A number of cloud service providers like Amazon Web Services and Rackspace had to shut some systems down over the weekend to address a critical Xen security vulnerability.
Category Archives: Security
Security
GNU Bash 4.3.11 dhclient Shellshocker
GNU Bash version 4.3.11 environment variable dhclient shellshocker exploit.
HTTP File Server 2.3a / 2.3b / 2.3c Remote Command Execution
HTTP File Server versions 2.3a, 2.3b, and 2.3c suffer from a remote command execution vulnerability.
Kolibri Webserver 2.0 Buffer Overflow
Kolibri Webserver version 2.0 buffer overflow exploit with EMET 5.0 and EMET 4.1 partial bypass.
Second Same-Origin Policy Bypass Flaw Haunts Android Browser
There is another same-origin policy bypass vulnerability in the Android browser in versions prior to 4.4 that allows an attacker to steal data from a user’s browser.
CarolinaCon 2015 Call For Papers
CarolinaCon is now accepting speaker/paper/demo submissions for its 11th annual conference. This event will be held March 20th through the 22nd, 2014 in Raleigh, NC, USA.
AllMyVisitors 0.5.0 SQL Injection
AllMyVisitors version 0.5.0 suffers from multiple remote blind SQL injection vulnerabilities related to authentication bypass during login, cookie handling, and header handling.