SEARCH RESULTS
 
Showing 1-10 of 66 records
 
Expand article

Execute in PowerShell

2007-12-02 11:27:00 by Keith Brown in Security Briefs
 
...execute the next string as a command. The way to do this is to use the call operator & (ampersand). Here's what I ended up with: & $env:windirMicrosoft.NETFrameworkv2.0.50727aspnet regiis.exe -r That's more like it. This is the sort of little roadblock that tends to frustrate people trying to use PowerShell for the first time. I hope this helps
 
Tags: powershell, 50727aspnet regiis, env, powershell assumes, env namespace, exe, netframeworkv2, windirmicrosoft, call operator
 
 
 
 
Expand article

Giving SQL Injection the Respect it Deserves

2008-05-15 18:45:00 by sdl in The Security Development Lifecycle
 
...Execute-only Permission Use SQL Parameterized Queries From the SDL documentation Applications accessing a database must do so only using parameterized queries Creating dynamic queries using string concatenation potentially allows an attacker to execute an arbitrary query through the application. This vulnerability allows for unauthorized,...
 
Tags: sql, sql injection bug, sql injection requirements, sql injection attack, sql server, sql execute-only permission, malicious sql payload, sql injection, sql injection vulnerability
 
 
 
 
Expand article

Advisory: CiscoWorks Arbitrary Code Execution Vulnerability

2008-05-29 01:56:52 by Dave Lewis in Liquidmatrix Security Digest
 
...execute arbitrary code with elevated privileges This vulnerability exists due to an unspecified error in CiscoWorks Common Services. An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code resulting in complete system compromise Impact: Arbitrary code execution with elevated privileges. Fire bad...
 
Tags: vulnerability, cisco, cisco systems, cisco advisory, cisco security manager, vulnerability exists due, execute arbitrary code, ciscoworks common services, security
 
 
 
 
Expand article

Hansei and the CISO

The Article has images
2008-09-16 17:47:47 by Alex in RiskAnalys.is
...execute on them from some point in the past As an Aside: So Sarah if youre reading, this quote does much to explain why I said I disagree with much of what our industry calls risk management. We tend to define the process of risk management as essentially a tactical issue whack-a-mole exercise. Find the issue. Analyze the risk around the...
 
Tags: risk management requires, risk management, risk, hansei, risk register, program, manage risk, manage, adrians program diagram
 
 
 
 
Expand article

To All Strategists!

2008-01-15 22:54:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...execute what youre asking me to execute About me: http://www.chuvakin.org
 
Tags: strategist, strategist titles, fun quote, penelope wonders, execute, org, strategy, strength, people
 
 
 
 
Expand article

Squirreling Backdoors Into Distribution Points

2007-12-19 22:16:35 by Chris Eng in Zero in a bit
 
...executed, but we have since learned how to make it execute In PHP, $ SERVER is an array populated by the web server that contains information such as headers, paths, and script locations. This includes some user-supplied input such as the URL query string and the HTTP headers. SM PATH is the filesystem path where SquirrelMail is configured to...
 
Tags: md5 collisions, md5, md5 hashes, distribution, php, execute php code, execute, code, md5 unsafe
 
 
 
 
Expand article

Stiennon wants to know - it is all about execution

2008-03-21 01:15:44 by HASH0x8b48134 in StillSecure, After All These Years
 
...execute. You have certainly been at your share of companies and should know that by now Now lets get down to brass tacks. Just because Lockdown and a few other NAC companies that did not have competitive products went out of business, does that mean all NAC companies are going out of business? Talk about painting with a broad brush Richard!...
 
Tags: stiennon, nac, richard nac, ignorant, ignorant richard, richard, richard stiennon, top richard, nac companies
 
 
 
 
Expand article

HACKED BY THE RBN!

The Article has images
2008-04-01 15:52:09 by HASH0x8b24a94 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Execute our very latest, small sized executable files and let them do their job 58.65.239.42/jdk7dx/ inst250.exe 58.65.239.42/jdk7dx/ alexey.exe 58.65.239.42/jdk7dx/ 6.exe 58.65.239.42/jdk7dx/ 1103.exe 58.65.239.42/jdk7dx/ eagle.exe 58.65.239.42/jdk7dx/ krab.exe 58.65.239.42/jdk7dx/ win32.exe 58.65.239.42/jdk7dx/ pinch.exe...
 
Tags: 42jdk7dx, 42jdk7dx pinch, 42jdk7dx system, 42jdk7dx ldig0031242, 42jdk7dx inst250, 42jdk7dx bhos, 42jdk7dx win32, exe, 42jdk7dx bho
 
 
 
 
Expand article

Stiennon wants to know - it is all about execution

2008-03-21 02:15:44 by ashimmy in StillSecure, After All These Years
 
...execute. You have certainly been at your share of companies and should know that by now Now lets get down to brass tacks. Just because Lockdown and a few other NAC companies that did not have competitive products went out of business, does that mean all NAC companies are going out of business? Talk about painting with a broad brush Richard!...
 
Tags: stiennon, nac, richard nac, ignorant, ignorant richard, richard, richard stiennon, top richard, nac companies
 
 
 
 
Expand article

ShoutPro Vulnerability Currently Causing Issues For Websites

The Article has images
2008-06-26 10:22:27 by Christopher Boyd in SpywareGuide Greynets Blog
...execute arbitrary code Description ShoutPro 1.5.2 fails to fully sanitize user input ($shout) that it writes to the shouts.php file when adding a new message, this can result in the injection and execution of arbitrary php code Scope The vulnerability will in most cases allow an attacker to execute commands on the system, the issue may be...