Bugtraq: TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability
TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability
Security
HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability
Bugtraq: TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability
TPTI-09-14: HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability
Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability
Bugtraq: ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability
ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability
HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability
Bugtraq: TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability
TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability
ffmpeg
[ MDVSA-2009:297-1 ] ffmpeg
Posted by security on Dec 05
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:297-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ffmpeg
Date : December 5, 2009
Affected: 2008.0
_______________________________________________________________________
Problem Description:
Vulnerabilities have been…
out of box scanner
Re: out of box scanner
Posted by Nathan Grandbois on Dec 04
John Bennett wrote:
John,
You might want to take a look at the WASC list here:
http://projects.webappsec.org/Web-Application-Security-Scanner-List
The thread is still under discussion on the webappsec mailing list.
_nathan
Autodesk Maya Script Nodes Arbitrary Command Execution
Bugtraq: CORE-2009-0910: Autodesk Maya Script Nodes Arbitrary Command Execution
CORE-2009-0910: Autodesk Maya Script Nodes Arbitrary Command Execution
DoS vulnerability in Internet Explorer
Dark side of bookmarks
Dark side of bookmarks
Posted by MustLive on Nov 01
Hello participants of Full-Disclosure!
After my articles about different attacks via redirectors – Redirectors: the
phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed
redirectors (http://websecurity.com.ua/3531/), here is my new article. This
time about attacks via bookmarks. In article Dark side of bookmarks
(http://websecurity.com.ua/3643/) I’ll tell you about risks of bookmarks in
browsers.
There are possible next…
ARM Expects Mobile Phones with Dual-Core Processors Next Year.
ARM Expects Mobile Phones with Dual-Core Processors Next Year.
Dual-core central processing units (CPUs) were considered a breakthrough in the personal computer industry back in 2005. In 2010, dual-core chips, albeit powered by processors with different micro-architecture, are set to enter the market of mobile phones, according to ARM, a leading developer of processors for portable electronics.
“We don¡¦t need silly GHz speeds. With our dual-core A9, we can get two times the performance, without the speed draining the battery, so by the time you get home your phone is dead,¡¨ said Rob Coombs, director of mobile solutions for ARM, in an interview with TechRadar web-site.
Mr. Coombs added that ARM hopes that actual implementers would introduce dual-core processors for mobile phones sometime in 2010, but still, delays to 2011 were possible.
URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=33626
/proc filesystem allows bypassing directory permissions on
Bugtraq: Re: /proc filesystem allows bypassing directory permissions on
Re: /proc filesystem allows bypassing directory permissions on
/proc filesystem allows bypassing directory permissions on
Bugtraq: Re: /proc filesystem allows bypassing directory permissions on
Re: /proc filesystem allows bypassing directory permissions on
/proc filesystem allows bypassing directory permissions on Linux
Bugtraq: Re: /proc filesystem allows bypassing directory permissions on Linux
Re: /proc filesystem allows bypassing directory permissions on Linux
2910 (kernel)
CVE-2009-2910 (kernel)
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2910
insecure elements in https protected pages
insecure elements in https protected pages
Posted by Mohammad Hosein on Oct 18
in a certain web application e.g gmail there are times the whole
communication is secured by ssl and sometimes "there are insecure elements"
that raise questions . i’m not a web professional . how to find these
insecure elements ? and how to evaluate if these elements are the results of
a successful man in the middle attack or not ?
regards