|
Description:
|
|
Welcome to the Tenable Network Security Podcast Episode 125
Announcements
New & Notable Plugins
Nessus
- QuickTime for Windows Versions prior to 7.7.2 Vulnerabilities - A long list of stack, heap and integer overflows in Quicktime is fixed with this set of patches for Quicktime running on Windows. I'm curious to see if there are exploits available and how modern protections against them will work, or not.
- SolarWinds Storage Manager Server LoginServlet SQL Injection - This is usually bad: '"he version of SolarWinds Storage Manager running on the remote host has a SQL injection vulnerability in the 'loginName' parameter of the 'LoginServlet' page." This typically means you do not need credentials to exploit the vulnerability, and access to the database via SQL injection can lead to shell access and the ability to download the data contained on the system.
- Pidgin OTR (Off-the-Record) Format String Vulnerability - I've used OTR for some time now to prevent attackers from snooping in on my IM conversations. It sounds like this could be exploited if you accepted a key from someone who was sending a malicious OTR key, thus triggering the format string vulnerability.
|
.png)
More
Religion & Spirituality
Education
Arts and Design
Health
Fashion & Beauty
Government & Organizations
Kids & family
Music
News & Politics
Science & Medicine
Society & Culture
Sports & Recreation
TV & Film
Technology
Philosophy
Storytelling
Horror and Paranomal
True Crime
Leisure
Travel
Fiction
Crypto
Marketing
History
Comedy
Arts
Games & Hobbies
Business
Motivation