| New User, Welcome! Login |
Good day
>> Sent: Sunday, July 26, 2009 8:11 AM
>> To: bugtraq@securityfocus.com; full-disclosure-
>> bounces@lists.grok.org.uk
>> Subject: computer crime statistics
>>
>> Good day to all of you,
>>
>> I'm having loads of troubles finding computer crimes' statistics
>> (crimes
>> that are related to physical security - eg. Login, root access,
>> ntlm/sam,
Maksymilian, Ilia, good day.
Thu, Nov 27, 2008 at 11:54:44PM -0000, cxib@securityreason.com wrote:
> [ SecurityReason.com PHP 5.2.6 dba_replace() destroying file ]
[...]
> - --- 1. dba_replace() destroying file ---
>
> Function dba_replace() are not filtring strings key and value. There
> is a possibility the destruction of the file.
Eygene Ryabinkin wrote:
> Maksymilian, good day.
>
> Sat, Dec 06, 2008 at 12:40:48PM -0700, cxib@securityreason.com wrote:
>> [ SecurityReason.com : PHP 5.2.6 SAPI php_getuid() overload ]
> [...]
>> Using PHP 5.2.6, as a Apache module can bypass many security points.
>
> Am I right that this vulnerability exists only in the Apache 1.x flavour
> of the PHP module? The code in question that sets SG(server_context)
>> Sent: Sunday, July 26, 2009 8:11 AM
>> To: bugtraq@securityfocus.com; full-disclosure-
>> bounces@lists.grok.org.uk
>> Subject: computer crime statistics
>>
>> Good day to all of you,
>>
>> I'm having loads of troubles finding computer crimes' statistics
>> (crimes
>> that are related to physical security - eg. Login, root access,
>> ntlm/sam,
Nelson, good day.
Thu, Oct 02, 2008 at 06:53:43PM -0300, Nelson Brito wrote:
> > Well, actually that's because the polymorphic code for viruses and worms
> > came even before, and was already a beaten issue.
>
> I didn't get this age (Virus Age), sorry.
Then you'll be probably interested in a polymorph named 1260,
http://www.informit.com/articles/article.aspx?p=366890&seqNum=5
Maksymilian, good day.
Sat, Dec 06, 2008 at 12:40:48PM -0700, cxib@securityreason.com wrote:
> [ SecurityReason.com : PHP 5.2.6 SAPI php_getuid() overload ]
[...]
> Using PHP 5.2.6, as a Apache module can bypass many security points.
Am I right that this vulnerability exists only in the Apache 1.x flavour
of the PHP module? The code in question that sets SG(server_context)
too late and initializes BG variable after the .htaccess processing
Good day.
Tue, Nov 18, 2008 at 05:54:00PM -0700, security@mandriva.com wrote:
> Problem Description:
>
> Drew Yaro of the Apple Product Security Team found two flaws in
^^^^^^^^^
Should really read 'Drew Yao', isn't it?
--
> Sent: Sunday, July 26, 2009 8:11 AM
> To: bugtraq@securityfocus.com; full-disclosure-
> bounces@lists.grok.org.uk
> Subject: computer crime statistics
>
> Good day to all of you,
>
> I'm having loads of troubles finding computer crimes' statistics
> (crimes
> that are related to physical security - eg. Login, root access,
> ntlm/sam,
Good day.
Small addition to the advisory.
Tue, Mar 03, 2009 at 03:30:26PM +0000, ascii wrote:
> Zabbix 1.6.2 Frontend Multiple Vulnerabilities
[...]
> C) Local File Inclusion
>
> If the user is authenticated, a Local File Inclusion vulnerability
the 5.x tree.
On 6-Dec-08, at 7:47 AM, Eygene Ryabinkin wrote:
> Maksymilian, Ilia, good day.
>
> Thu, Nov 27, 2008 at 11:54:44PM -0000, cxib@securityreason.com wrote:
>> [ SecurityReason.com PHP 5.2.6 dba_replace() destroying file ]
> [...]
>> - --- 1. dba_replace() destroying file ---
Good day.
Fri, Feb 29, 2008 at 04:39:03PM -0000, sipherr@gmail.com wrote:
> I just tested this on FreeBSD 6.3. This bug was discovered on NetBSD. It also works on OpenBSD (unconfirmed on 4.2)
>
> Steps to reproduce:
>
> 1. Run ppp
>
> 2. type the following (or atleat some variation of)
Ilia, good day.
Sat, Dec 06, 2008 at 10:00:14AM -0500, Ilia Alshanetsky wrote:
> The PHP 4.X tree has been discontinued and all users should upgrade to
> the 5.x tree.
Ah, I see -- it is even written in red on the official site. Thanks for
clarifications.
But still, as some vendors are providing 4.x, may be advisory should
Good day.
Mon, Nov 24, 2008 at 03:17:05PM +0700, svrt wrote:
> In Oct 2008, SVRT-Bkis has detected a serious buffer overflow vulnerability
> in ffdshow which affects all available internet browsers.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Really? And links, elinks, lynx, dillo and others are affected too?
What about my Firefox that (I assume) has no ffdshow code inside it and
there are no ffdshow-related plugins coupled to it? Is it vulnerable?
Good day to all of you,
I'm having loads of troubles finding computer crimes' statistics (crimes
that are related to physical security - eg. Login, root access, ntlm/sam,
etc). I did some search on google and many other websites. But I've yet to
encounter a statistics or survey for the mentioned above computer crime.
Does anyone have any idea where I can get them?
Thank you.
>> Sent: Sunday, July 26, 2009 8:11 AM
>> To: bugtraq@securityfocus.com; full-disclosure-
>> bounces@lists.grok.org.uk
>> Subject: computer crime statistics
>>
>> Good day to all of you,
>>
>> I'm having loads of troubles finding computer crimes' statistics
>> (crimes
>> that are related to physical security - eg. Login, root access,
>> ntlm/sam,
Good day.
Wed, Nov 19, 2008 at 02:00:00PM -0700, security@mandriva.com wrote:
> The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to
> bypass intended access restrictions by using the 'k' right to create
> unauthorized 'parent/child/child' mailboxes (CVE-2008-4578).
Are you really sure that it should be 1.1.6? This bug is documented
in the 1.1.4 release notes,
http://www.dovecot.org/list/dovecot-news/2008-October/000085.html
|
|
|
