Cross-site scripting (XSS) occurs when an attacker introduces malicious scripts to a dynamic form that allows the attacker to capture the private session information. This article casts light on the areas vulnerable to XSS exploitation, explains how the user can protect himself, and details what the webmaster can do to secure a site from this type of malicious intrusion.
kdepim security update
MandrakeSoft has released an updated kernel for Mandrake Linux 9.0, 9.1, 9.2, 9.2/AMD64, Multi Network Firewall 8.2, and Corporate Server 2.1.
New kernels are available for Slackware 9.0, 9.1 and -current. The 9.1 and -current kernels have been upgraded to 2.4.24, and a fix has been backported to the 2.4.21 kernels in Slackware 9.0 to fix a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Sites should upgrade to the 2.4.24 kernel and kernel modules. After installing the new kernel, be sure to run 'lilo'.
An updated kernel is now available for Debian GNU/Linux
DSA-413 linux-kernel-2.4.18
missing boundary check
Read more
DSA-413 linux-kernel-2.4.18
missing boundary check
Read more
