This tool is a proof-of-concept packer for .NET executables designed to provide a starting point to explain the basic principles of runtime packing…….

Contexis CMS version 1.0 suffers from a cross site scripting vulnerability…….

Ubuntu Security Notice 2006-1 – Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.72 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 and Ubuntu 13.10 have been updated to MySQL 5.5.34. In addition to security fixes,…

Ubuntu Security Notice 2008-1 – Ralph Loader discovered that Suds incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions…….

Ubuntu Security Notice 2007-1 – Martin Carpenter discovered that Apport set incorrect permissions on core dump files generated by setuid binaries. A local attacker could possibly use this issue to obtain privileged information…….

Debian Linux Security Advisory 2783-2 – The update of librack-ruby in DSA-2783-1 also addressed CVE-2013-0183. The patch applied breaks rails applications like redmine (see Debian Bug #727187). Updated packages are available to address this problem…….

Red Hat Security Advisory 2013-1457-01 – The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload cache side-channel attack on the RSA secret exponent. An attacker able to execute a process on the logical CPU that shared the L3 cache with the GnuPG process…

Red Hat Security Advisory 2013-1458-01 – The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload cache side-channel attack on the RSA secret exponent. An attacker able to execute…

Red Hat Security Advisory 2013-1459-01 – The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send…

Chief twits suggest $17 to $20 per share for loss-making IPO-hungry social network……