4508 matches found
Provisioning Services and Daylight Saving Time
During a Target Device TD boot or reboot, after Daylight Saving Time DST but prior to any vDisk maintenance, you might notice that the TD system time is not consistent with the system time of the PVS Server. A user has reported the inability to log on to the domain. Log on with a local user accou...
Sync Breeze Enterprise Server Buffer Overflow Vulnerability (Nov 2016)
Sync Breeze Enterprise Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Sync Breeze Enterprise 9.1.16 Buffer Overflow
!/usr/bin/python print "Sync Breeze Enterprise 9.1.16 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...
Sync Breeze Enterprise 9.1.16 - Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python print "Sync Breeze Enterprise 9.1.16 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM...
Secure Mail Error: "Access to company is not currently available"
Worx/Secure Mail Error: "Access to your company is not currently available" Errors found in the client logs: AGTunnel fails to start when attempting to proxy traffic from the NSG " 2016-11-14T11:22:11.535+0000 ",AGTunneler ,WARNING 3,"Failed to read in AGSOCKSClient, err = -8000...
Denial of service vulnerability in ntpd
Network Time Protocol NTP is a protocol used to synchronize a computer's time to its server or clock source e.g., quartz clock, GPS, etc.. Synchronizing a computer's clock to UTC ensures that data interactions in a network can proceed smoothly.NTPD Network Time Protocol daemon is an operating...
Secure Mail - Error: Access to your company network is not available
Secure Mail Client when entering the Mail Server FQDN for first time sync returns the Error "Access to your company network is not available"...
Fedora 25 : php-horde-Horde-Core (2016-866713edaf)
HordeCore 2.26.1 - jan SECURITY: Add CSRF protection tokens to portal layout forms and fix open URL redirection Reported by Florian Kllich. - jan SECURITY: enable CSRF token for configuration form again Reported by Dawid Gounski via Beyond Security's SecuriTeam Secure Disclosure program. - mjr...
tnftp: Arbitrary code execution
Background tnftp is a NetBSD FTP client with several advanced features. Description The fetchurl function in usr.bin/ftp/fetch.c allows remote attackers to execute arbitrary commands via a Impact A remote attacker could possibly execute arbitrary code with the privileges of the process. Workaroun...
SOL54211024 - OpenSSL vulnerability CVE-2016-6304
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
Command Injection
Overview Affected versions of dns-sync are vulnerable to arbitrary command execution via maliciously formed hostnames. Proof of Concept var dnsSync = require'dns-sync'; console.logdnsSync.resolve'$id /tmp/foo'; Recommendation Update to version 0.1.1 or later. References - Issue 1 - Commit d9abaae...
How to change the Sync duration of Apple DEP server and Xenmobile 10.x server.
To change the Sync duration of Apple DEP server and Xenmobile 10 server. The default syncduration is 1440 minutes...
Sync Breeze Enterprise Server <= 8.9.24 Buffer Overflow Vulnerability - Active Check
Sync Breeze Enterprise Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Sync Breeze Enterprise 8.9.24 Buffer Overflow
!/usr/bin/python print "Sync Breeze Enterprise 8.9.24 Buffer Overflow Exploit" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...
Sync Breeze Enterprise 8.9.24 - Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python print "Sync Breeze Enterprise 8.9.24 Buffer Overflow Exploit" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYST...
HackerOne: Obtain the username & the uid of the one doing the S3 sync on Hackerone
Obtain the username & uid of hackerone.com S3 using GET, it's possible to obtain the username & uid of the one doing the S3 sync on Hackerone. Doing a GET on : http://hackerone.com Give the following header : content-security-policy = default-src 'none'; base-uri 'self'; block-all-mixed-content;...
Fedora 24 : php-horde-Horde-Core (2016-559248f95a)
HordeCore 2.26.1 - jan SECURITY: Add CSRF protection tokens to portal layout forms and fix open URL redirection Reported by Florian Kllich. - jan SECURITY: enable CSRF token for configuration form again Reported by Dawid Gounski via Beyond Security's SecuriTeam Secure Disclosure program. - mjr...
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:2195-1)
Mozilla Firefox was updated to 45.3.0 ESR to fix the following issues bsc991809 : - MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards rv:48.0 / rv:45.3 - MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed - MFSA 2016-64/CVE-2016-2838...
Opera's browser synchronization service hacked, user data and stored passwords leaked-vulnerability warning-the black bar safety net
8 month 2 6 day night, the well-known browser vendor Opera's announcement represents its cloud synchronization service suffered a hacker attack, open a browser synchronization feature of the user will be affected. ! Opera Company of a station for storing the user data synchronization server is...
1.7 Million Opera Browser Users Told To Reset Passwords
Opera Software is warning 1.7 million users of its Opera web browser sync feature of a possible attack that exposes passwords to hackers. In a security bulletin posted on Friday, the company said its Opera sync system showed “signs of an attack” and asked users to change their Opera sync password...