Aggregator

2024年数据泄露风险态势依旧严峻，全年共有3.8万起风险事件，涉及金融、电商、汽车、物流等多个行业2598家企业……

A vulnerability, which was classified as critical, was found in Sun Solaris 7.0. This affects an unknown part of the file /var/dmi/db of the component DMI. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2000-0032. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SCO UnixWare 7.1. It has been classified as very critical. This affects an unknown part of the component i2odialogd Daemon. The manipulation of the argument Username/Password as part of Long Argument leads to memory corruption. This vulnerability is uniquely identified as CVE-2000-0026. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

活动时间：2025-01-15 10:00:00 - 2025-01-22 23:59:59

01活动形式相关靶场需要用阿里云邮箱激活后登录，请提前准备好相关账号- 靶场地址：https://******.aliyuncs.com/  比赛正式开始时公布- 阿里云邮箱注册地址：https://

活动时间：2025-01-15 10:00:00 - 2025-01-22 23:59:59

error code: 521

亲俄黑客Noname057(16)上周末针对意大利各部委、机构、关键基础设施网站和私人组织发动攻击。新一轮攻击恰逢乌克兰总统泽连斯基访问意大利。 该组织在其 Telegram 频道上宣布对此次攻击负责。 1 月 11 日星期六，攻击针对了意大利各部委和政府机构，而周日，新一波 DDoS 攻击袭击了意大利银行和私营企业。 黑客活动分子发起的攻击在威胁领域并不是什么新鲜事，并且会造成一些破坏和暂时的服务中断。 国家网络安全局 (ACN) 的专家为受影响的组织提供支持，减轻攻击并恢复功能。 目标名单很长，包括外交部、基础设施和交通部、意大利金融市场监管机构 Consob、空军、海军、宪兵队和当地公共交通公司，包括罗马的 Atac 和热那亚的 Amt。 Noname057(16) 黑客还攻击了意大利银行，包括 Intesa、Monte Paschi di Siena 以及意大利塔兰托和的里雅斯特港口。亲俄黑客还针对私人组织，包括 Vulcanair 和 Olidata。 12 月底，在地缘政治紧张局势加剧的背景下，亲俄组织 NoName057 对意大利的几家网站发起了新一轮 DDoS 攻击，其中包括马尔彭萨机场和利纳特机场。 NoName57 组织自 2022 年 3 月以来一直活跃，并以全球政府和关键基础设施组织为目标。   转自军哥网络安全读报，原文链接：https://mp.weixin.qq.com/s/ipCD7Z-4hPdf7PBBMiEiDA 封面来源于网络，如有侵权请联系删除

A vulnerability was found in Mozilla Firefox 1.5/1.5.0.1/1.5.0.2/1.5.0.3/1.5.0.4. It has been declared as critical. This vulnerability affects the function "string of the component Javascript Engine. The manipulation leads to numeric error. This vulnerability was named CVE-2006-3806. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 1.5/1.5.0.1/1.5.0.2/1.5.0.3/1.5.0.4. It has been rated as critical. This issue affects the function object. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2006-3807. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Mozilla Firefox 1.5/1.5.0.1/1.5.0.2/1.5.0.3/1.5.0.4. Affected by this issue is some unknown functionality of the component JavaScript. The manipulation leads to Remote Code Execution. This vulnerability is handled as CVE-2006-3801. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 1.5/1.5.0.1/1.5.0.2/1.5.0.3/1.5.0.4. It has been declared as critical. Affected by this vulnerability is the function toSource of the component Javascript Garbage Collector. The manipulation leads to memory corruption. This vulnerability is known as CVE-2006-3805. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 1.5/1.5.0.1/1.5.0.2/1.5.0.3/1.5.0.4 and classified as critical. Affected by this issue is the function new. The manipulation of the argument temporary leads to memory corruption. This vulnerability is handled as CVE-2006-3803. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird 1.5/1.5.0.2/1.5.0.4. It has been classified as critical. This affects an unknown part. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2006-3804. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Intervations FileCOPA 1.01. Affected by this issue is some unknown functionality of the file filecpnt.exe. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2006-3768. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in IBM WebSphere Application Server up to 6.1.0.3. Affected is an unknown function of the component Eal4 Authentication. The manipulation leads to numeric error. This vulnerability is traded as CVE-2006-3747. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in IBM WebSphere Application Server up to 6.1.0.3 on z/OS. Affected by this vulnerability is an unknown functionality of the component handleservantnotification. The manipulation leads to numeric error. This vulnerability is known as CVE-2006-3747. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Apache HTTP Server up to 2.2.3. Affected by this issue is some unknown functionality of the component mod_rewrite. The manipulation leads to numeric error. This vulnerability is handled as CVE-2006-3747. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.