pd

Slackware Security Advisory - mozilla-firefox Updates

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.




pd

Slackware Security Advisory - Slackware 14.2 kernel Updates

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.




pd

Slackware Security Advisory - mozilla-firefox Updates

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.




pd

Slackware Security Advisory - mozilla-thunderbird Updates

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.




pd

Slackware Security Advisory - mozilla-thunderbird Updates

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.




pd

Slackware Security Advisory - sudo Updates

Slackware Security Advisory - New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.




pd

Slackware Security Advisory - mozilla-firefox Updates

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.




pd

Slackware Security Advisory - mozilla-thunderbird Updates

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.




pd

Slackware Security Advisory - libarchive Updates

Slackware Security Advisory - New libarchive packages are available for Slackware 14.1, 14.2, and -current to fix security issues.




pd

Slackware Security Advisory - proftpd Updates

Slackware Security Advisory - New proftpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.





pd

OpenBSD OpenSMTPD Privilege Escalation / Code Execution

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root.




pd

OpenSMTPD Local Information Disclosure

Qualys discovered a minor vulnerability in OpenSMTPD, OpenBSD's mail server. An unprivileged local attacker can read the first line of an arbitrary file (for example, root's password hash in /etc/master.passwd) or the entire contents of another user's file (if this file and /var/spool/smtpd/ are on the same filesystem). A proof of concept exploit is included in this archive.




pd

Adobe Fixes Over 100 Vulnerabilities In Latest Security Patch Update




pd

Adobe Fixes Critical Code Execution Flaws In Latest Patch Update






pd

Adobe Patch Update Squashes Critical Code Execution Bugs





pd

PHPDirector 0.30 Insecure Cookie Handling

PHPDirector version 0.30 suffers from an insecure cookie handling vulnerability that allows for privilege escalation.




pd

Plantronics Hub SpokesUpdateService Privilege Escalation

The Plantronics Hub client application for Windows makes use of an automatic update service SpokesUpdateService.exe which automatically executes a file specified in the MajorUpgrade.config configuration file as SYSTEM. The configuration file is writable by all users by default. This module has been tested successfully on Plantronics Hub version 3.13.2 on Windows 7 SP1 (x64). This Metasploit module has been tested successfully on Plantronics Hub version 3.13.2 on Windows 7 SP1 (x64).




pd

Maian Support Helpdesk 4.3 Cross Site Request Forgery

Maian Support Helpdesk version 4.3 suffers from a cross site request forgery vulnerability.








pd

Suspected Commonwealth Games DDoS Was Only A Fortnite Update




pd

Irix LPD tagprinter Command Execution

This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix.




pd

PalmOShttpd.txt

A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.




pd

Dridex Trojan Updated With AtomBombing Evasion Techniques






pd

Xcon2005_San.pdf

Xcon 2005: Hacking Windows CE




pd

SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write

This Metasploit module exploits a remote arbitrary file write vulnerability in SolidWorks Workgroup PDM 2014 SP2 and prior. For targets running Windows Vista or newer the payload is written to the startup folder for all users and executed upon next user logon. For targets before Windows Vista code execution can be achieved by first uploading the payload as an exe file, and then upload another mof file, which schedules WMI to execute the uploaded payload. This Metasploit module has been tested successfully on SolidWorks Workgroup PDM 2011 SP0 on Windows XP SP3 (EN) and Windows 7 SP1 (EN).






pd

OpenSMTPD 6.6.1 Local Privilege Escalation

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell meta-characters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.




pd

OpenSMTPD Out-Of-Bounds Read

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability, an out-of-bounds read introduced in December 2015, is exploitable remotely and leads to the execution of arbitrary shell commands.




pd

World's Favorite Open-Source PDF Interpreter Needs Patching Again





pd

tcpdump 4.9.3

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.




pd

Red Hat Hack Prompts Critical OpenSSH Update




pd

Review update: The 2020 Mercedes-Benz AMG GLC 43 SUV "nose" the right spice level

These are halcyon days for fleet-footed crossover SUVs. Saucy ‘utes like the 2020 Mercedes-Benz GLC 43 AMG hardly look like they’re just as quick as their smaller siblings but stopwatches don’t lie. In the example above, Mercedes says the GLC43 crossover takes just 4.7 seconds from 0-60 mph compared to the C43 sedan’s time...




pd

New Ionic 5 Angular 8 Display, Update and Delete Records with RxJS

This post is about displaying the API records with delete and update actions using new Ionic and Angular reactive programming. This is a continuation of Ionic Angular series and it explains to you how to distribute the data between the components using RxJS method like BehaviorSubject. All of the feed API responses/records storing in a reactive object, This help the application DOM works seamlessly with update and delete operations. Implement this to your side project and enrich your applications.






pd

News and updates on wave energy, tidal energy, and ocean energy

News related to the worldwide marine hydrokinetics industry from November-December 2014




pd

News and updates on wave energy, tidal energy, ocean energy

News related to the marine hydrokinetics industry in North America for December 2014




pd

Hydro research and development news and updates

Research reports and study findings related to hydropower




pd

Update: Google On a Cleantech Investment Binge Again

Once again flexing its investment muscles in renewable energy, Google is expanding its future purchasing plans for wind energy in Finland and taking a stake in another a Texas wind farm. Oh, and it also bought some home energy automation startup called Nest Labs.




pd

UPDATE: UK Announces Renewable Heat Tariffs

UPDATE: The U.K. government yesterday launched its Domestic Renewable Heat Incentive (d-RHI), which pays households that generate heat and hot water using renewable energy systems such as solar hot water, geothermal heat pumps and biomass heating.