DATE: October 15 - 16, 2008
LIVE EVENT: eCrime Researchers Summit
More Information
Home > Information

Welcome to Dark Reading

Dark Reading welcomes readers of Security Pipeline and Secure Enterprise magazines. We think you’ll find the combination of all three sites an unprecedented forum for security professionals – and a fun place to browse when you want to just look like you're working.

You can start here:

If you've never visited Dark Reading before, take a good look around. Think we missed something? Or maybe you have a hot news tip or cool case study to share with us. We welcome the dialogue: Drop us a line with your thoughts, and let us know what you think of the security industry's newest and most comprehensive Website. Or just send us a joke – it gets pretty lonely here in our padded rooms.

Like what you see? To get the full benefit of Dark Reading, we encourage you to click here to become a registered user. This gives you full access to our message boards, newsletters, industry directories, and specially targeted Webinars.

PRINT   
PRINT
UK Ministry of Defense Loses Hard Drive Containing Data on 700,000
Study: 80% of Organizations Suffer Breaches, Most From the Inside
Palin Hacker Indicted
 MORE KEYHOLE
ENTERPRISE VULNERABILITIES
Vulnerability: ec-cube ec-cube
Published: 2008-10-10
Severity: MEDIUM
Description: cross-site
scripting (xss)
vulnerability in ec-cube
ver1 1.4.6 and earlier, ver1
beta 1.5.0-beta and earlier,
ver2 2.1.2a and earlier,
ver2 beta(rc) 2.1.1-beta and
earlier, community edition
1.3.4 and earlier, and
community edition nightly-
build r17336 and ear...
Vulnerability: ec-cube ec-cube
Published: 2008-10-10
Severity: MEDIUM
Description: cross-site
scripting (xss)
vulnerability in ec-cube
ver1 1.4.6 and earlier, ver1
beta 1.5.0-beta and earlier,
ver2 2.1.2a and earlier,
ver2 beta(rc) 2.2.0-beta and
earlier, community edition
1.3.4 and earlier, and
community edition nightly-
build r17319 and ear...
Vulnerability: ec-cube ec-cube
Published: 2008-10-10
Severity: MEDIUM
Description: cross-site
scripting (xss)
vulnerability in ec-cube
ver2 2.1.2a and earlier, ec-
cube ver2 beta(rc) 2.2.0-
beta and earlier, and ec-
cube community edition
nighly-build r17623 and
earlier allows remote
attackers to inject
arbitrary web script or html
via unsp...
Vulnerability: ec-cube ec-cube
Published: 2008-10-10
Severity: HIGH
Description: sql injection
vulnerability in ec-cube
ver2 2.1.2a and earlier, and
ver2 rc 2.3.0-rc1 and
earlier, allows remote
attackers to execute
arbitrary sql commands via
unspecified vectors.
Vulnerability: katan web_server
Published: 2008-10-10
Severity: MEDIUM
Description: cross-site
scripting (xss)
vulnerability in kantan web
server 1.8 and earlier
allows remote attackers to
inject arbitrary web script
or html via unknown vectors.
POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)
Antivirus  |  Application scanning  |  Application Security  |  Attacks / Exploits / Threats  |  Authentication  |  Botnets  |  Browser security  |  Computer crime  |  Consultants  |  Cross-site scripting  |  DOS  |  Encryption  |  End-user monitoring   |  Firewalls  |  Host Protection  |  Identity management  |  Industry Trends   |  Law enforcement  |  Legal & Regulatory Topics  |  Malware  |  Managed services  |  Market Research  |  McAfee  |  Messaging Security  |  Microsoft  |  OWASP  |  Penetration testing  |  Penetration testing  |  Perimeter Security  |  Phishing  |  Policy management  |  Rootkits  |  Security Administration / Management  |  Security Industry  |  Security Services  |  Social engineering  |  Spam  |  Spyware  |  SQL injection  |  Storage Security  |  Symantec  |  Trojans  |  User privacy  |  Viruses  |  Vulnerabilities  |  Vulnerability assessment  |  Vulnerability management  |  Vulnerability Management  |  Web application firewall  |  Web services security
Dark Reader Weekly Newsletter
Dark Reading Daily Newsletter
 MORE INFO
Copyright © 2008 United Business Media Limited - All rights reserved.
RSS FEED  |   ARCHIVE  |   FREE NEWSLETTER  |   ORDER REPRINTS  |   TECHNOLOGY MARKETING SOLUTIONS  |   TECHWEB  |   CONTACT US  |   USER PREFERENCES  |   HELP
Companies
3Com (17), Aventail (7), CA (18), Check Point (30), Cisco (154), Enterasys (5), F-Secure (10), F5 (5), HP (18), IBM (130), Intel (6), ISS (40), Juniper (36), Alcatel-Lucent (2), McAfee (174), Microsoft (1198), NetIQ (2), Nokia (3), Nortel (6), Oracle (46), Qualys (2), RSA (66), Secure Computing (20), Sun (12), Symantec (297), Trend Micro (29), VeriSign (36)

