Softing Secure Integration Server Login Utility

This module will attempt to authenticate to a Softing Secure Integration Server. Module Options msf use auxiliary/scanner/http/softingsislogin msf auxiliarysoftingsislogin show actions ...actions... msf auxiliarysoftingsislogin set ACTION msf auxiliarysoftingsislogin show options ...show and set...

K15882: TLS1.x padding vulnerability CVE-2014-8730

Security Advisory Description Incorrect TLS padding may be accepted when terminating TLS 1.x CBC cipher connections. CVE-2014-8730 Impact Attackers may be able to calculate the plaintext of secure connections. Security Advisory Status F5 Product Development has assigned IDs 451218, 450804, and...

CVE-2019-9689

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

CVE-2019-9689

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

UBUNTU-CVE-2019-9689

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

CVE-2019-9689

processcertificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates...

Buffer overflow

tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the needbytes value is mismanaged...

Symantec Messaging Gateway 10 Exposure of Stored AD Password Vulnerability

This module will grab the AD account saved in Symantec Messaging Gateway and then decipher it using the disclosed Symantec PBE key. Note that authentication is required in order to successfully grab the LDAP credentials, and you need at least a read account. Version 10.6.0-7 and earlier are...

F5 Networks BIG-IP : TLS1.x padding vulnerability (K15882)

Incorrect TLS padding may be accepted when terminating TLS 1.x CBC cipher connections. CVE-2014-8730 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution K15882. The text description of this plugin is C F5 Networks...

SOL15882 - TLS1.x padding vulnerability CVE-2014-8730

2 If you are planning to upgrade to BIG-IP APM 11.4.1 HF6 or 11.5.1 HF6 to mitigate this issue, you should instead upgrade to 11.4.1 HF7 or 11.5.1 HF7 to avoid an issue specific to BIG-IP APM. For more information, refer to SOL15914: The TMM process may restart and produce a core file after...

GlassFish Brute Force Utility

This module attempts to login to GlassFish instance using username and password combinations indicated by the USERFILE, PASSFILE, and USERPASSFILE options. It will also try to do an authentication bypass against older versions of GlassFish. Note: by default, GlassFish 4.0 requires HTTPS, which...

Ubuntu Update for fetchmail vulnerability USN-405-1

Ubuntu Update for Linux kernel vulnerabilities USN-405-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4051.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for fetchmail vulnerability USN-405-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...