Apple released its patch for the Bash vulnerability, repairing versions of OS X vulnerable to Shellshock exploits.
Browsing Category: Vulnerabilities
Researcher Ryan Dewhurst released the WPScan Vulnerability Database, a database housing security vulnerabilities in WordPress core code, plug-ins and themes. It’s available for pen-testers, WordPress administrators and developers.
All versions of an HTML editor used in several Microsoft properties, including ASP.NET, suffer from a high-risk cross-site scripting (XSS) vulnerability.
Two malware samples trying to exploit the Bash vulnerability, both DDoS bots, were snared in a honeypot belonging to AlienVault Labs.
Experts are concerned that many Linux-based industrial control systems and embedded systems could be too steep a patching challenge and remain in the crosshairs of the Bash vulnerability.
Users of Mozilla products should update Firefox, NSS, SeaMonkey and Thunderbird in order to obtain fixes for a bug that could let an attacker forge RSA certificates and perform man-in-the-middle attacks.
Reports of the first in-the-wild exploits targeting the Bash vulnerability have surfaced, as have complaints the first patches for the bug are incomplete.
David Jacoby looked at all of the Web-enabled devices in his house–TV, game console, network storage device–and found a handful of exploitable bugs in them.
While bounties have now become commonplace, simply offering one doesn’t guarantee any level of success for a vendor.
A critical remote code execution vulnerability in Bash, present in almost all Linux, UNIX and Mac OS X deployments, has been discovered. Experts advise immediate patching.