812 matches found
Google Releases Skipfish Application Security Scanner
Google has released its own Web application security scanner, called Skipfish. The free scanner is designed to work within a variety of existing Web application frameworks and is built with an emphasis on speed and low false-positives, the company said. Skipfish enters a crowded field of Web...
Google Attackers Used Internet Explorer Zero Day
Several of the companies victimized in the attack that hit Google and dozens of other companies recently were compromised through the use of a new, unpatched vulnerability in Internet Explorer, experts say. The flaw was used in a sophisticated attack that included victims receiving targeted email...
North Korea upgrading cyberattack capabilities
From AFP Via Yahoo News The North Korean regime is in the process of building up its capabilities to launch offensive computer attacks, according to news reports out of South Korea. The reports say that North Korea is specifically strengthening its information warfare program with the intention o...
DNS vulnerabilities to attack the Ruby code-vulnerability warning-the black bar safety net
1 require 'msf/core' 2 require 'net/dns' 3 require 'scruby' 4 require 'resolv' 5 6 module Msf 7 8 class Auxiliary::Spoof::Dns::BaliWickedHost Msf::Auxiliary 9 1 0 The include Exploit::Remote::Ip 1 1 1 2 def initializeinfo = 1 3 superupdateinfoinfo, 1 4 'Name' = 'DNS BaliWicked Attack', 1 5...
DNS BailiWicked Host Attack
No description provided by source. /msf3/msfconsole require 'msf/core' require 'net/dns' require 'scruby' require 'resolv' module Msf class Auxiliary::Spoof::Dns::BailiWickedHost Msf::Auxiliary include Exploit::Remote::Ip def initializeinfo = superupdateinfoinfo, 'Name' = 'DNS BailiWicked Host...
ozjournals-disclose.txt
Name: OZJournals 2.1.1 Webiste: http://www.aqonlinenetworks.com/ Vulnerability type: Local File Exposure Author: shinmai, 2008-01-21 Description: OZJournals uses .php-files as it's storage, and posts are read from them with the getcontents-function. This protects from traditional LFI-exploits, bu...
[Full-disclosure] [NETRAGARD-20060822 SECURITY ADVISORY] [ APPLE COMPUTER CORPORATION KEXTLOAD VULNERABILITY + ROXIO TOAST TITANUM 7 HELPER APP - LOCAL ROOT COMROMISE]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Netragard, L.L.C Advisory Strategic Reconnaissance Team ------------------------------------------------ http://www.netragard.com -- "We make I.T. Safe." About Netragard - ---------------------------------------------------------------------- Netragar...
Targeted attack: experience from the trenches
Targeted attack: experience from the trenches Published: 2006-05-19, Last Updated: 2006-05-19 17:36:01 UTC by Chris Carboni Version: 2click to highlight changes Learning lessons from incidents is a very important part of incident handling. Yet with targeted attacks it is very hard as you need to...
IPNetSentryX / IPNetMonitorX - Unauthorized Network Reconnaissance
source: https://www.securityfocus.com/bid/8365/info It has been reported that helper applications that are shipped with IPNetSentryX and IPNetMonitorX may be harnessed by a local attacker to provide for unauthorized network reconnaissance. bash-2.05a$ id uid=503dummy gid=20staff groups=20staff...
IPNetSentryX IPNetMonitorX - Unauthorized Network Reconnaissance
IPNetSentryX IPNetMonitorX - Unauthorized Network Reconnaissance source: https://www.securityfocus.com/bid/8365/info It has been reported that helper applications that are shipped with IPNetSentryX and IPNetMonitorX may be harnessed by a local attacker to provide for unauthorized network...
Multiple intrusion detection systems may be circumvented via %u encoding
Overview Multiple intrusion detection systems may be circumvented via %u encoding allowing intruders to launch attacks undetected. Description Most intrusion detection systems are capable of decoding URLs that are encoded using either the "UTF" or "hex-encode" encoding schemes. Microsoft's...
[SRT2001-10] - scoadmin /tmp issues
====================================================================== Strategic Reconnaissance Team Security AdvisorySRT2001-10 Topic: scoadmin /tmp issues Vendor: Santa Cruz Operations Release Date: 05/07/01 ====================================================================== .: Description...