7422 matches found
[SECURITY] [DSA 2915-2] dpkg security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2915-2 [email protected] http://www.debian.org/security/ Raphael Geissert April 30, 2014 http://www.debian.org/security/faq -...
[BSA-095] Security Update for openssh
Colin Watson uploaded new packages for openssh which fixed the following security problems: CVE-2014-2532 DSA-2894-1 Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to trick OpenSSH into accepting any environment variable...
OWASP ZAP v2.3.0 - An easy to use integrated penetration testing tool for finding vulnerabilities in web applications
OWASP Zed Attack Proxy ZAP An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing...
BarracudaDrive 6.7.1 Cross Site Scripting
Title : BarracudaDrive Multiple XSS Vulnerabilities Author : Shakeel Bhat SecPod Technologies Pvt. Ltd. http://www.secpod.com Vendor : http://barracudadrive.com Advisory : http://secpod.org/blog/?p=2309 http://secpod.org/advisories/SecPodAdvistoryBarracudaDrive6.7.1MultXSSVuln.txt Software :...
Web application Advanced Security: IronWASP
Web application Advanced Security: IronWASP IronWASP Iron Web application Advanced Security testing Platform is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Thou...
IronWASP 2014 - One of the world's best web security scannners
Find security issues on your website automatically using IronWASP, one of the world's best web security scannners. Here's what is new: 1 Login recording Now you can easily just record a login sequence and use it in vulnerability scans and other automated tests. See video tutorial. 2 Automatically...
New NIST AppVet Aims to Streamline Application Security
Apple and Google put developers’ apps through a relatively vigorous screening process before they make their way into their respective app stores. Now developers who produce apps intended for use on internal networks at government agencies can get a vetting process of their own. The National...
DSA-2911-1 icedove - security update
Bulletin has no description...
[SECURITY] [DSA 2905-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2905-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 15, 2014 http://www.debian.org/security/faq -...
HP LoadRunner Virtual User Generator远程代码执行漏洞
Bugtraq ID:66961 CVE ID:CVE-2013-6213 HP LoadRunner是一款惠普公司开发的性能测试工具。 HP LoadRunner存在一个未明安全漏洞,允许远程攻击者利用漏洞执行任意代码。 0 HP LoadRunner 11.x HP LoadRunner v11.52 Patch 1版本已修复该漏洞,建议用户下载使用: https://www.hp.com/...
FS-NyarL - Network Takeover & Forensic Analysis Tool
NyarL it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony. It's represent Crawling Chaos and FS-NyarL it's The Crawling Chaos of Cyber Security :- A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit - but use it at...
DSA-2909-1 qemu - security update
Bulletin has no description...
Burp Suite Professional v1.6 - The leading toolkit for web application security testing
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security...
DSA-2905-1 chromium-browser - security update
Bulletin has no description...
Kvasir - Penetration Testing Data Management Tool
Penetration Testing Data Management can be a nightmware, because well you generate a LOT of data and some information when conducing a penetration test, especially using tools – they return lots of actual and potential vulnerabilitites to review. Port scanners can return thousands of ports for ju...
OWASP ZAP 2.3.0.1 - An easy to use integrated penetration testing tool for finding vulnerabilities in web applications
The OWASP Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration...
Exploit for Out-of-bounds Read in Openssl
CVE-2014-0160 Links https://github.com/DisK0nn3cT/MaltegoH...
Than imagined more terror! OpenSSL“effort”vulnerability in-depth analysis-vulnerability warning-the black bar safety net
Author: yaoxi original source http://blog.wangzhan.360.cn/ Recently, OpenSSL broke this year's most serious security vulnerability in the hacker community is named“heart bleed”vulnerability. 3 6 0 site Guard security team of the vulnerability analysis, the vulnerability is not only related to htt...
Exploit for Out-of-bounds Read in Openssl
HeartBleed Tester & Exploit --------------------------- NB Ne...
DSA-2898-1 imagemagick - security update
Bulletin has no description...