Vuln: Drupal Boost Module Arbitrary Directory Creation Vulnerability
Drupal Boost Module Arbitrary Directory Creation Vulnerability
If it’s about security, you heard it here first
Drupal Boost Module Arbitrary Directory Creation Vulnerability
MD5 hash extension attack breaks API authentication of Flickr and others
Unspecified vulnerability in McAfee Email and Web Security Appliance 5.1 VMtrial allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3339
Posted by L. Pop on Sep 2
Hi Guys,
Recently one of our freebsd servers always experience "Socket: No
buffer space available…" Errors, and there are too many FIN_Wait1s
in system, it is likely that we are being DOSed.
Is there any handy DOS simulate tool that i can use in lab to
reproduce the problem….
[BMSA-2009-06] Remote code execution in BKAV eOffice