BenTasker.co.uk

Home
Blog
Whitepapers
Documentation
Shop
Feeds
Photography

Home / Blog / Security

Latest Posts

A guide to designing Account Security Mechanisms
Don't Use Web2Tor/Tor2Web (especially Onion.cab)
Volvo S60: Alternator Replacement
Scheduled Downtime
Volvo S60: Service Interval Reset

Security

A guide to designing Account Security Mechanisms	26 March 2017
Don't Use Web2Tor/Tor2Web (especially Onion.cab)	04 March 2017
The State of Mobile Banking (in the UK)	21 June 2016
The DVLA is routinely sending sensitive details via email	28 December 2014
Understanding Password Storage	22 June 2014
My Own Little HeartBleed Headache	19 April 2014
Why You Shouldn't be using SHA1 or MD5 to Store Passwords	07 June 2013
Darkleech Apache attacks on the rise, but is it really that hard to detect?	02 May 2013
Republished: Tips for fighting password theft	16 May 2012
Republished: Why you should never share Login Details	16 May 2012

Page 1 of 3

Start
Prev
1
2
3
Next
End

Recent CVEs

CVE-2007-5199
CVE-2007-5341
CVE-2009-5145 (zope)
CVE-2010-2245 (wink)
CVE-2010-3845 (apache_authenhook)
CVE-2011-0469
CVE-2011-4343 (myfaces)
CVE-2011-5325 (busybox)
CVE-2012-0880 (xerces-c++)
CVE-2012-2771 (ffmpeg)

Return to listing

CVE-2007-5199

A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact.

CVE-2007-5341

Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.

CVE-2009-5145 (zope)

Cross-site scripting (XSS) vulnerability in ZMI pages that use the manage_tabs_message in Zope 2.11.4, 2.11.2, 2.10.9, 2.10.7, 2.10.6, 2.10.5, 2.10.4, 2.10.2, 2.10.1, 2.12.

CVE-2010-2245 (wink)

XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document.

CVE-2010-3845 (apache_authenhook)

libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error log.

CVE-2011-0469

Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.

CVE-2011-4343 (myfaces)

Information disclosure vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4 allows remote attackers to inject EL expressions via crafted parameters.

CVE-2011-5325 (busybox)

Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.

CVE-2012-0880 (xerces-c++)

Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions.

CVE-2012-2771 (ffmpeg)

Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2773, CVE-2012-2778, CVE-2012-2780, and CVE-2012-2781.

Latest Posts

A guide to designing Account Security Mechanisms
Don't Use Web2Tor/Tor2Web (especially Onion.cab)
Volvo S60: Alternator Replacement
Scheduled Downtime
Volvo S60: Service Interval Reset

License Details
Privacy Policy
Cookies
Stored Data
Sitemap

Donations BTC: 1EvVbXGYSHDKhdLTUSyFTUeQVEDuEwTX8e / https://paypal.me/BTasker

Based on a template by JoomSpirit, customised by B Tasker

JoomSpirit

About this template