web folder behaviors cross-domain vulnerability

TechRepublic Resources

• sort by:
• Relevance
• Date
• Popularity

Microsoft releases three critical security bulletins for August

Microsoft has released six security bulletins for August, three of which are critical. However, of the three critical updates, only one has seen active exploitation so far. In this edition of the IT Locksmith, John McCormick's got the details on MS05-038, MS05-039, and MS05-043. After releasing only three...

Tags: Microsoft Corp., John McCormick, Microsoft Word, Patches, security bulletin, vulnerability, security, Microsoft Security, MS05-038, bulletin, IT Locksmith Newsletter, Microsoft Windows Server, Update, Threat, JPEG Image Rendering Memory Corruption Vulnerability, Web Folder Behaviors Cross-Domain Vulnerability, Microsoft Windows, Microsoft Windows Server 2003, Operating Systems, Servers, Software, Hardware

Technical articles 2005-08-15

Additional Resources

Protect your Web site from cross-site scripting attacks

Cross-site scripting XSS attacks, a method by which attackers embed HTML scripts either in Web postings stored XSS or input fields on a Web site reflected XSS, are gaining popularity, most likely due to the relative ease with which they can be executed on unwitting victims. You can assess the...

Tags: Web, XSS, Web Site, Attack

Download resources 2005-06-06

Acunetix Web Vulnerability Scanner (exe)

Acunetix Web Vulnerability Scanner WVS tests the security of your Web site by crawling it and launching popular attacks such as cross-site scripting and SQL injection. Identify vulnerabilities in shopping carts, forms, secured areas, and other Web applications before hackers do. 75% of Internet attacks are on Web-based applications because...

Tags: Vulnerability, Web Application, Scanners, Security, Hardware, Peripherals

Software downloads 2005-03-09

Use the revised OWASP Top Ten to secure your Web applications -- Part 2

Cross site scripting XSS vulnerabilities are normally found in Web applications in which code injection is allowed. It is the most common Web application vulnerability. Scripts exploiting this weakness can cause serious problems for home and business users. In this download, Tom Olzak explores the types of cross site scripting...

Tags: XSS, Web Application

Download resources 2007-03-05

Subspace: Secure Cross-Domain Communication for Web Mashups

Combining data and code from third-party sources has enabled a new wave of web mashups that add creativity and functionality to web applications. However, browsers are poorly designed to pass data between domains, often forcing web developers to abandon security in the name of functionality. To address this deficiency, the...

Tags: Web, Association For Computing Machinery, Channel Management, Web Browsers, Marketing, Internet

White papers 2007-05-12

MSDN Webcast: Testing Methodologies for Automated Web Application Vulnerability Scanners (Level 200)

There is more to conducting an automated Web application vulnerability assessment than "point and shoot". Automated Web application vulnerability scanners are not as automated as their vendors would lead us to believe. This webcast will examine various strategies to get the most out of a vulnerability assessment tool. The topics...

Tags: Microsoft Developer Network, Webcast, Vulnerability, Web Application, Vulnerability Assessment, Scanners, Security, Hardware, Peripherals

Webcasts

Mozilla set to secure cross-site scripting in Firefox 3

XSS (a.k.a. cross-site scripting) attacks are a bane that accompanies the world of mashups and Web 2.0 features on the Net. However, the problem may be solved in the next major release of Mozilla's Firefox 3 with support for the new W3C draft to secure XML over HTTP. ...

Tags: Web, Mozilla Firefox, XSS, Mozilla Corp., Arun Radhakrishnan

Blog posts 2007-08-23

Domain Computers not detecting domain

I set up a domain and put all the computers in the network on the domain. On one of the workstations there is a shared folder. When setting the permissions, I am trying to add "Domain Users" to the list of authorized users to connect to the folder, but in...

Tags: RaphaelEidus@..., domain, computer

Discussion threads 2007-04-07

Use SLAs in a Web Services Context, Part 7: Mitigate Risk for Vulnerability With a SLA Guarantee - Application Security Vulnerability

This paper explains how to mitigate the risk of exposing Web services vulnerabilities in a heterogeneous Service-Oriented Architecture SOA and reduce the chances of adversely impacting the Service-Level Agreement SLA guarantee for uptime availability. Web services are designed to interact quickly with other Web services and with non-Web services in...

Tags: Web, SLA, Vulnerability, Author, Web Service, SOA, Application Security, Service-Oriented Architecture (SOA), Service Level Management, Web Services, Channel Management, Enterprise Software, Software, It Operations, It service Management, Marketing

White papers 2005-01-28

SecureCentral ScanFi (zip)

ScanFi is a Web-based vulnerability assessment scanner for detecting and assessing network vulnerabilities across heterogeneous networks. ScanFi discovers, scans, reports, and supports vulnerability remediation. It features both scheduled and on-demand vulnerability scanning capabilities, based on comprehensive vulnerability database collated from multiple sources and vendors that is constantly kept up-to-date.

