112 matches found
Researcher Finds Technique to Bypass Microsoft's EMET Protections
A security researchers has discovered a pair of methods that enable him to bypass the protections offered by Microsoft’s EMET anti-exploit technology. The Enhanced Mitigation Experience Toolkit, which Microsoft updated late last month to include one of the three technologies that were finalists i...
Dear Jailbreaker, Apple Wants to Have a Word with You
After banning the word “jailbreak” from its app store and music library, Apple today reversed course and again permits the term – slang for hacking into a device to download unauthorized content — to appear on iTunes and its App Store. On Thursday bloggers noticed Apple had censored the word, usi...
PHP 5.4/5.3 deprecated Function eregi() memory_limit bypass vulnerability-vulnerability warning-the black bar safety net
PHP is an HTML embedded language, PHP and Microsoft ASP quite a bit similar, is a server-side implementation of the embedded HTML document the script language, the language style is similar to the C language, is now a lot of web site programmers widely use. PHP 5.3 after version deprecated based ...
WebWatchBot Monitor 5.1.16 - Divide Zero Vulnerability
Document Title: =============== WebWatchBot Monitor 5.1.16 - Divide Zero Vulnerability Release Date: ============= 2011-09-05 Vulnerability Laboratory ID VL-ID: ==================================== 7 Common Vulnerability Scoring System: ==================================== 3.5 Product & Service...
U.S. Government Shuts Down 84,000 Websites By Mistake !
The US Government has yet again shuttered several domain names this week. The Department of Justice and Homeland Security's ICE office proudly announced that they had seized domains related to counterfeit goods and child pornography. What they failed to mention, however, is that one of the target...
Flickr accidentally deletes photos of 3,400 user's permanently !
Flickr initially said that it had assuredly deleted Mirco Wilhelm's five-year old account, but a day afterwards said that it has absolutely adequate the photo collection. It's every Flickr user's affliction nightmare: one day you login to acquisition your accumulating of bags of anxiously organiz...
maradns -- denial of service when resolving a long DNS hostname
MaraDNS developer Sam Trenholme reports: ... a mistake in allocating an array of integers, allocating it in bytes instead of sizeofint units. This resulted in a buffer being too small, allowing it to be overwritten. The impact of this programming error is that MaraDNS can be crashed by sending...
CitySights NY Data Breach Exposes 110,000 Customers' Personal Information
CitySights NY, a company that organizes New York City tours on double-decker buses, has experienced a significant data breach. The personal information of 110,000 customers, including names, addresses, email addresses, credit card numbers, expiration dates, and Card Verification Value CVV2 codes,...
MDVA-2010:033 : gnupg2
A packaging mistake lead to that the gpg-agent was not started by default. The updated packages addresses this problem. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc...
The music he multi-language shop system The exploitability of the vulnerability.-vulnerability warning-the black bar safety net
In fact, is counted as the Administrator's mistake, if in accordance with the management operations manual, there is absolutely no problem Dork: A Powered By 5 6 7 7 0 Eshop Then check the web root directory is there install as you 9 0% can take down the website. exp: site+install/Install. asp?...
Debian DSA-1841-1 : git-core - denial of service
It was discovered that git-daemon which is part of git-core, a popular distributed revision control system, is vulnerable to denial of service attacks caused by a programming mistake in handling requests containing extra unrecognized arguments which results in an infinite loop. While this is no...
DSA-1841-2 git-core - correct build failure introduced in DSA-1841-1
Bulletin has no description...
Mandriva Update for gnupg2 MDVA-2010:033 (gnupg2)
Check for the Version of gnupg2 OpenVAS Vulnerability Test Mandriva Update for gnupg2 MDVA-2010:033 gnupg2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
SuSE 10 Security Update : libpng (ZYPP Patch Number 6003)
A allocation mistake in libpng's pngread.c has been fixed. CVE-2009-0040 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41547;...
SuSE 10 Security Update : libpng (ZYPP Patch Number 6024)
A allocation mistake in libpng's pngread.c has been fixed CVE-2009-0040. The previous update was using an incomplete patch so it needed to be reissued. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
SuSE9 Security Update : libpng (YOU Patch Number 12358)
A allocation mistake in libpng's pngread.c has been fixed CVE-2009-0040. The previous update was using an incomplete patch so it needed to be reissued. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
SuSE 11 Security Update : libpng (SAT Patch Number 638)
A allocation mistake in libpng's pngread.c has been fixed. CVE-2009-0040 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...
SuSE9 Security Update : libpng (YOU Patch Number 12353)
An allocation mistake in libpng's pngread.c has been fixed. CVE-2009-0040 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41279...
DSA-1841-1 git-core - denial of service
Bulletin has no description...
PHP Live! 3.2.2 - questid SQL Injection (2)
PHP Live! 3.2.2 - questid SQL Injection 2 Original author: Found by Xar of h4ck-y0u, Greets to Don & ViSiOn Modified version: skys Contact: skysbsbatgmail.com !Info! PHP Live! © OSI Codes Inc. enables live help and live customer support communication directly from your website. With PHP Live!, y...