by Julien Ahrens | Wednesday, June 27, 2012 | Advisory
Have you read one of my last articles regarding webmasters ? The university of Salzburg didn’t or at least didn’t want to. In April I tried to contact the internal university IT staff about a possible Cross-Site Scripting security flaw on their main...
by Julien Ahrens | Monday, June 11, 2012 | General
A critical security advisory (CVE-2012-2122) has been published, which describes a quite easy way to bypass the authentication mechanisms used in MySQL and MariaDB. The short story: When you connect to your MySQL instance a token of the password is calculated and...
by Julien Ahrens | Sunday, June 10, 2012 | Advisory, CVE
Hello readers. This time I’ve found a quite interesting vulnerability in the widely spread firewall appliance “Astaro Security Gateway” (ASG) which is now maintained by Sophos. Although it only has got an assigned CVSSv2 Score of 3,5...
by Julien Ahrens | Friday, June 8, 2012 | Advisory
www.kiel.de – the website of the state capital of “Schleswig-Holstein” in northern Germany which is very famous for the “Kieler Woche”. Some weeks ago I stumbled over a critical SQL-Injection vulnerability on their website and...