MODX Evolution 1.0.5 (and prior) Remote Script Execution Vulnerability

Product: MODX Evolution Risk: Very High Severity: Critical Versions: 1.0.5 and all previous releases Vunerability type: Remote Script Execution Report Date: 2012-Feb-16 Fixed Date: 2012-Feb-20 Description A vigilant community member sent us a security notice to let us know that he found a securit...

Slideshow: Scenes from SAS 2012

VIEW SLIDESHOW Scenes from SAS 2012 At Kaspersky Lab’s Security Analyst Summit last week, over 100 researchers and law enforcement officials converged in Cancun, Mexico over the course of five days to network and discuss a veritable cornucopia of security topics. Topics such as privacy, SCADA and...

DDoS Attacks Take on Political Motivations as Attackers Evolve

DDoS attacks come in all shapes and sizes, and in a lot of cases, the victims of the attacks don’t much care who is executing the attack or why. They just know that their network is being overwhelmed with junk traffic. But the last year has seen a major volume of politically motivated attacks, an...

Slideshow: iPhone Security Features Through the Years

VIEW SLIDESHOW iPhone Security Features Through the Years In typical fashion, all of five minutes had passed after the iPhone 4 release when Mac’s quasi-religious fan base kick-started the iPhone 5 rumor-mill. Fast-forward to now: Apple recently announced they’d be talking iPhone today at a 1 p.m...

Aviv Raff on the Evolution of Exploit Kits

In this video, via Kaspersky’s Lab Matters, Ryan Naraine and Seculert’s Aviv Raff discuss the evolution of exploit kits and the recent merger of Spyeye and Zeus...

CentOS Update for evolution CESA-2009:0358 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for evolution CESA-2009:0355 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for evolution28-libsoup CESA-2009:0344 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for evolution28-evolution-data-server CESA-2009:0354 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for evolution28-evolution-data-server CESA-2009:0354 centos4 i386

Check for the Version of evolution28-evolution-data-server OpenVAS Vulnerability Test CentOS Update for evolution28-evolution-data-server CESA-2009:0354 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

CentOS Update for evolution CESA-2009:0355 centos4 i386

Check for the Version of evolution OpenVAS Vulnerability Test CentOS Update for evolution CESA-2009:0355 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

CentOS Update for evolution CESA-2009:0358 centos3 i386

Check for the Version of evolution OpenVAS Vulnerability Test CentOS Update for evolution CESA-2009:0358 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

From Brain to Stuxnet: Mikko Hyponnen on Malware and Security Preparedness

Computer viruses have been a problem for 25 years now, and in honor of that dubious milestone, Mikko Hyponnen of F-Secure spoke at the TED Global conference in Scotland recently about the evolution of malware and how it’s turned into a tool for cybercrime...

Mozilla Releases BrowserID Web Authentication System

Mozilla has released a new browser-based federated login mechanism called BrowserID that is designed to replace the login process on Web sites that requires users to supply an email and password. The experimental system relies on the Verified Email protocol and also works on other browsers,...

Security fix for the ALT Linux 5 package pidgin version 2.9.0-alt1

June 28, 2011 Alexey Shabalin 2.9.0-alt1 - 2.9.0 fixed CVE-2011-2485: remote denial of service from corrupt buddy icons - enable evolution plugin...

Security fix for the ALT Linux 6 package pidgin version 2.9.0-alt1

June 28, 2011 Alexey Shabalin 2.9.0-alt1 - 2.9.0 fixed CVE-2011-2485: remote denial of service from corrupt buddy icons - enable evolution plugin...

The Infosec Industry Isn't Evolving

I engaged in a long twitter conversation with Daniel Kennedy the other day, and it made me realize that I have little faith in the information security industry right now. The industry does not seem to be evolving as fast as the threats against information security are. I engaged with Daniel afte...

Nuke Evolution Xtreme 2.0.x SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Nuke Evolution Xtreme 2.0 - Local File Inclusion SQL Injection

Nuke Evolution Xtreme 2.0 - Local File Inclusion SQL Injection source: https://www.securityfocus.com/bid/47552/info Nuke Evolution Xtreme is prone to a local file-include vulnerability and an SQL-injection vulnerability. An attacker can exploit the local file-include vulnerability using...

Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection

source: https://www.securityfocus.com/bid/47552/info Nuke Evolution Xtreme is prone to a local file-include vulnerability and an SQL-injection vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files...