Slackware: Security Advisory (SSA:2014-013-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2018-1770, CVE-2018-1777)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about the security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

ILIAS Detection (HTTP)

HTTP based detection of ILIAS eLearning. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.140443";...

CVE-2015-1027

The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the...

Design/Logic Flaw

The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the...

CVE-2015-1027

The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the...

CVE-2015-1027

CVE-2015-1027 affects the version-checking subroutine in percona-toolkit < 2.2.13 and xtrabackup = 2.2.13 and xtrabackup >= 2.2.9), and apply vendor-specific updates as available.

CVE-2015-1027

The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the...

Kali Linux 2.0 - The Best Penetration Testing Distribution

So, what’s new in Kali 2.0? There’s a new 4.0 kernel, now based on Debian Jessie, improved hardware and wireless driver coverage, support for a variety of Desktop Environments gnome, kde, xfce, mate, e17, lxde, i3wm, updated desktop environment and tools – and the list goes on. Kali Linux is Now ...

FreeBSD : openssl -- multiple vulnerabilities (5aaa257e-772d-11e3-a65a-3c970e169bc2)

OpenSSL development team reports : Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f 6 Jan 2014 : - Fix for TLS record tampering bug CVE-2013-4353 - Fix for TLS version checking bug CVE-2013-6449 - Fix for DTLS retransmission bug CVE-2013-6450 %NASLMINLEVEL 70300 C Tenable Network Security,...

openssl -- multiple vulnerabilities

OpenSSL development team reports: Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f 6 Jan 2014: Fix for TLS record tampering bug CVE-2013-4353 Fix for TLS version checking bug CVE-2013-6449 Fix for DTLS retransmission bug CVE-2013-6450...

Debian Security Advisory DSA 2824-1 (curl - unchecked tls/ssl certificate host name)

Marc Deslauriers discovered that curl, a file retrieval tool, would mistakenly skip verifying the CN and SAN name fields when digital signature verification was disabled in the libcurl GnuTLS backend. The default configuration for the curl package is not affected by this issue since the digital...

http-wordpress-enum NSE Script

Enumerates themes and plugins of Wordpress installations. The script can also detect outdated plugins by comparing version numbers with information pulled from api.wordpress.org. The script works with two separate databases for themes wp-themes.lst and plugins wp-plugins.lst. The databases are...

CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities

Title: CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities CA Advisory Reference: CA20090126-01 CA Advisory Date: 2009-01-26 Reported By: Thierry Zoller and Sergio Alvarez of n.runs AG Impact: A remote attacker can evade detection. Summary: The CA Anti-Virus engine...

CF_Auction - Blind SQL Injection

CFAuction - Blind SQL Injection -------------------------------AlpHaNiX---------------------------------- Found By : AlpHaNiX website : www.offensivetrack.org contact : AlpHaATHACKERDOTBZ script : CFAUCTION download : null Demo : http://www.cfwebsite.com/ Exploits : --=BLIND SQL INJECTION=--...

CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability

Title: CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability CVE: CVE-2008-1472 CA Advisory Date: 2008-03-28 Reported By: Exploit code posted at milw0rm.com Impact: A remote attacker can cause a denial of service or execute arbitrary code. Summary: CA products that...