5007 matches found
Large Scale Brute Force Cryptanalysis: Wisecracker
Large scale brute force cryptanalysis needs a tremendous amount of computational power that government agencies like the NSA and companies like Google® have. An average security researcher might want to have such capabilities as well but they do not have the tools or the computational resources...
Authentication Implications in Uniquely Identifiable Graphics Cards
Researchers working on the “physically unclonable functions found in standard PC components PUFFIN project” announced last week that widely used graphics processors could be the next step in online authentication. PUFFIN is a joint project between Technische Universiteit Eindhoven in the...
Virtual Machine Escape Exploit Targets Xen
Details of a dangerous virtual machine escape exploit were revealed Wednesday by French research outfit VUPEN Security. The attack exploits a recently reported vulnerability in Xen hypervisors and allows an attacker within a guest virtual machine to escape to the host and execute code. Virtual...
eGlibc - Signedness Code Execution
Exploit Title: eGlibc Signedness Vulnerability Date: November 2011 Exploit Author: c0ntex Vendor Homepage: http://www.eglibc.org Software Link: http://www.eglibc.org/home Version: eGlibc supplied by Ubuntu 10.4 LTS Tested on: Ubuntu 10.4 LTS CVE : CVE-2011-2702 A delicious, yet slightly cold...
Scientific Linux Security Update : kernel on SL4.x i386/x86_64
A flaw was found in the handling of process death signals. This allowed a local user to send arbitrary signals to the suid-process executed by that user. A successful exploitation of this flaw depends on the structure of the suid-program and its signal handling. CVE-2007-3848, Important - A flaw...
Intel CPU Vulnerability can provide control of your system to attacker
Intel CPU Vulnerability can provide control of your system to attacker The U.S. Computer Emergency Readiness Team US-CERT has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems. The flaw has already been exploited on 64-bit versions of...
Concept/Laroux
1995/6 The mid ’90s marked the dawn of macro viruses written into software like word processors and spreadsheet programs. WM.Concept, a 1995 virus was shipped with Microsoft Word for Mac CD ROMs. The virus was largely harmless and merely displayed a ‘1’ message box on infected PCs and Macs. Larou...
Google Fixes SSL Certificate Error in Chrome
Google has released an update for Chrome that repairs a problem when users attempt to connect to sites over HTTPS. In some instances, the browser will return an error messages that tells the user that the requested site’s server certificate is invalid even when that’s not the case. Some users hav...
[security bulletin] HPSBHF02721 SSRT100605 rev.1 - HP Directories Support for ProLiant Management Processors for Integrated Lights-Out iLO2 and iLO3, Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03082006 Version: 1 HPSBHF02721 SSRT100605 rev.1 - HP Directories Support for ProLiant Management Processors for Integrated Lights-Out iLO2 and iLO3, Unauthorized Access NOTICE: The information i...
Code injection
Unspecified vulnerability in HP Directories Support for ProLiant Management Processors 3.10 and 3.20 for Integrated Lights-Out iLO2 and iLO3 allows remote authenticated users to obtain sensitive information via unknown vectors...
CVE-2011-4158
Unspecified vulnerability in HP Directories Support for ProLiant Management Processors 3.10 and 3.20 for Integrated Lights-Out iLO2 and iLO3 allows remote authenticated users to obtain sensitive information via unknown vectors...
CVE-2011-4158
HP Directories Support for ProLiant Management Processors (iLO2/iLO3) versions 3.10 and 3.20 are affected by CVE-2011-4158. The vulnerability could allow remote authenticated users to obtain sensitive information via unknown vectors, with CVSS v2 base score 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N). HP Se...
CVE-2011-4158
Unspecified vulnerability in HP Directories Support for ProLiant Management Processors 3.10 and 3.20 for Integrated Lights-Out iLO2 and iLO3 allows remote authenticated users to obtain sensitive information via unknown vectors...
kernel: xen: vmx: insecure cpuid vmexit
Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service guest crash via unspecified vectors...
All about Microsoft Windows 8 !
Only Microsoft knows how the abutting adaptation of its Windows operating arrangement will attending and what it will be called, but big changes could be advanced for the OS that assemblage accredit to as "Windows 8." At this year's Consumer Electronics Appearance in Las Vegas, Microsoft appear...
USN-1042-1: PHP vulnerabilities
It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting XSS protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. CVE-2009-5016 It was discovered that the XML UTF-8 decoding code did not...
Twitter Locks Out Wikileaks DDoS Group As Attacks Spread
Twitter has suspended the account used by Anonymous, an umbrella group of online hacker-activists that have claimed responsibility for denial of service DoS attacks on Visa, MasterCard, Paypal and a host of other public and private entities who have taken action against Wikileaks and its founder,...
PdShop Pro Online Store System SQL Injection
----------------------------------------------------------------------------------------- PdShop pro Online Store System. SQL-i Vulnerability -----------------------------------------------------------------------------------------...
Financial Industry Group Plans Cyber Attack Simulation
A financial services industry group is planning to simulate a series of cyber attacks to test how well banks, payment processors and retailers deal with online threats. Participants will be expected to activate their incident response procedures in accordance with the scenario presented and to...
RHEL 5 : kernel (RHSA-2009:1670)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...