Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt

Автор: sickness Блог автора: Перевод: Gh0St 07.04.2012 Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt. ПРИМЕЧАНИЕ: Перед чтением данного документа, рекомендуется ознакомиться со следующими работами: Руководство по написанию эксплоитов для Linux. Часть I – переполнени...

Fedora Update for nss FEDORA-2012-3996

Check for the Version of nss OpenVAS Vulnerability Test Fedora Update for nss FEDORA-2012-3996 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

Fedora 17 : condor-7.7.5-0.2.fc17.2 (2012-3263)

Update to latest development release 7.7.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...

Fedora Update for arora FEDORA-2011-14719

Check for the Version of arora OpenVAS Vulnerability Test Fedora Update for arora FEDORA-2011-14719 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora 15 : condor-7.7.5-0.2.fc15 (2012-3363)

Update to latest development release 7.7.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...

nginx fix for malformed HTTP responses from upstream servers

Hello, The nginx team has released stable version 1.0.14, and development version 1.1.17 of nginx web server, which include a fix for malformed HTTP responses from upstream servers: http://trac.nginx.org/nginx/changeset/4535/nginx http://trac.nginx.org/nginx/changeset/4531/nginx...

Mozilla Readies Silent Updater with New Versions of Firefox

Mozilla announced this week that it plans to integrate a silent updater in the next build of its flagship browser, Firefox, allowing future patches for Firefox 12 to be downloaded and installed in the background while the browser is running, according to a blog post by Robert Nyman, Mozilla’s...

Online-Development CMS Cross Site Scripting

Exploit Title : Online-Development Cms Cross-Site Scripting Vulnerabilitiy Author : Zarbat.Org & IrIsT.Ir Discovered By : Am!r Home : http://Zarbat.Org/forums/ Software Link : http://www.onlinedevelopment.co.uk/ Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows...

Moderate: Red Hat Security Advisory: java-1.4.2-ibm-sap security update

Updated java-1.4.2-ibm-sap packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5 and 6 for SAP. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Sandcat Browser 2.0 Released - Penetration Testing Oriented Browser

Sandcat Browser 2.0 Released, Penetration Testing Oriented Browser Sandcat Browser version 2.0 includes several user interface and experience improvements, an improved extension system, RudraScript support and new extensions. What is Sandcat Browser? The fastest web browser combined with the...

Mobile Apps Space A 'Wild West' For Enterprises

SAN FRANCISCO – Companies that are hoping to catch a ride on the mobile wave should pay close attention to the application development firms they choose to work with, unless they want to be saddled with a buggy and insecure albatross bearing their corporate logo, a leading application security...

[SECURITY] Fedora 16 Update: systemtap-1.7-2.fc16

SystemTap is an instrumentation system for systems running Linux. Developers can write instrumentation scripts to collect data on the operation of the system. The base systemtap package contains/requires the components needed to locally develop and execute systemtap scripts...

Moderate: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CentOS 6 : java-1.6.0-openjdk (CESA-2012:0135)

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

java security update

CentOS Errata and Security Advisory CESA-2012:0135 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring Syste...

Citadel Malware Authors Adopt Open-Source Development Model

Attackers and malware authors are well-known for their proclivity for taking whatever tactics and techniques work for others and making them their own. That adaptive ability has now extended to the idea of open-source projects, with one malware gang having set up its own community for improving a...

Mobile Based Wireless Network MiTM Attack Illustration

Mobile Based Wireless Network MiTM Attack Illustration Bilal Bokhari from zer0byte.com Illustrated perfect example of Mobile Based Wireless Network MiTM Attack on his blog. Bilal want to share this article with our Readers at THN, Have a look : If we look at the history of computer development, t...

Driving Up the Cost of Exploit Development Becomes a Key Defensive Strategy

CANCUN–The skill of attackers, combined with the difficulty and cost of finding and fixing vulnerabilities in software–especially after deployment–has reached the point that it’s now more effective and efficient for vendors to concentrate on making life more difficult for those attackers looking ...

FBI Looking for App to Monitor Twitter and Facebook For Threat Data

The FBI is in the early stages of developing an application that would monitor sites such as Twitter and Facebook, as well as various news feeds, in order to find information on emerging threats and new events happening at the moment. The tool would give specialists the ability to pull the data...