31 matches found
CVE-2020-7237
Cacti 1.2.8 allows Remote Code Execution by privileged users via shell metacharacters in the Performance Boost Debug Log field of pollerautomation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance...
Cacti Remote Code Execution Vulnerability (CNVD-2020-03255)
Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A security vulnerability exists in Cacti version 1.2.8. An attacker...
Metame - Metame Is A Metamorphic Code Engine For Arbitrary Executables
metame is a simple metamorphic code engine for arbitrary executables. From Wikipedia: Metamorphic code is code that when run outputs a logically equivalent version of its own code under some interpretation. This is used by computer viruses to avoid the pattern recognition of anti-virus software...
Netflix functions without client-side React, and it's a good thing
A few days ago Netflix tweeted that they'd removed client-side React.js from their landing page and they saw a 50% performance improvement. It caused a bit of a stir. This shouldn't be a surprise The following: 1. Download HTML & CSS in parallel. 2. Wait for CSS to finish downloading & execute it...
HTTP/2 push is tougher than I thought
"HTTP/2 push will solve that" is something I've heard a lot when it comes to page load performance problems, but I didn't know much about it, so I decided to dig in. HTTP/2 push is more complicated and low-level than I initially thought, but what really caught me off-guard is how inconsistent it ...
Boost - Moderately Critical - Information Disclosure - SA-CONTRIB-2016-021
This module provides static page caching for Drupal enabling a very significant performance and scalability boost for sites that receive mostly anonymous traffic. The module doesn't prevent form cache from leaking between anonymous users which could result in information disclosure, where one use...
Penetration Testers Get Ready - BackBox Linux 2.05 released !
The BackBox team has announce the release 2.05 of BackBox Linux. The new release include features such as Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8.0. BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be...
[Announce] Apache HTTP Server 2.2.22 Released
Apache HTTP Server 2.2.22 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.22 of the Apache HTTP Server "Apache". This version of Apache is principally a security and bug fix release, including the following significant...
BackBox Linux 2.01 released
BackBox Linux 2.01 released The BackBox team is proud to announce the release 2.01 of BackBox Linux.The new release include features such as Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8.0. The ISO images 32bit & 64bit can be downloaded from the following location: What's new System upgrade...
BackBox Linux 2 released
BackBox Linux 2 released The BackBox team is proud to announce the release of BackBox. Linux 2.BackBox 2 features the following upstream components: Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8. BackBox is an Ubuntu-based distribution developed to perform penetration tests and security...
BackBox Linux 2 released
BackBox Linux 2 released The BackBox team is proud to announce the release of BackBox. Linux 2.BackBox 2 features the following upstream components: Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8. BackBox is an Ubuntu-based distribution developed to perform penetration tests and security...