Mandriva Update for php MDVSA-2012:093 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2012:093 php Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Scientific Linux Security Update : perl-DBD-Pg on SL5.x, SL6.x i386/x86_64 (20120725)

Perl DBI is a database access Application Programming Interface API for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially crafted database warning or error message from a server could cause...

Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20120718)

The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFYSOURCE protection...

Scientific Linux Security Update : perl on SL3.x, SL4.x i386/x86_64

Perl is a high-level programming language commonly used for system administration utilities and web programming. The Safe extension module allows users to compile and execute Perl code in restricted compartments. The Safe module did not properly restrict the code of implicitly called methods such...

CentOS Update for glibc CESA-2012:1098 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

From Three Nations and Three Different Perspectives, Blue Hat Finalists Focus on Defense

By Rob Lemos LAS VEGAS — If Jared DeMott hadn’t been eager to take a different path, he would never be in security, much less a finalist in Microsoft’s search for defensive technologies, known as the Blue Hat Prize.Raised in a manufacturing town, he was accepted to the Air Force Academy in 1996,...

RedHat Update for perl-DBD-Pg RHSA-2012:1116-01

Check for the Version of perl-DBD-Pg OpenVAS Vulnerability Test RedHat Update for perl-DBD-Pg RHSA-2012:1116-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

PHP 5.3.x 'open_basedir'安全限制绕过漏洞

BUGTRAQ ID: 54612 CVE ID: CVE-2012-3365 PHP 是一种 HTML 内嵌式的语言，PHP与微软的ASP颇有几分相似，都是一种在服务器端执行的嵌入HTML文档的脚本语言，语言的风格有类似于C语言，现在被很多的网站编程人员广泛的运用。 PHP 5.3.15之前版本在SQLite扩展中存在错误，可被利用绕过"openbasedir"功能。 0 PHP 5.3.x 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.php.net...

Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion

Added: 07/23/2012 CVE: CVE-2012-1723 BID: 53960 OSVDB: 82877 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

RedHat Update for glibc RHSA-2012:1098-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Moderate: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Debian DSA-2502-1 : python-crypto - programming error

It was discovered that that the ElGamal code in PythonCrypto, a collection of cryptographic algorithms and protocols for Python used insecure insufficient prime numbers in key generation, which lead to a weakened signature or public key space, allowing easier brute-force attacks on such keys...

Fujitsu cracks 278-digit crypto in 148 Days using 21 PCs

Fujitsu cracks 278-digit crypto in 148 Days using 21 PCs A team of researchers in Japan have successfully broken a 278-digit piece of crypto in less than 200 days. Fujitsu Laboratories Limited, National Institute of Information and Communications Technology NICT and Kyushu University jointly brok...

Microsoft Reveals Blue Hat Prize Finalists

Microsoft has announced the three finalists for its $200,000 Blue Hat Prize contest and all three of the researchers in the running for the win submitted technologies designed to defeat ROP return-oriented programming exploits. Each of the entrants takes a different tack with his ROP defense and ...

A lot of Taobao guest V7. 4 injection vulnerability-vulnerability warning-the black bar safety net

Penetration a station to engage the C-segment across a station. Since the app is open source program And download their app to see a lot. In fact, the programmer still has little Safety awareness: Anti-injection code: //To filter the illegal characters $ArrFiltrate =array...

Mandriva Linux Security Advisory : php (MDVSA-2012:093)

Multiple vulnerabilities has been identified and fixed in php : There is a programming error in the DES implementation used in crypt in ext/standard/cryptfreesec.c when handling input which contains characters that can not be represented with 7-bit ASCII. When the input contains characters with...

FreeBSD Security Advisory FreeBSD-SA-12:02.crypt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:02.crypt Security Advisory The FreeBSD Project Topic: Incorrect crypt hashing Category: core Module: libcrypt Announced: 2012-05-30 Credits: Rubin Xu, Joseph...

FreeBSD -- Incorrect crypt() hashing

Problem description: There is a programming error in the DES implementation used in crypt when handling input which contains characters that cannot be represented with 7-bit ASCII. When the input contains characters with only the most significant bit set 0x80, that character and all characters...

FreeBSD-SA-12:02.crypt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:02.crypt Security Advisory The FreeBSD Project Topic: Incorrect crypt hashing Category: core Module: libcrypt Announced: 2012-05-30 Credits: Rubin Xu, Joseph...

Dear Jailbreaker, Apple Wants to Have a Word with You

After banning the word “jailbreak” from its app store and music library, Apple today reversed course and again permits the term – slang for hacking into a device to download unauthorized content — to appear on iTunes and its App Store. On Thursday bloggers noticed Apple had censored the word, usi...