Beyond Security.com
What do hackers see when coming to attack your network? Get an outside view of your network security and know that you are safe. Identify security weaknesses of your systems and networks as they appear from the Internet. Receive complete description external network. Once the security mapping is complete, Automated Scanning generates a detailed vulnerability report specifying the security breaches, along with several practical and easy-to-apply solutions to fix those vulnerabilities. The engine is updated on a regular basis for the most recent security vulnerabilities. The updates include security vulnerabilities that were discovered by the company's research and development team, as well as those discovered elsewhere. In just a few. .
Trinux: A Linux Security Toolkit
versions of popular Open Source network security tools for port scanning, packet sniffing, vulnerability scanning, sniffer detection, packet construction, active/passive OS fingerprinting, network monitoring, session-hijacking, backup/recovery, computer forensics, intrusion detection, and more. Trinux also provides support for Perl, PHP, and Python scripting languages. Remote Trinux boxes can be managed securely with OpenSSH. Trinux gives you the power of Linux security tools. .
Vuln Dev
VULN-DEV There are many forums for reporting security bugs and distributing vulnerability code or examples. A prime example of such a forum is the BUGTRAQ mailing-list. However, nearly all of these forums exist mostly for the dissemination of fully-researched reports, and they leave little room for discussion. In addition, many bugs are spotted not written-up, due to lack of interest, time, or expertise. The VULN-DEV list exists to allow people to report potential or. .
Q-232: kdebase Security Update
not normally have permmissions to read. SOLUTION: Upgrade to the appropriate version. VULNERABILITY ASSESSMENT: The risk is MEDIUM. A malicious local KDM user could use a symmlink attack to read an arbitrary file that they would not normally have permmissions to read. LINKS: CIAC BULLETIN: ORIGINAL BULLETIN: Red Hat Security Advisory RHSA-2006:0548-5 CVE: [***** Start RHSA-2006:0548-5 *****] Important: kdebase security update Advisory: RHSA. .
Secunia - Advisories - Snort TCP/IP Options Denial of Service Vulnerability
Secunia - Advisories - Snort TCP/IP Options Denial of Service Vulnerability in more than 10,000 products, e.g.: >> >> Snort TCP/IP Options Denial of Service Vulnerability Snort TCP/IP Options Denial of Service VulnerabilitySecunia Advisory:SA13664 Release Date:2004-12-24Critical:Impact:DoSWhere:From remoteSolution Status:Vendor PatchSoftware:Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.Description:Marcin Zgorecki has reported a vulnerability in Snort, which can be exploited by malicious people to. .
Subscribe to the Acunetix Newsletter
Acunetix company contacts: Audit your website security & web applications for SQL injection, Cross site scripting & other web vulnerabilities with Acunetix Web Vulnerability Scanner Subscribe to receive the Acunetix Newsletter or to receive Build Updates Enter your email address and name to receive Acunetix newsletters or BuildUpdates * Email: Name: Subscriptions: Newsletter BuildUpdates © 2006 Acunetix Ltd. All Rights Reserved.. .
Sendmail.com - Enterprise solutions for secure, dependable and compliant messaging
Sendmail MTA Security Vulnerability March 22, 2006 Table of Contents Related Materials I. Overview Sendmail, Inc. has recently become aware of a security vulnerability in certain versions of sendmail Mail Transfer Agent (MTA) and UNIX and Linux products that contain it. Sendmail was notified by security researchers at ISS that, under some specific timing conditions, this vulnerability may permit a specifically crafted attack to take over the sendmail MTA process, allowing remote. .
Dr. Dobb's Understanding Oracle Attacks on Information Services December 2, 2004
An oracle attack analyzes each interaction with a system to extract hidden data or implementation details. Defending against oracle attacks is easy -- but only if you see vulnerability in the first place. or implementation details. Defending against oracle attacks is easy—but only if you see vulnerability in the first place The concept of an oracle attack originates from the study of cryptography. By choosing the plaintext or ciphertext input to an encryptor or a decryptor, respectively, and analyzing the output as it relates to the chosen input, it is often possible to deduce valuable information about the algorithm or a secret item of information, such as one of the keys, that is. .
Email Anti Virus and Security Testing Zone
Are you sure your Anti Virus solution is enough? Check whether your email system is vulnerable to email viruses, worms and other threats such as emails with potentially harmful attachments with VBS and CLSID extensions, emails with malformed MIME (like the Nimda virus). Are you covered against such threats? Find out now by doing a vulnerability check on your email system! Sign up to test for these real world threats by entering your name and email address below. You will receive an email asking you to confirm your request by clicking on a URL, after which we will perform a vulnerability check of your email system. You will receive the results by email. For an in-depth explanation of these vulnerabilities. .
SecuriTeam™ - HP-UX stmkfont Local Privilege Escalation Vulnerability
Beyond Security® will help you expose your security holes and will show you what the bad guys already know about your hosts and network. Use our Automated Scanning service to perform a full security audit of your site, and find the latest - - - - - HP-UX stmkfont Local Privilege Escalation Vulnerability 24 Oct. 2004 Summary The stmkfont utility in HP-UX suffers from a vulnerability that may lead to privilege escalation with 'bin' group privileges. Credit: The information has been provided by . The original article can be found at: Details Vulnerable Systems: * HP-UX B.11.00 * HP-UX B.11.11 * HP-UX B.11.22 * HP-UX B.11.23 Immune Systems: * HP-UX systems with patches PHSS_31990 - HP. .
