127 matches found
New Pandemiya Banking Trojan Written From Scratch
Brand new, written-from-scratch malware is a relatively rare undertaking on the underground. Aside from some private endeavors, source code is available for a number of popular Trojans, including Zeus, Citadel and Carberp, making it easy for attackers to simply grab one off the shelf and get...
Adobe Flash Player sandbox for Safari OS X Mavericks
Mac OS X Mavericks may have brought with it iBooks and Maps to the Apple desktop operating system, but for security conscious users, perhaps the thing most worth noting is the addition of sandbox protection for Adobe Flash Player for the Safari browser, announced yesterday by Adobe. “By providing...
Small Businesses Lose £800 Million Per Year to Cybercrime
Small- and medium-sized businesses are losing a staggering £785 million per year to cybercrime, according to a joint report published by the Federation of Small Businesses FSB and the Home Office and Business Departments in the United Kingdom. Despite this, just fewer than 20 percent of businesse...
China Introduces New Laws to Combat Cyber Hacking
China is taking decisive action against computer hacking with a new law set to govern the sentencing of hackers and other internet offenders. This initiative, announced by the Ministry of Public Security, aims to enhance cybersecurity in response to the growing threat of cybercrime. Lawmakers are...
Net-SNMP security protection bypass
Under some conditions write access may be obtained to read-only community...
IRM 014: Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent
---------------------------------------------------------------------- IRM Security Advisory No. 014 Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent Vulnerablity Type / Importance: Security Protection Bypass / High Problem discovered: November 23rd...
Do not think that the installation of a firewall,I political don't you-vulnerability warning-the black bar safety net
How to make tcp packets and udp packets through the firewall by this article httptunnel technology At the same time escaped the firewall shield, as well as the system's tracking test, we can seeNetworksafe to rely only on some or a few of the means are unreliable, while the security system of bli...
security flaw
The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...
ruby -- arbitrary command execution on XMLRPC server
Nobuhiro IMAI reports: the default value modification on Modulepublicinstancemethods from false to true breaks s.addhandlerXMLRPC::iPIMethods"sample", MyHandler.new style security protection. This problem could allow a remote attacker to execute arbitrary commands on XMLRPC server of libruby...
CVE-2005-1992
The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...
CVE-2005-1992
CVE-2005-1992 affects Ruby’s XMLRPC implementation. The XMLRPC server in utils.rb (Ruby libruby 1.8) uses an insecure default for public_instance_methods, enabling a remote attacker to trigger the XMLRPC handler to execute arbitrary commands. Impact is remote code execution via the XMLRPC service...
CVE-2005-1992
The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...
CVE-2005-1992
The XMLRPC server in utils.rb for the ruby library libruby 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands...
FW: [Unpatched] Shell and Drag'n'Drop vulnerabilities
This is a post forwarded from the Unpatched mailing list http://www.pivx.com/pivxlabsUnpatched.asp , a mailing list that receive advance notification of any security research from PivX Labs. Cheers Thor From: Thor Larholm To: [email protected] Subject: Unpatched Shell and Drag'n'Drop...
WebWacher crossite scripting
No description provided...
[ADVISORY] Timing Attack on OpenSSL
OpenSSL v0.9.7a and 0.9.6i vulnerability ---------------------------------------- Researchers have discovered a timing attack on RSA keys, to which OpenSSL is generally vulnerable, unless RSA blinding has been turned on. Typically, it will not have been, because it is not easily possible to do so...
An Analysis of the RADIUS Authentication Protocol
An Analysis of the RADIUS Authentication Protocol by Joshua Hill, InfoGard Laboratories www.infogard.com Last Modified Mon Nov 12 16:12:53 PST 2001 A current HTML version of this paper can be found at: http://www.untruth.org/josh/security/radius Please send comments to [email protected] 1...
CVE-2025-31369
CVE-2025-31369 is rejected/not used and does not represent an active vulnerability entry.
CVE-2022-43816
...
Security update 1970-01-01
...