Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Share tech news, updates, or what's on your mind.

Sign up to Post

Our current McAfee NIDS is going to be EOSL soon so we're considering
whether to upgrade to Intel McAfee's   Threat Defense Lifecycle or
dedicated NIDS or integrate NIDS function into our existing Checkpoint
NGFW firewall?  

It's a perimeter NIDS (not internal network NIDS)

Kindly assess in terms of
a) performance : with dedicated NIDS, it won't affect firewall's performance?
b) however, dedicated NIDS, need an extra console?  Lack's integration with
     firewall (to block bad/malicious source IP ??) ?
c)  any other ...  ??

I see a trend by vendors coming out with unified products from Cisco,
Sophos, so does this mean this is the way to go ?
0
Get 15 Days FREE Full-Featured Trial
LVL 1
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

The formerly known as Sentinel & now named as EPT is a forensics &
anti-malicious activities (process & memory scans) product.

Anyone (esp those who have used / assessed it) care to share reviews on it:
a) how easy to use & accurate/thorough is its forensics
b) does it have predictive capabilities of malicious behaviors
c) how does it compare with competing products?
d) does it deal with apps vulnerabilties like injections & XSS ?
e) it was supposed to deal with APT (Advanced Persistent Threats):
    does it deal with 0-day (signatureless?) malwares ?
0
Can you please suggest best IT security vulnerability reporting software like hackerone which will be also cost effective.
0
Hello All,

I stuck with very odd issue .

One server running with 2k8r2 last patched on Aug 2015 not due to wannacry client asking to patch the server.
If i am checking the old patches in WSUS ,its showing declined & expire .
This server doesn't have internet , I try to installed monthly rollup for march but it got failed.

Is there any way to patch the server ???????
Please help
0
Hello.
I need an advise of Kaspersky Security Center expert.

We have bought the SELECT licence so Kaspersky is unable to patch software vulnerabilities automatically. We need to do it manually. No problem. For example when I see Adobe Flash NPAPI/ActiveX vulnerabilities than I download the newest versions from official websites and deploy them to the computers containing vulnerabilities. Updates are successfully installed to the newest version BUT Kaspersky keeps saying that vulnerabilities for Adobe Flash NPAPI/ActiveX still exist there.

I do not think it is problem of Kaspersky software. Updates are often successful and solve vulnerability issues. But sometimes (it's usually problem of Adobe software) vulnerabilities persist. I would like to get rid of them but it's impossible even with the updated software.

Can someone explain me why?

I thought it could be problem of OS version (we use Win7 + 15PCs with WinXP) but after testing I found there is no difference.

So if you know the way how to update the software with removing vulnerabilities, please let me know.
0
Without logging into the server, is there a way to scan if the server
has Apache Struts in it?

Do quote any free tools.  Will the commandline wget or curl help?

We have McAfee Vulnerability Manager but seems like it's specific to
certain CVEs but what we want is not to establish if the Struts version is
vulnerable (or has been patched), just to know if Struts is present.
0
I need to email bank account details for the transfer of a large sum of money from the U.K. to the U.S.
I would never provide the details in an open email.
But for the sake of accuracy and as a matter of record I was wondering if i sent a .pdf attachment with the details whether this would be
100% secure.
Alternatively there is the possibility of using the private messaging system of the organisation of which I am a client.

Can the experts give me their views please on the  relative merits of each option.
Thank you.
0
I have a web site the consistently get DDos attacks , I've changed several of hosting provider with no success.

Only one in Canada seems to block the DDoS attacks , but I'm looking for some hosting in the US. that can deal with it, and block it.

Any suggestions?
0
Hi

guys any review, expirence with this SIEM software http://www.gfi.com/ 

thank you
0
I have been trying for a few days to create a media restore point - one that won't be used on this system but I thought I should get it.  I have been getting a couple of errors (I wrote them down but I can only find the one piece of paper: Page_Fault_in_Non_Page_Area

I tried a few different USB drives but none of them worked.  I have ran a sfc / chkdsk on everything - even ran it when it rebooted and rebooted in safe mode.

