Welcome Guest. | Log In | Register | Membership Benefits

Dark Reading Image Galleries


Please click on an image to enter that image gallery.


Page: | 1 | 2

Slide Show: Top 10 Holiday Phishing Scams
Slide Show: Top 10 Holiday Phishing Scams
Scams that demonstrate the ways attackers are crafting their messages during the holidays

View the Gallery
Ten Big Breaches In 2011
Ten Big Breaches In 2011
No one was immune: not social networks, not financial institutions, and not even security firms

View the Gallery
Slide Show: 10 Tips And Best Practices For Becoming A Data Security Detective
Slide Show: 10 Tips And Best Practices For Becoming A Data Security Detective
Tips from security insiders on gathering and analyzing security intelligence and identifying new threats as well as APT attacks

View the Gallery

Slide Show: Sights And Sounds Of Black Hat USA 2011
Slide Show: Sights And Sounds Of Black Hat USA 2011
Zombies, robots, 'war-flying' drones, PWN phones -- and scary real-world SCADA hacks were among the mix of light-hearted and deadly serious demonstrations and presentations at this year's Black Hat USA in Las Vegas.

View the Gallery
Slide Show: DDoS With The Slow HTTP POST Attack
Slide Show: DDoS With The Slow HTTP POST Attack
Researchers demonstrate attack that picks on inherent flaw in HTTP

View the Gallery
Slide Show: Extreme And Alternative Authentication Methods
Slide Show: Extreme And Alternative Authentication Methods
Be it through brute force attacks, dictionary attacks, reading them off of Post-It notes or simply guessing, cracking passwords is hardly a difficult task for the suitably motivated. In fact, traditional text passwords for logging into accounts have been shown time and time again to be the weakest links in modern day access control. Combine that with the fact that most users typically reuse passwords on multiple accounts--75 percent, according to a survey conducted by BitDefender earlier in the summer--and it's clear that something has got to give.

View the Gallery

Page: | 1 | 2







Bugs
ENTERPRISE VULNERABILITIES
Vulnerability:ssl-vpn end-point interrogator/installer activex control
Published:2010-11-03
Severity:High
Description:Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (Aventail.EPInstaller) before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long (1) CabURL and (2) Location arguments to the Install3rdPartyComponent method.
Vulnerability:gvim
Published:2010-11-03
Severity:High
Description:Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.
Vulnerability:cforms
Published:2010-11-03
Severity:Medium
Description:Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.
Vulnerability:links, wsn links, wsn links
Published:2010-11-03
Severity:High
Description:Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.
Vulnerability:deluxebb
Published:2010-11-03
Severity:Medium
Description:SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033.



Briefing Centers
POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)