SpeculativeExecutionVulnerabilities - FreeBSD Wiki
NOTE: Descriptions above indicate patch applicability (e.g. arch and variant) but are not necessarily the entire/full or final mitigation for the issue. AMD64 user guide Meltdown (CVE-2017-5754) Meltdown vulnerability mitigation requires using separate kernel and user mode page tables, so that user mode does not have sensitive physical pages mapped even with restricted permissions. The technique i
Outpost24's TCP DOS Attack Explained
Explaining the “New†TCP Resource Exhaustion Denial of Service (DoS) Attack by Fyodor, October 2, 2008 Introduction Robert Lee and Jack Louis recently went public claiming to have discovered a new and devastating denial of service (DoS) vulnerability in the core TCP/IP protocol stack used for almost all Internet communication. They refuse to release details before their talk at the T2 security con
IE ã«ãŠã‘ã‚‹ "expression" ã®éŽå‰°æ¤œå‡ºã«ã‚ˆã‚‹ XSS 㮠誘å›
IE ã«ãŠã‘ã‚‹ "expression" ã®éŽå‰°æ¤œå‡ºã«ã‚ˆã‚‹ XSS ã® èª˜å› 2006-08-31-1: [Security] http://archive.openmya.devnull.jp/2006.08/msg00369.html IE ã§ã¯ expression(å¼) をスタイルシート内ã§è¨˜è¿°ã™ã‚‹ã“ã¨ã§ JavaScript を記述ã™ã‚‹ã“ã¨ãŒã§ãã‚‹ã®ã¯æœ‰åã§ã™ãŒï¼Œ IE ã«ã‚ˆã‚‹ expression ã®æ¤œå‡ºãŒã‚„ãŸã‚‰éŽå‰°ã§ XSS を引ãèµ·ã“ã—ã‚„ã™ã„ã¨ã„ã†ã“ã¨ã‚‰ã—ã„. 実態å‚照やコメントã®æŒ¿å…¥ï¼ŒUnicode æ–‡å—,全角文å—ã§è¨˜è¿°ã—ã¦ã‚‚ expression ã¨ã—ã¦æ¤œå‡ºã•ã‚Œã‚‹ï¼Ž 詳細ã¯ï¼Œä¸Šè¨˜ã‚µã‚¤ãƒˆã‚ˆã‚Šå¼•ç”¨ï¼Ž IE ã§ã¯ã€ä»¥ä¸‹ã®ã‚ˆã†ãªã‚¹ã‚¿ã‚¤ãƒ«ã‚’記述ã™ã‚‹ã“ã¨ã§ã€JavaScript を動作ã•ã›ã‚‹ ã“ã¨ãŒå¯èƒ½ã§ã™ã€‚ 1) <style>ブãƒãƒƒã‚¯å†…ã§ã®å®šç¾© <style>input { l
リクエストをã„ã˜ã‚Œã°è„†å¼±æ€§ã®ä»•çµ„ã¿ãŒè¦‹ãˆã‚‹ã®ã ï¼
telnetã§ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’打ã¤ã®ã¯é¢å€’…… クウ 「ã†ãƒ¼ã‚“。ã‚ã‚“ã©ãã•ã„……〠ジュンã•ã‚“ã«Webアプリエンジニアã¨ã—ã¦é‡è¦ãªåŸºç¤Žã€HTTPã®ã—ãã¿ã‚’æ•™ãˆã¦ã‚‚らã£ãŸã‚¯ã‚¦ã¯ã€å¼•ã続ãHTTPã¨æ ¼é—˜ä¸ã 。 クウã¯ã‚¸ãƒ¥ãƒ³ã•ã‚“ã«æ•™ã‚ã£ãŸã¨ãŠã‚Štelnetを使ã£ã¦HTTPを勉強ã—ã¦ã„ãŸã€‚ã—ã‹ã—ã€telnetã§é™çš„ファイルã®é–²è¦§ãªã©ã¯æ¯”較的簡å˜ã«ã§ãã‚‹ã®ã ãŒã€è‚心ã®Webアプリケーションã®é–²è¦§ã‚’è¡Œã†ã«ã¯éžå¸¸ã«é¢å€’ã§ã‚ã£ãŸã€‚ ユウヤ 「ã©ã†ã—ãŸã®ï¼Ÿã€ クウ 「HTTPã®å‹‰å¼·ã—よã†ã¨æ€ã£ãŸã‚“ã ã‘ã©ã€ã‚³ãƒžãƒ³ãƒ‰ã‚’ã„ã¡ã„ã¡æ‰“ã¡è¾¼ã‚€ã®å¤§å¤‰ãªã‚“ã よã……〠ユウヤ 「ãªã‚“ã‹ãã†ã„ã†ã®ã€ç°¡å˜ã«ã§ãるツールã‚ã‚‹ã‚“ã˜ã‚ƒãªã„ã®ï¼Ÿã€ クウ 「ã‚ã‚ã€ãã†ã‹ã€‚よã考ãˆãŸã‚‰ãã†ã„ã†ã®ã‚ã‚Šãã†ã ã。ã¡ã‚‡ã£ã¨æŽ¢ã—ã¦ã¿ã‚ˆã£ã¨ã€ ユウヤ 「ã¾ã‚ã€ãã‚Œã¯ã„ã„ã¨ã—ã¦ã ã€‚æ˜¨æ—¥é ¼ã‚“ã§ãŠã„ãŸè³‡æ–™ã£ã¦ã©ã†ãªã£ãŸï¼Ÿã€ クウ 「ã‚ã‚ã£ã€‚ã”ã‚ã‚“ï¼ å…±æœ‰ã‚µãƒ¼
1
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
Cacti 0.8.7b and 0.8.6k release - IMPORTANT SECURITY UPDATES - Cacti
{{#tags}}- {{label}}
{{/tags}}