Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- bypassed



  Latest PHP patch cannot fix the bug

On Wednesday(2012-05-02), a remote code execution vulnerability in PHP was accidentally exposed to the Web, prompting fears that it may be used to target vulnerable websites on a massive scale. The bug itself was traced back to 2004, and came to light during a recent CTF competition.A CERT advisory on the flaw explains: “When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows com...

   PHP,bug,patch,bypassed     2012-05-08 11:20:56

  HeartBleed: Should C be blamed for the HeartBleed bug?

There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...

   C,HeartBleed,Analysis,Code review     2014-04-14 03:52:55

  try { return } finally {}

Do you know what value will be printed when following program is ran? class Test { public int aaa() { int x = 1; try { return ++x; } catch (Exception e) { } finally { ++x; } return x; } public static void main(String[] args) { Test t = new Test(); int y = t.aaa(); System.out.println(y); } } And before answering the above question, do you have answers to following questions? If ther...

   JAVA,JAVA INTERVIEW QUESTION     2016-09-26 08:06:28

  A return to good code

Stop doing this:public boolean foo() { if (true) {   return true;   }  else {   return false;   }}It always amazes me when I dig into an open source project, and I see code written by supposed experts, and reviewed by seasoned professionals, and nobody slaps the wrists of the developer who shoves return statements right in the middle of a method.Tell me, how hard is it to do this:public boolean foo() {   boolean flag = true;  ...

   Java,Code,Method,Return,Condition     2011-03-23 01:24:47

  How can you test if your VPN is working properly?

Installing a VPN on your device is one of the essential steps you need to take in order to have a safe and pleasant online experience. It good functioning is in your best interest and this is why you need to make sure that your VPN is working properly. Unfortunately, a lot of problems can occur if it turns out that your VPN is not up to the task and that it has some leaks.  Can a leak really occur? To answer you most directly – Yes! Yes, it can! Unfortunately, no system is perfect an...

   VPN     2020-09-17 06:53:19

  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...

   X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP     2023-11-29 01:48:40