I did a HiJackThis Analyzer - seems OK - ignore the hosts file, that's mine
Reource MonitorCPU Monitor
Windows 10 64G
0
Industry Leaders: We Want Your Opinion!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Please could you explain for me how does a method
public void doItMulti()

Open in new window

works.
May be you could draw for me  some action UML or sequence or any other behavior UML. May be you could provide for this methods some useful and detail comments for each line of code. Thx for your help in advance !

package bfpasswrd;

import java.util.ArrayList;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;

public class PasswordCracker
{

String passwordToCrack;
public boolean passwordFound;
int min;
int max;
StringBuilder crackedPassword;

public void prepare(String text)
{
    passwordToCrack = text;

    passwordFound = false;
    min = 32;
    max = 126;
    crackedPassword = new StringBuilder();
    crackedPassword.append((char) (min - 1));
}

public void result()
{
    System.out.println("Cracked Password is: " + crackedPassword.toString());
}

public void incrementString(StringBuilder text, int min, int max)
{
    text.setCharAt(0, (char) ((int) text.charAt(0) + 1));
    for (int i = 0; i < text.length(); i++)
    {
        if (text.charAt(i) > (char) max)
        {
            text.setCharAt(i, (char) min);
            if (text.length() == i + 1)
            {
                text.append((char) min);
            }
            else
            {
                text.setCharAt(i + 1, (char) ((int) text.charAt(i + 1) + 1));
            }
        }
    }
}

public void runMulti(String text)
{
    

Open in new window

0
Hi, i need to do a penetration test for a web application. I was wonder who would be the best company to ask to perform such a test?
Any recommendations?
I am based in Melbourne..
0
Hello Experts,

I was trying to find information about below rpcbind issue and how can I fix it so that, it wont happen again.
Below is the one of the vulnerability which was caught in scanning, reported by a team.


RPC
service name: portmapper
service protocal: udp
Portmapper found at: 3277x
service port: 3277x

Vulnerability ID: rpc-portmapper-0001
vulnerability title: Rpcbind Listening on a Non-Standard Port


 Vulnerability Description: 

 The rpcbind program converts RPC program numbers into universal addresses.
 When a client makes an RPC call to a given program number, it first connects to rpcbind on the target system to determine the address where the RPC request should be sent. Rpcbind has been detected listening on a non-standard port (above 32770) instead of the standard TCP / UDP port 111. 

 This configuration flaw has been confirmed on some operating systems such as Solaris 2.x. The exact high port number rpcbind listens on is dependent on the OS release and architecture. Thus, packet filtering devices that are configured to block access to rpcbind / portmapper, may be subverted by sending UDP requests to rpcbind listening above port 32770. This vulnerability may allow an unauthorized user to obtain remote RPC information from a remote system even if port 111 is being blocked.
  
Solution:
=======
 
Fix Solaris rpcbind filter evasion
Download and apply the patch from:  http://ftp.porcupine.org/pub/security/ 


 For Solaris, the newest version of 

Open in new window

0
When trying to login to my wordpress site (http://www.elegantaffairca.com/wplogin) nothing happens and just goes back to the login page.

A brief of background, my site was hacked a few months back but I manage to take it back and installed some security plugins like ithemes security pro and Wordfence (free). Everything seems to fine until yesterday, I could not login anymore.

Any help would be appreciated. Thanks you.
0
In the past 6 months or so, my bankcard or ATM card has been compromised.  I do tend to eat out once or two a day and do use my card for these type of transactions; however, I believe that one or two places might be the culprit to my issues.  I go to a neighborhood gas station one a week because the gas prices are usually cheaper and lately, I've started purchasing merchandise online.  I did noticed that they were even able to withdraw $200 from an ATM machine as well.  

Just curious as to how they are doing this?  Is someone taping into my wifi connection at home?  How the heck are they doing this?  I lately got a new card and now have to go to the local 7-11 machine to withdraw money since I don't want to use my card.
0
I'm currently running --

-W2k8r2 service pack1
-IIS 7.0

How can I resolve this CVE-2000-0649?
0

Vulnerabilities

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.