Corsaire Security Advisory - The aim of this document is to clearly define an issue that exists with the ChainKey Java Code Protection product, that will allow an attacker to circumvent the encryption protection and de-compile any protected Java application.
507876689ae809c61bbd55e5605025bf397f044485c22295d1991e697e006a78Accessing Java Clients with the BeanShell. This whitepaper goes into detail discussing the assessment of Java applications utilizing the BeanShell.
d88b3a4015272cba9306c073c84c23f81966ed4e83fa15e3f4ca6721bd9b240eCorsaire Security Advisory - The VMware ESX Server product will allow a local attacker to gain access to users' (including root's) passwords under certain conditions via a cookie issue.
7d94b30ef247c8df7d87e8885665988e245aa6bdd92034fae2049c0c90a4cc46Corsaire Security Advisory - The VMware ESX Server product will allow a local attacker to read users' (including root's) passwords under certain conditions.
0496ab765de22a5820ee6012fc38444603ee124876d472340221a100c0ffa212Corsaire Security Advisory - The VMware ESX Server product will allow a remote attacker to set arbitrary passwords for users under certain conditions.
ce767781800241562f4b89adcec9e7065422afca428c1e9f89e007b48ae77c10VMware ESX server versions prior to 2.5.2 upgrade patch 2, prior to 2.1.2 upgrade patch 6, and prior to 2.0.1 upgrade patch 6 suffer from a cross site scripting issue.
a34796941c3f2d47f3efc4621f3a3bf1f5ee34cf260af386d81d550d414dd84cThis paper presents a modular approach to performing thorough data validation in modern web applications so that the benefits of modular component based design; extensibility, portability and re-use can be released. The paper begins with an explanation of the vulnerabilities introduced through poor validation and then goes on to discuss the merits of a number of common data validation methodologies. A modular approach is introduced together with practical examples of how to implement such a scheme in a web application. It also provides information on common attack vectors, principles of validation, a modular solution and implementation of that solution.
d6ea21e85a8e50b5eb5abc46932d07593292a7f8f5443ced84aadf093a2415aeCorsaire (www.corsaire.com/white-papers/) has released a fully updated version of their guide to securing Mac OS X to cover the new security features offered by Mac OS X 10.4 Tiger (such as ACLs) as well as incorporating additional security guidelines that were omitted in the original (10.3) guide.
1ea81aaa2aa236628ac103090c6ba94ca9fabfeb20d246d321c0a91cc7b54d51Corsaire Security Advisory - The aim of this document is to define a vulnerability in the 3300 Integrated Communication Platform as supplied by Mitel, that allows an authenticated user to deny access to other users of the web management interface.
975e7ff38467f1f73f0361754991c5f6a3c6b8613b59d5b5570edc6342651883Corsaire Security Advisory - The aim of this document is to define a vulnerability in the 3300 Integrated Communication Platform as supplied by Mitel, that allows a remote attacker to hijack legitimate users' web management sessions.
115de7ef495ee50d9d76e6880e5af65008e64ba19a3af0d399223d9479b4c5baCorsaire Security Advisory - The aim of this document is to define a vulnerability in the Netopia Timbuktu 7.0.3 product for Mac OS X that suffers from a buffer overflow.
cbc907a49668c0fcf9a73b904dee166db917a6d624962997421a44440286d2aeCorsaire White Paper: Application Level Denial Of Service Attacks. Discusses root causes, attack vectors, classes, and more.
5e4c9099a231ecfabd4b740e6dcffeff73ed68e94a394a89fdac42d9e21b41bfMultimap is a multithreaded wrapper for nmap designed to run a number of concurrent nmap scans and speed up the scan of large networks. Optionally it will launch amap on the open ports and generate an HTML file of the results. Tested with nmap 3.27, 3.30 and amap 4.2.
ebc5b68e699ee6a3b460975e89a6c51d435ea997da9bce70b118d29a9b3d81f1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed