The vulnerability in the “tab setup” function of the console program Newsbeuter, for versions 0.7 to 2.9 of the Debian GNU/Linux operating system, allows a hacker to inject code.

The vulnerability of the “tab setup” function in the Newsbeuter console program, for versions 0.7 to 2.9 of the Debian GNU/Linux operating system, is related to insufficient elimination of special elements in the operating system’s data queries. Exploiting this vulnerability allows a malicious...

Command injection

The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is left open, allowing to log into Kura without any user credentials over unencrypted telnet and...

CVE-2017-7649

The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is left open, allowing to log into Kura without any user credentials over unencrypted telnet and...

CVE-2017-7649

The CVE-2017-7649 entry concerns Eclipse Kura (pre-2.1.0) where the distribution handles firewall setup and leaves the Equinox console on port 5002 accessible without credentials. The vulnerability allows login via unencrypted Telnet, with the attacker able to execute commands through the Equinox...

XFLTReaT - Tunnelling Framework

This is just one thing of many things that was missing from the Internet. If you got tired of trying several tunnelling tools for each protocols, this must be your tool framework. Available modules TCP UDP ICMP SOCKS v4, 4a, 5 HTTP CONNECT DNS A/CNAME, PRIVATE, NULL - Proof of Concept Available...

CVE-2015-5959

Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to obtain the database password by reading /logs/sql-error.log...

Security Setup Tool Untrusted Search Path Vulnerability

Security Setup Tool is a security setup tool from NIPPON TELEGRAPH AND TELEPHONE WEST, Japan. An untrusted search path vulnerability exists in Security Setup Tool. The vulnerability can be exploited by a remote attacker to gain privileges via a malicious DLL file in a directory...

Python Taint - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Static analysis of Python web applications based on theoretical foundations Control flow graphs, fixed point, dataflow analysis Features Detect Command injection Detect SQL injection Detect XSS Detect directory traversal Get a control flow graph Get a def-use and/or a use-def chain Search GitHub...

How to to implement Rights Management Service in XenMobile Secure Mail

This article will guide you with the steps to implement Rights Management Service in conjunction with the exchange server on Secure Mail Active Sync Client, 1. Install and Configure Rights Management Service. 2. Validate the Rights Management Service Configuration. 3. Enable Rights Management...

Error message "The Google Play logon request used an invalid device ID"

While setting up Google Play Credentials, we will receive the below error message on XenMobile Admin Console...

Cert Based Authentication + LDAP Enrollment failing for Cloud connector- XenMobile Setup

Under PKI entities, the test connectivity is failing for the CA server XenMobile Debug Logs : 2017-02-06T15:30:57.847+0000 | 200B97A4C77E1C34 | ERROR | http-nio-14443-exec-61 | com.sparus.nps.pki.connector.MsCertSrvConnector |TestConnection to pki url certnew.cer failed with response Headers:...

CVE-2017-10830

Untrusted search path vulnerability in Security Setup Tool all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

Design/Logic Flaw

Untrusted search path vulnerability in Security Setup Tool all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

GNU Binutils setup_group Function Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

CVE-2017-10830

Untrusted search path vulnerability in Security Setup Tool all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-10830

CVE-2017-10830 affects Security Setup Tool (all versions) from NTT West. The vulnerability is an untrusted search path (DLL search order) that allows a local attacker to gain privileges via a Trojan horse DLL placed in an unspecified directory. Documented impact indicates the potential for arbitr...

CVE-2017-13710

The setupgroup function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a group section that is too small...

UBUNTU-CVE-2017-13710

The setupgroup function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a group section that is too small...

CVE-2017-13710

The setupgroup function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a group section that is too small...

"Incorrect credentials" for device enrollment.

when setting up some accounts on mobile devices, YES can not be selected for device enrollment. When YES is selected perpetual error of incorrect credentials is received no matter how many times the username/password are typed and typed correctly...