Aggregator

A vulnerability, which was classified as critical, has been found in simpleproxy 2.2b/3.0/3.1/3.2. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2005-1857. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in RIM BlackBerry Enterprise Server 4.0. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2005-2344. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Greasemonkey 0.3.3. Affected is the function api. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2005-2455. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Sun StorEdge 6130 Arrays. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to Remote Code Execution (Stored). This vulnerability was named CVE-2005-1609. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Sophos Anti-Virus up to 5.0.1 and classified as critical. This issue affects some unknown processing of the component ZIP Archive Handler. The manipulation of the argument Extra Field Length with the input 0xFFFF leads to infinite loop. The identification of this vulnerability is CVE-2005-1530. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

VAC kernel-mode bypass Fully working VAC kernel-mode bypass, it makes use of either SSDT hooks or Infinityhook to intercept VAC syscalls and ultimately spoof the results in order to bypass the memory integrity checks....

The post VAC kernel-mode bypass: Fully working kernel-mode VAC bypass appeared first on Penetration Testing Tools.

domain-protect scan Amazon Route53 across an AWS Organization for domain records vulnerable to takeover scan Cloudflare for vulnerable DNS records take over vulnerable subdomains yourself before attackers and bug bounty researchers automatically create known issues in Bugcrowd or HackerOne...

The post domain-protect: prevent subdomain takeover appeared first on Penetration Testing Tools.

CatSniffer CatSniffer (😼) is an original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT (Internet of Things) devices. It was designed as a highly portable USB stick that integrates the new...

The post CatSniffer: original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT devices appeared first on Penetration Testing Tools.

积分奖励+排名奖励

积分奖励+排名奖励

积分奖励+排名奖励

积分奖励+排名奖励

积分奖励+排名奖励

积分奖励+排名奖励

积分奖励+排名奖励

A vulnerability was found in Linux Kernel 3.16.0/3.16.1/3.16.2. It has been classified as problematic. This affects an unknown part of the component Array Garbage Handler. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2014-3631. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

Members of Loosely Organized Group Recently Tied to Partnership With RansomHub
Will the indictment of five alleged members of the loosely affiliated Scattered Spider cybercrime group disrupt its wider activities? The current count of known attacks tied to the group stands at over 130, but the accused have so far been tied by the FBI to only 45 of the attacks.

Red Team Finds Vulnerabilities in Critical Infrastructure Org’s Security Framework
The U.S., cyber defense agency is urging critical infrastructure operators to learn from the experience of a volunteer read teaming test and not rely too heavily on host-based endpoint detection and response solutions at the expense of network layer protections.

Watchdog Agency Report Points to Unimplemented Cyber Recommendations
The U.S. Department of Health and Human Services needs to take important actions to do a better job of carrying out its duties as the lead federal agency responsible for strengthening cybersecurity in the healthcare and public health sector, said a new federal watch dog agency report.