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
What do hackers see when coming to attack your network? Get an outside view of your network security and know that you are safe. Identify security weaknesses of your systems and networks as they appear from the Internet. Receive complete description external network. Once the security mapping is complete, Automated Scanning generates a detailed vulnerability report specifying the security breaches, along with several practical and easy-to-apply solutions to fix those vulnerabilities. The engine is updated on a regular basis for the most recent security vulnerabilities. The updates include security vulnerabilities that were discovered by the company's research and development team, as well as those discovered elsewhere. In just a few. .
Trinux: A Linux Security Toolkit
versions of popular Open Source network security tools for port scanning, packet sniffing, vulnerability scanning, sniffer detection, packet construction, active/passive OS fingerprinting, network monitoring, session-hijacking, backup/recovery, computer forensics, intrusion detection, and more. Trinux also provides support for Perl, PHP, and Python scripting languages. Remote Trinux boxes can be managed securely with OpenSSH. Trinux gives you the power of Linux security tools. .
Vuln Dev
VULN-DEV There are many forums for reporting security bugs and distributing vulnerability code or examples. A prime example of such a forum is the BUGTRAQ mailing-list. However, nearly all of these forums exist mostly for the dissemination of fully-researched reports, and they leave little room for discussion. In addition, many bugs are spotted not written-up, due to lack of interest, time, or expertise. The VULN-DEV list exists to allow people to report potential or. .
Q-232: kdebase Security Update
not normally have permmissions to read. SOLUTION: Upgrade to the appropriate version. VULNERABILITY ASSESSMENT: The risk is MEDIUM. A malicious local KDM user could use a symmlink attack to read an arbitrary file that they would not normally have permmissions to read. LINKS: CIAC BULLETIN: ORIGINAL BULLETIN: Red Hat Security Advisory RHSA-2006:0548-5 CVE: [***** Start RHSA-2006:0548-5 *****] Important: kdebase security update Advisory: RHSA. .
Secunia - Advisories - Snort TCP/IP Options Denial of Service Vulnerability
Secunia - Advisories - Snort TCP/IP Options Denial of Service Vulnerability in more than 10,000 products, e.g.: >> >> Snort TCP/IP Options Denial of Service Vulnerability Snort TCP/IP Options Denial of Service VulnerabilitySecunia Advisory:SA13664 Release Date:2004-12-24Critical:Impact:DoSWhere:From remoteSolution Status:Vendor PatchSoftware:Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.Description:Marcin Zgorecki has reported a vulnerability in Snort, which can be exploited by malicious people to. .
Subscribe to the Acunetix Newsletter
Acunetix company contacts: Audit your website security & web applications for SQL injection, Cross site scripting & other web vulnerabilities with Acunetix Web Vulnerability Scanner Subscribe to receive the Acunetix Newsletter or to receive Build Updates Enter your email address and name to receive Acunetix newsletters or BuildUpdates * Email: Name: Subscriptions: Newsletter BuildUpdates © 2006 Acunetix Ltd. All Rights Reserved.. .
Sendmail.com - Enterprise solutions for secure, dependable and compliant messaging
Sendmail MTA Security Vulnerability March 22, 2006 Table of Contents Related Materials I. Overview Sendmail, Inc. has recently become aware of a security vulnerability in certain versions of sendmail Mail Transfer Agent (MTA) and UNIX and Linux products that contain it. Sendmail was notified by security researchers at ISS that, under some specific timing conditions, this vulnerability may permit a specifically crafted attack to take over the sendmail MTA process, allowing remote. .
Dr. Dobb's Understanding Oracle Attacks on Information Services December 2, 2004
An oracle attack analyzes each interaction with a system to extract hidden data or implementation details. Defending against oracle attacks is easy -- but only if you see vulnerability in the first place. or implementation details. Defending against oracle attacks is easy—but only if you see vulnerability in the first place The concept of an oracle attack originates from the study of cryptography. By choosing the plaintext or ciphertext input to an encryptor or a decryptor, respectively, and analyzing the output as it relates to the chosen input, it is often possible to deduce valuable information about the algorithm or a secret item of information, such as one of the keys, that is. .
Email Anti Virus and Security Testing Zone
Are you sure your Anti Virus solution is enough? Check whether your email system is vulnerable to email viruses, worms and other threats such as emails with potentially harmful attachments with VBS and CLSID extensions, emails with malformed MIME (like the Nimda virus). Are you covered against such threats? Find out now by doing a vulnerability check on your email system! Sign up to test for these real world threats by entering your name and email address below. You will receive an email asking you to confirm your request by clicking on a URL, after which we will perform a vulnerability check of your email system. You will receive the results by email. For an in-depth explanation of these vulnerabilities. .
SecuriTeam™ - HP-UX stmkfont Local Privilege Escalation Vulnerability
Beyond Security® will help you expose your security holes and will show you what the bad guys already know about your hosts and network. Use our Automated Scanning service to perform a full security audit of your site, and find the latest - - - - - HP-UX stmkfont Local Privilege Escalation Vulnerability 24 Oct. 2004 Summary The stmkfont utility in HP-UX suffers from a vulnerability that may lead to privilege escalation with 'bin' group privileges. Credit: The information has been provided by . The original article can be found at: Details Vulnerable Systems: * HP-UX B.11.00 * HP-UX B.11.11 * HP-UX B.11.22 * HP-UX B.11.23 Immune Systems: * HP-UX systems with patches PHSS_31990 - HP. .
