/.
• Amazon Wants Patent For Inserting Ads Into Books
• Fake Tamiflu “Out-Spams Viagra On Web”
• Source Code of Several Atari 7800 Games Released
• How To Get Your Program Professionally Marketed?
• Professor Gets 4 Years in Prison for Sharing Drone Plans With Students
• Copyright Should Encourage Derivative Works
• Open Source Facing a Difficult Battle For Cloud Relevance
• Phoenix Lander Discovers Nighttime Snowfall On Mars
• Seattle Data Center Outage Disrupts E-Commerce
• Is the Kindle DX Worth the Money?
• XHTML 2 Cancelled
• Squeezing a Wikipedia Snapshot Onto an 8GB iPhone
• Emulated PC Enables Linux Desktop In Your Browser
• London Stock Exchange To Abandon Windows
• iPhone Vulnerability Yields Root Access Via SMS
• US Couple Gets Prison Time For Internet Obscenity
• RC Submarine Lays Fiber Through Sewers In Italy
• IBM Releases Open Source Machine Learning Compiler
• Fake Tamiflu “Out-Spams Viagra On Web”
• Source Code of Several Atari 7800 Games Released
• How To Get Your Program Professionally Marketed?
• Professor Gets 4 Years in Prison for Sharing Drone Plans With Students
• Copyright Should Encourage Derivative Works
• Open Source Facing a Difficult Battle For Cloud Relevance
• Phoenix Lander Discovers Nighttime Snowfall On Mars
• Seattle Data Center Outage Disrupts E-Commerce
• Is the Kindle DX Worth the Money?
• XHTML 2 Cancelled
• Squeezing a Wikipedia Snapshot Onto an 8GB iPhone
• Emulated PC Enables Linux Desktop In Your Browser
• London Stock Exchange To Abandon Windows
• iPhone Vulnerability Yields Root Access Via SMS
• US Couple Gets Prison Time For Internet Obscenity
• RC Submarine Lays Fiber Through Sewers In Italy
• IBM Releases Open Source Machine Learning Compiler
Гелерия
NewsForge
Bugtraq
• Vuln: phpMyAdmin SQL bookmark HTML Injection Vulnerability
• Vuln: Pidgin OSCAR Protocol Web Message Denial of Service Vulnerability
• Vuln: Drupal Cross-Site Scripting, Code Injection and Information Disclosure Vulnerabilities
• Vuln: LibTIFF 'tif_lzw.c' Remote Buffer Underflow Vulnerability
• Bugtraq: Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome
• Bugtraq: [SECURITY] [DSA 1825-1] New nagios2/nagios3 packages fix arbitrary code execution
• Bugtraq: [oCERT-2009-007] FCKeditor input sanitization errors
• Bugtraq: One Click Ownage [White Paper and Scripts]
• More rss feeds from SecurityFocus
• Vuln: Pidgin OSCAR Protocol Web Message Denial of Service Vulnerability
• Vuln: Drupal Cross-Site Scripting, Code Injection and Information Disclosure Vulnerabilities
• Vuln: LibTIFF 'tif_lzw.c' Remote Buffer Underflow Vulnerability
• Bugtraq: Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome
• Bugtraq: [SECURITY] [DSA 1825-1] New nagios2/nagios3 packages fix arbitrary code execution
• Bugtraq: [oCERT-2009-007] FCKeditor input sanitization errors
• Bugtraq: One Click Ownage [White Paper and Scripts]
• More rss feeds from SecurityFocus
PacketStormSecurity
• soulseek157-psexec.txt - Soulseek versions 157 NS below 13e and all versions of 156 suffer from a remote peer search code execution vulnerability.
• shopcartdx430-sql.txt - Remote SQL injection exploit for ShopCartDx version 4.30 that leverages product_detail.php. This particular vulnerability was priorly discovered but further research has been performed.
• shopcartdx430-blindsql.txt - Remote blind SQL injection exploit for ShopCartDx version 4.30 that leverages product_detail.php.
