Computer Security
[EN] securityvulns.ru no-pyccku


Fake valid SSL certificate creation attack was successfully demonstrated
Published:31.12.2008
Source:
SecurityVulns ID:9553
Type:library
Threat Level:
8/10
Description:Valid fake SSL certificate creation attack was demonstratedby exploiting MD5 collisions and RapidSSL certificate generation procedures. The cost of attack is appoximately $2000.
Files:MD5 Considered Harmful Today Creating a rogue CA certificate

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:31.12.2008
Source:
SecurityVulns ID:9554
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: automated account registration, DoS.
Affected:POWERPHLOGGER : Power Phlogger 2.2
 MEGACUBO : Megacubo 5.0
Original documentdocumentMustLive, New vulnerabilities in Power Phlogger (31.12.2008)
 documentthe.dumenci_(at)_gmail.com, php-nuke 8.0 module sections artid blind sql inj vuln. (31.12.2008)
 documentpyro_(at)_nospam.it, Megacubo 5.0.7 (mega://) remote eval() injection exploit (31.12.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod