New User, Welcome!     Login

Internet Security Auditors

Re: [Full-disclosure] [ISecAuditors Security Advisories] Gmail vulnerable to automated password cracking

CISA, CISSP, ITIL
CEH Instructor, ECSP Instructor, CSSLP, OPSA, OPST
OWASP Spain Chapter Leader
vaguilera@isecauditors.com

Internet Security Auditors
www.isecauditors.com

c. Santander, 101. Edif. A. 2º
E-08030 Barcelona (Spain)
Tel: +34 93 305 13 18

[ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-005
- Original release date: March 2nd, 2009
- Last revised:  December 18th, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.8/10 (CVSS scored)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail < v6.2.0

=============================================
INTERNET SECURITY AUDITORS ALERT 2010-009
- Original release date: August 30th, 2010
- Last revised:  September 21st, 2010
- Discovered by: Vicente Aguilera Diaz
- Severity: 4.3/10 (CVSSv2 Base Scored)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Joomla! < 1.5.12 Multiple XSS vulnerabilities in HTTP Headers

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-007
- Original release date: June 30th, 2009
- Last revised:  July 2nd, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.8/10 (CVSS Base Score)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Insecure Direct Object Reference in tuenti.com allow to read of any message user

=============================================
INTERNET SECURITY AUDITORS ALERT 2010-008
- Original release date: August 30th, 2010
- Last revised: September 21st, 2010
- Discovered by: Vicente Aguilera Diaz
- Severity: 4/10 (CVSSv2 Base Scored)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] SQL Injection and XSS in Motorito < v2.0 Ni 483

=============================================
INTERNET SECURITY AUDITORS ALERT 2010-005
- Original release date: March 30th, 2010
- Last revised: September 23th, 2010
- Discovered by: Mario Diaz Caldera
- Severity: 5.5/10 (CVSS Base Score)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g

=============================================
INTERNET SECURITY AUDITORS ALERT 2010-007
- Original release date: August 11th, 2010
- Last revised:  May 1st, 2011
- Discovered by: Vicente Aguilera Diaz
- Severity: 5.0/10 (CVSS Base Scored)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] WP-Forum <= 2.3 SQL Injection vulnerabilities

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-010
- Original release date: September 28th, 2009
- Last revised: December 15th, 2009
- Discovered by: Juan Galiana Lara
- CVE ID: CVE-2009-3703
- Severity: 8.5/10 (CVSS Base Score)
=============================================

I. VULNERABILITY

[ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent XSS

=============================================
INTERNET SECURITY AUDITORS ALERT 2007-004
- Original release date: November 7th, 2007
- Last revised:  December 7th, 2007
- Discovered by: Jesus Olmos Gonzalez
- Severity: 4/5
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Gmail vulnerable to automated password cracking

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-NNN
- Original release date: July 7th, 2009
- Last revised:  July 17th, 2009
- Discovered by: Vicente Aguilera Diaz
- Severity: 4.5/10 (CVSS Base Score)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-003
- Original release date: March 2nd, 2009
- Last revised:  December 17th, 2009
- Discovered by: Juan Galiana Lara
- Severity: 9/10 (CVSS scored)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution

=============================================
INTERNET SECURITY AUDITORS ALERT 2006-006
- Original release date: February 28, 2006
- Last revised: July 18th, 2008
- Discovered by: Jesus Olmos Gonzalez
- Severity: 5/5
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-011
- Original release date: October 13th, 2009
- Last revised: December 18th, 2009
- Discovered by: Juan Galiana Lara
- CVE ID: CVE-2009-3702
- Severity: 8.5/10 (CVSS Base Score)
=============================================

I. VULNERABILITY

[ISecAuditors Security Advisories] VTLS.web.gateway cgi is vulnerable to XSS

=============================================
INTERNET SECURITY AUDITORS ALERT 2006-004
- Original release date: April 18, 2006
- Last revised: November 13, 2007
- Discovered by: Jesus Olmos Gonzalez
- Severity: 1/5
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-012
- Original release date: October 13th, 2009
- Last revised: December 16th, 2009
- Discovered by: Juan Galiana Lara
- CVE ID: CVE-2009-3701
- Severity: 6.3/10 (CVSS Base Score)
=============================================

I. VULNERABILITY

Re: [Full-disclosure] [ISecAuditors Security Advisories] Gmail vulnerable to automated password cracking

On Fri, Jul 17, 2009 at 2:48 PM, ISecAuditors Security
Advisories<advisories@isecauditors.com> wrote:
> =============================================
> INTERNET SECURITY AUDITORS ALERT 2009-NNN
> - Original release date: July 7th, 2009
> - Last revised:  July 17th, 2009
> - Discovered by: Vicente Aguilera Diaz
> - Severity: 4.5/10 (CVSS Base Score)
> =============================================

[ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS

=============================================
INTERNET SECURITY AUDITORS ALERT 2008-001
- Original release date: January 3rd, 2008
- Last revised:  December 22nd, 2008
- Discovered by: Jesus Olmos Gonzalez
- Severity: 2/5
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] PSI remote integer overflow DoS

=============================================
INTERNET SECURITY AUDITORS ALERT 2008-004
- Original release date: 12th December, 2008
- Last revised: 22nd December, 2008
- Discovered by: Jesus Olmos Gonzalez
- Severity: 4/5
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Multiple vulnerabilities in WiFi router COMTREND CT-536/HG-536+

=============================================
INTERNET SECURITY AUDITORS ALERT 2007-002
- Original release date: 31st January, 2007
- Last revised: 22th December, 2008
- Discovered by: Daniel Fernandez Bleda
- Severity: 5/5
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Joomla! < 1.5.12 Multiple Full Path Disclosure vulnerabilities

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-009
- Original release date: July 21st, 2009
- Last revised:  July 23rd, 2009
- Discovered by: Juan Galiana Lara
- Severity: 5/10 (CVSS Base Score)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-004
- Original release date: December 3rd, 2008
- Last revised:  March 10th, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.3/10 (CVSS scored)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Tikiwiki CMS is vulnerable to path traversal attack

=============================================
INTERNET SECURITY AUDITORS ALERT 2007-006
- Original release date: December 18th, 2007
- Last revised:  December 24th, 2007
- Discovered by: Jesus Olmos Gonzalez
- Severity: 5/5
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] ModSecurity < 2.5.9 remote Denial of Service (DoS)

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-001
- Original release date: February 25th, 2009
- Last revised:  March 19th, 2009
- Discovered by: Juan Galiana Lara
- Severity: 7.8/10 (CVSS Base Scored)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Cygwin buffer overflow due incorrect filename length check

=============================================
INTERNET SECURITY AUDITORS ALERT 2007-005
- Original release date: May 23rd, 2007
- Last revised: November 24th, 2007
- Discovered by: Jesus Olmos Gonzalez
- Severity: 5/5
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Joomla! 1.5.10 JA_Purity Multiple Persistent XSS

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-006
- Original release date: April 5th, 2009
- Last revised:  June 5th, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.4/10 (CVSS Base Score)
=============================================

I. VULNERABILITY
-------------------------

IBWAS'10 CfP - Deadline Extension

Notification of acceptance: 7th November 2010
Camera-ready version of accepted contributions: 14th November 2010
Conference: 25th – 26th November 2010

Conference Chairs
Vicente Aguilera Das, Internet Security Auditors, OWASP Spain, Spain
Carlos Serro, ISCTE-IUL Instituto Universitrio de Lisboa, OWASP Portugal, Portugal

Organization Committee
Fabio Cerullo, OWASP Global Education Committee, Ireland
Dinis Cruz, OWASP Board Member, UK

[ISecAuditors Security Advisories] eXtplorer Remote Code Execution

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-002
- Original release date: January 7th, 2009
- Last revised:  March 2nd, 2009
- Discovered by: Juan Galiana Lara
- Severity: 9/10 (CVSS scored)
=============================================

I. VULNERABILITY
-------------------------

[ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass

=============================================
INTERNET SECURITY AUDITORS ALERT 2009-013
- Original release date: December 7th, 2009
- Last revised: December 16th, 2009
- Discovered by: David Eduardo Acosta Rodriguez
- Severity: 4/10 (CVSS Base Score)
=============================================

I. VULNERABILITY
-------------------------


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!