Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 127/3920 | < Previous Page | 123 124 125 126 127 128 129 130 131 132 133 134  | Next Page >

  • CVE-2012-1182 Arbitrary code execution vulnerability in Samba

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-1182 Arbitrary code execution vulnerability 10 Samba Solaris 10 SPARC: 119757-22 x86: 119758-22 Solaris 11 11/11 SRU 7.5 Solaris 9 SPARC: 114684-18 x86: 114685-18 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • XP Missing AD in secuirity location

    - by Rodent43
    I have a few Window XP clients that are part of a domain, when trying to set the permissions on the security tab and pressing location to search the AD for users it only presents the local machine... So I follow this path Right click folder Properties Security Add in the locations field where I would normally see the windows domain, I am only seeing the local machine name??? So only users that have a local account can be added to the folders permissions... Any tips would be appreciated

    Read the article

  • Security review of an authenticated Diffie Hellman variant

    - by mtraut
    EDIT I'm still hoping for some advice on this, i tried to clarify my intentions... When i came upon device pairing in my mobile communication framework i studied a lot of papers on this topic and and also got some input from previous questions here. But, i didn't find a ready to implement protocol solution - so i invented a derivate and as i'm no crypto geek i'm not sure about the security caveats of the final solution: The main questions are Is SHA256 sufficient as a commit function? Is the addition of the shared secret as an authentication info in the commit string safe? What is the overall security of the 1024 bit group DH I assume at most 2^-24 bit probability of succesful MITM attack (because of 24 bit challenge). Is this plausible? What may be the most promising attack (besides ripping the device out off my numb, cold hands) This is the algorithm sketch For first time pairing, a solution proposed in "Key agreement in peer-to-peer wireless networks" (DH-SC) is implemented. I based it on a commitment derived from: A fix "UUID" for the communicating entity/role (128 bit, sent at protocol start, before commitment) The public DH key (192 bit private key, based on the 1024 bit Oakley group) A 24 bit random challenge Commit is computed using SHA256 c = sha256( UUID || DH pub || Chall) Both parties exchange this commitment, open and transfer the plain content of the above values. The 24 bit random is displayed to the user for manual authentication DH session key (128 bytes, see above) is computed When the user opts for persistent pairing, the session key is stored with the remote UUID as a shared secret Next time devices connect, commit is computed by additionally hashing the previous DH session key before the random challenge. For sure it is not transfered when opening. c = sha256( UUID || DH pub || DH sess || Chall) Now the user is not bothered authenticating when the local party can derive the same commitment using his own, stored previous DH session key. After succesful connection the new DH session key becomes the new shared secret. As this does not exactly fit the protocols i found so far (and as such their security proofs), i'd be very interested to get an opinion from some more crypto enabled guys here. BTW. i did read about the "EKE" protocol, but i'm not sure what the extra security level is.

    Read the article

  • Code testing practice

    - by Robin Castlin
    So now I have come to the conclusion like many others that having some way of constantly testing your code is good practice since it enables fewer people to be involved (colleges and customers alike) by simply knowing what's wrong before someone else finds out the hard way. I've heard and read some about Unit Testing and understand what it's supposed to do and all. The there are so many different types of bugs. It can be everything from web browser not being able not being able to send correct values, javascript failing, a global function messing up a piece of code somewhere to a change that looked good when testing it out but fails in some special case which was hard to anticipate. My simply finding these errors I learn to rarely repeat them again, but there seems to always be new bugs to be found and learnt from. I would guess maybe the best practice would be to run every page and it's functions a couple of times, witness the result and repeat this in Firefox, Chrome and Internet Explorer (and all smartphones apparently) to make sure it works as intended. However this would take quite some time to do consider I don't work with patches/versions and do little fixes here and there a couple of times per week. What I prefer would be some kind of page I can just load that tests as much things as possible to make sure the site works as intended. Basicly just run a lot of cURL's with POST-values and see if I get expected result. But how would I preferably not increase the IDs of every mysql rows if I delete these testing rows? It feels silly to be on ID 1000 with maybe 50 rows in total. If I could build a new project from scratch I would probably implement some kind of smooth way to return a "TRUE" on testing instead of the actual page. But this solution would for the moment being have to be passed on existing projects. My question What would you recommend to be the best way to test my site to make sure that existing functions does their job upon editing the code? Should I consider to implement a lot of edits first, then test manually the entire code to make sure it still works? Is there any nice way of testing codes without "hurting" the ID columns? Extra thoughs Would it be a good idea to associate all of my files to the different parts of my site which they affect? For instance if I edit home.php I will through documentation test if my homepage's start works as intended since it's the only part of my site it should affect.

    Read the article

  • immplementing security with session variables, how it is insecure

    - by haansi
    Hello, I am doing web based projects in dotnet. Currently I am implementing security using session variables. I keep current user id and user type in session and authenticate user from these session variables (say Session["UserId"],Session["UserName"] and Session["UserType"]) I do authentications. Please guide me how it is insecure ? I heard such security can be broken and applications can be hacked very easily, like it is possible to get session id and directly connect to that session id etc. Please guide me on this thanks

    Read the article

  • Running CLOC (count lines of code) on Windows...or alternative

    - by Chelonian
    I'm trying to use CLOC on Windows (XP) to count lines of code, and I can't get it to work. I downloaded the latest Win installer for CLOC 1.5.6, ran it (which caused a "DOS" window to open, scroll with text rapidly, then close before I could read anything) and then wrote cloc at the cmd prompt...and Windows doesn't recognize it as a command. Or if there is another easy-to-use lines of code counter that one could recommend (that runs on Windows), I'd be happy to try that.

    Read the article

  • Sharepoint page level security

    - by ifunky
    Hi, Another SharePoint question from myself! I've created a subsite and from within Sharepoint designer I've created a new aspx page, all nice and simple so far. I can't seem to find where I can change the security on this new page, only site admins can view the page and everyone else gets access denied. It doesn't seem to inherit the permissions from the parent and I can't see where to change the security settings! Please help, I'm sure it's something simple! Thanks Dan

    Read the article

  • Visual Studio Code Analysis - Does Microsoft follow it themselves?

    - by Oskar Kjellin
    Did a quick search but could not find anything about this. I guess all of you know that the Visual Studio Code Analysis is quite nitpicking and gives warnings about a lot of things. Does anybody know how well Microsoft follow this themselves..? That is, if I were to run a code analysis on their assemblies, would the warnings be none or very few (perhaps surpress warning with a justification..?).

    Read the article

  • CVE-2012-1714 TList 6 ActiveX control remote code execution vulnerability in Hyperion Financial Management

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-1714 Remote code execution vulnerability 10 TList 6 ActiveX control Hyperion Financial Management 11.1.1.4 Contact Support Hyperion Financial Management 11.1.2.1.104 Microsoft Windows (32-bit) Microsoft Windows (64-bit) This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • How do I update Safari on Windows?

    - by James A. Rosen
    I'd like to update Safari to 4.0.5 for security reasons, but I can't figure out how to run the Apple updater manually. On Mac there's usually a "Check for Updates" menu item, but I don't see one on the Windows version. I tried downloading the latest version from http://www.apple.com/safari/download/, but Windows won't let me open the file, saying it is a security risk.

    Read the article

  • Windows Security popup window pops up each time any connection is made

    - by MC Emperor
    I have a problem with the Windows Security popup below. It pops up every time the system tries to make connection with any internet source. It's very annoying, and I don't know how to resolve the problem. (The popup window below is in Dutch, but says something like Connect to somedomain.com. Then it expects you to give your credentials.) I am running on a Windows 7 x64 OS. Now how do I solve this problem? Is it a Windows Firewall problem?

    Read the article

  • Portable Class Library: partager efficacement du code entre plateformes, par Nathanael Marchand

    Lorsque l'on développe pour plusieurs plateformes (.Net, Silverlight, XNA, Windows Phone 7), il se pose souvent la question de comment partager le code ? La Portable Class Library permet de répondre efficacement à cette problématique puisqu'elle permet à un projet d'être multiplateforme. Nous allons voir comment l'utiliser dans un cas de figure où il faut partager du code entre un client Silverlight et le serveur. Retrouver l'article ici...

