ESET Nod32 Antivirus | Antispyware | Console d administration
Chercher :
Newsletter :  
Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs



Abonnez vous � Nessus Professional Feed !

Sponsors :

Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs

Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

Secumail :
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS/XML :
- Articles
- Brèves
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS SecuObs :
- sécurité
- exploit
- windows
- microsoft
- réseau
- attaque

RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network

RSS Videos :
- vmware
- security
- virus
- biometric
- windows
- lockpicking

RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco

RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS OPML :
- Français
- International

Abonnez vous � Nessus Professional Feed !


Revue de presse francophone :
- FreeBSD, NetBSD, OpenBSD déni de service de ftpd
- emission du 14 mars 10
- La Face cachée de Facebook
- La Fesse cachée d AppStore
- TYPO3 authentification via OpenID
- Booter sur une clef USB avec Backtrack
- Deadline Extension For Les Contorsions Technologiques
- Sun Identity Manager élévation de privilèges
- Oracle Application Server multiples vulnérabilités de janvier 2010
- Oracle WebLogic multiples vulnérabilités de janvier 2010
- Quand le mail de phishing contient le formulaire
- MIT krb5 débordement d'entier de AES et RC4
- Noyau Linux déni de service via GFS
- RIP SecurityFocus
- Malware PS2 Emulators - Play 2 Emulator

Dernier articles de SecuObs :
- Edenwall obtient une subvention de la DGA
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- Une faille dans l’implémentation RSA de OpenSSL
- Flint un scanner pour simuler, vérifier et nettoyer les règles de filtrage
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- 100 000 dollars pour le Pwn2own 2010
- Un botnet qui rapporte gros
- Webraider offre un reverse shell contre une simple injection SQL
- Des nouvelles du traité secret ACTA
- Keimpx un outil d'audit pour les réseaux Microsoft Windows

Revue de presse internationale :
- Police launch new high-tech mobile phone unit in Kent, UK
- Digital Forensics Magazine Promote Global Survey Into Forensics Tools
- WSJ Forbidden Fruit - Microsoft Workers Hide Their iPhones
- Daily Record Royal Bank of Scotland raiders' huge 6m haul in just 12 hours
- USENIX HotSec 10 Call for Papers Now Available
- Help wanted Agencies expect to hire more info security pros in 2010
- Hancock Fabrics Hackers Switch Stores PIN Pads
- Iran hacks opposition Web sites, arrests cyber activists
- Rogue software details Smart Security
- Links for 2010-03-14 del.icio.us
- CAN-Safety for Emergency Responders
- EU to provide 45,000 micro-loans to unemployed and small entrepreneurs
- Firebug firefox plugin for Web Development and testing.
- USENIX HotSec '10 Call for Papers Now Available
- Help wanted Agencies expect to hire more info security pros in 2010

Annuaire des videos
- Metasploit Meterpreter Reverse wmv
- Convert File exe To shellcode avi
- new botnet infects 13 millon computers overseas
- VMware Site Recovery Manager SRM 02 SAN Setup using Lefthand VSA
- How to restore your windows login Password
- iptables Walkthrough Linux Firewall
- Nieuwslicht Een computervirus maken dat kan iedereen Dutch news clip
- Bypassing AV with Metasploit
- Fluoride from China Census Healthcare reconciliation worker biometric ID card illegal
- Immigration reform goes biometric
- How hack a remote system using Metasploit
- Iptables ogv
- Robot Following a Colored Target
- US to Use Immigration to Push National Biometric ID
- smartphone botnet article

Revue Twitter
- Cisco's latest Annual Security Report for 2009 focuses on the impact of social media, cloud computing, spam and more http://bit.ly/9AUN7H
- RT @SecurityTube: [Video] Simple Linux Malware Construction by Netinfinity http://bit.ly/3LrFiA
- Ultra-High Frequency Gen 2 Desktop RFID Reader/Writer: Toronto, Canada - GAO RFID Inc. (www.GAORFID.com) has rolle... http://bit.ly/dxgvzQ
- New machine speeds sorting at Prescott Valley library: The sorter contains RFID (radio-frequency identification) t... http://bit.ly/aIvO9B
- News Update: Tunnelling over SSH proxy http://ow.ly/16NXl7
- News Update: Cisco ASA Version 8.3 | NetworkWorld.com Community http://ow.ly/16NXoK
- News Update: Hardened-PHP Project - PHP Security - Suhosin - Suhosin is an advanced protection system for PHP insta... http://ow.ly/16NZx1
- News Update: PREDATOR | PREDATOR - PREDATOR locks your PC while you are away; it uses a regular USB flash disk as a... http://ow.ly/16NZx2
- News Update: Data Encryption With JavaScript: jCryption - a jQuery plugin for encrypting POST/GET data submitted by... http://ow.ly/16NZwY
- News Update: Install Avira Antivir on Linux http://ow.ly/16O0vC

