Windows Manage Remote Point-to-Point Tunneling Protocol

This module initiates a PPTP connection to a remote machine VPN server. Once the tunnel is created we can use it to force the victim traffic to go through the server getting a man in the middle attack. Be sure to allow forwarding and masquerading on the VPN server mitm. This module requires...

Fedora 18 : curl-7.27.0-9.fc18 (2013-6766)

prevent an artificial timeout event due to stale speed-check data 906031 - show proper host name on failed resolve 957173 fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Fedora 19 : curl-7.29.0-6.fc19 (2013-6780)

prevent an artificial timeout event due to stale speed-check data 906031 - show proper host name on failed resolve 957173 fix cookie tailmatching to prevent cross-domain leakage CVE-2013-1944 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Windows Gather Deleted Files Enumeration and Recovering

This module lists and attempts to recover deleted files from NTFS file systems. Use the FILES option to guide recovery. Leave this option empty to enumerate deleted files in the DRIVE. Set FILES to an extension e.g., "pdf" to recover deleted files with that extension, or set FILES to a comma...

Tips for DAG Exchange Backup and Replication in vSphere

vSphere Snapshot Improvements This article was initially written when vSphere 5 snapshot operations were known and expected to cause small amounts of I/O stun to a VM's guest OS. Improvements in the latter vSphere versions, including significant changes to snapshot operation methodology in vSpher...

DEBIAN-CVE-2012-6540

The doipvsgetctl function in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IPVSSOGETTIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CentOS 6 : squid (CESA-2013:0505)

Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

UBUNTU-CVE-2012-6540

The doipvsgetctl function in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IPVSSOGETTIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CVE-2013-0931

EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration...

Design/Logic Flaw

EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration...

CVE-2013-0931

EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration...

Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20130221)

An input sanitization flaw was found in the modnegotiation Apache HTTP Server module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use this flaw to conduct cross-site scripting attacks against users visiting th...

Nmap NSE 6.01: ms-sql-info

Attempts to determine configuration and version information for Microsoft SQL Server instances. SQL Server credentials required: No will not benefit from 'mssql.username' & 'mssql.password'. Run criteria: Host script: Will always run. Port script: N/A NOTE: Unlike previous versions, this script...

squid security and bug fix update

7:3.1.10-16 - Resolves: 888198 - CVE-2012-5643: improved upstream patch 7:3.1.10-15 - Reverts: 861062 - Squid delays on FQDNs that don't contains AAAA record 7:3.1.10-14 - Resolves: 888198 - CVE-2012-5643: patch 7:3.1.10-13 - Resolves: 888198 - CVE-2012-5643: DoS excessive resource consumption...

httpd security, bug fix, and enhancement update

2.2.15-26.0.1.el6 - replace index.html with Oracle's index page oracleindex.html update vstring in specfile 2.2.15-26 - htcacheclean: exit with code 4 also for 'restart' action 805810 2.2.15-25 - htcacheclean: exit with code 4 if nonprivileged user runs initscript 805810 - rotatelogs: omit the...

RHEL 6 : squid (RHSA-2013:0505)

Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 6 : httpd (RHSA-2013:0512)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0512 advisory. The httpd packages contain the Apache HTTP Server httpd, which is the namesake project of The Apache Software Foundation. An input...

Moderate: Red Hat Security Advisory: squid security and bug fix update

Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Ubuntu: Security Advisory (USN-1716-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.10 : gnome-screensaver vulnerability (USN-1716-1)

It was discovered that gnome-screensaver did not start automatically after logging in. This may result in the screen not being automatically locked after the inactivity timeout is reached, permitting an attacker with physical access to gain access to an unlocked session. Note that Tenable Network...