Kernel Entropy

There seems to be an issue with linux kernels > 2.6.10 and kernel generated entropy. As /dev/random is required for almost every cryptographic procedure in linux, the amount of available entroy is important. With kernel version 2.6.10 available entropy is about 4000 bytes. With kernel version 2.6.12, however, the entropy…

WordPress Exploit

WordPress < = 1.5.1.3 is vulnerable to a server-side XSS attack. It requires register\_globals to be turned on. If you can’t disable registration of global variables you might want to enable safe\_mode or disable some of the unsafe functions by adding disable_functions = exec, system, passthru to your php.ini. Found…