi % lenkey % 256 boxi, boxx = boxx, boxi x = 0 y = 0 out = for char in data: x ...
Opera < 12.15 Multiple Vulnerabilities
Binary data 6753.prm...
Opera < 12.15 Multiple Vulnerabilities
Binary data 800866.prm...
Opera < 12.15 Multiple Vulnerabilities
The version of Opera installed on the remote host is earlier than 12.15 and therefore is reportedly affected by the following vulnerabilities : - A weakness exists in the RC4 encryption protocol, allowing an attacker to derive the plaintext. 1046 - A weakness exists due to the application allowin...
RC4 encryption protocol is vulnerable to certain brute force attacks
Weaknesses in the RC4 encryption protocol have been found, allowing an attacker to deduce the plaintext. If the same message is encrypted many millions of times, statistical methods can be used to extract valuable information, such as cookies. Due to the time this amount of requests takes, this i...
Researchers Uncover Polymorphic AutoRun Worm
W32/Autorun.worm.aaeb-h is an evolved, virtual machine-aware AutoRun worm that makes use of obfuscation and polymorphic techniques in order to evade detection and infect removable media and mounted network shares, according to McAfee. Researchers have seen an increase in samples for the year-old...
RedHat Update for krb5 RHSA-2010:0029-01
Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2010:0029-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
krb5 security update
CentOS Errata and Security Advisory CESA-2010:0029 Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5, and Red Hat Enterprise Linux 4.7, 5.2, and 5.3 Extended Update Support. This update has been rated as having critical security...
GLSA-200808-06 : libxslt: Execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200808-06 libxslt: Execution of arbitrary code Chris Evans Google Security reported that the libexslt library that is part of libxslt is affected by a heap-based buffer overflow in the RC4 encryption/decryption functions. Impact :...
CVE-2008-2935
Multiple heap-based buffer overflows in the rc4 1 encryption aka exsltCryptoRc4EncryptFunction and 2 decryption aka exsltCryptoRc4DecryptFunction functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containin...