Description: tibco远程缓冲区溢出漏洞利用代码,适用各操作系统,本程序为win32平台下的-tibco Remote Buffer Overflow Vulnerability use code, the application of the operating system, The procedures for the win32 platform Platform: |
Size: 5352 |
Author:李网 |
Hits:
Description: tibco远程缓冲区溢出漏洞利用代码,适用各操作系统,本程序为win32平台下的-tibco Remote Buffer Overflow Vulnerability use code, the application of the operating system, The procedures for the win32 platform Platform: |
Size: 5120 |
Author:李网 |
Hits:
Description: 网络漏洞扫描系四类重要安全工具之一,介绍了其基本概念,并在此基础上提出一个网络漏洞扫描系
统模型,该系统的客户端采取远程登录、申请漏洞扫描,然后服务器端启动扫描引擎对目标系统进行扫描。该
系统高效、准确、可扩展。-Network vulnerability scanning lines, one of four important security tool, introduce its basic concepts, and on this basis to propose a network vulnerability scanning system model of the system to take telnet client application vulnerability scanning, and then start the server-side scan engine scan on the target system. The system is efficient, accurate and scalable. Platform: |
Size: 180224 |
Author:出棋至圣 |
Hits:
Description: WIVET is a benchmarking project that aims to statistically analyze web link extractors. In general, web application vulnerability scanners fall into this category. These VAs, given a URL(s), try to extract as many input vectors as possibly they can to increase the coverage of the attack surface.
WIVET provides a good sum of input vectors to any extractor and presents the results. In order an input extractor to run meaningfully, it has to provide some kind of session handling, which nearly all of the decent crawlers do. -WIVET is a benchmarking project that aims to statistically analyze web link extractors. In general, web application vulnerability scanners fall into this category. These VAs, given a URL(s), try to extract as many input vectors as possibly they can to increase the coverage of the attack surface.
WIVET provides a good sum of input vectors to any extractor and presents the results. In order an input extractor to run meaningfully, it has to provide some kind of session handling, which nearly all of the decent crawlers do.
Platform: |
Size: 248832 |
Author:sogetthis |
Hits:
Description: 漏洞扫描系统在高校校园网中的应用-一篇很不错的硕士论文-Vulnerability scanning system in the campus network application- a very good master' s thesis Platform: |
Size: 2865152 |
Author:云 |
Hits:
Description: war-ftp 1.65存在缓冲区溢出漏洞:发送长度超过480B的用户名给war-ftp服务器就可以触发漏洞(即USER longString\n\r),溢出之后ESP指令寄存器的内容包含了longString中的部分内容。远程攻击者可以利用此漏洞以应用程序进程权限执行任意指令。-war-ftp 1.65 a buffer overflow vulnerability: send more than 480B username length to the war-ftp server can trigger the vulnerability (ie the the USER longString \ n \ r), the overflow after the the ESP instruction register contains part of the contents of the longString. Remote attacker could exploit this vulnerability to execute arbitrary commands in the application process rights. Platform: |
Size: 1186816 |
Author:zyxlive |
Hits:
Description: PHP其实不过是Web服务器的一个模块功能,所以首先要保证Web服务器的安全。当然Web服务器要安全又必须是先保证系统安全,这样就扯远了,无穷无尽。PHP可以和各种Web服务器结合,这里也只讨论Apache。非常建议以chroot方式安装启动Apache,这样即使Apache和PHP及其脚本出现漏洞,受影响的也只有这个禁锢的系统,不会危害实际系统。但是使用chroot的Apache后,给应用也会带来一定的麻烦,比如连接mysql时必须用127.0.0.1地址使用tcp连接而不能用localhost实现socket连接,这在效率上会稍微差一点。还有mail函数发送邮件也是个问题,因为php.ini里的-PHP In fact, it is a module of the Web server function, so we must first ensure the security of the Web server. Of course, the Web server to be safe and must first ensure the safety of the system, so that you pull away, endless. PHP can be combined with a variety of Web servers, here only discuss Apache. Is highly recommended to install chroot start Apache, so that even if the Apache and PHP scripting vulnerability that affected only the detention system, will not harm the actual system. Use the chroot Apache to the application will also bring some trouble, such as mysql connection must be used with the 127.0.0.1 address the tcp connection rather than using localhost socket connection in efficiency will be a little bit worse. Mail function to send mail is also a problem, because the php.ini ... Platform: |
Size: 8192 |
Author:fu wen pan |
Hits:
Description: CVE-2011-1149漏洞是 Android 2.3之前的版本没有正确的限制系统属性空间的访问权限,使得本地应用可以绕开应用沙箱提升与Android共享内存相关的特权,如KillingInTheNameOf 和psneuter。与Android共享内存(ashmem) 和ASHMEM_SET_PROT_MASK有关。-CVE-2011-1149 vulnerability is Android 2.3 versions prior to system properties is not properly restricted access to space, making the local application can bypass the sandbox upgrade and Android application shared memory-related privileges, such as KillingInTheNameOf and psneuter. Shared memory with Android (ashmem) and ASHMEM_SET_PROT_MASK related. Platform: |
Size: 260096 |
Author:王淖尔 |
Hits:
Description: 安全中心整站系统是一个网络安全类整站系统。由七个模块组成,其中包括:文章系统(安全文档)、下载系统(安全工具、**作品)、漏洞发布系统(安全漏洞)、代码发布模块(漏洞利用)、在线申请模块(工作室)和信息发布模块(关于我们)。 -Security Center The whole station system is a network security class whole station system. (Security tools,** works), vulnerability distribution system (security vulnerabilities), the code release module (exploit), online application module (studio), the application system, And information dissemination module (about us). Platform: |
Size: 872448 |
Author:zrp |
Hits:
Search - application vulnerability