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse
Annuaires des videos : vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux

+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter



Top bi-hebdo des articles de SecuObs
- Apprendre à parler Skype pour mieux le faire taire !
- Des nouvelles du traité secret ACTA
- Une faille dans l’implémentation RSA de OpenSSL
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- Keimpx un outil d'audit pour les réseaux Microsoft Windows
- Webraider offre un reverse shell contre une simple injection SQL
- 100 000 dollars pour le Pwn2own 2010
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- Flint un scanner pour simuler, vérifier et nettoyer les règles de filtrage
- Un botnet qui rapporte gros

Top bi-hebdo de la revue de presse
- How to Jailbreak iPhone 3.1.3 IPSW with PwnageTool 3.1.5
- Dev Team Confirms iPhone 3.1.3 IPSW Jailbreak
- Rozlyn Papa sex tape rumours lead to malware
- FREE Kaspersky Internet Security 2010 Activation Code Valid for 6 Months
- installer backtrack 4 [tuto]
- Nouveau dictionnaire WPA Livebox
- Sea World killer whale attack video leads to malware
- Windows 7 browser choice screen March 1 Office 2010 ballot screen Highly critical Firefox vulnerability Google CEO Schmidt knows everything about you
- Le premier faux antivirus gratuit-payant
- Flight simulator, c est périmé

Top bi-hebdo de l'annuaire des videos
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- install MacOSX Snow Leopard in Windows PC using Vmware Workstation as virtual machine
- Blaze botnet in action www opensc ws
- Ettercap Tutorial Man In The Middle Arp Attack
- Basic Squid Proxy Server Tutorial Part 3 of 3
- Windows XP Pro SP3 in VMWare off iSCSI Target using gPXE over 802.11n
- Running Wireshark on Mac OS X 10 6 Snow Leopard
- Windows Backtrack 4 in Virtualbox Part 1
- Avast Internet Security 5 0 396 Final Free Full Download Licensed with Serial Key
- vSphere 4 0 update 1 VMware Update Manager and EMC PowerPath VE

Top bi-hebdo de la revue Twitter
- Wirshark + SSH = Wireshark Remote Capturing - http://www.howtoforge.com/wireshark-remote-capturing (via @welias)
- RT @FrikiFeeds: The newbie's guide to hacking the Linux kernel | TuxRadar Linux http://dlvr.it/6sQp
- RT @manicode: Very interesting Java ESAPI-like library coming out of Apache : http://bit.ly/9poefg
- Watching Metasploit Tricks 1 from @mubix - http://vimeo.com/9695470
- Exploit for Apache mod_isapi = 2.2.14 Dangling Pointer (CVE2010-0425) vulnerability ported to Metasploit http://bit.ly/ctDQjk
- Discoverer: Automatic Protocol Reverse Engineering from Network Traces #pdf http://ow.ly/1gHd1
- RT @damienmiller: Help test the new OpenSSH release (it's a big one): http://bit.ly/avLI9B #openbsd #openssh
- Product Watch: Free Tool Cleans Up Rusty, Unsafe Firewall Settings - Dark Reading http://bit.ly/d8hGhS #Security
- Nux Keylogger 0.0.1 http://packetstormsecurity.org/filedesc/nuxkeylogger0.0.1.c.html
- Apache releases version 2.2.15 with 5 security fixes including OpenSSL issue. http://bit.ly/9OGP6H

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- Microsoft Gazelle, mini-OS virtuel basé sur MashupOS pour une navigation Web sécurisée par isolation
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- [Hacking Hardware - Partie 1] - Introduction et présentation

Linux kernel minor signal vulnerability
Les derniers commentaires publiés sur SecuObs (1-5):
- Video : Discovering CSRF with OWASP's CSRFTester Tool
- How your email gets hacked
- Sniff-n-Spit v1.0 - intercepting communications
- RFID reader for iPhone
- Fimap alpha v0.8 released
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]
S'abonner au fil RSS global de la revue de presse


