Penetration Testing Mode:
(Page 1 of 638)  1 2 3 4 5 6 7 8 9 10 11  Next >
Arachni Framework v1.4 & WebUI v0.5.10 have been released (Web Application Security Scanner) 2016-02-09
Tasos Laskos (tasos laskos gmail com)
Hey folks,

There's a new version of Arachni, a modular and high-performance Web Application Security Scanner Framework.

The highlights of this release are:

* Massive performance improvements (approx. 5 times faster browser operations,
much reduced less RAM and CPU usage).
* Significantly improv

[ more ]  [ reply ]
[HITB-Announce] #HITB2016AMS CFP Closes in < 3 Weeks 2016-01-21
Hafez Kamal (aphesz hackinthebox org)
The Call for Papers for HITBSecConf2016 - Amsterdam (#HITB2016AMS)
closes in approximately 3 weeks! Working on something interesting? Submit!

Call for Papers: http://cfp.hackinthebox.org/
Deadline: 14th February

An initial list of accepted talks and speakers has just been announced:

- Virtualizat

[ more ]  [ reply ]
Faraday 1.0.16: (Group vulns by fields, Filter false-positives, Canvas plugin) 2015-12-21
Francisco Amato (famato infobytesec com)
We are proud to present Faraday v1.0.16!

This version comes with major changes to our Web UI, including the
possibility to mark vulnerabilities as false positives. If you have a
Pro or Corp license you can now create an Executive Report using only
confirmed vulnerabilities, saving you even more tim

[ more ]  [ reply ]
Call for Papers -YSTS X - Information Security Conference, Brazil 2015-12-21
Luiz Eduardo (le ysts org)
Hello Pen-test readers and sorry for the possible cross-postings you
might see, on behalf of the conference's organization team I would
like to let you know that YSTS X's CFP is currently opened.

==

YSTS 10th Edition

Where: Sao Paulo, Brazil

When: June 13th, 2016

Call for Papers Opens: Decembe

[ more ]  [ reply ]
[HITB-Announce] HITB2016AMS Call for Papers 2015-12-03
Hafez Kamal (aphesz hackinthebox org)
The Call for Papers for the 7th annual Hack In The Box Security
Conference in The Netherlands is now open!

Call for Papers: http://cfp.hackinthebox.org/
Event Website: http://conference.hitb.org/hitbseccconf2016ams/

HITBSecConf has always been an attack oriented deep-knowledge research
event aimed

[ more ]  [ reply ]
[ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite XXE injection
Advisory ID: [ERPSCAN-15-030]
Advisory URL: http://erpscan.com/advisories/erpscan-15-030-oracle-e-business-suite-xxe
-injection-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFORMATION

Clas

[ more ]  [ reply ]
[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite - XXE injection
Advisory ID: [ERPSCAN-15-029]
Advisory URL: http://erpscan.com/advisories/erpscan-15-029-oracle-e-business-suite-xxe
-injection-vulnerability/
Date published: 21.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFORMATION

Cl

[ more ]  [ reply ]
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite XXE injection
Advisory ID: [ERPSCAN-15-028]
Advisory URL: http://erpscan.com/advisories/erpscan-15-028-oracle-e-business-suite-xxe
-injection-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFORMATION

Clas

[ more ]  [ reply ]
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite Cross-site Scripting
Advisory ID: [ERPSCAN-15-027]
Advisory URL:http://erpscan.com/advisories/erpscan-15-027-oracle-e-business-suite
-cross-site-scripting-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFO

[ more ]  [ reply ]
[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite SQL injection
Advisory ID: [ERPSCAN-15-026]
Advisory URL: http://erpscan.com/advisories/erpscan-15-026-oracle-e-business-suite-sql
-injection-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle

2. VULNERABILITY INFORMATION

Clas

[ more ]  [ reply ]
[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
1. ADVISORY INFORMATION

Title: Oracle E-Business Suite - Database user enumeration
Advisory ID: [ERPSCAN-15-025]
Advisory URL: http://erpscan.com/advisories/erpscan-15-025-oracle-e-business-suite-dat
abase-user-enumeration-vulnerability/
Date published:20.10.2015
Vendors contacted: Oracle

2. VULNER

[ more ]  [ reply ]
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
ERPScan inc (erpscan online gmail com)
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS
service - Unauthorized Access

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver AS JAVA, probably others
Vendor URL: http://SAP.com
Bugs: Unauthorized access
Sent: 20.04.2013
Reported: 21.04.2013
Vendor response: 21.04.201

[ more ]  [ reply ]
t2'15: Challenge to be released 2015-09-19 10:00 EEST 2015-09-14
Tomi Tuominen (tomi tuominen t2 fi)
Hi,

After last yearâ??s t2 we spent the cold winter months browsing through online auctions for historical data processing equipment. Just like LinkedIn profiles revealing sensitive projects and inside information, old devices and mass storage units can be a treasure trove for the lucky.

