Entries of March, 2010

The guys from NovuSec discovered a really interesting XSS vulnerability: link. Another possibility would be to e.g. include an iframe with a phishing form: http://tinyurl.com/yed48zy Of course I would never do that. I just share this information for educational purposes :).

(Continue reading…)

This is a very interesting vulnerability since this browser game called “Devana” seems to be very popular. In addition, seven browser games – which are based on Devana – are currently listed at sourceforge.net. View the details here: http://xenuser.org/documents/security/devana_sql_injection.txt About the vulnerability Devana is an open source browser game in which the player can choose […]

(Continue reading…)

It seems that Xen 4.0.0 will be out soon. I am definitely looking forward to this release since I am working with Xen for years. What to expect in Xen 4.0.0: View the road map and wishlist here.

(Continue reading…)

leaftec cms is a small CMS being developed by a German individual / German company. Sadly the CMS is not available for free download, so I stumbled across the vulnerabilities while I was visiting a website which was based on the leaftec cms. I contacted the vendor bud sadly my contact attempts were ignored and the vulnerabilities […]

(Continue reading…)

I recently visited suche4all.de (please don’t ask why ) and stumbled across a search field which does not filter out HTML and Java Script tags. I notified the webmaster but sadly he did not reply within two weeks. So here we go: This is an excerpt of the default home page. Let’s try some HTML: […]

(Continue reading…)

What this tutorial is about This little tutorial shows you how to keen an eye on your Linux box. Monitoring your server is something which is very important, especially for analyzing purposes. Introduction We will use Munin. Munin is a very interesting tool, it helps you tracking down the resource usage and locate possible problems. […]

(Continue reading…)

What is this tutorial about? This little tutorial shows the reader how to install the Xen Cloud Platform on a blank machine. What is this Xen Cloud Platform? What is Xen? Xen is a virtualization solution, a complete and very good description can be found here: http://www.xen.org/files/Marketing/WhatisXen.pdf Now tell me something about this Xen Cloud Platform […]

(Continue reading…)

This little tutorial will show you a simple solution to backup your Linux desktop machine. Introduction Backups are necessary for saving your data. No matter if your disk crashes or your accidentally deleted some files, having a backup in one of those situations will definitely limit the caused damage. For my home Linux box I […]

(Continue reading…)