Severity: Moderate Vendor: Schneider Electrics Versions Affected: Kerweb < 3.0.1 Kerwin < 6.0.1 Description: Input fields used for searching and displaying content are not filtered properly. Thus, the web application suffers from multiple reflected XSS vulnerabilities. Exploitation is made easier as parameters are passed with GET HTTP method. Example: An URL can be forged by [...]
The SIEM planet has recently gone crazy. Following the acquisition of the leader, Arcsight, by HP last year, IBM just acquired Q1 Labs… and Mc Afee, Nitrosecurity ! With RSA and Norton having their own solutions, we know have 5 big players in the arena (see Gartner 2011). This is a good proof that the [...]
Found on Full Disclosure, a weired but troubling connection of two security affairs : the OpenBSD backdoor rumor and the stuxnet worm.
Well, following a suggestion from my wife, I decided to bring up a mascotte for this website. I admit that it was a lot of fun playing with Gimp and Inkscape, which are really great tools. So please welcome our new little spiky friend : I hope that you have nothing against hedgehogs, which should [...]
After I tried to set this blog as my own OpenID provider using the OpenID WordPress plugin, I got a weired error message: “This is an OpenID Server, Nothing to See Here… Move Along” I could not find what as wrong, as all prerequisites were fulfilled, until I find this nice post. The patch there [...]
You may have noticed that the site had a lot of downtimes recently. I was having a daily kernel panic and weired file system corruptions, which I first tought were coming from the successive crashes and reboots. However, while it happened again and again and I could not find any good reason for that, I [...]
No, it is not a computer this time. And yes, it is off topic, but I wanted to thank a Japanese friend for his gift and, at the same time, promote his work : He owns a small company in Hokkaido producing a number of wood toys. He is an artist and designs them, which [...]
I chose to donate the last Google Adsense income of the blog to Unicef. If you can donate, please make a tour there :
