SOL14907 - MySQL Server vulnerability CVE-2012-3163

Recommended action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability on Enterprise Manager, you should not enable remote access to the statistics database. Remote access to t...

Former NSA Officials Detail Failures of Agency Programs in Letter to Obama

In the weeks and months leading up to 9/11, the National Security Agency had been working on a new information-gathering and analysis system known as THINTHREAD, a system that was built in-house and was meant to replace the uncountable number of stand-alone collection systems and attendant...

LimeSurvey ‘/admin/templates.php’脚本任意文件上传漏洞

LimeSurvey（前称PHPSurveyor）是LimeSurvey团队开发的一套开源的在线问卷调查程序，它支持调查程序开发、调查问卷发布以及数据收集等功能。 LimeSurvey中存在任意文件上传漏洞，该漏洞源于程序没有成充分过滤用户提交的输入。攻击者可利用该漏洞上传任意文件到受影响计算机，导致在受影响应用程序上下文中执行任意代码。 0 LimeSurvey 目前厂商还没有提供此漏洞的相关补丁或者升级程序，建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.limesurvey.org/...

Stanford Researchers Find Connecting Metadata With User Names is Simple

One of the key tenets of the argument that the National Security Agency and some lawmakers have constructed to justify the agency’s collection of phone metadata is that the information it’s collecting, such as phone numbers and length of call, can’t be tied to the callers’ names. However, some...

NSA Must Reform Practices, Organization

A presidentially appointed, five member panel issued a more than 300-page report yesterday calling for nearly 50 recommendations for changes in the way that the National Security Agency conducts its increasingly public and controversial sweeping surveillance programs. The entire report hinges on...

UN Adopts Resolution Protecting Privacy Online

On the same day that a panel of experts delivered a report to the United States president recommending sweeping changes to the way that the National Security Agency collects, handles and stores intelligence, the United Nations unanimously adopted a resolution calling for the protection of users’...

CVE-2013-6359

Munin::Master::Node in Munin before 2.0.18 allows remote attackers to cause a denial of service abort data collection for node via a plugin that uses "multigraph" as a multigraph service name...

Flashlight App Settles with FTC

The makers of a popular Android flashlight application have settled with the Federal Trade Commission over allegations that they covertly tracked the locations of the “Brightest Flashlight Free” users and sold that information to advertising firms. The FTC’s charges stem primarily from the fact...

Debian DSA-2815-1 : munin - denial of service

Christoph Biedl discovered two denial of service vulnerabilities in munin, a network-wide graphing framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-6048 The Munin::Master::Node module of munin does not properly validate certain data a node...

DSA-2815-1 munin - denial of service

Bulletin has no description...

Your TV now watching you too! LG Smart TV caught collecting owners' Habits and USB file names

Now your TV is also watching you, and is smart enough to spy on you. A UK blogger, developer and Linux enthusiast, known only as DoctorBeet has discovered that LG's smart TVs are sending personal information back to the company's servers about what channels you watch and viewing habits. Actually,...

Your TV now watching you too! LG Smart TV caught collecting owners' Habits and USB file names

Now your TV is also watching you, and is smart enough to spy on you. A UK blogger, developer and Linux enthusiast, known only as DoctorBeet has discovered that LG's smart TVs are sending personal information back to the company's servers about what channels you watch and viewing habits. Actually,...

OSX Screen Capture

This module takes screenshots of target desktop and automatically downloads them. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OSX Screen Capture', 'Description' = %q This module takes...

Stanford Metaphone Project Aims to Show Dangers of Metadata Collection

When the first NSA surveillance story broke in June, about the agency’s collection of phone metadata from Verizon, most people likely had never heard the word metadata before. Even some security and privacy experts weren’t sure what the term encompassed, and now a group of security researchers at...

New Bill Would End Mass Surveillance

UPDATE: Rep. Jim Sensenbrenner R-Wisc. is introducing a bill that would counteract many of the elements of the U.S. PATRIOT Act that enables the mass collection of data belonging to U.S. citizens. Sensenbrenner’s bill is called the USA FREEDOM Act, a quasi-acronym for Uniting and Strengthening...

EFF: Congress Has Opportunity to Stop Mass Surveillance

Since the leaks of NSA surveillance methods began in June, there has been a flurry of activity in Congress, with members scurrying to line up on either side of the issue, either defending the agency’s methods or condemning them. That mad scramble also has included the introduction of a number of...

Snoopy Project mobile tracking and intelligence grows up

A year ago, the Snoopy Project was a neat research initiative that packaged a number of existing technologies into a framework to profile and track mobile devices. After a summer of Snowden revelations, something like Snoopy takes on a whole new meaning. Snoopy devices, called drones by researche...

Fedora Update for php-pecl-xhprof FEDORA-2013-18049

Check for the Version of php-pecl-xhprof OpenVAS Vulnerability Test Fedora Update for php-pecl-xhprof FEDORA-2013-18049 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Fedora Update for php-pecl-xhprof FEDORA-2013-18094

Check for the Version of php-pecl-xhprof OpenVAS Vulnerability Test Fedora Update for php-pecl-xhprof FEDORA-2013-18094 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

[SECURITY] Fedora 20 Update: php-pecl-xhprof-0.9.4-1.fc20

XHProf is a function-level hierarchical profiler for PHP. This package provides the raw data collection component, implemented in C as a PHP extension. The HTML based navigational interface is provided in the "xhprof" package...