Category Archives: Vulnerabilities

GHOST a 14 year old vulnerability in Linux


New vulnerability have been discovered by Qualys security researchers called GHOST that affect Linux based systems in the  glibc-2.2 (GNU C Library) since 2000. Ghost allow attacker to control a system without having any credentials. The vulnerability may exist on

RPEF- Tool to generate routers firmware with backdoor


Network devices and routers are the best target for several reasons such as  they include a firmware that can be shipped with backdoor and there is no antivirus to detect/identify malicious code on the firmware. This makes with each router

Microsoft released 7 patches for December


Over this week Microsoft have released their monthly windows update that fix several security vulnerabilities. 7 patches that address security issues in Internet explorer, Windows operating system , Microsoft office and Microsoft exchange server. among the updates we have 3

Researchers released a script to decrypt and extract LastPass Master Password

master password

On DefCamp 2014 conference in Romania security researcher Alex Balan demonstrated a new way that allows attacker to grab master password on LastPass system which integrate itself in browser, mobile app or webapp. this technology gives user to have a

OpenSSL Released a fix to four vulnerabilities


OpenSSL have an update for the encryption package, the new version comes to fix four security vulnerabilities including a high severity vulnerability that allows attacker to perform a denial of service attack on vulnerable servers.this bug can be exploited by parsing

Shellshock DHCP client exploitation


Over this week the infosec community are busy in testing the bash shellshock vulnerability. Geoff Walton a senior security consultant for TrustedSec have posted the way to exploit the bash bug in the DHCP protocol. the DHCP is widely used in most

OpenSSH not anymore depending on OpenSSL


OpenSSH is an important set of programs that is used to encrypt communication and connect to servers over SSH. This is the standard way used by many system administrators to remotely manage thousands of servers. For long time developers have