Category Archives: Vulnerabilities

OpenSSL Released a fix to four vulnerabilities

openssl

OpenSSL have an update for the encryption package, the new version comes to fix four security vulnerabilities including a high severity vulnerability that allows attacker to perform a denial of service attack on vulnerable servers.this bug can be exploited by parsing

Shellshock DHCP client exploitation

Vulnerabilities

Over this week the infosec community are busy in testing the bash shellshock vulnerability. Geoff Walton a senior security consultant for TrustedSec have posted the way to exploit the bash bug in the DHCP protocol. the DHCP is widely used in most

OpenSSH not anymore depending on OpenSSL

openssh

OpenSSH is an important set of programs that is used to encrypt communication and connect to servers over SSH. This is the standard way used by many system administrators to remotely manage thousands of servers. For long time developers have

Bypassing Lockscreen Vulnerability on Ubuntu 14.04 Patched

On the 16th of April a vulnerability report has been issued for Ubuntu operating system that allow user to bypass lock screen interface password protection. The system can be accessed without authorization, payload or any code while all what you

End User Considerations For OpenSSL Vulnerabilities

Heartbleed

OpenSSL vulnerabilities could enable a remote hacker to gain access to sensitive data, including secret keys and authentication credentials, via incorrect memory handling. Some of these vulnerabilities could also cause potential leak of non-encrypted information and DTLS (Datagram Transport Layer

Heartbleed Critical Vulnerability in OpenSSL

Heartbleed

The security community is actively discussing over this week the openssl vulnerability that allows attacker to exploit the Heartbeat TLS and receive 64KB in the RAM memory. The attack can be repeated continuously to get sensitive information from end users

Microsoft to release 4 patches in January

Patch Windows

Microsoft have released the first advance notification for this year with only 4 security bulletins. there is no critical security bulletin but we have one important which is a remote code execution vulnerability.   Windows operating systems, Office and Dynamics