Cloud Security

Lenovo System Update Arbitrary Code Execution Vulnerability (CVE-2015-2219)Lenovo System Update Arbitrary Code Execution Vulnerability (CVE-2015-2219) Release date:Updated on:Affected Systems: Lenovo System Update Description: CVE (CAN) ID:

How to keep Ubuntu servers away from the influence of the GHOST Vulnerability (GHOST) On July 6, January 27, 2015, a vulnerability in the gnu c library (glibc), also known as the GHOST Vulnerability (GHOST), was published. In general, this

WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow Vulnerability Release date:Updated on: Affected Systems:Webgate WinRDS 2.0.8Description:CVE (CAN) ID: CVE-2015-2094 WebGate WinRDS can transmit DVR video streams over the network. In WebGate

HP Intelligent Provisioning Vulnerability (CVE-2015-2111) Release date:Updated on: Affected Systems:HP Intelligent Provisioning 1.40-1.60Description:CVE (CAN) ID: CVE-2015-2111 HP Intelligent Provisioning is a server configuration tool. On

BadIRET vulnerability Exploitation The Linux kernel code file arch/x86/kernel/entry_64.S versions earlier than 3.17.5 did not correctly handle errors related to the SS (stack) segment register, this allows the local user to initiate an IRET command

2529 wangmeng uses the latest Internet Explorer vulnerability to force installation of light micro-Terminal When I browsed the movie website http://www.dy2018.com In the ie compatibility mode of Baidu browser, I found that somehow I ran a game

Airwatch Multiple Information Leakage Vulnerability (CVE-2014-8372) Release date:Updated on: Affected Systems:VMWare Airwatch Description:Bugtraq id: 71609CVE (CAN) ID: CVE-2014-8372 Airwatch is an enterprise mobile device, mobile application,

Android Hacking Part 6: Debugging Android applications In the future, we will learn how to use JDB to debug Android applications. If an Android Application can be debugged, we can inject and run our own code in the Process of the

FastNetMon, an efficient DDoS attack detection and analysis tool FastNetMon is an efficient analysis tool for DoS/DDoS attacks based on multiple packet capture engines (NetFlow, IPFIX, sFLOW, netmap, PF_RING, and PCAP). It can detect and analyze

Anti-virus attack and defense: Exploitation of simple program vulnerabilitiesI. PrefaceAll the "viruses" mentioned in the previous article are executable files (in the EXE format) and are malicious programs in the traditional sense. They start to

Diffie-Hellman Key Exchange is a popular encryption algorithm. The disclosed information about the Logjam Vulnerability (a variant of the FREAK vulnerability) has been sent to the browser manufacturer. The administrators of large websites are busy

Linux: GPG encryption and decryption (1) With the development of network and computer technology, the security of data storage and data exchange has become more and more important. encryption technology has been used for data storage and data

SQL SERVER injection Principle Demonstration The operation of the injection scenario in the database is reproduced.Injection'Message 206, level 16, status 2, 9th rowsOperand type conflict: ntext is incompatible with intSELECT * FROM eims_User WHERE

How to Prevent SQL Injection in PHP applications SQL injection is a technology used to control database queries, which often results in loss of confidentiality. In some cases SELECT ' Attackers can take down the server, and code injection

From a Flash XSS on Sina Weibo to XSS Worm I have been studying some flash files recently, hoping to find something. By accident, a swf: http://vgirl.weibo.com/swf/BlogUp.swf (repaired), which is generally known as XSS, which is the flash of the

An ssl vpn entry in the bianfeng network can be controlled to hijack the password (success stories) The ssl vpn entry custom framework has a security vulnerability in implementation. unauthenticated remote attackers can exploit this vulnerability to

Wdcp X-Forwarded-For Injection Vulnerability Analysis 0x1 vulnerability updates on the official website: 20130804 (2.5.8) Fix an SQL injection security vulnerability and leak database information (must be upgraded) Description 2.5.7 and earlier

All ESPCMS versions can be accessed by any user All ESPCMS versions can be accessed by any user /Interface/memebermain. php $rsMember['userid'] = $this->ec_member_username_id;$rsMember['rankname'] = $this->get_member_purview($rsMember['mcid'],

If a service of Tongcheng tourism is improperly configured, getshell enters the Intranet and the Intranet Structure is leaked. Http: // 61.155.159.159/cacti/ Cacti System61.155.159.159 ftp blank password access  ftp> ls229 Entering Extended Passive

The getshell function of a website affects multiple business sites. The getshell function of a website affects multiple business sites. #1 in the wood ant's seventh media http://mobile7.cn registered a developer account, in the developer information