Top Government Security Officials Call For Secure OS Development

WASHINGTON–One of the keys to addressing the widespread security threats facing both private and government networks is to develop more secure operating systems from the ground up and not rely on trying to secure existing ones, top CIA and Pentagon information assurance officials said. The federa...

India's leading telecom Company BSNL hacked by Pakistani Hacker

India's leading telecom Company BSNL hacked by Pakistani Hacker A Pakistani hacker "KhantastiC haX0r" today hack into the official website of India's leading telecom Company Bharat Sanchar Nigam Limited BSNL. This is not 1st time when BSNL become victim of any cyber attack. Pakistani Hackers hit...

Active CMS 1.2.0 'mod' Cross-site Scripting Vulnerability

Advisory: Active CMS 1.2.0 'mod' Cross-site Scripting Vulnerability Advisory ID: SSCHADV2011-020 Author: Stefan Schurtz Affected Software: Successfully tested on Active CMS 1.2.0 Vendor URL: http://www.activedev.net/ Vendor Status: informed CVE-ID: - ========================== Vulnerability...

JDK: unspecified vulnerability fixed in 6u29 (Deployment)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote attackers to affect confidentiality via unknown vectors related to Deployment...

[ GLSA 201110-06 ] PHP: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 201110-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

[SECURITY] Fedora 16 Update: php-5.3.8-3.fc16

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

vTiger CRM 5.2.1 Blind SQL Injection

vTiger CRM 5.2.x = Blind SQL Injection Vulnerability 1. OVERVIEW The vTiger CRM 5.2.1 and lower versions are vulnerable to Blind SQL Injection. No fixed version has been released as of 2011-10-05. 2. BACKGROUND vtiger CRM is a free, full-featured, 100% Open Source CRM software ideal for small and...

[SECURITY] Fedora 16 Update: Django-1.3.1-2.fc16

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

Fedora Update for Django FEDORA-2011-12481

Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2011-12481 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

[SECURITY] Fedora 14 Update: Django-1.3.1-2.fc14

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

Interview: Crypto Legend Ron Rivest On Fixing SSL, APTs and The Future Of Security

One of the biggest talks at this year’s Black Hat Briefings was a presentation on the structural problem with digital certificate authorities by Moxie Marlinspike. The subsequent hack of Dutch certificate authority DigiNotar and a damning report on that attack only weeks later, and more recent...

Fedora Update for nss FEDORA-2011-12300

Check for the Version of nss OpenVAS Vulnerability Test Fedora Update for nss FEDORA-2011-12300 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 14 Update: qt-4.7.4-2.fc14

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

libpng malformed cHRM divide-by-zero vulnerability

Overview libpng crashes when processing malformed cHRM chunks. Description When libpng encounters a cHRM chunk that is malformed it will perform a divide-by-zero causing libpng to crash. This bug was introduced in libpng version 1.5.4 and has been fixed in libpng version 1.5.5. --- Impact By...

McAfee DeepSAFE - Anti-rootkit Security Solution

McAfee DeepSAFE - Anti-rootkit Security Solution McAfee previewed its DeepSAFE hardware-assisted security technology for proactively detecting and preventing stealthy advanced persistent threats APTs and malware. The technology, which was co-developed with Intel, sits below the OS, providing the...

The Past, Present and Future of Software Security

Perhaps no segment of the security industry has evolved more in the last decade than the discipline of software security. At the start of the 2000s, software security was a small, arcane field that often was confused with security software. But several things happened in the early part of the...

Enterprise to food industry website source code 1.0 injection vulnerabilities and fixes-vulnerability warning-the black bar safety net

by Mr. DzY from www.0855.tv This system seems to be in the 0 to 5 year development. Is not the original work, to research it! The modified switch. Source code download: Demo address: Default backend: system/index. asp EXP: the union select 1,2,3,username,password,6,7,8,9,1 0,1 1,1 2 from nwebadmi...

Behind the Scenes of The Crypto Project

When a small group of activists announced the debut of The Crypto Project earlier this year, for many, ahem, mature, security and privacy advocates it brought to mind memories of the original cypherpunk movement that began in the 1990s and that group’s seminal efforts to encourage the use of stro...

Marketing & Development (prodotto.php?cat) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Marketing & Development prodotto.php?cat AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.marketingdev.com Persian Gulf 4 Ever! Dork : "powered by Marketing & Development"...

Marketing And Development SQL Injection

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Marketing & Development prodotto.php?cat AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.marketingdev.com Persian Gulf 4 Ever! Dork : "powered by Marketing & Development"...