Application and Perimeter Security
802.11x (46), Anomaly detection (82), Anti-spam (151), Application quality assurance (32), Application scanning (165), Auditing (27), AVDL (1), Buffer overflows (108), CERT (11), Consultants (256), Cross-site scripting (187), CVE (7), Database encryption (57), Digital vaults (8), DOS (217), EAP/LEAP (1), Email gateways (272), Encryption (143), Filtering (56), Firewalls (339), FIRST (1), HIPAA (115), Host-based IDS (45), Host/server configuration (16), Host/server encryption (9), IDS (176), IDS (15), IM (85), IPS (282), ISO 17799 (8), Key management (72), Least-privilege user (54), License management (32), Malware (1477), NAC (297), Network IDS (36), NIST (18), OWASP (18), OWASP (17), Patch management (332), PCI (227), Penetration testing (266), Phishing (710), PKI (51), Rootkits (111), SAML (2), Software metering (4), Source-code auditing (88), SOX (95), SSL (197), Systems integrators (10), VPNs (271), Vulnerability assessment (899), Web App Security Consortium (8), Web App Security Consortium (18), Web application firewall (101), Web services security (709), WLANs (360), Worms (284), WPA (17), XML (27)

Desktop Security
Anti-spam (151), Antivirus (400), Application Security (1168), Attacks / Exploits / Threats (3163), Authentication (1035), Browser security (796), Digital certificates (85), Digital signatures (58), Disk encryption (64), DRM (58), Encryption (663), File/folder encryption (40), Identity management (415), IM (85), Malware (1477), Messaging Security (550), PGP (6), Phishing (710), Rootkits (111), S/MIME (2), Security Administration / Management (1878), Social engineering (401), Spam (783), Spyware (289), Tokens (74), Trojans (389), User privacy (1678), Viruses (419), VOIP security (134), Vulnerabilities (3495), Vulnerability Management (444), Worms (284)

Discovery and management
Anomaly detection (82), Application scanning (165), AVDL (1), Black Hat (142), COBIT (8), Consultants (256), Content filtering (192), CVE (7), End-user monitoring (307), Filtering (56), FISMA (21), HIPAA (115), Host intrusion prevention (106), Host-based IDS (45), IDS (15), IDS (176), IPS (282), ISACA (1), ISO 17799 (8), Log aggregation (61), Network IDS (36), OWASP (18), OWASP (17), PCI (227), Penetration testing (266), Penetration testing (237), SAML (2), SIM/SEM (226), Source-code auditing (88), SOX (95), Vulnerability assessment (899), Vulnerability management (921), Web App Security Consortium (8)

Host security
802.11x (46), Application quality assurance (32), Authentication (1035), Backup security (70), Biometrics (172), Buffer overflows (108), Digital certificates (85), Disk encryption (64), Encryption (663), End-user monitoring (307), HIPAA (115), Host anti-spam (81), Host anti-spyware (107), Host antivirus (125), Host intrusion prevention (106), Host Protection (556), Host-based IDS (45), Host/server configuration (16), Host/server encryption (9), Host/server patching (10), IDS (15), IEEE (4), ISO 17799 (8), Least-privilege user (54), License management (32), NAC (297), P2P management (36), Patch management (332), PGP (15), Port control (12), Single sign-on (75), Smart cards (89), Software metering (4), SOX (95), Systems integrators (10), TCG (21), Tokens (74), User privacy (1678), Vulnerability Management (444), WPA (17)

Security services
Agency application (2), Application quality assurance (32), Application scanning (165), AVDL (1), COBIT (8), Consultants (256), FISMA (21), HIPAA (115), ISO 17799 (8), Managed services (318), PCI (227), Penetration testing (237), PKI (51), Policy management (510), SIM/SEM (226), Source-code auditing (88), SOX (95), Systems integrators (10)

Storage Security
AES (12), Backup security (70), COBIT (8), Database encryption (57), DES (3), Digital vaults (8), Disk encryption (64), Encryption (143), File/folder encryption (40), FIPS-140-2 (1), FISMA (21), Hashing algorithms (17), HIPAA (115), Host/server encryption (9), Identity management (126), ISO 17799 (8), Key management (72), Law enforcement (1159), Legislation (363), Offsite backup (27), PCI (227), PKI (51), SOX (95), Stored data losses (357), Systems integrators (10), Triple DES (3), User privacy (1678)

Wireless Security
802.11x (46), AES (12), Auditing (27), COBIT (8), Credential service provider (13), DES (3), Digital certificates (85), Digital signatures (58), DOS (217), EAP/LEAP (1), FISMA (21), Hashing algorithms (17), HIPAA (115), Host/server encryption (9), IEEE (4), IETF (10), ISO 17799 (8), Key management (72), NAC (297), Network IDS (36), PCI (227), Penetration testing (237), PKI (51), Port control (12), Tokens (74), Triple DES (3), VPNs (271), Vulnerability assessment (899), WLANs (360), WPA (17)

InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo Jitter
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet Evolution
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space