Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Paul Vixie

Chairman & CEO, Farsight Security, Inc.

Member Since: 9/26/2014
Author
News & Commentary Posts: 5
Comments: 8

Dr. Paul Vixie is an Internet pioneer and thought leader who designed, implemented, and deployed several Domain Name System (DNS) protocol extensions and applications that are used throughout the Internet today. He is CEO of Farsight Security Inc. Previously, he served as President, Chairman, and founder of Internet Systems Consortium (ISC); as President of MAPS, PAIX, and MIBH; and as CTO of Abovenet/MFN. Since 2005, Dr. Vixie has served on the ARIN Board of Trustees. He is a founding member of ICANN's Root Server System Advisory Committee and Security and Stability Advisory Committee. He operated ISC's F-Root name server for many years and is a member of Cogent's C-Root team. He is a sys admin for Op Sec Trust. He earned his PhD from Keio University, for work related to DNS and DNSSEC, and was recently named to the 2014 Internet Hall of Fame.

Articles by Paul Vixie

View Content By Month

Benefits of DNS Service Locality

10/24/2018
Operating one's own local DNS resolution servers is one of the simplest and lowest-cost things an IT administrator can do to monitor and protect applications, services, and users from potential risks.
Post a Comment

The Internet Of Things: When Bigger Is Not Better

12/13/2016
What happens when 10,000 companies add programmability and connectivity to their products, and we increase the Internet’s attack surface by a million times or more?
Post a Comment

DDoS And The Internet's Liability Problem

11/18/2015
It's past time for an improved liability model to disrupt DDoS.
Post a Comment

The Internet's Winter Of Discontent

12/19/2014
The new great cybersecurity challenge in trying to sum up the most dangerous weaknesses in the world’s connected economy is that the hits just keep on coming.
Post a Comment

Shellshocked: A Future Of ‘Hair On Fire’ Bugs

9/26/2014
Most computers affected by Bash will be updated within 10 years. The rest will be vulnerable for the lifespans of all humans now living. This should concern us. But then, global warming should also concern us.
Post a Comment

Editors' Choice

Ex-NSA Contractor Was a Suspect In Shadow Brokers Leak

Jai Vijayan, Freelance writer, 1/2/2019

Microsoft's 'Project Bali' Wants to Let You Control Your Data

Kelly Sheridan, Staff Editor, Dark Reading, 1/4/2019

25 Years Later: Looking Back at the First Great (Cyber) Bank Heist

Zia Hayat, CEO, Callsign, 1/2/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

White Papers

Privileged Access & the Future of Security

Discovering Cloud Unknown Unknowns

Know Your Unknowns With a Master IP Address List Audit

Mitigating False-Positives to Improve Software Publishing

More White Papers

Video

Cartoon

Latest Comment: Collusion, are you kidding me? They can't prove anything. I mean, of course they colluded. Putin and Trump have been bff's for ...

Cartoon Archive

Current Issue

The Year in Security 2018

This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Using IT Threat Intelligence

How Enterprises Are Using IT Threat Intelligence

Large organizations are harnessing data about cyberattackers and their exploits to improve the safety of their critical data. Find out what they're doing.

Download Now!

How Enterprises Are Attacking the Cybersecurity Problem

Online Malware and Threats: A Profile of Today's Security Posture

The Risk Management Struggle

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-5009
PUBLISHED: 2019-01-04

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "<? ?>" tags, as demonstrated by a ...

CVE-2019-5310
PUBLISHED: 2019-01-04

YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by site_title in an admin/system/basic POST request.

CVE-2018-8827
PUBLISHED: 2019-01-03

The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2761005-20161004084353 displays unsanitised user input, which allows an unauthenticated malicious user to embed JavaScript into the Log viewer interface via a crafted HTTP Referer header, aka XSS.

CVE-2019-5005
PUBLISHED: 2019-01-03

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the allocated memory without judging whether this will cause corruption.

CVE-2019-5006
PUBLISHED: 2019-01-03

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing.

Terms of Service
Privacy Statement
Legal Entities
Copyright © 2019 UBM, All rights reserved

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]