[FD] Strength and Weakness of Methods to Confirm SSH Host Key

Monkeysphere (advice from maxigas) "verify your SSH key through the OpenPGP web of trust" Strength: OpenPGP is cool if you REALLY know how to use it. Weakness: "vote counting scheme" does not sound too cool. "use of an organization's own HTTPS site" (advice from Stephanie Daugherty) In my persona

[FD] TP-LINK WDR4300 - Stored XSS & DoS

Advisory Information === Vendors Contacted: TP-LINK Vendor Patched: Yes, Firmware 140916 System Affected: N750 Wireless Dual Band Gigabit Router (TL-WDR4300), might affect others. Versions Affected: 130617 , possibly earlier CVE Numbers Assigned: CVE-2014-4727, CVE-2014-4728 Vulnerab

[FD] CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser

CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH application parser 1. Background Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine developed by the Open Information Security Foundation (OISF). 2. Summary Information It was found out that the app

[FD] [KIS-2014-10] X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability

X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability [-] Software Link: http://www.x2engine.com/ [-] Aff

[FD] [KIS-2014-09] X2Engine <= 4.1.7 (SiteController.php) PHP Object Injection Vulnerability

- X2Engine <= 4.1.7 (SiteController.php) PHP Object Injection Vulnerability - [-] Software Link: http://www.x2engine.com/ [-] Affected Versions: All