Hacker Target: Sending Emails from DNSDumpster - Server-Side Request Forgery to Internal SMTP Access

| Summary: | | -- | HackerTarget is a service that provides access to online vulnerability scanners and tools used by many security professionals and “makes securing your systems easier”. They also are the creators of DNSDumpster which is a popular service used for recon. | Description: | | --|...

Acunetix WVS 10 - Local Privilege Escalation

Acunetix WVS 10 - Local Privilege Escalation ''' ======================================================================== Acunetix WVS 10 - from guest to Sytem Local privilege escalation CVE: CVE-2015-4027 Author: me Daniele Linguaglossa Affected Product: Acunetix WVS 10 Exploit: Local privilege...

Flaw Lets Attackers Bypass PayPal Two-Factor Authentication

There’s a vulnerability in the way that PayPal handles certain requests from mobile clients that can allow an attacker to bypass the two-factor authentication mechanism for the service and transfer money from a victim’s account to any recipient he chooses. The flaw lies in the way that the PayPal...

Oracle Linux 6 : rtkit (ELSA-2013-1282)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2013-1282 advisory. 0.5-2 - CVE-2013-4326 Resolves: 1007174 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...