EUVD-2019-10216

Malware in sbrugna...

CVE-2024-51258

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doSSLTunnel function...

From a TCU to Corporate Domain Admin

How we went from a telematics control unit in a vehicle to domain admin on a corporate network We’ve tested numerous telematics control units over recent years and gathered many of our findings in to some good practice guidance here. However, just occasionally we find something that blows our min...

CVE-2019-1659

A vulnerability in the Identity Services Engine ISE integration feature of Cisco Prime Infrastructure PI could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer SSL tunnel established between ISE and PI. The vulnerability is due to...

CVE-2019-1659

A vulnerability in the Identity Services Engine ISE integration feature of Cisco Prime Infrastructure PI could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer SSL tunnel established between ISE and PI. The vulnerability is due to...

Input validation

A vulnerability in the Identity Services Engine ISE integration feature of Cisco Prime Infrastructure PI could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer SSL tunnel established between ISE and PI. The vulnerability is due to...

CVE-2019-1659 Cisco Prime Infrastructure Certificate Validation Vulnerability

A vulnerability in the Identity Services Engine ISE integration feature of Cisco Prime Infrastructure PI could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer SSL tunnel established between ISE and PI. The vulnerability is due to...

Updated stunnel package fixes security vulnerability

Johan Olofsson discovered an authentication bypass vulnerability in Stunnel, a program designed to work as an universal SSL tunnel for network daemons. When Stunnel in server mode is used with the redirect option and certificate-based authentication is enabled with "verify = 2" or higher, then on...

MGASA-2015-0289 Updated stunnel package fixes security vulnerability

Johan Olofsson discovered an authentication bypass vulnerability in Stunnel, a program designed to work as an universal SSL tunnel for network daemons. When Stunnel in server mode is used with the redirect option and certificate-based authentication is enabled with "verify = 2" or higher, then on...

DSA-3299-1 stunnel4 - security update

Bulletin has no description...

[SECURITY] [DSA 2664-1] stunnel4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2664-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 2, 2013 http://www.debian.org/security/faq -...

Debian DSA-2664-1 : stunnel4 - buffer overflow

Stunnel, a program designed to work as an universal SSL tunnel for network daemons, is prone to a buffer overflow vulnerability when using the Microsoft NT LAN Manager NTLM authentication 'protocolAuthentication = NTLM' together with the 'connect'protocol method 'protocol = connect'. With these...

[SECURITY] [DSA 2664-1] stunnel4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2664-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 2, 2013 http://www.debian.org/security/faq -...