Wrong logic at Fed.resign()

Lines of code Vulnerability details Impact The Fed contract has resign function which sets the chair address to address0. The NATSPEC states that this function is useful for immediately removing chair powers in case of a wallet compromise. Since the chair wallet is a multisig wallet, in the event...

Logic flaw vulnerability in eCar APP

Easy Car APP is a car information software. Easy Car APP has a logic flaw vulnerability. Attackers can use the vulnerability to decompile the apk to modify the code logic and then sign the release, bypassing the authentication or access to sensitive information...

CVE-2017-6766

A vulnerability in the Secure Sockets Layer SSL Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting traffic on an affected...

Cisco Firepower System Software Secure Sockets Layer Policy Bypass Vulnerability

A vulnerability in the Secure Sockets Layer SSL Decryption and Inspection feature of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting traffic on an affected system. The vulnerability is due to unexpected...

CVE-2017-3887

A vulnerability in the detection engine that handles Secure Sockets Layer SSL packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco...

CVE-2017-3887

A vulnerability in the detection engine that handles Secure Sockets Layer SSL packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco...

CVE-2017-3887

CVE-2017-3887 concerns Cisco Firepower System Software’s SSL packet handling in the detection engine when configured with an SSL Decrypt-Resign policy. An unauthenticated, remote attacker could trigger a DoS by causing the Snort process to restart, degrading or bypassing traffic inspection. Affec...

Petition Seeks Removal of Alexander as NSA Director

It has been a rough few months for the National Security Agency, and specifically for its director, Gen. Keith Alexander. The leaks of details of NSA surveillance programs by former contractor Edward Snowden have taken over the news cycle this summer and put the agency’s business out in the open...