- Page 2 ⇒ News ⇒ CPG Dragonfly™ CMS
Security


Search on This Topic:
Go to Home | Select a New Topic

{article/topic_title} Microsoft Windows Image Rendering Memory Limit DoS

Posted by Daimos on (7457 views)
Microsoft Windows Image Rendering Memory Limit DoS Research Luis Alberto Cortes Zavala Security Consultant Introduction We make the research about this send we found the following situation: We prefer to call it as “Microsoft Windows Image Rendering Memory Limit DoS”, on our research we test the following OS: - Microsoft Windows 2k (All Patches) - Microsoft Windows XP (Without And with all patches, Including SP) The first time I try to exploit this I found my windows advisement of “Virtual Memory is Full”, and then the OS Crashed, after some test I found that it depends of the amount of memory needed to render the image for windows crashes or not, as the same the amount of virtual memory that we use to have.

{article/topic_title} IMPORTANT Dragonfly 9.0.3 Released

Posted by DJMaze on (7457 views)
Due to a bug one of our developers made between 9.0.1 and 9.0.2 the email address of each member is shown to everyone.
Please upgrade your Dragonfly 9.0.2 to 9.0.3 to solve this issue.
http://dragonflycms.com/Downloads_9x/details/id=28.html

If you can't upgrade your 9.0.2 please post a message in our forums including the revision number of your 'modules/Your_Account/userinfo.php' and we will gladly help you.

Sincirely,

the CPG-Nuke Team

{article/topic_title} PHP 5.0.4 and 4.3.11 Released

Posted by Robru on (6354 views)

[31-Mar-2005] The PHP Development Team would like to announce the immediate release of PHP 5.0.4 and 4.3.11 . These are maintenance releases that in addition to non-critical bug fixes address several security issues. All Users of PHP are strongly encouraged to upgrade to one of these releases as soon as possible.

{article/topic_title} Worm currently exploiting MySQL on Windows

Posted by akamu on (7599 views)
UNIRAS (UK Gov CERT) Advisory Type: Alert Id: 20050128-00078 Ref: 09/2005 Date: 28 January 2005 Time: 09:10 Abstract: The worm installs a malicious trojan executable spoolcll.exe in the System32 directory. spoolcll.exe is installed as a new service "Event Monitor". Vendors affected: Microsoft Operating Systems affected: Windows Applications/Services affected: MySQL Impact: Denial of service

{article/topic_title} security hole recently found in AWStats

Posted by NanoCaiordo on (38722 views)
Warning, a security hole was recently found in AWStats versions from 5.0 to 6.2 when AWStats is used as a CGI: A remote user can execute arbitrary commands on your server using permissions of your web server user (in most cases user "nobody"). If you use AWStats with another version or is not available as a CGI, you are safe. If not, it is highly recommanded to upgrade to 6.4 version that fix all known security holes. info source
News last 5 articles
Dragonfly CMS v10 [ 1 comment - 2495 views ]
SpyHunter opens lawsuit against bleepingcomputer.com [ 0 comments - 2551 views ]
v10 gets Emoji support [ 0 comments - 12612 views ]
Dragonfly CMS 9.3.4.0 released! [ 0 comments - 2158 views ]
DizWebDesign Update [ 0 comments - 1894 views ]

User Info
Dragonfly CMS v10 [ 1 comment - 2495 views ]
SpyHunter opens lawsuit against bleepingcomputer.com [ 0 comments - 2551 views ]
v10 gets Emoji support [ 0 comments - 12612 views ]
Dragonfly CMS 9.3.4.0 released! [ 0 comments - 2158 views ]
DizWebDesign Update [ 0 comments - 1894 views ]

Community
Dragonfly CMS v10 [ 1 comment - 2495 views ]
SpyHunter opens lawsuit against bleepingcomputer.com [ 0 comments - 2551 views ]
v10 gets Emoji support [ 0 comments - 12612 views ]
Dragonfly CMS 9.3.4.0 released! [ 0 comments - 2158 views ]
DizWebDesign Update [ 0 comments - 1894 views ]