Microsoft January 2016 Patch Tuesday bring nine security bulletins which is addressing 25 vulnerabilities. Six are rated as Critical and 3 are Important. Six Bulletins are rated as Critical , MS16-001 for Internet Explorer.  MS16-002 for Microsoft Edge, MS16-003 for JScript and VBScript,  MS16-004 for Microsoft Office, MS16-005  for Windows Drivers and  MS16-006 for Silverlight. Microsoft security bulletin summary for January 2016 in order of severity MS16-001 : Vulnerabilities in Internet […]

Read More →

Microsoft December 2015 Patch Tuesday bring 12 security bulletins which is addressing 71 vulnerabilities. Eight are rated Critical and 4 are Important. Eight Bulletins are rated as Critical , MS15-124 for Internet Explorer.  MS15-125 for Edge. MS15-126 for JScript and VBScript. MS15-127 for Windows DNS. MS15-128 for Graphics Component. MS15-129 for Silverlight. MS15-130 for Uniscribe and MS15-131 for Office. Microsoft security bulletin summary for December 2015 in order of severity MS15-124 : Vulnerabilities in Internet Explorer (3116180) Severity […]

Read More →

A big Patch Tuesday this month consisting of total fourteen security bulletins address total of 45 vulnerabilities. This month also high priority fix is for Internet Explorer along with Microsoft Windows, Adobe Font Driver, VBScript Scripting Engine, and Microsoft Office. Internet Explorer addresses and Adobe Font Driver address total 20 out of 45 vulnerabilities. This […]

Read More →

Bourne Again Shell (BASH) is widely used and default command interpreter for many Linux flavors, is prone to a command execution vulnerability as discovered by Stephane Chazelas of Akamai. The vulnerability is due to the way bash processes specially crafted environment variables i.e trailing code in function definitions was executed, independent of the variable name, which allows […]

Read More →

SecPod Research Team member (Veerendra G.G) wrote Metasploit module for Fitnesse Wiki Remote Command Execution Vulnerability. Metasploit Module can be found here. ## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require ‘msf/core’ class Metasploit3 < Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, ‘Name’ => ‘Fitnesse Wiki Remote […]

Read More →