Posts Tagged vulnerabilities
SQL Injection also affects Non-Web Applications
February 13, 2009
It is becoming clear that due to a massive adoption of open-source SQL-based databases such as MySQL, more products are moving towards a transparent integration for authentication and data retrieving purposes. In some cases, even non-web applications can take advantage of that. First question (or maybe the second) that come up in our mind is: […]
"Second Life" is also victim of SQL Injection
February 12, 2009
According to Hacker’s Blog, the famous virtual world “Second Life” was susceptible to a SQL injection vulnerability that eventually led to customer’s data, including payment details. Although evidences are obfuscated enough to protect personal data, it is clear that a SQL injection flaw was used to obtain full access to their database under “Events” section […]
Sun Security Kit Leaves Holes in RaQ4 Servers
January 29, 2009
Security patches aren’t supposed to create new vulnerabilities, but that’s precisely what happened with Sun’s Security Hardening Package (SHP) for the company’s popular line of Cobalt RaQ 4 Server Appliances. The package includes a script called overflow.cgi that does not properly filter user input, allowing an attacker to execute arbitrary commands with superuser privileges. Sun’s […]