Buffer overflow

Vulnerability in the Oracle Interaction Center Intelligence component of Oracle E-Business Suite subcomponent: Setup. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Code injection

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: Setup and Configuration. Supported versions that are affected are 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network...

Unspecified Vulnerability in Oracle Advanced Outbound Telephony

Oracle E-Business Suite E-Business Suite is a set of Oracle's fully integrated global business management software. Oracle Advanced Outbound Telephony is one of the tools used for outbound call campaign list management and predictive dialing. An unspecified vulnerability exists in the Setup and...

Unspecified Vulnerability in Oracle Advanced Outbound Telephony (CNVD-2017-30897)

Oracle E-Business Suite E-Business Suite is a set of Oracle's fully integrated global business management software. Oracle Advanced Outbound Telephony is one of the tools used for outbound call campaign list management and predictive dialing. An unspecified vulnerability exists in the Setup and...

Oracle E-Business Suite Unauthorized Operation Vulnerability (CNVD-2017-32191)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management, etc. Oracle Interaction Center Intelligence is one o...

wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake

A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used Tunneled Direct-Link Setup TDL...

CVE-2017-13086

Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Tunneled Direct-Link Setup TDLS Peer Key TPK during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...

ALPINE-CVE-2017-13086

Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Tunneled Direct-Link Setup TDLS Peer Key TPK during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...

CVE-2017-13086

Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Tunneled Direct-Link Setup TDLS Peer Key TPK during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...

How to Configure Storefront for Authentication using NetScaler Gateway

This article describes how to configure authentication at StoreFront using NetScaler Gateway - StoreFront Configuration...

Nzyme - Collects 802.11 Management Frames And Sends Them To A Graylog Setup For Wifi Ids, Monitoring, And Incident Response

Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog Open Source log management setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode. Think about this like a long-term months or years...

Partner Perspectives: Operationalizing Data With the Carbon Black and Splunk Integration (Part 1)

Editor's Note: this blog originally appeared on RedCanary.com Over the last 5 years I have grown very close to Splunk. The product has evolved so much over the years, but the core architecture has always been easy to deploy and understand. Splunk is known for the speed at which it can search for...

Open Source Wireless Security Framework: SniffAir

SniffAir is an open-source wireless security framework. Sniffair allows for the collection, management, and analyzation of wireless traffic. In additional, SniffAir can also be used to preform sophisticated wireless attacks. SniffAir was born out of the hassle of managing large or multiple pcap...

How to generate the SecureHub device side logs

How to generate the SecureHub device-side logs and setup the correct debug level on them...

WordPress 2.3.0-4.7.4 - Authenticated SQL injection

Description Due bad solution of the database abstraction library WordPress exposes itself towards SQL Injection and validation bypass. Beside WordPress itself this issue have huge impact towards complete WP ecosystem. Up to WordPress 4.8.1 is vulnerable, but this time attack is dependent from...

Apple iOS Exchange ActiveSync Authentication Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices.Exchange ActiveSync is one of the Microsoft Exchange synchronization protocols. A security vulnerability exists in the Exchange ActiveSync component in versions of Apple iOS prior to 11. A remote attacker can exploit this...

WEM - how to setup load balancing via NetScaler for multiple WEM Brokers

Setup load balancing via NetScaler for multiple WEM Brokers...

MDM/MAM Enrollment flow for Secure Hub IOS devices-On Prem Setup.

This article explains the MDM/MAM Enrollment flow for IOS devices for-On Prem Setup...

MDM/MAM Enrollment flow for Secure Hub Android devices-On Cloud Setup.

This article explains the MDM/MAM Enrollment flow for Android devices for-On Cloud Setup Where XMS Load Balance on cloud and Netscaler Gateway is on Premise...

How to Create a Perl Based Custom Monitor on NetScaler

This article describes how to create a Perl based Custom Monitor on NetScaler. Background The NetScaler appliance has a lot of different monitors inbuilt, but there are use cases these monitors do not cover. For this NetScaler supports monitors of type USER, which brings the possibility to run...