2260 matches found
Nmap NSE net: dns-fuzz
This script launches a DNS fuzzing attack against any DNS server. The script induces errors into randomly generated but valid DNS packets. The packet template that we use includes one uncompressed and one compressed name. Use the 'dns-fuzz.timelimit' argument to control how long the fuzzing lasts...
Making an Application Security Program Succeed, Part Two
“Failure is only the opportunity to begin again, only this time more wisely,” is a quote attributed to legendary automaker Henry Ford. While it seemingly has nothing to do with secure application development, all you need to do is talk to a handful of enterprises who have tried to implement a...
CentOS 5 : java-1.6.0-openjdk (CESA-2011:0214)
Updated java-1.6.0-openjdk packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Critical: Red Hat Security Advisory: java-1.5.0-ibm security update
Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring...
Critical: Red Hat Security Advisory: java-1.6.0-ibm security update
Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring...
Eventum Issue Tracking System 2.3.1 stored XSS
Exploit for php platform in category web applications Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info:...
Eventum 2.3.1 Stored Cross Site Scripting
Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: download link if available Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info: Eventum is a user-friendly and flexible issue tracking system th...
eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting
Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info: Eventum is a user-friendly and flexible issue tracking...
RedHat Update for java-1.6.0-openjdk RHSA-2011:0281-01
Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2011:0281-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
In Application Security, Good Enough Isn't
SAN FRANCISCO–There’s the old joke about two hunters running from a lion, and the one runner says to the other: we can’t outrun the lion. And his buddy replied, “I don’t have to outrun the lion, I only have to outrun you.” Many, over the years, have applied the same logic to application security:...
Critical: Red Hat Security Advisory: java-1.6.0-sun security update
Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring...
Moderate: Red Hat Security Advisory: java-1.6.0-openjdk security update
Updated java-1.6.0-openjdk packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
SAUSAGE Con Delves into IT Security's 'Human Problem'
‘Why is security so hard?’ That’s the question that a new conference focused on “useable security” will attempt to answer by bringing together experts on security, software development and human-computer interaction. DEK: ‘Why is security so hard?’ That’s the question that a new conference will...
Moderate: Red Hat Security Advisory: java-1.4.2-ibm-sap security update
Updated java-1.4.2-ibm-sap packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5 and 6 for SAP. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications =================================================== Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability =================================================== 'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav -...
RHEL 6 : java-1.6.0-openjdk (RHSA-2010:0865)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0865 advisory. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. defaultReadObject of the...
RHEL 6 : java-1.5.0-ibm (RHSA-2010:0873)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0873 advisory. The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes severa...
Cyber crime cell arrests two men for `stealing` data
MUMBAI: Two former employees of a software development company for homeopathy sites, who allegedly stole their employers data code, patent software and other data and started their own company, landed in the police net after they threatened him with dire consquences. The cyber crime investigating...
RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01
Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
SmarterMail 7.2.3925 - LDAP Injection
SmarterMail 7.2.3925 - LDAP Injection Vendor: smartertools.com SmarterMail 7.x 7.2.3925 Date: 2010-10-01 Author : David Hoyt sqlhacker – Hoyt LLC Contact : [email protected] Home : http://cloudscan.me Dork : insite: SmarterMail Enterprise 7.2 Bug : LDAP Injection + Cross Site Scripting STORED Test...