    Read the article

  • Performance & Security Factors of Symbolic Links

    - by Stoosh
    I am thinking about rolling out a very stripped down version of release management for some PHP apps I have running. Essentially the plan is to store each release in /home/release/1.x etc (exported from a tag in SVN) and then do a symlink to /live_folder and change the document root in the apache config. I don't have a problem with setting all this up (I've actually got it working at the moment), however I'm a developer with just basic knowledge of the server admin side of things. Is there anything I need to be aware of from a security or performance perspective when using this method of release management? Thanks

    Read the article

  • Using Entity Framework 4.0 with Code-First and POCO: How to Get Parent Object with All its Children

    - by SirEel
    I'm new to EF 4.0, so maybe this is an easy question. I've got VS2010 RC and the latest EF CTP. I'm trying to implement the "Foreign Keys" code-first example on the EF Team's Design Blog, http://blogs.msdn.com/efdesign/archive/2009/10/12/code-only-further-enhancements.aspx. public class Customer { public int Id { get; set; public string CustomerDescription { get; set; public IList<PurchaseOrder> PurchaseOrders { get; set; } } public class PurchaseOrder { public int Id { get; set; } public int CustomerId { get; set; } public Customer Customer { get; set; } public DateTime DateReceived { get; set; } } public class MyContext : ObjectContext { public RepositoryContext(EntityConnection connection) : base(connection){} public IObjectSet<Customer> Customers { get {return base.CreateObjectSet<Customer>();} } } I use a ContextBuilder to configure MyContext: { var builder = new ContextBuilder<MyContext>(); var customerConfig = _builder.Entity<Customer>(); customerConfig.Property(c => c.Id).IsIdentity(); var poConfig = _builder.Entity<PurchaseOrder>(); poConfig.Property(po => po.Id).IsIdentity(); poConfig.Relationship(po => po.Customer) .FromProperty(c => c.PurchaseOrders) .HasConstraint((po, c) => po.CustomerId == c.Id); ... } This works correctly when I'm adding new Customers, but not when I try to retrieve existing Customers. This code successfully saves a new Customer and all its child PurchaseOrders: using (var context = builder.Create(connection)) { context.Customers.AddObject(customer); context.SaveChanges(); } But this code only retrieves Customer objects; their PurchaseOrders lists are always empty. using (var context = _builder.Create(_conn)) { var customers = context.Customers.ToList(); } What else do I need to do to the ContextBuilder to make MyContext always retrieve all the PurchaseOrders with each Customer?

    Read the article

  • Security considerations when giving access to SQL Server db for a web application

    - by rem
    I need to expose our SQL Server 2008 database for an access from a asp.net web application. This is a new task for me, so I would like to know what basic security requirements are there for configuring software and hardware components of web server and DB Server. Is it OK to have both Web Server (Windows Server 2008) with IIS holding ASP.NET application and SQL Server 2008 on the same machine? Should I have to install additional firewall, like Forefront TMG? Should it be on separate computer? In case a web application is hosted on an external web hosting privider server and SQL Server DB on a our internal server what are "pro's" and "con's" of such configuration?

    Read the article

  • On the fly Code Generation with Evolutility

    A generic Web User Interface for CRUD applications generating all screens at run-time based on external metadata. It comes with sample applications for address book, memo pad, to do list, restaurants list, wine cellar, and database structure documentation that are easily customizable.

    Read the article

  • is there an easy way to convert jquery code to javascript?

    - by davidsleeps
    hopefully the question doesn't sound stupid, but there are lots of examples out there of achieving certain things in javascript/dom using jQuery. Using jQuery is not always an option (or even a want) which can make understanding the examples of javascript solutions written in jQuery hard. Is there an easy way to convert jQuery code to regular javascript? I guess without having to access or understand the jQuery source code... edit (future readers): pretend there is a logical reason why jQuery isn't available!

    Read the article

  • Legal Applications of Metamorphic Code

    - by V_P
    Firstly, I would like to state that I already understand the 'vx' applications for Metamorphic code. I am not here to ask a question related to any of those topics as that would be inappropriate in this context. I would like to know if anyone has ever used 'Metamorphic' code in practice, for purposes other than those previously stated, if so, what was the reasoning for using said concept. In essence I am trying to discover a purpose for this concept, if any, other than circumventing anti-virus scanners and the like.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 123 124 125 126 127 128 129 130 131 132 133 134  | Next Page >