Real-world hacking has long since spawned legions of more glamorous portrayals in videogames. Here are five of the best that take hacking and elevate it to thrilling levels.
The post The hacker games that made beating security feel like a thrill appeared first on We Live Security.
Digital Whisper Electronic Magazine issue 60. Written in Hebrew.
Fix CVE-2015-1806 (SECURITY-125)
PyScripter suffers from a dll hijacking vulnerability.
Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Moyuku before 1.03b3 allows remote attackers to execute arbitrary code by uploading a file with a character in its name.
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors.
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.
Kerberos version krb5-1.13 makes use of some insecure functions.
Resolved Bugs
1005920 – CVE-2013-4319 torque: remote arbitrary command execution as root on cluster [epel-all]
1098583 – CVE-2014-0749 torque: buffer overflow exists in versions of TORQUE which can be exploited in order to remotely execute code from an unauthenticated perspective [epel-all]
1149047 – CVE-2014-3684 torque: non-root users able to kill any process on any node in a job [epel-6]
1029754 – CVE-2013-4495 torque: arbitrary code execution via job submission [epel-all]
1149046 – CVE-2014-3684 torque: non-root users able to kill any process on any node in a job [epel-5]<br
Version bump to merge from previous version
Resolved Bugs
1207216 – perl-DBD-Firebird: buffer overflow in error messages handling in IB_SQLtimeformat()
1207218 – perl-DBD-Firebird: buffer overflow in error messages handling in IB_SQLtimeformat() [epel-all]<br
DBD::Firebird 1.19 [2015-03-22]
===============================
* Fix $VERSION in Firebird.pm
* Fix typo in ISC_PASSWORD spelling
* Positive logic and early return
* Allow re-executing/fetch on prepared sth [RT#92810, Tux]
* Add rests for $dbh->{Name} and others
* Implement $dbh->{Name}
* Fix attributions to Mike Pomraning
* use strict and warnings in all modules
* add a test for inserting/fetching float and double numbers as an attempt to reproduce RT#101650
* fix File::Which configure prerequisite declaration [RT#101672, dmn]
* 03-dbh-attr.t: plan tests after creating the TestFirebird object
* Buffer Overflow in dbdimp.c
* use snprintf instead of sprintf everywhere
