Dragons Land

Dragons Land

Clan Motto: Together in friendship we stand
 
HomeHome  FAQFAQ  RegisterRegister  Log inLog in  
Navigation
Portal
Index
Memberlist
Profile
FAQ
Search
Keywords
Latest topics
» Welcome Back- Niborthewise and VikingWomyn
Sun Feb 19, 2017 1:21 pm by Anubisblue

» Pony Thread
Sun Aug 31, 2014 8:30 am by Ai x Tan San

» Gone!
Mon Feb 24, 2014 12:54 am by Anubisblue

» If you are curious about the Googlebot(s) visiting our site...
Tue Oct 08, 2013 1:11 am by sigmaenclave

» Lines of authority and action
Sat Jul 20, 2013 10:57 am by MysticalJe

» Bogus Email
Tue Mar 12, 2013 4:12 pm by HeavensHell

» Article from Jagex about account security
Tue Feb 12, 2013 11:36 am by MysticalJe

» Excellent article about password & online security
Mon Nov 12, 2012 10:49 am by MysticalJe

» The ads on this site
Fri Oct 19, 2012 2:55 pm by MysticalJe

Clan Time GMT-5

Share | 
 

 java security issue in the news

View previous topic View next topic Go down 
AuthorMessage
MysticalJe
Admin
avatar

Male Posts : 1927
Join date : 2011-11-26
Age : 46
Location : Tampa, FL

PostSubject: java security issue in the news   Thu Aug 30, 2012 12:58 am

In the news:

Latest Java software opens PCs to hackers: experts
found at http://articles.chicagotribune.com/2012-08-27/business/sns-rt-us-cybersecurity-javabre87q188-20120827_1_latest-java-security-firms-hackers

"Security experts recommended that users not enable Java for universal use on their browsers. Instead, they said it was safest to allow use of Java browser plug-ins on a case-by-case basis when prompted for permission by trusted programs such as GoToMeeting, a Web-based collaboration tool from Citrix Systems Inc"

To test if your version of Java is exploitable, go here:

http://www.isjavaexploitable.com/

A small news snippet:

http://www.rapid7.com/vulndb/lookup/jre-java-management-extensions-auth

"The Java Management Extensions (JMX) management agent in the Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier suffer from an authorization flaw. When local monitoring is enabled, JMX may allow a client running on a remote host to perform unauthorized operations."

Possible fixes for those techie-minded people:

http://www.rapid7.com/vulndb/lookup/jre-vuln-cve-2012-0499

_________________
___________________________ 







Back to top Go down
life and fate

avatar

Posts : 15
Join date : 2012-08-11

PostSubject: Re: java security issue in the news   Thu Aug 30, 2012 2:19 am

Thank you Je Smile I hadn't heard of it.

And at the bottom of the is Java exploitable wobsite there is a ad saying "buy metasploit pro", I've used the free version and that is far more than enough, its kind of like hack-in-a-box, it can walk you step by step in constructing an exploit, payload, what platforms to target, etc, etc (and you can type in an IP and it'll do it for you even).

Given how scary that dope is, I'm surprised that they're openly advertising it.
Back to top Go down
 
java security issue in the news
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» Otaku news issue #11: HAPPY BIRTHDAY TO ME!!!
» Otaku news issue #13: Butt emotions
» Full-screen Issue!
» [NEWS] Chicago Golden Demon Coverage!
» Snopes's "Odd News"

Permissions in this forum:You cannot reply to topics in this forum
Dragons Land :: Public Area :: Security-
Jump to: