CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...

[SECURITY] Fedora 15 Update: clearsilver-0.10.5-15.fc15

ClearSilver is a fast, powerful, and language-neutral HTML template system. In both static content sites and dynamic HTML applications, it provides a separation between presentation code and application logic which makes working with your project easier. The design of ClearSilver began in 1999, a...

The rise of the chaotic actor

The past year saw the emergence of a series of cleverly named hacking groups like Anonymous, LulzSec, and TeaMp0isoN. In 2011, these groups brought the fight to corporate America, crippling firms both small HBGary Federal and large Sony. As the year drew to a close these groups noticeably shifted...

Government organised 12 Chinese Hacker Groups behind all Attacks

Government organised 12 Chinese Hacker Groups behind all Attacks About 12 different Chinese groups largely directed by the government there, do the bulk of the China based cyber attacks stealing critical data from U.S. companies and government agencies, according to U.S. cyber security analysts a...

Government organised 12 Chinese Hacker Groups behind all Attacks

Government organised 12 Chinese Hacker Groups behind all Attacks About 12 different Chinese groups largely directed by the government there, do the bulk of the China based cyber attacks stealing critical data from U.S. companies and government agencies, according to U.S. cyber security analysts a...

Report Claims U.S. Cyber Analysts Trace Most Serious Attacks To Just 12 Hacking Groups in China

Cyber security analysts at private sector firms in the U.S. say they have linked a string of devastating hacks of military networks and defense contractors to a small cadre of hacking groups within China, and are pushing the U.S. government for the green light to strike back. The report Monday in...

qemu: when started as root, extra groups are not dropped correctly

The changeprocessuid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host...

Family Connections CMS 2.5.02.7.1 - less.php Remote Command Execution

Family Connections CMS 2.5.02.7.1 - less.php Remote Command Execution $theme = isset$argv1 ? $argv1 : 'default'; system"clear"; if fileexists"$dir/themes/$theme/style.css" echo "\n themes/$theme/style.css already exists.\n\n"; echo "Overwrite y/n ? "; $handle = fopen "php://stdin","r"; $line =...

SSH Explorer v1.97 - Denial of Service Vulnerability

Document Title: =============== SSH Explorer v1.97 - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=326 CNNVD-201112-149 Release Date: ============= 2011-11-19 Vulnerability Laboratory ID VL-ID:...

Key House Hearing on SOPA Bill Set For Today

All eyes will be on Capitol Hill this morning when the House Judiciary Committee holds a key hearing on the controversial Stop Online Piracy Act, which has drawn wide opposition from a variety of groups and companies for its broad language supposedly designed to prevent copyright infringement. Th...

Sky News Twitter account Hacked

Sky News Twitter account Hacked Hackers yesterday accessed the Twitter account for Sky News business desk and posted a tweet claiming that James Murdoch had been arrested by London police. It has also lately been used by hacker groups to simply raise their profile and make the public aware of the...

Sky News Twitter account Hacked

Sky News Twitter account Hacked Hackers yesterday accessed the Twitter account for Sky News business desk and posted a tweet claiming that James Murdoch had been arrested by London police. It has also lately been used by hacker groups to simply raise their profile and make the public aware of the...

The Hacker News arrived on Google+ Pages

The Hacker News arrived on Google+ Pages Google has finally added Google+ Pages feature in their social network which allow brands, products, companies, businesses, places, groups, and everyone else to establish a presence on the service. We've gone ahead and set up our very own 'The Hacker News'...

The Hacker News Magazine - Anniversary Edition - November Issue 06

The Hacker News Magazine - Anniversary Edition - November Issue 06 In November of 2010 the team at The Hacker News finally achieved our ultimate goal of launching an online News Portal and Magazine addressing the tricky and complicated world of hackers and hacking. In our first year The Hacker...

Windows Gather Enumerate Domain Tokens

This module enumerates domain account tokens, processes running under domain accounts, and domain users in the local Administrators, Users and Backup Operator groups. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

India's leading telecom Company BSNL hacked by Pakistani Hacker

India's leading telecom Company BSNL hacked by Pakistani Hacker A Pakistani hacker "KhantastiC haX0r" today hack into the official website of India's leading telecom Company Bharat Sanchar Nigam Limited BSNL. This is not 1st time when BSNL become victim of any cyber attack. Pakistani Hackers hit...

SA-CONTRIB-2011-050 - Organic groups - Access bypass

Organic groups OG enables users to create and manage their own 'groups'. Each group can have subscribers, and maintains a group home page where subscribers communicate amongst themselves. OG has an API function to check access to an entity which is in a group "context". When the entity isn't in a...

SA-CONTRIB-2011-044 - Homebox for Organic Groups Cross Site Scripting

Homebox allows site administrators to create dashboards for their users, using blocks as widgets. Blocks in a Homebox page are resizeable, and reorderable by dragging. Homebox OG is a submodule of Homebox which allows Organics Groups administrators to specify a Homebox to be used as the group...

#DEFCON Chennai September 2011 meet - Another Success !

DEFCON Chennai September 2011 meet - Another Success ! DEF-CON Chennai DC602028 Meet held on On 11th September 2011 From 2:30 PM to 7PM was a Great Success. List of Speakers 1 Abhinab 2 Viknesh 3 Ravi Kumar 4 Aditya Gupta 5 Rahul Tyagi 6 Sophan 7 Suman Some Awesome moments of Meet !The Hacker...

Senate Considers Using Mob Law To Go After Cybercriminals

Members of the Senate Judiciary Committee listened as one of the nation’s top cyber cops asked for expanded powers to go after cybercriminal groups, including the use of statutes written to combat the mafia. But confronted with the prospect of a major face lift for the U.S.’s preeminent cyber...