751 matches found
Researchers To Demonstrate Tor Network Hijack Method
Researchers at the Hackers To Hackers Conference in Brazil will detail a method of hijacking the TOR anonymity network, potentially putting its users at risk, while The Tor Project accuses one of the researchers of irresponsible disclosure. The presentation combines work done by Eric Filiol of th...
Skype 0 Day Exploitation Presentation - HITB Malaysia 2011
Document Title: =============== Skype 0 Day Exploitation Presentation - HITB Malaysia 2011 References: =========== Presentation: http://www.vulnerability-lab.com/resources/documents/294.pdf Documentation: http://www.vulnerability-lab.com/getcontent.php?id=293 Speaker:...
Let's Play a Game of Cyber Security at CSAW CTF 2011
Let's Play a Game of Cyber Security at CSAW CTF 2011 Ready for a little game of capture the flag? What if you weren't running around a field like a crazy person trying to grab a flag out of someone's belt, but instead were navigating around a network overcoming technical challenges to find marker...
Session Race Conditions and Session Puzzling – Now Simplified
Session Race Conditions and Session Puzzling – Now Simplified A few months ago Shay Chen, Senior Manager at Hacktics Advanced Security Center HASC published a paper about Session Puzzling, a new application level attack vector of critical severity and numerous uses, but for some bizarre reasons,...
CentOS Update for openoffice.org CESA-2009:1426 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for openoffice.org CESA-2009:1426 centos3 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-2888
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service application hang via complex graphics in a presentation...
CVE-2011-2888
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service application hang via complex graphics in a presentation...
Nmap NSE net: modbus-discover
Enumerates SCADA Modbus slave ids sids and collects their device information. Modbus is one of the popular SCADA protocols. This script does Modbus device information disclosure. It tries to find legal sids slave ids of Modbus devices and to get additional information about the vendor and firmwar...
Belnet Security Conference, 5 May 2011 in Brussels !
Belnet Security Conference, 5 May 2011 in Brussels ! Security on the Internet is one of Belnet's highest priorities. Belnet after all has extensive expertise at its disposal in the area of Internet security. Moreover, with the expansion of its security services, Belnet wishes to raise awareness o...
Adobe Flash Player 10.1.53.64 - Action Script Type Confusion (ASLR + DEP Bypass)
Adobe Flash Player 10.1.53.64 - Action Script Type Confusion ASLR + DEP Bypass Source: http://www.abysssec.com/blog/2011/04/exploiting-adobe-flash-player-on-windows-7/ Adobe Flash player Action script type confusion exploit DEP+ASLR bypass advisory text : Here is another reliable windows 7 exploi...
Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
Exploit for Android platform in category remote exploits function heap var id = document.getElementById"target"; var attribute = id.getAttributeNode'id'; nodes = attribute.childNodes; document.body.removeChildid; attribute.removeChildnodes0; setTimeoutfunction for var i = 0; i 70000; i++ var s =...
Google Android 2.02.12.1.1 - WebKit Use-After-Free
Google Android 2.02.12.1.1 - WebKit Use-After-Free function heap var id = document.getElementById"target"; var attribute = id.getAttributeNode'id'; nodes = attribute.childNodes; document.body.removeChildid; attribute.removeChildnodes0; setTimeoutfunction for var i = 0; i 70000; i++ var s = new...
[SECURITY] Fedora 15 Update: TeXmacs-1.0.7.9-2.fc15
GNU TeXmacs is a free scientific text editor, which was both inspired by TeX and GNU Emacs. The editor allows you to write structured documents via a WYSIWYG what-you-see-is-what-you-get and user friendly interface. New styles may be created by the user. The program implements high-quality...
After The Hack: Tips For Working With Local Law Enforcement
SAN FRANCISCO–If you are in business long enough, you’re going to get hacked and you’re going to have to call the cops. Maybe you’ll need their help finding the perpetrators of a crime in which your business was victimized. Maybe employees will have conducted a crime involving IT, or maybe you’ll...
[SECURITY] Fedora 13 Update: drupal-views-6.x.2.12-1.fc13
The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...
Professional Penetration Testing Guide
Here is the another good book in the field of penetration testing. Unlike other books which aims only at the technical aspects of Penetration testing, this one explains every step involved in the making of a Professional Pentester. Rather than just teaching how to use the existing tools, it does...
Citrix Presentation Server Client buffer overflow
Buffer overflow on ICA server response parsing...
[SECURITY] Fedora 13 Update: drupal-views-6.x.2.11-1.fc13
The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...
[SECURITY] Fedora 11 Update: drupal-views-6.x.2.11-1.fc11
The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...