SQL Injection: Wordpress 3.0.2 released
Wordpress has released a new version, 3.0.2, to fix a SQL injection flaw. This flaw is in all previous versions of the codebase according to reports, which means that if you are running Wordpress, you must update. This exploit is possible with author-level permissions but personally I would not depend on this to protect myself. More information is available here.
ProFTPD distribution servers compromised
It was announced that the source for ProFTPD was compromised and a back door was inserted. The attacker compromised the main ftp.proftpd.org site on November 28, 2010. This site is also the main rsync server, which means that anybody who has downloaded ProFTPD between then and December 1, 2010 is potentially running a version with the backdoor code. According to reports, this compromise was performed against an unpatched vulnerability within ProFTPD itself, so even if you did not install the backdoored version, you may be running vulnerable software.
More information is available at here
Kevin Johnson
Robert Hansen and our happiness
So as it’s my first shift as handler of the day I was worried if I would be able to live up to the bar the handlers have set in diaries and days past. This started a train of thought that was accelerated by Robert “RSnake” Hansen’s 1000th and final post on http://ha.ckers.org today. I am sure that everyone reading this is aware of whom Robert is but in case you have been under a rock for the last many years or just not involved in web application security. Robert is one of the giants upon whose shoulders we all stand. Robert has helped cause XSS, SQLi and XSRF to become terms that the business people we deal with understand. He has also fostered an environment where people share tips and tricks and encourage each other to become better.
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago