7424 matches found
DSA-2099-1 openoffice.org - several vulnerabilities
Bulletin has no description...
wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness
Westpoint Security Advisory --------------------------- Title: Multiple Browser Wildcard Cerficate Validation Weakness Risk Rating: Low Author: Richard Moore [email protected] Test Cases: Simon Ward [email protected] Date: 14 July 2010 Advisory ID: wp-10-0001 URL:...
[Positive Technologies Research] Open Source WebEngine and Web Crawler v.0.2 is out!
============================================================== ============= Positive Technologies Research Lab ============= ============================================================== Open Source WebEngine and Web Crawler Beta ============================================================== --...
[SECURITY] [DSA 2095-1] New lvm2 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2095-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano August 23, 2010 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2083-1 (moin)
The remote host is missing an update to moin announced via advisory DSA 2083-1. OpenVAS Vulnerability Test $Id: deb20831.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2083-1 moin Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
SoftX FTP Client 3.3 Directory Traversal
Vulnerability ID: HTB22541 Reference: http://www.htbridge.ch/advisory/directorytraversalinsoftxftpclient.html Product: SoftX FTP Client Vendor: SoftX.Org http://www.softx.org/ftp.html Vulnerable Version: 3.3 for windows and Probably Prior Versions Vendor Notification: 27 July 2010 Vulnerability...
[SECURITY] [DSA 2091-1] New squirrelmail packages fix cross-site request forgery
------------------------------------------------------------------------ Debian Security Advisory DSA-2091-1 [email protected] http://www.debian.org/security/ Luciano Bello August 12, 2010 http://www.debian.org/security/faq -...
RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray
. . . \ / |/| . | | | ||/ \ .| RSP MP3 Player OCX ActiveX Buffer Overflow heap spray By : MadjiX , Dz8aHotmail.com Discovered by Blake: http://www.exploit-db.com/exploits/14309/ Greetings: His0k4 , Bibi-info , The g0bl!n y , sec4ever.com Tested on Windows Xp Sp3 Fr,with IE6 sh =...
SQL injection vulnerability in BXR
Vulnerability ID: HTB22506 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinbxr.html Product: BXR Vendor: Hulihan Applications http://hulihanapplications.com/projects/bxr Vulnerable Version: 0.6.8 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Typ...
New Certifications Will Set High Bar for IT Security Pros
A new non-profit group is developing certifications for information technology security professionals that will set a high bar for IT security practitioners in areas like penetration testing, code auditing and control systems operation. The National Board of Information Security Examiners NBISE i...
TurboFTP 6 Client Directory Traversal
Vulnerability ID: HTB22509 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinturboftp6client.html Product: TurboFTP 6 Client Vendor: TurboSoft, Inc http://www.turboftp.com/ Vulnerable Version: 6.30.806 32 and 64 bit and Probably Prior Versions Vendor Notification: 19 Jul...
Campsite 3.3.6 Cross Site Scripting
=============================================================== Vulnerability ID: HTB22494 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincampsite.html Product: Campsite Vendor: Sourcefabric o.p.s http://www.sourcefabric.org/ Vulnerable Version: 3.3.6 and Probably Prior Versions...
[Backports-security-announce] Security Update for git
Sebastian Harl uploaded new packages for git, a popular distributed revision control system, which fixed the following security problem: CVE-2010-2542, Debian BTS 590026 A buffer overrun was found in the way Git sanitized path of a git directory. If a local attacker would create a specially-craft...
Discuz7. 2 of my vest plug-injection vulnerability-a vulnerability warning-the black bar safety net
Discuz! A common set of community forums software system, the user can not require any programming on the basis of, through the simple setup and installation, on the Internet build up with perfect function, strong load capacity, and highly customizable Forum service Vulnerability plug-in:...
SHOPEX Cross Station and CSRF vulnerabilities-vulnerability warning-the black bar safety net
Cross-site request forgerycross-site request forgeryis usually abbreviated as CSRF/XSRF, the literal translation for cross-site request forgery, i.e. an attacker by invoking third-party web site the malicious script or use the program to forge a request, of course, not need to the user end disgui...
XSS vulnerability in Spitfire
Vulnerability ID: HTB22485 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinspitfire2.html Product: Spitfire Vendor: Claus Muus http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.336 and Probably Prior Versions Vendor Notification: 08 July 2010 Vulnerability Type: XSS Cross Site...
Microsoft Says No to Paying Bug Bounties
Microsoft has no plans to follow in the footsteps of Mozilla and Google and pay researchers cash rewards for the bugs that they find in Microsoft’s products. In the wake of both Mozilla and Google significantly increasing their bug bounties to the $3,000 range, there have been persistent rumors i...
Bouncing RPC
In the early years of Core Security Technologies, the company not only offered security consulting services, but often was sub-contracted to do R+D for several security vendors. The first and most intellectually rewarding of such contracts came from Secure Networks Inc. SNI, a Canadian start-up...
Wireless and Wired Network Interceptor: the Interceptor
The Interceptor is a wireless wired network tap. Basically, a network tap is a way to listen in to network traffic as it flows past. I haven’t done extensive research but all the ones I found when looking passed the copy of the traffic onto a specified wired interface which was then plugged into ...
XSRF (CSRF) in Pixie
Vulnerability ID: HTB22471 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinpixie1.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: CSRF Cross-Site Request Forgery...