Servizio di monitoraggio siti Web di WatchMouse - Notizie sulla sicurezza e sulla vulnerabilità dei siti Web

WatchMouse riceve costantemente le ultime notizie sulla sicurezza e i rapporti più recenti sulle vulnerabilità. Controlla qui regolarmente oppure iscriviti utilizzando il modulo a destra per ricevere i nostri aggiornamenti sulla sicurezza via email.

Visualizza un elenco completo delle vulnerabilità più recenti qui.

OSSIM 'file' Parameter Directory Traversal Vulnerability	18 mar 2010
OSSIM is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. OSSIM 2.2 is affected; other versions may also be vulnerable.
Securityfocus.com

OSSIM 'what' Parameter Multiple Remote Command Execution Vulnerabilities	18 mar 2010
OSSIM is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary commands because the application fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected application and possibly the computer. These issues affect OSSIM 2.2; other versions may be affected as well.
Securityfocus.com

OSSIM 'repository_attachment.php' Arbitrary File Upload Vulnerability	18 mar 2010
OSSIM is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. This issue affects OSSIM 2.1.5 and 2.2; other versions may be vulnerable as well.
Securityfocus.com

Bible Study Joomla! Component 'controller' Parameter Local File Include Vulnerability	18 mar 2010
The Bible Study component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. Bible Study 6.1 is affected; other versions may be vulnerable as well.
Securityfocus.com

PHP xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities	18 mar 2010
PHP's xmlrpc extension library is prone to multiple denial-of-service vulnerabilities because it fails to properly handle crafted XML-RPC requests. Exploiting these issues allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable library. PHP 5.3.1 is vulnerable; other versions may also be affected.
Securityfocus.com

Vedere anche

Newsletter