1. Reverse Engineering >
  2. Sicherheitslücken >
  3. http-signature up to 0.9.11 on Node.js Download weak encryption


http-signature up to 0.9.11 on Node.js Download weak encryption

Exploits vom | Direktlink: vuldb.com Nachrichten Bewertung

A vulnerability was found in http-signature up to 0.9.11 on Node.js (JavaScript Library). It has been classified as critical. Affected is an unknown functionality of the component Download. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product....

Externe Quelle mit kompletten Inhalt anzeigen

Zur Startseite von Team IT Security

➤ Weitere Beiträge von Team Security | IT Sicherheit

2,844 Separate Data Breaches leaked February 2018 - Free Download

vom 870.47 Punkte ic_school_black_18dp
In February 2018, a massive collection of almost 3,000 alleged data breaches was found online. Whilst some of the data had previously been seen online, 2,844 of the files consisting of more than 80 million unique email addresses had not previously been

Crypton - Library Consisting Of Explanation And Implementation Of All The Existing Attacks On Various Encryption Systems, Digital Signatures, Hashing Algorithms

vom 491.04 Punkte ic_school_black_18dp
Crypton is an educational library to learn and practice Offensive and Defensive Cryptography. It is basically a collection of explanation and implementation of all the existing vulnerabilities and attacks on various Encryption Systems (Symmetric and Asymmetric), Digital Signatures, Message Authentication Codes and Authenticated

Venom - A Multi-hop Proxy For Penetration Testers

vom 403.79 Punkte ic_school_black_18dp
Venom is a multi-hop proxy tool developed for penetration testers using Go. You can use venom to easily proxy network traffic to a multi-layer intranet, and easily manage intranet nodes.Features network topology multi-hop socks5 proxy multi-hop port forward port r

http-signature bis 0.9.11 auf Node.js Download schwache Verschlüsselung

vom 283.86 Punkte ic_school_black_18dp
Es wurde eine kritische Schwachstelle in http-signature bis 0.9.11 auf Node.js ausgemacht. Hiervon betroffen ist eine unbekannte Funktion der Komponente Download. Durch Manipulieren mit einer unbekannten Eingabe kann eine schwache Verschlüsselung-Schwachstelle ausgenutzt

MyEtherWallet: Local Storage Custom Node Credentials Leak

vom 275.74 Punkte ic_school_black_18dp
Summary Credentials for a custom node are stored in plain text inside Local Storage on the user's machine. If this node is configured in a certain way this could lead to the theft of any funds in accounts attached to this node, by a local attacker. A

Pwn2Own Returns to Vancouver for 2020

vom 247.68 Punkte ic_school_black_18dp
Jump to the contest rules As each new year starts, we at the Zero Day Initiative begin to think of spring and the Vancouver edition of the Pwn2Own contest. It was in Vancouver where the contest began back in 2007 and continues to be where we push the

download-manager Plugin bis 2.9.51 auf WordPress wp-admin/admin-ajax.php wpdm_generate_password id Cross Site Scripting

vom 239.35 Punkte ic_school_black_18dp
In download-manager Plugin bis 2.9.51 auf WordPress wurde eine problematische Schwachstelle ausgemacht. Es geht um die Funktion wpdm_generate_password der Datei wp-admin/admin-ajax.php. Durch die Manipulation des Arguments id durch Parameter kann eine Cross Site

How to Upgrade to TypeScript without anybody noticing, Part 2

vom 235.83 Punkte ic_school_black_18dp
This guide will show you how to fix Typescript compile errors in Javascript project that recently added Typescript support via a tsconfig.json. It assumes that the tsconfig.json is configured according to the description in part 1 of this post, and that you also installed types for some of your dependencies from the @types/* namespace. This guide

AES Finder - Utility To Find AES Keys In Running Processes

vom 228.35 Punkte ic_school_black_18dp
Utility to find AES keys in running process memory. Works for 128, 192 and 256-bit keys. Usage Open aes-finder.sln solution in Visual Studio 2013 to compile source. Alternatively use gcc/clang: g++ -O3 -march=native -fomit-frame-pointer aes-find

Kube-Bench - Checks Whether Kubernetes Is Deployed According To Security Best Practices As Defined In The CIS Kubernetes Benchmark

vom 211.4 Punkte ic_school_black_18dp
kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark.Tests are configured with YAML files, making this tool easy to update as test specifications evolve.Please Not

Client provided keys with Azure Storage server-side encryption

vom 160.9 Punkte ic_school_black_18dp
Microsoft Azure Storage offers several options to encrypt data at rest. With client-side encryption you can encrypt data prior to uploading it to Azure Storage. You can also choose to have Azure Storage manage encryption operations with server-side encrypti

Scanner-Cli - A Project Security/Vulnerability/Risk Scanning Tool

vom 159.69 Punkte ic_school_black_18dp
The Hawkeye scanner-cli is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines.Running and configuring the scannerThe Hawkeye scanner-cli assumes that your dir

Team Security Diskussion über http-signature up to 0.9.11 on Node.js Download weak encryption