Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
Monthly Archives: March 2017
CVE-2017-3009
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure.
CVE-2014-5008
Snoopy allows remote attackers to execute arbitrary commands.
CVE-2014-9114
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
CVE-2016-6209
Cross-site scripting (XSS) vulnerability in Nagios.
CVE-2008-7313
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.
CVE-2014-3931
fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption.
CVE-2017-3010
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution.
CVE-2014-5009
Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008.
Why we (still) need World Backup Day
More than 40 years after the invention of the personal computer, it is astounding that we still need World Backup Day. This year’s event, which takes place on March 31st, the day before April Fool’s Day, ‘is a day for people to learn about the increasing role of data in our lives and the importance of regular backups.’ Here’s the key takeaway: You need to regularly back up your data because the chances of losing some or all of that data are high, and getting higher.