• cve-2008-3531.c - Local root exploit for FreeBSD nmount(). This affects FreeBSD 7.0-RELEASE and 7.0-STABLE.
• axesstel-bypass.txt - The Axesstel MV 410R protects from malicious input by leveraging javascript, allowing an attacker to bypass all of this easily. The device is also susceptible to permanent cross site scripting vulnerabilities.
• opialaid-sql.txt - Opial version 1.0 suffers from a remote SQL injection vulnerability.
• glsa-200907-02.txt - Gentoo Linux Security Advisory GLSA 200907-02 - Two vulnerabilities in ModSecurity might lead to a Denial of Service. Versions less than 2.5.9 are affected.
• glsa-200907-01.txt - Gentoo Linux Security Advisory GLSA 200907-01 - libwmf bundles an old GD version which contains a use-after-free vulnerability. The embedded fork of the GD library introduced a use-after-free vulnerability in a modification which is specific to libwmf. Versions less than 0.2.8.4-r3 are affected.
• rentventory-sql.txt - Rentventory PHP suffers from multiple remote SQL injection vulnerabilities.
• petite-sql.txt - This paper is a small SQL injection tutorial and is written in French.
• oCERT-2009-009.txt - CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability.
• USN-795-1.txt - Ubuntu Security Notice USN-795-1 - It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server.
• USN-794-1.txt - Ubuntu Security Notice USN-794-1 - It was discovered that the Compress::Raw::Zlib Perl module incorrectly handled certain zlib compressed streams. If a user or automated system were tricked into processing a specially crafted compressed stream or file, a remote attacker could crash the application, leading to a denial of service.
• joomla1512-xss.txt - Joomla! versions prior to 1.5.12 suffer from multiple cross site scripting vulnerabilities in relation to HTTP headers.
• HPSBUX02431-SSRT090085.txt - HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
...
• shopcartdx430-sql.txt - Remote SQL injection exploit for ShopCartDx version 4.30 that leverages product_detail.php. This particular vulnerability was priorly discovered but further research has been performed.
• shopcartdx430-blindsql.txt - Remote blind SQL injection exploit for ShopCartDx version 4.30 that leverages product_detail.php.
• cve-2008-3531.c - Local root exploit for FreeBSD nmount(). This affects FreeBSD 7.0-RELEASE and 7.0-STABLE.
• axesstel-bypass.txt - The Axesstel MV 410R protects from malicious input by leveraging javascript, allowing an attacker to bypass all of this easily. The device is also susceptible to permanent cross site scripting vulnerabilities.
• opialaid-sql.txt - Opial version 1.0 suffers from a remote SQL injection vulnerability.
• glsa-200907-02.txt - Gentoo Linux Security Advisory GLSA 200907-02 - Two vulnerabilities in ModSecurity might lead to a Denial of Service. Versions less than 2.5.9 are affected.
• glsa-200907-01.txt - Gentoo Linux Security Advisory GLSA 200907-01 - libwmf bundles an old GD version which contains a use-after-free vulnerability. The embedded fork of the GD library introduced a use-after-free vulnerability in a modification which is specific to libwmf. Versions less than 0.2.8.4-r3 are affected.
• rentventory-sql.txt - Rentventory PHP suffers from multiple remote SQL injection vulnerabilities.
• petite-sql.txt - This paper is a small SQL injection tutorial and is written in French.
• oCERT-2009-009.txt - CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability.
• USN-795-1.txt - Ubuntu Security Notice USN-795-1 - It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server.
• USN-794-1.txt - Ubuntu Security Notice USN-794-1 - It was discovered that the Compress::Raw::Zlib Perl module incorrectly handled certain zlib compressed streams. If a user or automated system were tricked into processing a specially crafted compressed stream or file, a remote attacker could crash the application, leading to a denial of service.
• joomla1512-xss.txt - Joomla! versions prior to 1.5.12 suffer from multiple cross site scripting vulnerabilities in relation to HTTP headers.
• HPSBUX02431-SSRT090085.txt - HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
...
-
Език / Language
-
Меню
-
За връзка
-
Други
Български
english
16785168