Monthly Archives: January 2016
Ex St Louis Baseball Exec Admits To 'Hacking' Rival Teams Database
Ubuntu Security Notice USN-2866-1
Ubuntu Security Notice 2866-1 – Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.
Netgear 1.0.0.24 Cross Site Scripting
Netgear router version 1.0.0.24 suffers from a cross site scripting vulnerability.
Cacti 0.8.8f graphs_new.php SQL Injection
Cacti versions 0.8.8f and below suffer from a remote SQL injection vulnerability in graphs_new.php.
Adobe Flash BlurFilter Out-Of-Bounds Memset
Adobe Flash suffers from an out-of-bounds memset in BlurFilter processing.
Adobe Flash Display Rendering Use-After-Free
There is a use-after-free in Adobe Flash that appears to be related to rendering the display based on multiple scripts.
Adobe Flash Stage Setting Use-After-Free
Proof of concept code that demonstrates a use-after-free when setting stage in Adobe Flash.
602 Gbps! This May Have Been the Largest DDoS Attack in History
Cyber attacks are getting evil and worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one of the favorite weapon for hackers to temporarily suspend services of a host connected to the Internet.
Until now, nearly every big website had been a victim of this attack, and the most recent one was conducted against the BBC’s websites and Republican
Bugtraq: WP Symposium Pro Social Network Plugin XSS and Critical CSRF Vulnerability
WP Symposium Pro Social Network Plugin XSS and Critical CSRF Vulnerability