Cloud Security

GNU Libtasn1 'decoding. c' Heap Buffer Overflow VulnerabilityGNU Libtasn1 'decoding. c' Heap Buffer Overflow Vulnerability Release date:Updated on:Affected Systems: GNU Libtasn1 Unaffected system: GNU Libtasn1 Description: Bugtraq id:

CURL/libcurl Vulnerability (CVE-2015-3153)CURL/libcurl Vulnerability (CVE-2015-3153) Release date:Updated on:Affected Systems: CURL Description: CVE (CAN) ID: CVE-2015-3153CURL/libcURL is a command line FILE transmission tool that supports

WordPress Pixabay Images plugin Arbitrary File Upload Vulnerability (CVE-2015-1375) Release date:Updated on: Affected Systems:WordPress Pixarbay Images 2.3Description:Bugtraq id: 73118CVE (CAN) ID: CVE-2015-1375 Pixabay Images is a WordPress plug-in

Hospira MedNet password leakage Vulnerability (CVE-2014-5400) Release date:Updated on: Affected Systems:Hospira MedNet Description:CVE (CAN) ID: CVE-2014-5400 MedNet manages the Drug Library, firmware updates, and configurations of the Hospira

Cisco NX-OS Software DHCP option Command Injection Vulnerability (CVE-2015-0658) Release date:Updated on: Affected Systems:Cisco NX-OSDescription:CVE (CAN) ID: CVE-2015-0658 Cisco NX-OS is a data center-Level Operating System. In the PowerOn

Powerful Analysis Network shell script This article introduces a powerful Analysis Network shell script, which is split from EZHTTP and I think it is necessary to introduce it separately.Script running effect: This script provides the following

One-click installation of LNMP environment using Shell scripts Nginx is a high-performance HTTP and reverse proxy server. Nginx has a strong advantage in reverse proxy, Rewrite rules, stability, static file processing, and memory consumption.

Detailed procedure for removing rogue software System Safety Monitor (SSM) (Baidu search: Download SSM, for example ). After the "Dragon Sword" is entered into your system, it will be started along with the system, and reduced to the system tray

Anti-Virus Attack and Defense Section 2: Analysis and Prevention of simple TrojansI. Preface in general, Trojans are both client and server. What we discussed last time was just a special case. After all, not everyone knows the doscommand, so now

Anti-virus attack and defense: Adding virus infection marks1. preface if the same target file is infected for multiple times, the target file may be corrupted and cannot be executed. Therefore, virus programs often write an infection mark to the

WordPress 4.2.2 patch Truncation in 4.2.1 Vulnerability Analysis In the description of this patch, one of them is to fix the xss issue after the patch bypass in version 4.2.1, the following describes the specific verification process after the

Penetration Testing of changba (entering several backend and O & M systems and configuring VPN) A penetration test of changba. Attackers can obtain a large amount of sensitive information, access several backend and O & M systems (wiki, cacti, erp,

Thoughts on INSERT injection caused by a WordPress Vulnerability This article is a record of analysis, experiment, and thinking on WordPress plug-in injection vulnerabilities.OverviewI don't need to talk about SQL Injection here. There are many

MS15-034/CVE-2015-1635HTTP Remote Code Execution Vulnerability Analysis   Preface On patch day April, Microsoft fixed a remote code vulnerability MS15-034 in HTTP. SYS by marking a "high-risk" CVE-2015-1635 patch. According to Microsoft's

Newbie takes webshell for the first time and uses the bypass intrusion detection technology Of course, the target website for intrusion detection is owned by the Japanese Empire. Site: www.newtb.co.jp first found the injection point. I scanned the

China Unicom telephone conference monitoring system SQL Injection China Unicom telephone conference monitoring system SQL Injection China Unicom Guangdong branch company telephone conference monitoring system SQL Injection1) POST injectionUse the

Kaiyuan travel channel design defect causes reset of User Password If the previous vulnerability passes, it would be easier to reset the password. The design defect of the website is that the password reset link is a fixed value, no matter how many

Encrypt cookies in a browser In network applications, cookie is a very convenient way to store data. Because of this, you need to pay more attention to cookie security when developing WEB applications. There are many ways to ensure the security of

Optimistic about your portal-data transmission on the client-insecure URL parameters1. Simple Description: applications generally send data to the server in a way that the end user cannot directly view or modify. In many cases, developers give

Optimistic about your portal-data transmission on the client-Appendix-http information header descriptionAppendix, the http header information of the REQUEST in JAVA, which may be useful for reference. System. out. println ("Protocol:" + request.