[SECURITY] Fedora 16 Update: systemtap-1.7-2.fc16

SystemTap is an instrumentation system for systems running Linux. Developers can write instrumentation scripts to collect data on the operation of the system. The base systemtap package contains/requires the components needed to locally develop and execute systemtap scripts...

Moderate: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CentOS 6 : java-1.6.0-openjdk (CESA-2012:0135)

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

java security update

CentOS Errata and Security Advisory CESA-2012:0135 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring Syste...

Citadel Malware Authors Adopt Open-Source Development Model

Attackers and malware authors are well-known for their proclivity for taking whatever tactics and techniques work for others and making them their own. That adaptive ability has now extended to the idea of open-source projects, with one malware gang having set up its own community for improving a...

Mobile Based Wireless Network MiTM Attack Illustration

Mobile Based Wireless Network MiTM Attack Illustration Bilal Bokhari from zer0byte.com Illustrated perfect example of Mobile Based Wireless Network MiTM Attack on his blog. Bilal want to share this article with our Readers at THN, Have a look : If we look at the history of computer development, t...

Driving Up the Cost of Exploit Development Becomes a Key Defensive Strategy

CANCUN–The skill of attackers, combined with the difficulty and cost of finding and fixing vulnerabilities in software–especially after deployment–has reached the point that it’s now more effective and efficient for vendors to concentrate on making life more difficult for those attackers looking ...

FBI Looking for App to Monitor Twitter and Facebook For Threat Data

The FBI is in the early stages of developing an application that would monitor sites such as Twitter and Facebook, as well as various news feeds, in order to find information on emerging threats and new events happening at the moment. The tool would give specialists the ability to pull the data...

stoneware webnetwork6 - Multiple Vulnerabilities

Stoneware WebNetwork6 Vulnerability Assessment CVE-2012-0285 – XSS CVE-2012-0286 - CSRF Conducted by: Leland Public Schools Stoneware Customer Jacob Holcomb Network Engineer for LPS Conducted for: Leland Public Schools Purchaser of WebNetwork product. Test was to assure cloud security Stoneware...

BIG-Ant-Server-XPLT

BigAnt Server version 2.50 SEH Overwrite - 0day remote buffer overflow exploit suffer because it fails to perform adequate boundary-checks. Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts...

Avira-Guard

Avira AntiVir personal edition avguard.exe 7.00.00.52 is prone to a local heap overflow because it fails to perform adequate boundary-checks. Successfully exploiting will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will resul...

Fedora Update for nss FEDORA-2011-17399

Check for the Version of nss OpenVAS Vulnerability Test Fedora Update for nss FEDORA-2011-17399 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 16 Update: qt-4.8.0-7.fc16

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

phpVideoPro Multiple XSS vulnerabilities

Advisory: phpVideoPro Multiple XSS vulnerabilities Advisory ID: SSCHADV2011-041 Author: Stefan Schurtz Affected Software: Successfully tested on phpVideoPro 0.9.7 Vendor URL: http://sourceforge.net/projects/phpvideopro/ Vendor Status: fix in the latest development code ==========================...

Formalized IT Security Policy Now Required for Government Prime and Sub-contractors

This month the GSA announced an IT security mandate for government prime- and sub-contractors that requires them to have a formalized IT security plan that includes periodic audits. Many government sub-contractors, large and small, will benefit from a third-party compliance program review so they...

HP OpenView Network Node Manager - 'ov.dll' _OVBuildPath Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HEAD', :uri =...

JDK: unspecified vulnerability fixed in 6u29 (Sound)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknow...

OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via...

Offensive Research Continuing to Advance

MIAMI BEACH–It’s the accepted wisdom these days that many of the traditional security defenses organizations depend on just aren’t effective at deterring attackers. But this glosses over the fact that the last few years have included some major advances in defensive technologies, including the...