4974 matches found
Fedora Update for python FEDORA-2012-5924
Check for the Version of python OpenVAS Vulnerability Test Fedora Update for python FEDORA-2012-5924 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
[SECURITY] Fedora 16 Update: python-docs-2.7.3-1.fc16
The python-docs package contains documentation on the Python programming language and interpreter. Install the python-docs package if you'd like to use the documentation for the Python language...
[SECURITY] Fedora 17 Update: python-docs-2.7.3-1.fc17
The python-docs package contains documentation on the Python programming language and interpreter. Install the python-docs package if you'd like to use the documentation for the Python language...
[SECURITY] Fedora 17 Update: python-2.7.3-3.fc17
Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...
Developing and Sharing Tools for Professional Hackers
Professional hackers or security testers tend to write a lot of code. We write exploit code, fuzzers, code to handle esoteric protocols and data structures, unpackers, disassemblers, reversers, parsers, and so much more. We write this code because often what we’re doing is so specific that is...
shopEX商城后台,模板过滤不严,可成功上传木马
简要描述: shopx系列产品,可能是编程习惯问题,对上传的模板包,过滤不严,导致上传攻击文件,如果权限设置比较严,可能会失效,但是危害还是非常大的。形成这个漏洞的原因,可能是程序员的编程习惯造成的。本来想握在手里的,但是发现新的缺陷,会有更大的乐趣,就把这个缺陷扔给官方吧,希望后续修复,如果PR给的高,后续把其他2个安全缺陷也扔出来! 详细说明:...
Fedora Update for kturtle FEDORA-2011-13417
Check for the Version of kturtle OpenVAS Vulnerability Test Fedora Update for kturtle FEDORA-2011-13417 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for mongoose FEDORA-2011-11636
Check for the Version of mongoose OpenVAS Vulnerability Test Fedora Update for mongoose FEDORA-2011-11636 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] [DSA 2438-1] raptor security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2438-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 22, 2012 http://www.debian.org/security/faq -...
Debian DSA-2438-1 : raptor - programming error
It was discovered that Raptor, a RDF parser and serializer library, allows file inclusion through XML entities, resulting in information disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
[SECURITY] [DSA 2438-1] raptor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2438-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 22, 2012 http://www.debian.org/security/faq -...
Mystery of Duqu Programming Language Solved
Mystery of Duqu Programming Language Solved An appeal for help from the programming community has allowed antivirus analysts to classify the unknown language used to develop key components of the Duqu Trojan. The sections responsible for downloading and executing additional modules in the Duqu...
Duqu's 'Mystery Code' Not New – Just 'Old School'
Researchers around the world put their heads together and solved the identity of ‘mystery code’ in the Duqu Trojan horse program, researchers from Kaspersky Lab announced on Monday. Weeks after announcing that they had discovered computer code of unknown provenance in the innards of the Duqu...
Fedora Update for ldns FEDORA-2011-13895
Check for the Version of ldns OpenVAS Vulnerability Test Fedora Update for ldns FEDORA-2011-13895 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Fedora Update for xchat-ruby FEDORA-2012-1334
Check for the Version of xchat-ruby OpenVAS Vulnerability Test Fedora Update for xchat-ruby FEDORA-2012-1334 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
[20120303] - Core - Privilege Escalation
Programming error allows privilege escalation in some cases...
Mystery of Duqu Deepens As Researchers Ponder Unknown Programming Language
Segments of code within the mysterious information stealing trojan, Duqu, seem to have been written in an unknown programming language according to a new report from Securelist. Kaspersky Lab Expert, Igor Soumenkov claims that Duqu’s payload DLL initially looked like standard Windows executable,...
GCC 4.6.3 Released with 70 bug-fixes
GCC 4.6.3 Released with 70 bug-fixes The GNU Compiler Collection version 4.6.3 has been released. Jakub Jelinek of Red Hat announced the release this morning of GCC 4.6.3. Over GCC 4.6.2 there's over 70 bug-fixes and other work. However, all of the exciting work meanwhile is going into what will...
EasyFTP Server 1.7.0.11 - APPE Remote Buffer Overflow
EasyFTP Server 1.7.0.11 - APPE Remote Buffer Overflow !/usr/bin/env python -- coding: latin-1 -- / / / / / / // / / -/ - / // / / / / // / ////,//////,// ///, / // nullsecurity team Easy FTP server remote exploit DATE 03/03/2012 DESCRIPTION Easy FTP Server - "APPE" command buffer overflow -...
Linux Kernel epoll Subsystem “eventpoll.c”多个本地拒绝服务漏洞
BUGTRAQ ID: 46630 CVE ID: CVE-2011-1082,CVE-2011-1083 Linux Kernel是Linux操作系统的内核。 Linux Kernel 2.6.38之前版本的fs/eventpoll.c在epoll子系统的实现上存在本地拒绝服务安全漏洞,将epoll文件描述符放置在其他epoll数据结构中,没有检查已关闭的循环或深链接,攻击者可利用此漏洞造成拒绝服务 0 Linux kernel 2.6.38 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.or...