|
vulnerabilities: search
SecureThroughObscure writes "ZDNet Zero-Day blogger Nate McFeters has asked the question, 'Should vulnerabilities be treated as defects?' McFeters claims that if vulnerabilities were treated as product defects, companies would have an effective way of forcing developers and business units to focus on security issue. McFeters suggests providing bonuses for good developers, and taking away from bonuses for those that can't keep up. It's an interesting approach that if used, might force companies to take a stronger stance on security related issues."
in Web Developer
via Slashdot @ 19:26 29th Jun
- Related
Gentoo Linux Security Advisory GLSA 200804-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: KDE start_kdeinit: Multiple vulnerabilities Date: April 29, 2008 Bugs: #218933 ID: 200804-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in start_kdeinit could possibly allow a local attacker to execute arbitrary code with root privileges. Background ========== KDE is a feature-rich graphical desktop environment for Linux and Unix-like operating systems. start_kdeinit is a wrapper for kdeinit.
in Linux
via OSZine @ 16:34 29th Apr
- Related
ruphus13 notes a six-pack of serious vulnerabilities discovered in Ruby by a member of Apple's security team, Drew Yao. Patches are linked from the ruby-lang.org advisory. "With the following vulnerabilities, an attacker can lead to denial of service condition or execute arbitrary code... These vulnerabilities are likely to crop up in just about any average ruby web application. And by 'crop up' I mean 'crop up exploitable from trivial user-specified parameters.' It's not hard to begin imagining cases where Ruby/Rails programmers use code similar to the samples above to routinely handle user input."
in Web Developer
via Slashdot @ 20:20 23rd Jun
- Related
WebInspect for Application Developers enables application and web services developers to automate the discovery of security vulnerabilities as they build applications, access detailed steps for remediation of those vulnerabilities and deliver secure code for final quality assurance testing. Early discovery and remediation of security vulnerabilities reduces the overall cost of secure application deployment, improving both application ROI and overall organizational security.
in Developer
via BizReport.com @ 3:58 9th May
- Related
WebInspect for Application Developers enables application and web services developers to automate the discovery of security vulnerabilities as they build applications, access detailed steps for remediation of those vulnerabilities and deliver secure code for final quality assurance testing. Early discovery and remediation of security vulnerabilities reduces the overall cost of secure application deployment, improving both application ROI and overall organizational security.
in Developer
via Line56 @ 15:51 7th May
- Related
Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service).
in Computer Security
via Secunia @ 20:38 1st Jul
- Related
Some vulnerabilities have been reported in Iconfidant SSH, which can be exploited by malicious people to cause a DoS (Denial of Service).
in Computer Security
via Secunia @ 11:03 10th Jun
- Related
Two vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service).
in Computer Security
via Secunia @ 12:44 28th May
- Related
Multiple vulnerabilities have been identified in Sun Java System Active Server Pages, which could be exploited by attackers to disclose or manipulate data, cause a denial of service or compromise an affected system. More...
in Developer
via ASPWire @ 0:33 11th Jun
- Related
RoMaNcYxHaCkEr discovered these vulnerabilities.
in Web Developer
via SecurityFocus @ 0:11 9th May
- Related
The vendor disclosed these vulnerabilities.
in Computer Security
via SecurityFocus @ 15:39 22nd May
- Related
Neil Kettle is credited with the discovery of these vulnerabilities.
in Computer Security
via SecurityFocus @ 15:47 8th May
- Related
Ubuntu Security Notice USN-618-1        June 19, 2008 linux-source-2.6.15/20/22 vulnerabilities CVE-2007-4571, CVE-2007-5904, CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375, CVE-2008-1669 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS:  linux-image-2.6.15-52-386    2.6.15-52.67  linux-image-2.6.15-52-686    2.6.15-52.67  linux-image-2.6.15-52-amd64-generic  2.
in Linux
via OSZine @ 0:24 23rd Jun
- Related
Brad Spengler is credited with the discovery of these vulnerabilities.
