518 matches found
UBUNTU-CVE-2017-13087
Wi-Fi Protected Access WPA and WPA2 that support 802.11v allows reinstallation of the Group Temporal Key GTK when processing a Wireless Network Management WNM Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients...
UBUNTU-CVE-2017-13081
Wi-Fi Protected Access WPA and WPA2 that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key IGTK during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients...
CVE-2017-13078
Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients...
UBUNTU-CVE-2017-13078
Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients...
UBUNTU-CVE-2017-13080
Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients...
[SECURITY] Fedora 26 Update: synfig-1.2.0-9.fc26.1
Synfig is a powerful, industrial-strength vector-based 2D animation software, designed from the ground-up for producing feature-film quality animation with fewer people and resources. It is designed to be capable of producing feature-film quality animation. It eliminates the need for tweening,...
Evolving Analytics for Execution Trace Data
Five years ago, Mandiant released a proof of concept tool named ShimCacheParser, along with a blog post titled “Leveraging the Application Compatibility Cache in Forensic Investigations”. Since then, ShimCache metadata has become increasingly popular as a source of forensic evidence, both for...
Evolving Analytics for Execution Trace Data
Five years ago, Mandiant released a proof of concept tool named ShimCacheParser, along with a blog post titled “Leveraging the Application Compatibility Cache in Forensic Investigations”. Since then, ShimCache metadata has become increasingly popular as a source of forensic evidence, both for...
WordPress SEO by Yoast 1.7.3.3 SQL Injection Vulnerability
WordPress SEO by Yoast plugin versions 1.7.3.3 and below suffer from a remote blind SQL injection vulnerability. Title: WordPress SEO by Yoast = 1.7.3.3 - Blind SQL Injection Version/s Tested: 1.7.3.3 Patched Version: 1.7.4 CVSSv2 Base Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C CVSSv2...
Software Defense: mitigating heap corruption vulnerabilities
Heap corruption vulnerabilities are the most common type of vulnerability that Microsoft addresses through security updates today. These vulnerabilities typically occur as a result of programming mistakes that make it possible to write beyond the bounds of a heap buffer a spatial issue or to plac...
Mandriva Linux Security Advisory : rpmdevtools (MDVSA-2013:123)
Updated rpmdevtools package fixes security vulnerability : A TOCTOU race condition was found in the way 'annotate-output' used to execute a program annotating the output linewise with time and stream tool of rpmdevtools before 8.3 performed management of its temporary files used for standard outp...
Multiple OpenSSL vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IBM SECURITY ADVISORY First Issued: Fri Mar 15 03:20:11 CDT 2013 The most recent version of this document is available here: | Updated: Wed Jun 5 10:22:29 CDT 2013 | Update: Fix available for FIPS version | Update: Corrected CVSS base score and vector...
Session Race Conditions and Session Puzzling – Now Simplified
Session Race Conditions and Session Puzzling – Now Simplified A few months ago Shay Chen , Senior Manager at Hacktics Advanced Security Center HASC published a paper about Session Puzzling , a new application level attack vector of critical severity and numerous uses, but for some bizarre reasons...
Session Race Conditions and Session Puzzling – Now Simplified
Session Race Conditions and Session Puzzling – Now Simplified A few months ago Shay Chen, Senior Manager at Hacktics Advanced Security Center HASC published a paper about Session Puzzling, a new application level attack vector of critical severity and numerous uses, but for some bizarre reasons,...
kernel: orinoco: fix TKIP countermeasure behaviour
The orinocoioctlsetauth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading Wi-Fi frames...
PT-2012-1310 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37 Description: The issue is related to the orinoco ioctl set auth function in the Linux kernel, which does not properly implement a TKIP protection mechanism. This makes it easier for remote attackers to...
Microsoft Office Word HTML Linked Objects Memory Corruption Vulnerability - CVE-2010-1903
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Microsoft Office Word HTML Linked Objects Memory Corruption Vulnerabilit...
Novus 1.0 (notas.asp nota_id) Remote SQL Injection Vulnerability
No description provided by source. Novus - Sistema de administracion y contenido. bug: Sql Inyection. official site: http://novus.com.mx d0rk: "Powered by Novus" free: no system: asp bug found by ka0x D.O.M TEAM we: ka0x, an0de, xarnuz, s0cratex ka0x01atgmail.com tables: 1- anota.notaid 2-...