Monday, April 21st, 2008 In a security alert last week, Microsoft reported a vulnerability which allows local users and users signed on with access to an Internet Information Server (IIS) or MS SQL server to escalate their privileges. Server operators such as hosting providers who allow user code to be executed, for example on ...
Posted in Coding, Privacy, Security, Windows | No Comments
Friday, April 18th, 2008 Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run ...
Posted in Security, Windows | No Comments
Thursday, April 17th, 2008 The SANS Institute has uncovered what they've termed a "rare gem" as far as computer security investigations go that sheds new light on how up to 20,000 Web sites have been hacked since January.
They found a sneaky software tool that uses Google's search engine to hunt for Web sites running ...
Posted in Coding, Internet, Security, Software | No Comments
Tuesday, April 15th, 2008 Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to ...
Posted in Internet, Privacy, Security, Software | No Comments
Monday, April 14th, 2008 As you will have noticed we’ve posted quite a number of Fuzzing Tools built around different frameworks and in different languages..most for difference targets/purposes too.
Fuzzing has definitely exploded in the last year or so as more people try and understand it and code tools to automate the process. There are ...
Posted in Internet, Privacy, Security | No Comments
