Collection Of Free Computer Forensic Tools

Disk tools and data capture Name | From | Description ---|---|--- DumpIt | MoonSols | Generates physical memory dump of Windows machines, 32 bits 64 bit. Can run from a USB flash drive. EnCase Forensic Imager | Guidance Software | Create EnCase evidence files and EnCase logical evidence files...

CVE-2013-6466

Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon restart via IKEv2 packets that lack expected payloads...

[Autopsy] Digital Investigation Analysis

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory...

Triangle MicroWorks DNP3畸形数据Set/Device属性处理非法数据访问漏洞

Triangle MicroWorks是一家总部设在美国的公司，Triangle MicroWorks产品是单机或第三方组件产品，使用各种传输协议与外设/从设备进行通信OPC Client, IEC 60870-6 TASE.2/ICCP Client, IEC 60870-5, DNP3, Modbus。 Triangle Research DNP3从源代码库Slave Source Code Library处理进行数据set和device属性时存在缺陷，可导致访问非法数据访问而使链接该库的应用程序崩溃。 0 Triangle MicroWorks DNP3 Slave Source...

UBUNTU-CVE-2013-7447

Integer overflow in the gdkcairosetsourcepixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service crash via a large image file, which triggers a large...

Solaris 10 (sparc) : 148135-01 (deprecated)

SunVTS 7.0: Patch Set 14 consolidation pat. Date this patch was last updated by Sun : Apr/30/12 This plugin has been deprecated and either replaced with individual 148135 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@...

Solaris 10 (sparc) : 147446-01 (deprecated)

SunVTS 7.0: Patch Set 12. Date this patch was last updated by Sun : Sep/22/11 This plugin has been deprecated and either replaced with individual 147446 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2018/03/12...

Cross site scripting

Cross-site scripting XSS vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form...

PT-2013-5004 · Red Hat · Red Hat Enterprise Mrg Grid

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise MRG Grid version 2.4 Description: A cross-site scripting XSS issue exists in the web interface for cumin, allowing remote attackers to inject arbitrary web script or HTML via the Max allowance field in the "Set limit" form...

cumin: non-persistent XSS possible due to not escaping set limit form input

Cross-site scripting XSS vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form...

cumin: non-persistent XSS possible due to not escaping set limit form input

Cross-site scripting XSS vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form...

UBUNTU-CVE-2013-6171

checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by attaching to the process and using a restricted file descriptor to modify account information in the...

Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability

A Symantec researcher has discovered a new Linux worm, targeting machine-to-machine devices, and exploits a PHP vulnerability CVE-2012-1823 to propagate that has been patched as far back as May 2012. Linux worm, which has been dubbed Linux.Darlloz, poses a threat to devices such as home routers a...

Linux worm targeting Routers, Set-top boxes and Security Cameras with PHP-CGI Vulnerability

None...

Unbreakable Enterprise Kernel security update

kernel-uek 2.6.32-400.33.3uek - afkey: fix info leaks in notify messages Mathias Krause Orabug: 17837974 CVE-2013-2234 - drivers/cdrom/cdrom.c: use kzalloc for failing hardware Jonathan Salwan Orabug: 17837971 CVE-2013-2164 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook...

CVE-2013-4617

Jahia xCM before 6.6.2 does not include the HTTPOnly flag in a Set-Cookie header for the JSESSIONID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

Design/Logic Flaw

Jahia xCM before 6.6.2 does not include the HTTPOnly flag in a Set-Cookie header for the JSESSIONID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

CVE-2013-4617

Jahia xCM before 6.6.2 does not include the HTTPOnly flag in a Set-Cookie header for the JSESSIONID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

CVE-2013-4617

CVE-2013-4617 affects Jahia xCM prior to 6.6.2. The issue is that the Set-Cookie header for the JSESSIONID cookie does not use the HTTPOnly flag, which can allow remote attackers to access the cookie via client-side scripts and potentially expose sensitive information. The provided documents conf...

libguestfs security, bug fix, and enhancement update

1:1.20.11-2 - Fix CVE-2013-4419: insecure temporary directory handling for guestfish's network socket resolves: rhbz1019737 1:1.20.11-1 - Rebase to libguestfs 1.20.11. resolves: rhbz958183 - Remove buildnet: builds now detect network automatically. - The rhel-6.x branches containing the patches...