Linux kernel minor signal vulnerability

Par Security
Le [2009-06-25] à 06:37:18


Présentation : I recently came up with a little API abuse of the clone() system call. Not earth shattering, but definitely fun. Essentially, you can send any signal you want at any time to your parent process, even if it is running with real and effective user id of someone else (e.g. root). Full technical details and an example may be found here: http://scary.beasts.org/security/CESA-2009-002.html Maybe someone more devious that me can come up with better abuse scenarios than I can. Have at it... Signals are a tricky area of the kernel on a lot of levels. I find it interesting that every slightly unusual way to send signals in the kernel has suffered from access control issues in the past. For example, this COSEINC advisory notes issues in sending signals via prctl(PR_SET_PDEATHSIG, ...). There were multi-vendor issues with fcntl(..., F_SETOWN, ...) a long time ago which resurfaced in a Linux-specific manner a little after.[]

Les mots clés de la revue de presse pour cet article : linux kernel vulnerability
Les videos sur SecuObs pour les mots clés : linux vulnerability
Les mots clés pour les articles publiés sur SecuObs : linux
Les éléments de la revue Twitter pour les mots clé : linux kernel vulnerability



AddThis Social Bookmark Widget



Les derniers articles du site "Security" :

- 0-day exploits for IE flaw another reason to switch to IE 8
- Medicine, Taxation, and Identity in Cyberspace
- etc Another botnet takes a beating as Kazakh ISP Troyak is taken offline, temporarily disabling most of the command-and-control servers for the Zeus network.
- Bad employee 12pourcents knowingly violate company IT policies
- LifeLock forks over 12M over lack of life-locking ability
- etc Cheapy cable outlet Monoprice may have been hacked. Monoprice says some customers including some of us at Ars have reported fraudulent charges, so check your statements
- Cisco Security Intelligence Operations and Microsoft Tuesday
- etc Drudge Report is reportedly serving up malware in addition to its conservative take on the news. Drudge denies it.
- etc Opera acknowledges arbitrary code execution security flaw in 10.50. A fix will be available soon .
- The Order of Network Operations



S'abonner au fil RSS global de la revue de presse
Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

Si vous voulez bloquer ce service sur vos fils RSS :
 - avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail





Les derniers commentaires publiés sur SecuObs (6-25):
- ESRT @Opexxx - Add IPv6 DNS Brute Forcing - Metasploit DNS Enum module
- ESRT @nevdull77 - XSS demo steals password from password manager
- Video : ESRT @SecurityTube - Video Internet Explorer Iepeers Pointer Exploit
- ESRT @0x58 @packet_storm - Adobe PDF LibTiff Integer Overflow
- Video : ESRT @TimelessP - Aurora Exploit with alternate payload passing throu
- ESRT @ITVulnerability - PeerSec MatrixSSL - Embedded SSL and TLS implementati
- ESRT @packet_storm - Nux Keylogger 0.0.1
- ESRT @threatpost - New capabilities are strengthening the ZeuS botnet allowin
- Wireshark Display Filters cheatsheet v2.0
- tcpdump cheatsheet v2.0
- ESRT @virturity - Virtualization security assessment modules for Metasploit V
- ESRT @opexxx - Meterpreter script for extracting information from Windows lnk
- Update on Microsoft Security Advisory 981374
- SSD Tools Crack Passwords 100 Times Faster
- phpMyAdmin version 3.3.0 suffers from a cross site scripting vulnerability
- libcap-ng 0.6.3
- iScanner v0.4 released - Malicious codes scanner
- A vulnerability in Apple Safari, caused by an integer overflow error in Color
- CHScanner is an ARP, IPv4 and IPv6 network scanner with 31 scan methods
- Burp Suite Tutorial The Intruder Tool


SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Archives Failles Secunia :
- SA38905 Debian update for linux-2.6
- SA38927 Fedora update for cups
- SA38932 Apple Safari Multiple Vulnerabilities
- SA38900 Eros Webkatalog id SQL Injection Vulnerability
- SA38888 Unbound Memory Alignment Denial of Service

Archives Mailing Full Disclosure :
- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e).
- Re: Full-disclosure HITB-Announce HITBSecConf2010 - Dubai Agenda Released
- Full-disclosure HITB-Announce HITBSecConf2010 - Dubai Agenda Released
- Re: Full-disclosure SecurityFocus to partially shut down
- Re: Full-disclosure SecurityFocus to partially shut down

Archives Mailing Bugtraq :
- VUPEN Security Research - Apple Safari ColorSync Profile Integer Overflow Vulnerability
- XSS I found a xss in phpmyadmin 3.3.0 when we create new database in interface!
- SECURITY DSA 2014-1 New moin packages fix several vulnerabilities
- USN-911-1 MoinMoin vulnerabilities
- iDefense Security Advisory 03.11.10: Multiple Vendor WebKit HTML Element Use After Free Vulnerability
- SECURITY DSA 2013-1 New egroupware packages fix several vulnerabilities

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :