Search Results

Search found 14878 results on 596 pages for 'mod security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 323/596 | < Previous Page | 319 320 321 322 323 324 325 326 327 328 329 330  | Next Page >

  • CVE-2009-2042 Information Exposure vulnerability in libpng

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2009-2042 Information Exposure vulnerability 4.3 PNG reference library (libpng) Solaris 10 SPARC: 137080-04 X86: 137081-04 Solaris 9 SPARC: 139382-03 X86: 139383-03 Solaris 8 SPARC: 114816-04 X86: 114817-04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • CVE-2011-4339 Access Controls vulnerability in ipmitool

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4339 Permissions, Privileges, and Access Controls vulnerability 3.6 ipmitool Solaris 10 SPARC: 119764-07 X86: 119765-07 Solaris 11 11/11 SRU 13.4 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • How to Lock Down IE 10 by Disabling Flash in Windows 8

    - by Taylor Gibb
    Microsoft now includes Flash along with their Internet Explorer browser in Windows 8. Flash has been known as a big culprit when it comes to security vulnerabilities in the past, so here’s how to disable it. Note: We have outlined two methods for achieving the same goal, there is no need to do both. HTG Explains: What Is RSS and How Can I Benefit From Using It? HTG Explains: Why You Only Have to Wipe a Disk Once to Erase It HTG Explains: Learn How Websites Are Tracking You Online

    Read the article

  • Windows Azure Training Kit &ndash; August 2012 Released

    - by Clint Edmonson
    In this release of the training kit we have delivered 41 HOLs covering a wide variety of bug fixes and screen shot updates for Visual Studio 2012. We now have 35 Presentations with new content surrounding Windows Azure SQL Database, SQL Federation, Reporting and Data Sync (4) as well as Security & Identity (1); and Building Scalable, Global, and Highly Available Web Apps (1). Head over to http://aka.ms/WATK and download it now!

    Read the article

  • Week in Geek: Dropbox Rolls Out 2-Step Authentication Feature in Experimental Desktop Client Build

    - by Asian Angel
    Our last edition of WIG for August is filled with news link goodness covering topics such as Firefox 17 will make add-ons more secure, password hints are easily extracted from Windows 7 and 8, the latest stable release of ChromeOS adds a new apps list feature, and more. How To Switch Webmail Providers Without Losing All Your Email How To Force Windows Applications to Use a Specific CPU HTG Explains: Is UPnP a Security Risk?

    Read the article

  • Passenger package not found after adding phusion repo Ubuntu 12.04

    - by speshak
    I'm trying to install the official Passenger (and Nginx) packages from Phusion on an Ubuntu 12.04.3 server. I have the following in /etc/apt/sources.list.d/passenger: deb https://oss-binaries.phusionpassenger.com/apt/passenger precise main Even after running apt-get update there is no passenger package found by apt. I did verify that the package info appears in /var/lib/apt/lists/oss-binaries.phusionpassenger.com_apt_passenger_dists_precise_main_binary-amd64_Packages but at this point I'm at a loss as to why the package isn't available via apt-get. There are some packages (libapache2-mod-passenger, passenger-docs) that are available. These packages seem to also exist in universe, but apt-cache show lists both locations.

    Read the article

  • Can a consumer wireless router act as both a wireless client and access point?

    - by glibdud
    I'm going to be moving in the future, and integrating my home network into that of my landlord. I wish to maintain an isolated network while using his internet connection, so I'm planning on cascading my router off of his (WAN-to-LAN type configuration). Unfortunately, it looks like it might not be feasible to run a wire between the two. Therefore, I'd like to send my WAN connection over WiFi to his router. At my disposal, I have a WRT54GL (running Shibby's Tomato mod), and I just bought an Asus RT-N66U (I can be flexible with the firmware). My first thought was to set up the WRT as a wireless bridge, then run a wire between that and the N66U's WAN port. I'm reasonably sure I could make that work, but can I eliminate the WRT from the equation altogether? Can the N66U connect to the landlord's WiFi as a client, effectively using that as the WAN port, while simultaneously providing wireless access to my devices on an altogether different WLAN?

    Read the article

  • Collecting the Information in the Default Trace

    The default trace is still the best way of getting important information to provide a security audit of SQL Server, since it records such information as logins, changes to users and roles, changes in object permissions, error events and changes to both database settings and schemas. The only trouble is that the information is volatile. Feodor shows how to squirrel the information away to provide reports, check for unauthorised changes and provide forensic evidence.

    Read the article

  • Oracle Magazine, January/February 2010

    Oracle Magazine January/February features articles on the evolution of enterprise architecture, customer acquisition and retention with Oracle CRM On Demand, Oracle awards for 2009, task flow routers, privacy and security, Oracle Essbase, compressing with Oracle Exadata Hybrid Columnar Compression, Tom Kyte on Oracle Database 11g Release 2 and much more.

