Advertisement
Home arrow ITsec Advisories
Saturday, 22 November 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  8778  71.58%
Win 2003  1950  15.90%
Win 2000  722  5.89%
Solaris 9/10  402  3.28%
FreeBSD  226  1.84%
Other  185  1.51%

Total attacks: 12263 of which 4619 single ip and 7644 mass defacements

Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
Visitors' Map
ITsec Advisories


Firefox 2.0.0.12 fix several vulnerabilities PDF Print E-mail
User Rating: / 3
Written by Staff   
Friday, 08 February 2008

firefoxMozilla release version 2.0.12 of Firefox.
This release fixes a number of security and stability issues discovered in Firefox 2.0.0.11.

Fixed in Firefox 2.0.0.12

MFSA 2008-11 Web forgery overwrite with div overlay
MFSA 2008-10 URL token stealing via stylesheet redirect
MFSA 2008-09 Mishandling of locally-saved plain text files...

Write Comment (0 Comments)
Read more...
 
Microsoft patched critical vulnerabilities PDF Print E-mail
User Rating: / 11
Written by minor   
Wednesday, 12 December 2007

compromisedFew hours ago Microsoft released bulletins accordingly with patches, among others also for extreme critical vulnerabilities in Internet Explorer and Windows. It should be no wonder, that Microsoft releases updates if... If these vulnerabilities were not old and already exploited in the wild. Let's take a brief summary on these:

Bulletin MS07-069 issued on December 11, 2007
Internet Explorer from version 5.01 to version 7 is affected, successful exploitation requires user's interaction (visiting malicious website), results in remote code execution. Update patches four (4) different vulnerabilities.

 

 

Write Comment (1 Comments)
Read more...
 
tellmatic "tm_includepath" File Inclusion Vulnerabilities PDF Print E-mail
User Rating: / 2
Written by Staff   
Monday, 03 December 2007
ShAy6oOoN has discovered some vulnerabilities in tellmatic, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the parameter "tm_includepath" in include/Classes.inc.php, include/statistic.inc.php, include/status.inc.php, include/status_top_x.inc.php, and include/libchart-1.1/libcharinclude/libchart-1.1/libchart.phpt.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or remote resources... Write Comment (1 Comments)
Read more...
 
Zsh difflog.pl Insecure Temporary Files PDF Print E-mail
User Rating: / 1
Written by Staff   
Monday, 03 December 2007
A security issue has been reported in Zsh, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the Util/difflog.pl script using temporary files in an insecure manner. This can be exploited to overwrite or delete arbitrary files via symlink attacks.

The security issue is reported in version 4.3.4. Other versions may also be affected... Write Comment (0 Comments)
Read more...
 
IBM Tivoli Netcool Security Manager Unspecified Cross-Site Scripting PDF Print E-mail
User Rating: / 2
Written by Staff   
Monday, 03 December 2007
A vulnerability has been reported in IBM Tivoli Netcool Security Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability reportedly affects version 1.3.0... Write Comment (0 Comments)
Read more...
 
More...
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Results 46 - 60 of 9522
[ Back ]
 
Top!
© 2008 Zone-H.org - Unrestricted Information
Joomla! is Free Software released under the GNU/GPL License.
 Top!