http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=603
Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at the following URL.
http://www.sun.com/software/solaris/
jason0936 發表在 痞客邦 留言(0) 人氣(111)
http://jvn.jp/jp/JVN%2361208749
JVN#61208749
Webmin における OS コマンドインジェクションの脆弱性
ウェブベースのシステム管理ツールである Webmin には、許可されていない Webmin ユーザが OS コマンドを実行できる脆弱性があります。
Windows 版 Webmin 1.360 およびそれ以前
jason0936 發表在 痞客邦 留言(0) 人氣(84)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5020
Vulnerability Summary CVE-2007-5020
Original release date: 9/21/2007
Last revised: 9/26/2007
Source: US-CERT/NIST
jason0936 發表在 痞客邦 留言(0) 人氣(74)
Sophos老師說有新的蠕蟲來摟,這次是騙妳點選假的YouTube影片網址
好的老師帶您住天堂,不好的老師帶妳住套房,
那假的連結可以給妳啥?
恭喜您得到半年份 惡意軟體或木馬程式無限多支(反正還會再變種),如果看到「Dudeyour gonna get caught, lol」、「LOL, dude whatare you doing」、「Dude, what if your wife findsthis?」、「Dude dont send that stuff to my home email」、「LOL, that is too cool」的傳說中收到這些電子郵件名稱或內容,您就可以在YouTube Video下載有趣影片,別再相信沒根據的事實了。
雖然從頭到尾都是偽裝成YouTube檢視與下載網頁。但是事實上........都是木馬和蠕蟲....
朋友們.別再手癢亂按了,建議如果想按時,先用左手拿鍵盤敲妳右手.(如果妳不是左撇子的話)Don't download that YouTube video!
New variation of Storm worm drops Ecard disguise for online movie masqueradejason0936 發表在 痞客邦 留言(0) 人氣(129)
<= You can click on the link below for more detail
Star Directory Traversal Vulnerability
Robert Buchholz has reported a vulnerability in Star, which can be exploited by malicious people to compromise a user's system.
Oracle JInitiator "beans.ocx" ActiveX Control Buffer Overflow Vulnerabilities
jason0936 發表在 痞客邦 留言(0) 人氣(84)
<= You can click on the link below for more detail
InterWorx-CP Multiple Cross-Site Scripting
oz has reported some vulnerabilities in InterWorx-CP, which can be exploited by malicious people to conduct cross-site scripting attacks.
Cisco CallManager / CUCM Cross-Site Scripting and SQL Injection
jason0936 發表在 痞客邦 留言(0) 人氣(70)
<= You can click on the link below for more detail
Debian update for rsync
Debian has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
jason0936 發表在 痞客邦 留言(0) 人氣(162)
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=589
Public Advisory: 08.27.07
Motorola Timbuktu Pro Directory Traversal Vulnerability
I. BACKGROUND
Motorola Inc.'s Timbuktu Pro is a remote control software which allows remote access to a computer's desktop. It is available for Mac OS X and Windows systems and provides integration with Skype and SSH. More information is available from the product web site at the following URL.
jason0936 發表在 痞客邦 留言(0) 人氣(103)
GNU tar Directory Traversal Vulnerability
A vulnerability has been reported in GNU tar, which can be exploited by malicious people to compromise a user's system.
eCentrex VOIP Client Component ActiveX Control Buffer Overflow
rgod has discovered a vulnerability in the eCentrex VOIP Client Component ActiveX control, which can be exploited by malicious people to compromise a user's system.
jason0936 發表在 痞客邦 留言(0) 人氣(269)
WordPress Pool Theme URL Cross-Site Scripting Vulnerability
MustLive has discovered a vulnerability in the Pool theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
Joomla SimpleFAQ Component "aid" SQL Injection
jason0936 發表在 痞客邦 留言(0) 人氣(103)
資訊安全 (4)