in Open Source
via SecurityFocus @ 14:37 7th May
- Related
Self-replicating programs, which spread unchecked across the Internet, are always bad. Except when they're good. At least that's the theory behind U.S Patent number 7,296,923, awarded to Symantec for "Using a benevolent worm to assess and correct computer security vulnerabilities."
in Computer Security
via Information Week @ 23:28 11th May
- Related
_______________________________________________________________________  Mandriva Linux Security Advisory             MDVSA-2008:110  http://www.mandriva.com/security/  _______________________________________________________________________  Package : mozilla-firefox  Date   : June 5, 2008  Affected: 2008.0, 2008.1, Corporate 3.0, Corporate 4.0  _______________________________________________________________________  Problem Description:  Security vulnerabilities have been discovered and corrected in the  latest Mozilla Firefox program, version 2.0.0.14.  This update provides the latest Firefox to correct these issues.  _______________________________________________________________________  References:  http://cve.
in Open Source
via OSZine @ 8:29 8th Jun
- Related
The Apache HTTP server project team has released version 2.2.9 of the Apache Web server. The Apache HTTP server is available as open source HTTP server operating systems including UNIX, MS Windows, Macintosh and Netware. This version is mainly a bugfix release. The vulnerabilities addressed are:
in Open Source
via SDA India @ 12:10 16th Jun
- Related
Serious vulnerabilities are found in Apple's iCal calendar application. Core Security Technologies reports that it discovered three vulnerabilities in the application.
in E-commerce
via NewsFactor Network @ 20:17 22nd May
- Related
Serious vulnerabilities have been found in Apple's iCal calendar application. Core Security Technologies reports that it discovered three vulnerabilities that could open the door for hackers.
in Handhelds
via NewsFactor Network @ 13:33 24th May
- Related
Serious vulnerabilities have been found in Apple's iCal calendar application. Core Security Technologies reports that it discovered three vulnerabilities that could open the door for hackers.
in Nanotech
via NewsFactor Network @ 4:03 24th May
- Related
Serious vulnerabilities have been found in Apple's iCal calendar application. Core Security Technologies reports that it discovered three vulnerabilities that could open the door for hackers.
in Linux
via NewsFactor Network @ 18:22 23rd May
- Related
Mozilla on Tuesday posted Firefox 2.0.0.15, an update to its web browser that resolves several vulnerabilities, ranging from several benign problems, to critical bug fixes related to arbitrary code execution and remote control of a user's system. Among the major fixes are MFSA 2008-21, 2008-24, 2008-25, and 2008-33, which resolve crashes when memory is corrupted, Chrome script loading vulnerabilities, arbitrary code execution in a .loadSubScript() command, as well as crashing and remote code execution.
in Open Source
via Electronista @ 9:09 4th Jul
- Related
IT managers often assume that open source software is more secure than proprietary commercial software. Anyone who uses open source can examine the original code to spot any lurking vulnerabilities, and potentially even fix the vulnerabilities themselves. With proprietary software, you have to trust the vendor to do it all for you.
in Open Source
via Linux World @ 22:11 8th May
- Related
IT managers often assume that open source software is more secure than proprietary commercial software. Anyone who uses open source can examine the original code to spot any lurking vulnerabilities, and potentially even fix the vulnerabilities themselves. With proprietary software, you have to trust the vendor to do it all for you.
in Open Source
via NetworkWorld @ 11:37 7th May
- Related
SALT LAKE CITY --(Business Wire)-- Organizations relying on encryption within their most mission-critical business systems must take steps to ensure they can address vulnerabilities like the recently reported Debian Linux flaw when-not if-they happen again, according to Venafi, inventor of systems management for encryption. Such preparations should include automating the management of encryption certificates and keys, to enable rapid identification and replacement. A guide outlining specifically how organizations can address issues and vulnerabilities like the Debian vulnerability using the Venafi encryption management platform and help from a team of expert consultants at Venafi, is available at www.venafi.com/disaster_recovery/linux-debian-openssl-vulnerability.
in Developer
via TMC Net @ 3:40 23rd May
- Related
Search took 0.02 seconds.
|
|
