浏览模式: 标准 | 列表2009年05月的文章

DedeCMSV53任意变量覆盖漏洞

Submitted by Akira on 2009, May 29, 11:41 PM

DedeCMSV53发布了,但是依旧没有将变量覆盖漏洞彻底修补。这个漏洞和ryat那个很相似 :)
看核心文件include/common.inc.php中的代码

» 阅读全文

Tags: dedecms, 漏洞, vul

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:155

Mozilla Firefox (unclamped loop) Denial of Service Exploit

Submitted by Akira on 2009, May 27, 6:11 PM

Affected products :
- Firefox all supporting SVG (didn't care to investigate which, task of the vendor)
- all software packages using mozilla engine and allowing SVG

I. Background
~~~~~~~~~~~~
Firefox is a popular internet browser.

II. Description

» 阅读全文

Tags: mozilla firefox, exploits

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:134

Lighttpd < 1.4.23 Source Code Disclosure Vulnerability (BSD/Solaris bug)

Submitted by Akira on 2009, May 27, 6:04 PM

     A bug was discovered in the way FreeBSD, OS X and Solaris (prior version 10) handle symlinks appended with a slash (/).
Accessing a regular file through a symbolic link with appended slash succeeds because the slash apperently gets silently dropped.
On systems that do not expose this behaviour, a call to stat("symlink.php/") or open("symlink.php/") to a symlink
pointing to example.php, will not succeed and set errno to ENOTDIR. This is not the case on the systems mentioned.

» 阅读全文

Tags: lighttpd, bsd, solaris bug

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:141

Safari RSS feed:// Buffer Overflow via libxml2 Exploit PoC

Submitted by Akira on 2009, May 27, 6:00 PM

#!/usr/bin/ruby
#
# Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala CVE-2008-3529
# Safari RSS feed:// buffer overflow via libxml2 by KF of Digitalmunition and Netragard
# http://www.digitalmunition.com , http://www.netragard.com

» 阅读全文

Tags: safari, exploit poc

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:139

Adobe放补丁Windows7放Rootkit

Submitted by Akira on 2009, May 23, 7:23 AM

Windows 7 RC测试版才正式向公众开放短短半个月时间,恶意软件就又一次走在了安全技术的前面。本周安全人员公开了首个能够攻击Windows 7的Rootkit恶意软件的源代码,这个名为Vrootkit 2.0的Rootkit目前只能通过钩挂系统底层的13号中断,绕过系统自带的访问控制功能。严格的说Vrootkit 2.0还不能算是一个功能完整的Rootkit,不过恶意软件作者显然很容易将Vrootkit的功能集成到自己的恶意软件去,并用于攻击用户。

» 阅读全文

Tags: adobe, windows7, rootkit, microsoft

业界资讯 | 评论:0 | Trackbacks:0 | 阅读:165

TPL: 一个新的C++正则表达式(regex)库

Submitted by Akira on 2009, May 22, 7:38 PM

  TPL 属于静态正则表达式库。TPL 全称为 Text Processing Library(文本处理库)。spirit、xpressive 是很好的东西,实现 TPL 库中对这两者有所借鉴。说起来开发 TPL 库的理由看起来挺好笑的:原因是 spirit、xpressive 太慢。不是执行慢,而是编译慢。

» 阅读全文

Tags: c++, regex

数据编程 | 评论:0 | Trackbacks:0 | 阅读:138

Oracle 11g透明数据加密安全特性解析

Submitted by Akira on 2009, May 22, 4:15 PM

  Oracle 11g现在把在SecureFile LOB中存储敏感信息放在非常重要的战略位置,因为这样才能够证明在Oracle 10gR2中推出的透明数据加密(TDE)的作用,TDE在列级提供了遵循工业标准的自动加密算法(如3DES168,AES128,AES192和 AES256)。   1、开启透明数据加密 2、控制SecureFile加密 3、改变SecureFile加密算法或加密密钥

» 阅读全文

Tags: oracle, database, 数据库

数据编程 | 评论:0 | Trackbacks:0 | 阅读:163

Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch)

Submitted by Akira on 2009, May 21, 11:27 PM

# > tar xzvf cadaver-0.23.2.tar.gz
# --snip--
# > cd cadaver-0.23.2/
# > patch -p1 < ../cadaver-0.23.2-h4x.patch
# patching file lib/neon/ne_basic.c
# patching file lib/neon/ne_request.c
# patching file lib/neon/ne_uri.c
# > ./configure
# --snip--
# > make
# --snip--
#
# Now we should have a patched, compiled version of cadaver, so start it
# up with the server that was identified as having a vulnerable folder
# earlier:

» 阅读全文

Tags: iis6 补丁, 漏洞补丁, patch

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:194

Records:271234