BenTasker.co.uk

Home
Blog
Whitepapers
Documentation
Videos
Shop
Photography

Home / Blog / Security

Latest Posts

Recovering files from SD Cards and How to protect yourself
videos v0.15
Resolving GFID mismatch problems in Gluster (RHGS) volumes
(Hopefully) Rescuing a bottle of drink
HLS Stream Creator V1.0

This site should work without Javascript enabled. If you find something doesn't, please Contact Me.

Security

Spamhaus still parties like it's 1999	16 October 2019
Twitter Screws Up With Data It Shouldn't Hold	09 October 2019
The Curious Case of BitFi and Secret Persistence	16 July 2019
A guide to designing Account Security Mechanisms	26 March 2017
Don't Use Web2Tor/Tor2Web (especially Onion.cab)	04 March 2017
The State of Mobile Banking (in the UK)	21 June 2016
The DVLA is routinely sending sensitive details via email	28 December 2014
Understanding Password Storage	22 June 2014
My Own Little HeartBleed Headache	19 April 2014
Why You Shouldn't be using SHA1 or MD5 to Store Passwords	07 June 2013

Page 1 of 3

Start
Prev
1
2
3
Next
End

Recent CVEs

CVE-2006-7246
CVE-2007-4773 (systrace)
CVE-2007-6758
CVE-2008-7314 (mirc)
CVE-2009-1120 (emc_replistor)
CVE-2009-5025 (pyforum)
CVE-2009-5068 (simple_machines_forum)
CVE-2010-3048 (unified_personal_communicator)
CVE-2010-3295
CVE-2011-2668 (firefox)

Return to listing

CVE-2006-7246

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

CVE-2007-4773 (systrace)

Systrace before 1.6.0 has insufficient escape policy enforcement.

CVE-2007-6758

Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.

CVE-2008-7314 (mirc)

mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname.

CVE-2009-1120 (emc_replistor)

EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker.

CVE-2009-5025 (pyforum)

A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user.

CVE-2009-5068 (simple_machines_forum)

There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesystem and therefore gain new privileges by reading the settings.php with the database passwords.

CVE-2010-3048 (unified_personal_communicator)

Cisco Unified Personal Communicator 7.0 (1.13056) does not free allocated memory for received data and does not perform validation if memory allocation is successful, causing a remote denial of service condition.

CVE-2010-3295

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2011-2668 (firefox)

Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header

Latest Posts

Recovering files from SD Cards and How to protect yourself
videos v0.15
Resolving GFID mismatch problems in Gluster (RHGS) volumes
(Hopefully) Rescuing a bottle of drink
HLS Stream Creator V1.0

License Details
Privacy Policy
Cookies
Stored Data
Sitemap

Donations BTC: 14hJYqCNLi7yJH8QkUqB2VEg3jx4pXBN5X / https://paypal.me/BTasker

Based on a template by JoomSpirit, customised by B Tasker

JoomSpirit

About this template