Tuesday, December 1st, 2009 Web browsers enforce the same origin policy to prevent one site's active content (such as JavaScript) from accessing or modifying another site's data. For instance, active content hosted at http:///page1.html can access DOM objects on http:///page2.html, but cannot access objects hosted at http:///page.html. Many clientless SSL VPN products retrieve content ...
Posted in Internet, Networking, Privacy, Security | No Comments
Tuesday, November 24th, 2009 VMware has advised of a total of 93 vulnerabilities in several of its products, including ESX Server, Server, VirtualCenter and vCenter. Most of the vulnerabilities are in Java, Tomcat and the kernel and have been known for some time. Some of them can be exploited to compromise a system, however, ...
Posted in Internet, Networking, Security, Software | No Comments
Wednesday, November 18th, 2009 Nearly one year after the release of Metasploit 3.2, the Metasploit Project developers have announced the availability of version 3.3 of the Metasploit Framework. The comprehensive programming framework for developing exploits for vulnerabilities is used by security researchers, penetration testers and black hat crackers alike. The latest release includes a ...
Posted in Internet, Networking, Privacy, Security, Software | No Comments
Friday, November 13th, 2009 Researchers have discovered a new attack that exploits the way browsers operate with Adobe Flash -- and there's no simple patch for it.The attack can occur on Websites that accept user-generated content -- anything from Webmail to social networking sites. An attacker basically takes advantage of the fact that a ...
Posted in Internet, Security | No Comments
Thursday, November 5th, 2009 There is a NULL pointer dereference flaw in the Linux kernel that can be exploited by attackers to gain root access to a vulnerable machine.The vulnerability is in version 2.6.21 of the Linux kernel and some Linux vendors already have taken steps to fix the vulnerability. Red Hat has released ...
Posted in Linux, Security | No Comments
