Learn Search

Search across all Learn content

SecPod Labs

Security Research

In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.

How to Install Windows Softwares on Linux

CVE Research

How to Install Windows Softwares on Linux

There are times when we need to run some Windows applications (.exe, .msi) on Linux. This objective can be achieved with the help of wine. However, while installing, we need to make sure the system is safe by using a vulnerability management solution.

Oct 30, 2013 • 2 min read

Basic Malware Analysis

CVE Research

Basic Malware Analysis

Any program intended to disrupt computer or network operation, gather sensitive information, or gain access to private computer systems or networks is malware. Virus, Spyware, Worm, Adware, Trojan horse, Rootkit, Scareware are all examples of malware. Malware analysis is an art of dissecting the mal...

Oct 29, 2013 • 4 min read

Double Free Vulnerability Basics Explained

CVE Research

Double Free Vulnerability Basics Explained

One of the most common memory corruption errors usually found in an application is the “Double Free” error. Double-free vulnerability is caused by freeing the same memory location twice by calling free() on the same allocated memory. However, this vulnerability detection can be simple using a vulner...

Oct 29, 2013 • 3 min read

SecPod produces security advisories in CVRF format

CVE Research

SecPod produces security advisories in CVRF format

SecPod intends to publish security advisories in an XML format that conforms to Common Vulnerability Reporting Format (CVRF version 1.1).

Jun 05, 2013 • 1 min read

Software Commoditization

CVE Research

Software Commoditization

Commoditization, in business, is a term used when branded and unique software or goods, in general, become simple commodities in the eyes of the market or consumers (source: wiki). As the market matures, commoditization tends to increase.

Apr 01, 2013 • 3 min read

Oxide Webserver Remote Denial of Service Vulnerability

CVE Research

Oxide Webserver Remote Denial of Service Vulnerability

SecPod Research Team member (Antu Sanadi) has found a Denial Of Service Vulnerability in Oxide Webserver. The vulnerability is caused by an error in handling some crafted characters in HTTP GET requests, which allows remote attackers to crash the service.

Jul 15, 2012 • 1 min read

NetArt Media iBoutique SQL Injection Vulnerability

CVE Research

NetArt Media iBoutique SQL Injection Vulnerability

SecPod Research Team member (Antu Sanadi) has found an SQL Injection Vulnerabilities in NetArt Media iBoutique. The vulnerability is caused by improper validation of ‘key’ parameter in ‘/index.php’. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Jul 15, 2012 • 1 min read

NetArt Media Pharmacy System SQL Injection and Cross-site Scripting Vulnerabilities

CVE Research

NetArt Media Pharmacy System SQL Injection and Cross-site Scripting Vulnerabilities

SecPod Research Team member (Antu Sanadi) has found Cross-Site Scripting and SQL Injection Vulnerabilities in NetArt Media Pharmacy System. The vulnerability is caused by improper validation of various parameters in multiple pages. This may allow an attacker to steal cookie-based authentication cred...

Jul 15, 2012 • 1 min read

Adiscon LogAnalyzer ‘highlight’ Parameter Cross Site Scripting Vulnerability

CVE Research

Adiscon LogAnalyzer ‘highlight’ Parameter Cross Site Scripting Vulnerability

SecPod Research Team member (Sooraj K.S) has found Cross-Site Scripting Vulnerabilities in Adiscon LogAnalyzer. The vulnerability is caused by improper validation of “highlight” parameter in “index.php”. This may allow an attacker to steal cookie-based authentication credentials or inject arbitrary ...

Jun 19, 2012 • 1 min read