Cloud Security

UnRTF File Processing out-of-bounds Memory Corruption Vulnerability Release date: 2014-3 3Updated on: 2014-6 6 Affected Systems:UnRTFDescription:Bugtraq id: 71430 UnRTF is a command line software written in C language. The UnRTF memory

Offset2lib attacks bypass 64-bit Linux kernel Protection Security researcher Hector Marco released the release of the ASLR protection bypass for 64-bit Linux kernel. slide and the paper provide download. This attack is called offset2lib. The

PhpMyAdmin long password processing DoS Vulnerability Release date: 2014-3 3Updated on: 2014-6 6 Affected Systems:PhpMyAdmin 4.xPhpMyAdminDescription:Bugtraq id: 71434CVE (CAN) ID: CVE-2014-9218 Phpmyadmin is an online management tool for MySQL

Multiple Denial of Service Vulnerabilities in SEIL series routers (CVE-2014-7256) Release date: 2014-12-01Updated on: 2014-3 3 Affected Systems:SEIL RoutersDescription:Bugtraq id: 71385CVE (CAN) ID: CVE-2014-7256 SEIL Router is a vro from the

Antiword 'wordole. c' Buffer Overflow Vulnerability Release date: 2014-12-01Updated on: 2014-3 3 Affected Systems:Antiword 0.37Description:Bugtraq id: 71386 Antiword is a MS Word document reader. The implementation of Antiword 0.37 and other

Summary of Windows penetration and Elevation of Privilege (1) This article summarizes multiple techniques for Windows penetration and Elevation of Privilege, including: MSSQL query analyzer connection record clearing, VNC and Radmin elevation

Windows 8.1 security: enterprise functions and tools Microsoft has released Windows 8.1 Enterprise Edition for several months. What security issues are worth noting? For enterprises, the most attractive security feature of Windows 8.1 is to

Two Linux backdoors: suid shell and inetd Backdoor Prerequisites: You are now a root user and want to leave a backdoor. System Environment: dawg:~# uname -a Linux dawg 2.4.20-1-386 #3 Sat Mar 22 12:11:40 EST 2003 i686 GNU/Linux 1. SUID shell First,

What are the threats caused by Windows XP Server suspension? Today, Windows XP, the oldest operating system in Microsoft's history, officially Stops providing services. Windows XP is not only a long-lived operating system, but also has a broad user

How to protect the LAMP server on CentOS or RHEL (1) LAMP is a set of software architecture, including these components: Linux (operating system as the basic layer), Apache (website server located on the operating system), MySQL (or MariaDB, as a

Inspur released its first trusted server to fill the gaps in the cloud security field At 2014 China Internet Security Conference, inspur released the industry's first trusted server for cloud data centers. This release means that inspur's host

Cnpc dns domain transfer Vulnerability Dns domain transfer Vulnerability  > Ls petrochina.com.cn[Dns.petrochina.com.cn]Petrochina.com.cn. NS server = dns.petrochina.com.cnPetrochina.com.cn. NS server = ns2.petrochina.com.cnAx NS server =

Summary of Intranet penetration ideas In general, Intranet penetration, first through the C segment or the collection of information to know a target in an intranet, the information collected can be from the web layer, from the client (I have met a

You can log on to an ETC service system as any user and its solution. A website of an ETC service provider has design flaws. Users can log on to any website as other users. After logon, they can query the user's name, ID card, mobile phone number,

A sub-station stored XSS + csrf in Baidu Today, as usual, I had nothing to do. I opened hao123 and looked for Station X. Suddenly I saw Baidu traveling and suddenly found some problems. Then my mother no longer had to worry about not replying to my

Supesite foreground injection 4 (select) and a small problem. Integrate the Select Update insert delete injection of supesite  Minor issuesThe path of the supesite backup database isData/backup_SAS2n5/141007_Pwok71Ei-1. SQLBackup _ random

Getshell at the front end of ThinkSNS   /Apps/page/Lib/Action/DiyAction. class. php line 330: public function getTpl() {$parseTag = model ( 'ParseTag' );$tpl = $_REQUEST ['tpl'];$sign = $_REQUEST ['sign'];$tagName = $_REQUEST ['tagName'];echo

DFCMS system universal injection (demo demonstration)   Program: DFCMSVulnerability file: acAdmin/acAdminLogin. jspAccountNumber = the parameter is not filtered. (That is, the corresponding part of the number)Post: isEncrypt = 0 & loginFailPage =

A smart home control system injection vulnerability causes your home and my Permissions On a dark night, you may see lights in your sleep, TV suddenly opens, screens slowly fall, speakers are turned on for no reason, and air conditioners are

The phpwind win server can be downloaded to the backup file (mainly to mention the solution) Ah ...... If you don't talk about anything else, you can understand that you only need to crack a few numbers. I 'd like to mention the repair solution.