Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own.
>> CATEGORY: Apple
Apple Security Advisory 2011-11-14-1 – iTunes 10.5.1 is now available and addresses a man-in-the-middle vulnerability. iTunes periodically checks for software updates using an HTTP request to Apple. This request may cause iTunes to indicate that an update is available.
Secunia Security Advisory – A weakness has been reported in Apple iTunes, which can be exploited by malicious people to conduct spoofing attacks.
Apple Security Advisory 2011-11-10-2 – Time Capsule and AirPort Base Station (802.11n) Firmware 7.6 is now available and addresses a security vulnerability. dhclient allowed remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. This issue is addressed by stripping shell meta-characters in dhclient-script.
Apple Security Advisory 2011-11-10-1 – The new iOS 5.0.1 software update addresses multiple vulnerabilities.
Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to disclose certain sensitive information, conduct spoofing attacks, and compromise a user’s device.
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols.
Secunia Security Advisory – Apple has acknowledged a vulnerability in Apple AirPort and Time Capsule, which can be exploited by malicious people to compromise a vulnerable device.
Secunia Security Advisory – Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions and by malicious people to disclose certain sensitive information, conduct spoofing attacks, and compromise a user’s device.
Core Security Technologies Advisory – Apple OS X suffered from a sandbox predefined profiles bypass vulnerability.