The myste

[ more ]  [ reply ]
[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
ERPSCAN Research Advisory [ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver AS ABAP, probably others
Vendor URL: http://SAP.com
Bugs: Hardcoded credentials
Sent: 06.03.2014
Reported: 07.03.2014
Vendor response

[ more ]  [ reply ]
[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
ERPSCAN Research Advisory [ERPSCAN-15-015] SAP NetWeaver AS ABAPâ??
Hardcoded Credentials

Application: SAP NetWeaver
Versions Affected: SAP NetWeaver AS ABAP, probably others
Vendor URL: http://SAP.com
Bugs: Hardcoded credentials
Sent: 06.03.2014
Reported: 07.03.2014
Vendor response:

[ more ]  [ reply ]
[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09
ERPScan inc (erpscan online gmail com)
ERPSCAN Research Advisory [ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE
in Add Repository

Application: SAP Mobile Platform
Versions Affected: SAP Mobile Platform 3, probably others
Vendor URL: http://SAP.com
Bugs: XML External Entity
Sent: 13.03.2015
Reported: 14.03.2015
Vendor response:

[ more ]  [ reply ]
nullcon se7en CFP is open 2015-08-26
nullcon (nullcon nullcon net)
Dear Friends,

Welcome to nullcon se7en!

$git commit -a <sin>

<sin> := wrath | pride | lust | envy | greed | gluttony | sloth

nullcon is an annual security conference held in Goa, India. The focus
of the conference is to showcase the next generation of offensive and
defensive securi

[ more ]  [ reply ]
SpiderFoot 2.5.0 released 2015-08-04
Steve Micallef (steve binarypool com)
Hi all,

SpiderFoot 2.5.0 is now available, with more modules, added
functionality and bug fixes since 2.3.0 was last announced on this list.
SpiderFoot is an open source intelligence gathering / reconnaissance
tool utilising over 40 data sources and methods, all driven through a
snappy web UI.

[ more ]  [ reply ]
Arachni Framework v1.2 & WebUI v0.5.7.1 have been released (Web Application Security Scanner) 2015-07-16
Tasos Laskos (tasos laskos gmail com)
Hey folks,

There's a new version of Arachni, a modular and high-performance Web Application Security Scanner.

The highlights of this release are:

* Many optimizations to reduce RAM and CPU consumption.
* SSL interception for websites with HSTS.
* Support for tracking jQuery delegated events.
* Su

[ more ]  [ reply ]
Ruxcon 2015 Final Call For Presentations 2015-07-06
cfp ruxcon org au
Ruxcon 2015 Final Call For Presentations
Melbourne, Australia, October 24-25
CQ Function Centre

http://www.ruxcon.org.au

The Ruxcon team is pleased to announce the first round of Call For Presentations for Ruxcon 2015.

This year the conference will take place over the weekend of the 24th and 25th

[ more ]  [ reply ]
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher
Buffer Overflow - RCE, DoS

Application: SAP NetWeaver Dispatcher
Versions Affected: SAP NetWeaver Dispatcher, probably others
Vendor URL: http://SAP.com
Bugs: RCE
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-004] SAP NetWeaver Portal
XMLValidationComponent - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-005] SAP Mobile Platform - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-005] SAP Mobile Platform - XXE

Application: SAP Mobile Platform 2.3
Versions Affected: SAP Mobile Platform 2.3, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 06.11.14
Repor

[ more ]  [ reply ]
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-006] SAP NetWeaver Portal
ReportXmlViewer - XXE

Application: SAP NetWeaver Portal 7.31
Versions Affected: SAP NetWeaver Portal 7.31, probably others
Vendor URL: http://SAP.com
Bugs: XXE
Sent: 09.12.20

[ more ]  [ reply ]
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console
ReadProfile Parameters - Information disclosure

Application: SAP Management Console
Versions Affected: SAP NW 7.4 Management Console, probably others
Vendor URL: http://SAP.com
Bugs: Info

[ more ]  [ reply ]
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS
in the module XeClient.Dll

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.2014
Reported:

[ more ]  [ reply ]
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-009] SAP Afaria 7 XcListener -
Missing authorization check

Application: SAP Afaria 7
Versions Affected: SAP Afaria 7, probably others
Vendor URL: http://SAP.com
Bugs: Missing authorization check
Sent:

[ more ]  [ reply ]
[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16
- DoS

Application: SYBASE SQL Anywhere 12 and 16
Versions Affected: SYBASE SQL Anywhere 12 and 16, probably others
Vendor URL: http://SAP.com
Bugs: DoS
Sent: 09.12.20

[ more ]  [ reply ]
[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
ERPSCAN Research Advisory [ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE

Application: SAP Mobile Platform 3.0
Versions Affected: SAP Mobile Platform 3.0, probably others
Vendor URL: http://SAP.com
Bugs: XML eXternal Entity
Sent: 29.12.2014

[ more ]  [ reply ]
(Page 1 of 638)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus