7426 matches found
Debian: Security Advisory (DSA-1948-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 10 Update: rubygem-actionpack-2.1.1-5.fc10
Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...
The Penetration Testing Marketplace in 2010
By Nick Selby Managing Director, Trident Risk Management Vulnerability assessment vendor Rapid7 has announced the first of a series of steps to integrate its penetration testing and vulnerability assessment scanning products. The first step is a module that allows users of the Metasploit Framewor...
[SECURITY] [DSA 1937-1] New gforge packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1937-1 [email protected] http://www.debian.org/security/ Steffen Joeris November 21, 2009 http://www.debian.org/security/faq -...
Use google to conduct“penetration testing”-vulnerability warning-the black bar safety net
One, use google to find is people who installed a php webshell back door of the host, and test the ability to use; Second, use google to find exposed INC sensitive information. OK, now we start: 1. Lookup using a php webshell We in the google search box fill in: Code: intitle:"php shell" "Enable...
DSA-1937-1 gforge - cross-site scripting
Bulletin has no description...
Novell eDirectory 8.8 SP5 Denial Of Service
Product: Novell eDirectory 8.8 sp5 for Windows Vulnerability: Denial of Service Discussion: Vulnerability in '/dhost/modules?I:' Sending long strings to '/dhost/modules?I:' causes a DoS crashing dhost.exe Also in last weeks published another bug in 'modules?L:' It is not patched yet too.. Credits...
Yahoo! Messenger 9 Denial Of Service
Product: Yahoo Messenger 9.0.0.2162 Vulnerability: ActiveX Null Pointer - Denial of Service Description: Yahoo Messenger is prone to a denial-of-service cause of null pointer vulnerability. Vulnerability is in YahooBridgeLib.dll Activex Control An attacker can exploit this vulnerability by entici...
Talk about Ewebeditor editor of each version of the problem-the vulnerability warning-the black bar safety net
Source: Tosec Security Team 'Blog Recently read something about ewebeditor for this editor, with regard to this vulnerability or a lot, in fact a lot of people doingsecurity testingwhen most of the bias in the injection context, sometimes attention under editor aspect is good, there are mainly as...
Novell eDirectory 8.8 SP5 Denial of Service
No description provided by source. Product: Novell eDirectory 8.8 sp5 for Windows Vulnerability: Denial of Service Discussion: Vulnerability in '/dhost/modules?I:' Sending long strings to '/dhost/modules?I:' causes a DoS crashing dhost.exe Also in last weeks published another bug in 'modules?L:' ...
Novell eDirectory 8.8 SP5 Denial of Service
Product: Novell eDirectory 8.8 sp5 for Windows Vulnerability: Denial of Service Discussion: Vulnerability in '/dhost/modules?I:' Sending long strings to '/dhost/modules?I:' causes a DoS crashing dhost.exe Also in last weeks published another bug in 'modules?L:' It is not patched yet too.. Credits...
Yahoo Messenger 9 ActiveX DoS (Null Pointer) Vulnerability
Product: Yahoo Messenger 9.0.0.2162 Vulnerability: ActiveX Null Pointer - Denial of Service Description: Yahoo Messenger is prone to a denial-of-service cause of null pointer vulnerability. Vulnerability is in YahooBridgeLib.dll Activex Control An attacker can exploit this vulnerability by entici...
Debian: Security Advisory (DSA-1925-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (1)
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities 1 Abysssec Inc Public Advisory Title : Portili Personal and Team Wiki Multiple Remote Vulnerabilities Affected Version : Portili Personal and Team Wik = 1.14 Vendor Site : www.Portili.com Discovery : www.Abysssec.com Vendor Contact :...
Social Engineering in Real-World Computer Attacks
Why bother breaking down the door if you can simply ask to be let in? The SANS Diary has an excellent entry on just how valuable social engineering is to attackers — whether during penetration testing or as part of real world attacks. It explores the techniques used to marry offline social...
Trident Risk Management's Nick Selby on Metasploit and Rapid7
The Big Story podcast with Ryan Naraine – October 22, 2009 Trident Risk Management‘s Nick Selby joins the Big Story podcast to discuss the latest news around Metasploit and Rapid7 and how this affects issues around penetration testing and exploit creation and release. Download Podcast audio...
[SECURITY] [DSA 1910-1] New mysql-ocaml packages provide secure escaping
------------------------------------------------------------------------ Debian Security Advisory DSA-1910-1 [email protected] http://www.debian.org/security/ Steffen Joeris October 14, 2009 http://www.debian.org/security/faq -...
[SECURITY] Fedora 11 Update: rubygem-actionmailer-2.3.2-3.fc11
Makes it trivial to test and deliver emails sent from a single service laye r...
[SECURITY] Fedora 11 Update: rubygem-actionpack-2.3.2-2.fc11
Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...
[SECURITY] [DSA 1901-1] New mediawiki1.7 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1901-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano October 05, 2009 http://www.debian.org/security/faq -...