5 matches found
EUVD-2009-0394
Malware in sbrugna...
Expert Insight-Based Modeling of Non-Kinetic Strategic Deterrence of Rare Earth Supply Disruption: a Simulation-Driven Systematic Framework
This study constructs a quantifiable modelling framework to simulate non-kinetic strategic deterrence pathways in rare earth supply disruption scenarios, based on structured responses from expert interviews led by Dr. Daniel O'Connor, CEO of the Rare Earth Exchange REE. Focusing on disruption...
Temporal UI Server cross-site scripting vulnerability
For an attacker with pre-existing access to send a signal to a workflow, the attacker can make the signal name a script that executes when a victim views that signal. The XSS is in the timeline page displaying the workflow execution details of the workflow that was sent the crafted signal. Access...
Linux Kernel 2.6.32 (Ubuntu 10.04) - '/proc' Handling SUID Privilege Escalation
Source: http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/ proc Handling of Already Opened Files: Subvert The Stack Base Address Randomization With Suid-Binaries Problem description: Latest ubuntu lucid stock kernel 2.6.32-27-generic contains a bug that allows to keep attached to...
Enomaly ECP多个安全漏洞
BUGTRAQ ID: 33544 CVECAN ID: CVE-2008-4990,CVE-2009-0390 Enomaly ECP(之前名为Enomalism)是用于管理虚拟机的软件。 ECP的enomalism2.sh中存在多个安全漏洞,本地攻击者可以通过符号链接攻击以root用户权限覆盖任意系统文件、向kill命令注入参数以终止任意进程或向进程发送信号,或导致虚拟机无法启动。 Enomaly Elastic Computing Platform 2.1 临时解决方法: 将PIDFILE从/tmp/enomalism2.pid更改为/var/run/enomalism2.pid。...