Blog Posts Tagged with "MySQL"

69dafe8b58066478aea48f3d0f384820

State Sponsored IE Vulnerability and a Four Line MySQL Exploit

June 21, 2012 Added by:Headlines

Of the two latest Microsoft IE vulnerabilities, the first seems the most interesting. Rumored to be “State-Sponsored”, the vulnerability focuses on Gmail, MS Office and Internet Explorer. And as yet is still an active Zero Day exploit. Security software company Rapid 7 explains the vulnerability as follows...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

Analysis of the April 2012 CPU for the Oracle Database

April 23, 2012 Added by:Alexander Rothacker

It’s mid-April, so it’s Oracle CPU fallout time again. This CPU contains 88 fixes. Thirty-three in this CPU are for vulnerabilities that are remotely exploitable without authentication. In other words, anybody on the network can exploit these vulnerabilities...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Oracle Releases Critical Patch Updates for April 2012

April 18, 2012 Added by:Headlines

Oracle has released its Critical Patch Update for April 2012 to address 88 vulnerabilities across multiple products. US-CERT encourages users and administrators to review the April 2012 Critical Patch Update and apply any necessary updates to help mitigate the risks...

Comments  (0)

Ba829a6cb97f554ffb0272cd3d6c18a7

How to Avoid Being Miscast in a SOPA Opera

January 20, 2012 Added by:Kevin McAleavey

LOIC was originally written in C#, but a later variant was created in Javascript which permits it to be deployed from any internet connected device. LOIC and its JS variant are simple toys, but in the hands of enough people they can create a formidable DDOS attack on a site...

Comments  (2)

B451da363bb08b9a81ceadbadb5133ef

TeamSHATTER: Analysis of the January 2012 Oracle CPU

January 18, 2012 Added by:Alexander Rothacker

This time ere are only TWO fixes. This is the lowest number ever since the CPU program has started in 2005. Oracle, what happened? Did you throw in the towel on DBMS fixes? I know it’s not because the Database is finally fixed for good and is now suddenly secure...

Comments  (0)

3ebd200287a032cf6d13d6b75a570c94

High Fashion, Low Security - Part Duex

August 25, 2011 Added by:David Martinez

I spy serious SQL issues… I had the hashes for the admins table, info from the customers table, as well as the full output of the transactions and users tables, which included MD5 hashes of CC numbers. The hashes were all 64-bits from a MySQL db, which means they were probably SHA256...

Comments  (0)

3ebd200287a032cf6d13d6b75a570c94

High Fashion - Low Security

August 15, 2011 Added by:David Martinez

In the end, I had the hashes for the admins table, full customer info from the customers table, as well as the full output of the transactions and users tables, which included MD5 hashes of CC numbers. The hashes were all 64-bits from a MySQL db, which means they were probably SHA256...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

MySQL Website Hacked (Ironically) by Blind SQL Injection

March 28, 2011 Added by:Rafal Los

Allow me to point out a little bit of irony in this headline... a website for one of the more popular open-source database alternatives gets completely compromised using blind SQL Injection. Ouch. Someone going by the moniker "Jack Haxor" posted this to the Full Disclosure mailing list...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Is Oracle Playing Nice With Java and MySQL?

March 09, 2011 Added by:Bill Gerneglia

Despite a series of snubs toward the Java community, Oracle continues to engage and just recently offered up a new Java Specification Request (JSR) 342, intended to convert Java Enterprise Edition (Java EE) 7 into a building block of cloud services...

Comments  (0)