prev · 28.02.2008 · next 
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | ||
Mandriva: Updated dbus packages fix vulnerability
( 631 days 16 hours ago)
LinuxSecurity.com: A vulnerability was discovered by Havoc Pennington in how the dbus-daemon applied its security policy.
Fedora 7 Update: thunderbird-2.0.0.12-1.fc7
( 631 days 16 hours ago)
LinuxSecurity.com: Several flaws were found in the way Thunderbird processed certain malformed HTML mail content.
Fedora 8 Update: setroubleshoot-2.0.5-2.fc8
( 631 days 16 hours ago)
LinuxSecurity.com: This is a major upgrade of setroubleshoot. The primary difference is how audit data is captured, analyzed, and stored. Security vulnerabilities, performance, usability, and robustness have been addressed in addition to general bug fixes.
Fedora 8 Update: setroubleshoot-plugins-2.0.4-3.fc8
( 631 days 16 hours ago)
LinuxSecurity.com: This is a major upgrade of setroubleshoot. The primary difference is how audit data is captured, analyzed, and stored. Security vulnerabilities, performance, usability, and robustness have been addressed in addition to general bug fixes.
Fedora 8 Update: dbus-1.1.2-9.fc8
( 631 days 16 hours ago)
LinuxSecurity.com: This update fixes CVE-2008-0595.
Fedora 7 Update: dbus-1.0.2-7.fc7
( 631 days 16 hours ago)
LinuxSecurity.com: This update fixes CVE-2008-0595.
Data Leak Risks: A Problem Mid-Size Organizations Can't Ignore
( 631 days 18 hours ago)
(Source: Code Green) More than 220 million private records have been breached in the last three years. With the average cost of a data-leak incident reaching $6.3 million in 2007, organizations of all sizes must act to protect sensitive data. This whitepaper explores the sources of data leaks, what a data breach could cost your organization, and what mid-size companies should look for in a solution.
rPSA-2008-0084-1 lighttpd
( 632 days ago)
rPath Security Advisory: 2008-0084-1 Published: 2008-02-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: lighttpd=conary.rpath.comatrpl:1/1.4.18-0.2-1 rPath Issue Tracking System: References: Description: Previous versions of the lighttpd package are vulnerable to a remote ...
XSS on XRMS- open source CRM
( 632 days ago)
XRMS: An open source web enabled LAMP based CRM. Vulnerability: Confirmation messages upon updates in XRMS are clear text passed across in the URL. Simple test of injection of a script resulted in exposing cross site scripting vulnerability.
RE: Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products
( 632 days ago)
Greetings! I have submitted this case to our Product Specialist. We'll update you for the progress. Regards, Raymond F. Villafania Systems Engineer TrendLabs HQ, Trend Micro Incorporated Original Message From: Rainer Link (ADM-EU) Sent: Thursday, February 28, 2008 5:48 AM To: Vulnerability Claim ...
Re: 123 Flash Chat Module for phpBB
( 632 days ago)
the download link is wrong this is the right one :
PR07-41: XSS on Juniper Networks Secure Access 2000
( 632 days ago)
PR07-41: XSS on Juniper Networks Secure Access 2000 Vulnerability found: 6th December 2007 Vendor informed: 12th December 2007 Severity: Medium-high Description: Juniper Networks Secure Access 2000 is vulnerable to a vanilla XSS. Vulnerable server-side script: '/dana-na/auth/rdremediate.cgi' Unfiltered parameter: 'deliverymode' ...
PR07-42: Webroot disclosure on Juniper Networks Secure Access 2000
( 632 days ago)
PR07-42: Webroot disclosure on Juniper Networks Secure Access 2000 Vulnerability found: 6th December 2007 Vendor informed: 12th December 2007 Severity: Low Description: By simply requesting the 'remediate.cgi' script omitting certain parameters, the web server returns the physical path of the webroot ...
The Science of Intrusion Prevention Testing
( 632 days 1 hour ago)
(Source: NSS Labs) LIVE WEBCAST
How do you accurately gauge the effectiveness of complex security products like intrusion prevention systems? Testing security products is a complex science, and the market place is filled with vendor claims, product reviews, analyses, and lab test reports. These reported measurements can vary widely depending on the sources, methodologies and tools used. And even then, the results may not be relevant for your environment. Whether you are going to perform your own tests, or read someone else's lab results, get a quick educational primer on the science of testing security products.
How do you accurately gauge the effectiveness of complex security products like intrusion prevention systems? Testing security products is a complex science, and the market place is filled with vendor claims, product reviews, analyses, and lab test reports. These reported measurements can vary widely depending on the sources, methodologies and tools used. And even then, the results may not be relevant for your environment. Whether you are going to perform your own tests, or read someone else's lab results, get a quick educational primer on the science of testing security products.
Join NSS Labs experts, Christian Stankevitz, CTO and Bob Walder, Chief Scientist.
What you'll learn:
- Best practices and tools for testing complex security products
- How to evaluate security & performance requirements
- How to avoid common pitfalls when evaluating IPS and anti-malware products
- The importance of using live exploits against real hosts
This webcast will air on Thursday, March 13th, at 2PM EST.
PHP-Nuke My_eGallery "gid" Remote SQL Injection
( 632 days 2 hours ago)
Aria-Security Team Shoutz: Aura, Null, imm02tal, Kinglet, and our staff PHP-Nuke MyeGallery "gid" Remote SQL Injection Dork: inurl:"modules.php?name=MyeGallery" modules.php?op=modload&name=MyeGallery&file=index&do=showgall&gid=-1/**/union/**/select/**/aid,pwd/**/from/**/nukeauthors/**/where/**/radminsuper=1/* The-0utl4w >From Aria-Security.Net Original Link:
123 Flash Chat Module for phpBB
( 632 days 2 hours ago)
Script : 123 Flash Chat Module for phpBB # Discovered By : F10 # Contact : byf10athotmail.com # Site : # Greetz : byemR3 , H0tturk , TaRanTuLa , gsy , ercu145 , # LupuS , m0sted , CyberGhost ... . # >From : Turkey # Download : # ...
Urulu 2.1 Blind SQL Injection Vulnerability (CVE-2008-0385)
( 632 days 2 hours ago)
# # COMPASS SECURITY ADVISORY # # # Product: Urulu # Vendor: USystems # Subject: Blind SQL Injection Vulnerability # Risk: High # Author: Daniel Roethlisberger # Date: 2008-02-25 # CVE Name: CVE-2008-0385 # Introduction An AJAX based Blind SQL Injection vulnerability exists in ...
security and aluminum foil hats
( 632 days 2 hours ago)
Hi, A video walk-through and explanation of the new security testing methodology, OSSTMM 3, which I did recently has been created by Dreamlab (www.dreamlab.net). The video covers a walk-through of the most important factors of OSSTMM 3 and a little bit about aluminum foil hats. So if you ...
Finjan uncovers database storing more than 8,700 stolen FTP credentials
( 632 days 14 hours ago)
Security vendor Finjan has uncovered a data hoard containing more than 8,700 stolen FTP server credentials, including information from more than 2,500 U.S. companies.
prev · 28.02.2008 · next
