BenTasker.co.uk

Home
Blog
Whitepapers
Documentation
Videos
Shop
Photography

Home / Blog / Security

Latest Posts

Writing (and backdooring) a ChaCha20 based CSPRNG
The Pitfalls of Building an Elasticsearch backed Search Engine
Building a Raspberry Pi Based Music Kiosk
Recovering files from SD Cards and How to protect yourself
videos v0.15

This site should work without Javascript enabled. If you find something doesn't, please Contact Me.

Security

Update on the Fisher Hargreaves Proctor Security Breach	30 November 2010
Fisher Hargreaves Proctor Suffer Security Breach	28 November 2010
Republished: Tips for fighting password theft	16 January 2010
Republished: It's a Dangerous World	19 September 2009
Republished: Why you should never share Login Details	16 August 2009
Republished: Basic Malware Detector For Linux	16 July 2009
Email and Captcha Generation Scripts	15 March 2009
Republished: Hacking the Computrend Powergrid 902 Powerline Adaptor	11 February 2009

Page 3 of 3

Start
Prev
1
2
3
Next
End

Recent CVEs

CVE-2011-0699
CVE-2011-4915
CVE-2012-0063
CVE-2012-0785
CVE-2012-0828
CVE-2012-0844 (debian_linux, netsurf)
CVE-2012-1093
CVE-2012-2599
CVE-2012-3351 (jw_player)
CVE-2012-5236

Return to listing

CVE-2011-0699

Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.

CVE-2011-4915

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

CVE-2012-0063

Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.

CVE-2012-0785

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."

CVE-2012-0828

Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP).

CVE-2012-0844 (debian_linux, netsurf)

Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.

CVE-2012-1093

The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.

CVE-2012-2599

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3835. Reason: This issue was MERGED into CVE-2012-3835 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should reference CVE-2012-3835 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

CVE-2012-3351 (jw_player)

Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.

CVE-2012-5236

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Latest Posts

Writing (and backdooring) a ChaCha20 based CSPRNG
The Pitfalls of Building an Elasticsearch backed Search Engine
Building a Raspberry Pi Based Music Kiosk
Recovering files from SD Cards and How to protect yourself
videos v0.15

License Details
Privacy Policy
Cookies
Stored Data
Sitemap

Donations BTC: 14hJYqCNLi7yJH8QkUqB2VEg3jx4pXBN5X / https://paypal.me/BTasker

Based on a template by JoomSpirit, customised by B Tasker

JoomSpirit

About this template