    Read the article

  • Multiple vulnerabilities in Wireshark

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-4048 Improper Control of Generation of Code ('Code Injection') vulnerability 3.3 Wireshark Solaris 11 11/11 SRU 11.4 CVE-2012-4049 Improper Control of Generation of Code ('Code Injection') vulnerability 2.9 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Multiple vulnerabilities in Wireshark

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-2392 Resource Management Errors vulnerability 3.3 Wireshark Solaris 11 11/11 SRU 11.4 CVE-2012-2393 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 3.3 CVE-2012-2394 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 3.3 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Idera Announces SQL Compliance Manager 3.6

    Perhaps the main highlight of SQL compliance manager 3.6's impressive set of features is its ability to actively track any activities of privileged users. When users of high administrative privileges access column groups in monitored tables, SQL compliance manager 3.6 issues alerts to security administrators, compliance officers, IT auditors, and the like in a proactive manner. Such functionality allows the product to provide an extra barrier against the possibility of insider threats to an organization's data. Idera developed SQL compliance manager to supply its clients with real-time audit...

    Read the article

  • Près de 10% des extensions Chrome seraient potentiellement malveillantes, d'après une étude

    Près de 10% des extensions Chrome seraient potentiellement malveillantes, d'après une étude Selon une étude réalisée par des chercheurs en sécurité et présentée hier lors de l'Usenix Security Symposium à San Diego (Californie), près de 10% des extensions du navigateur Google Chrome sont utilisées pour la fraude en affiliation et le vol de données. De plus, la plupart du temps, leurs actions sont indétectables par l'utilisateur. « Après avoir installé l'extension, l'utilisateur ne constate...

    Read the article

  • Calgary SEO For Emerging Entrepreneurs

    With the economy as it is and job security becoming a rapidly fading memory, more and more people are starting to realize that they have just as much chance of success working for themselves as they do working for a large corporation. This is a great sign for the economy as an economy is always the most stable when people are being creative, innovative, and creating value on their own.

    Read the article

  • Multiple vulnerabilities in Samba

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2522 Cross-Site Request Forgery (CSRF) vulnerability 6.8 Samba Solaris 10 SPARC: 119757-21 X86: 119758-21 Solaris 9 Contact Support CVE-2011-2694 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 2.6 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Specifying and applying broad changes to a program

    - by Victor Nicollet
    How do you handle incomplete feature requests, when the ones asking for the feature cannot possibly write a complete request? Consider an imaginary situation. You are a tech lead working on a piece of software that revolves around managing profiles (maybe they're contacts in a CRM-type application, or employees in an HR application), with many operations being directly or indirectly performed on those profiles — edit fields, add comments, attach documents, send e-mail... The higher-ups decide that a lock functionality should be added whereby a profile can be locked to prevent anyone else from doing any operations on it until it's unlocked — this feature would be used by security agents to prevent anyone from touching a profile pending a security audit. Obviously, such a feature interacts with many other existing features related to profiles. For example: Can one add a comment to a locked profile? Can one see e-mails that were sent by the system to the owner of a locked profile? Can one see who recently edited a locked profile? If an e-mail was in the process of being sent when the lock happened, is the e-mail sending canceled, delayed or performed as if nothing happened? If I just changed a profile and click the "cancel" link on the confirmation, does the lock prevent the cancel or does it still go through? In all of these cases, how do I tell the user that a lock is in place? Depending on the software, there could be hundreds of such interactions, and each interaction requires a decision — is the lock going to apply and if it does, how will it be displayed to the user? And the higher-ups asking for the feature probably only see a small fraction of these, so you will probably have a lot of questions coming up while you are working on the feature. How would you and your team handle this? Would you expect the higher-ups to come up with a complete description of all cases where the lock should apply (and how), and treat all other cases as if the lock did not exist? Would you try to determine all potential interactions based on existing specifications and code, list them and ask the higher-ups to make a decision on all those where the decision is not obvious? Would you just start working and ask questions as they come up? Would you try to change their minds and settle on a more easily described feature with similar effects? The information about existing features is, as I understand it, in the code — how do you bridge the gap between the decision-makers and that information they cannot access?

    Read the article

  • SystemTap 1.2 released

    <b>LWN.net:</b> "The systemtap team announces release 1.2. prototype perf event and hw-breakpoint probing, security fixes, error tolerance script language extensions, optimizations, tapsets, interesting new sample scripts, kernel versions 2.6.9 through 2.6.34-rc"

    Read the article

  • Interim Patches for CVE-2011-4313 released through MOS

    - by Alan
    As reported on the article on the Sun Security Blog, interim patches are available for Solaris 8,9 and 10 directly from MOS without the need to log a Service Request. There is also Interim Relief available for Solaris 11, but at this point in time that will still require a Service Request. As seen from running "named -V", these patches implement the same fix as ISC by taking Bind to the version:BIND 9.6-ESV-R5-P1.

    Read the article

  • Microsoft Delivers Record April Patch

    April marks another historic Patch Tuesday with 11 security bulletins being rolled out today by Microsoft....Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 319 320 321 322 323 324 325 326 327 328 329 330  | Next Page >