Tags: Network, Vulnerability, On-demand, Vulnerability Assessment, AdventNet Inc., ScanFi, Scanners, Security, Hardware, Peripherals

Software downloads 2005-08-04

Windows 2000 IIS5 Security Patch: IIS Cross-Site Scripting Vulnerability (EXE)

On August 25, 2000, Microsoft released the original version of this bulletin, to advise customers of the availability of a patch that eliminates a vulnerability in Microsoft Internet Information Server. However, an additional variant of the vulnerability was subsequently identified, and on October 30, 2000, the bulletin was updated to...

Tags: Microsoft Windows 2000, Vulnerability, Cross-site Scripting Vulnerability, Microsoft Windows, Microsoft Corp., Bulletin, Microsoft IIS Server, Patches, Security

Software downloads 2007-09-05

Security Update for SharePoint Team Services (KB911701) (exe)

A cross-site scripting and spoofing vulnerability exists in SharePoint Team Services from Microsoft. This update fixes that vulnerability. This version is the first release on CNET Download.com.

Tags: Security, Microsoft SharePoint, Vulnerability, Microsoft Corp., Microsoft SharePoint Team Services, Groupware, Enterprise Software, Software

Software downloads 2007-09-20

Cross Authentication

I have two organization who wants to do cross authentication, because their workers works within these two organization.For them to log in to the network, there are two ways: Via Token or Guest account.If Token, There are using WPA/TKIP - SmartCard Authentication. If Guest, Have to use PEAP Authentication.Also, there...

Tags: SECURITY, Network security, mimizuraidah@..., authentication

Discussion threads 2007-07-07

Three interview behaviors managers don't like

It's a mistake to think an interviewer is going to be able to look through your exterior to see the exceptionally wonderful person you are inside. As painful as it may be, you have to exercise certain behaviors to be successful in interviewing. by Toni Bowers

Tags: Job, Handshake, Question, Emotional Intelligence, Recruitment & Selection, Tools & Techniques, Management, Human Resources, Workforce Management, Toni Bowers

Blog posts 2008-09-15

Windows 2000 Security Patch: Malformed Web Form Submission Vulnerability (EXE)

Microsoft has released a patch that eliminates a security vulnerability in a component that ships as part of Microsoft Internet Information Server. The vulnerability could potentially allow an attacker to prevent an affected web server from providing useful service. This version is the first release on CNET Download.com.

Tags: Web, Microsoft Windows 2000, Vulnerability, Microsoft Windows, Microsoft Corp., Patches, Security, Web Servers, Internet

Software downloads 2007-09-13

Security Update for FrontPage 2002 Server Extensions (KB911831) (exe)

A cross-site scripting and spoofing vulnerability exists in FrontPage 2002 Server Extensions. This update fixes that vulnerability. This version is the first release on CNET Download.com.

Tags: Microsoft FrontPage, Vulnerability, Server, Microsoft FrontPage 2002, Security

Software downloads 2007-10-03

Windows NT 4.0 Security Patch: Malformed Hit-Highlighting Argument Vulnerability (EXE)

Microsoft has released a patch that eliminates two security vulnerabilities in Microsoft Index Server. The first vulnerability could allow a malicious user to view - but not to change, add or delete - files on a Web server. The second vulnerability could reveal where Web directories are physically located on...

Tags: Microsoft Windows NT 4.0, Microsoft Windows NT, Vulnerability, Server, Microsoft Windows, Microsoft Corp., Patches, Security

Software downloads 2007-09-05

Windows 2000 IIS5 Security Patch: Web Server File Request Parsing Vulnerability (EXE)

Microsoft has released an updated patch dated 11-30-00 that eliminates a serious security vulnerability in Microsoft Internet Information Services 5.0. The vulnerability could enable a malicious user to run operating system commands on an affected Web server. This version is the first release on CNET Download.com.

Tags: Web Server, Microsoft Windows 2000, Vulnerability, Server, Microsoft Windows, Microsoft Corp., Web Servers, Patches, Security, Internet

Software downloads 2007-09-13

Vulnerability Assessment: The Right Tools to Protect Your Critical Data

Vulnerability Assessment VA has become one of the hottest fields within the computer security market. VA tools are designed to detect and report on security holes within various software applications, allowing organizations to take corrective actions before a devastating attack occurs. Due to the reduction in "time to exploit" once...

Tags: Vulnerability Assessment, Tool, Vulnerability Assessment Tool, Security

White papers 2007-10-18

Critical flaw in RealPlayer and Flash, warns US-CERT

US-CERT has issued a warning concerning an unpatched vulnerability in RealPlayer and a flaw affecting Flash files. An excerpt from Register: A flaw in RealPlayer 11 build 6.0.14.748 might be used to inject hostile code onto Windows boxes running the software, security notification firm Secunia warns....

Tags: Vulnerability, RealNetworks RealPlayer, Flaw, US-CERT, Digital Music, Digital Media, Security, Personal Technology, Consumer Electronics, Arun Radhakrishnan

Blog posts 2008-01-04