USN-2698-1 sqlite3 vulnerabilities

It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2013-7443 Michal Zalewski...

GET to the vulnerability-vulnerability warning-the black bar safety net

This article is mainly about the current on the Internet get method is non-standard use of some of the security vulnerabilities. Which focuses on speaking the get request in the account login system is abuse of the scene and attacks. 0x01 Get method defined In between the client and server for...

UBUNTU-CVE-2013-7443

Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service crash via crafted SQL statements...

Threat Outbreak Alert RuleID16470: Email Messages Distributing Malicious Software on July 6, 2015

Medium Alert ID: 39764 First Published: 2015 July 8 17:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID16470 may contain the following files: Name | Size...

PHP 5.6.x < 5.6.10 Multiple Vulnerabilities

According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression PCRE library due to improper validatio...

Content Spoofing in UpdateMyJiraHome

A third party scan found that the ConvertIssue.jspa action is vulnerable to content spoofing, in specific text injection. In this case the content spoofing may be used to perform a phishing attack on users. How to reproduce: 1- go to...

Content Spoofing in UpdateMyJiraHome

A third party scan found that the ConvertIssue.jspa action is vulnerable to content spoofing, in specific text injection. In this case the content spoofing may be used to perform a phishing attack on users. How to reproduce: 1- go to...

Content Spoofing in UpdateMyJiraHome

A third party scan found that the ConvertIssue.jspa action is vulnerable to content spoofing, in specific text injection. In this case the content spoofing may be used to perform a phishing attack on users. How to reproduce: 1- go to...

Content Spoofing in AppPortalPage

A third party scan found that the ConvertIssue.jspa action is vulnerable to content spoofing, in specific text injection. In this case the content spoofing may be used to perform a phishing attack on users. How to reproduce:...

FreeBSD : testdisk -- buffer overflow with malicious disk image (c67069dc-0986-11e5-bb90-002590263bf5)

CGSecurity TestDisk Changelog reports : Various fix including security fix, thanks to : - Coverity scan Static Analysis of source code - afl-fuzz security-oriented fuzzer. - Denis Andzakovic from Security Assessment for reporting an exploitable Stack Buffer Overflow. Denis Andzakovic reports : A...

Code injection

Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service NPU ASIC scan and line-card reload via crafted IPv6 extension headers, aka Bug ID CSCtx03546...

http-webdav-scan NSE Script

A script to detect WebDAV installations. Uses the OPTIONS and PROPFIND methods. The script sends an OPTIONS request which lists the dav type, server type, date and allowed methods. It then sends a PROPFIND request and tries to fetch exposed directories and internal ip addresses by doing pattern...

Wireless Network Watcher v1.81 - Show Who is Connected to your Wireless Network

Wireless Network Watcher is a small utility that scans your wireless network and displays the list of all computers and devices that are currently connected to your network. For every computer or device that is connected to your network, the following information is displayed: IP address, MAC...

Ruby Web Applications Vulnerability Scanner: Yasuo

Ruby Web Applications Vulnerability Scanner Yasuo is a ruby script that scans for vulnerable 3rd-party web applications While working on a network security assessment internal, external, redteam gigs etc., we often come across vulnerable 3rd-party web applications or web front-ends that allow us ...

Plecost - Wordpress Vulnerabilities Finder

Plecost is a vulnerability fingerprinting and vulnerability finder for Wordpress blog engine. Why? There are a huge number of Wordpress around the world. Most of them are exposed to be attacked and be converted into a virus, malware or illegal porn provider, without the knowledge of the blog owne...

WordPress FingerPrinter Tool: Plecost

Plecost is a vulnerability fingerprinting and vulnerability finder for WordPress blog engine Why? There are a huge number of WordPress around the world. Most of them are exposed to be attacked and be converted into a virus, malware or illegal porn provider, without the knowledge of the blog owner...

TLS Export-Grade Key Exchange Detection

Binary data 7168.pasl...

Rockwell Automation RSLinx Classic < 3.73.00 Buffer Overflow

Binary data scadarslinxclassic37300.nbin...

Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities

Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...

Alienvault OSSIM/USM 4.x / 5.0 XSS / SQL Injection / Command Execution

Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...