Secunia Security Advisory - A vulnerability has been reported in GEGL, which can be exploited by malicious people to compromise an application using the library.
c18aef87aee49a061f1451519b763dbe06fcdc5437593a25d4d4d2c473df6060
Secunia Security Advisory - Ubuntu has issued an update for munin. This fixes a security issue, which can be exploited by malicious, local users to manipulate certain data.
fd4634993ab248adcd38e9091e6f6ff6aac1acc4d4f0d36d37e021389bc731db
Secunia Security Advisory - A weakness and a vulnerability have been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
2efa11597e9a11866163008c0ba5518a6dc6b00b62b8b1d9863f79cb32ca7d38
Secunia Security Advisory - Craig Freyman has discovered a security issue in Sysax FTP Automation, which can be exploited by malicious, local users to gain escalated privileges.
9e91cffe066f63c143bdb28036111e8893c4ae042e7cba29651cc45ab9b17536
Secunia Security Advisory - A security issue has been reported in Python tweepy Module, which can be exploited by malicious people to conduct spoofing attacks.
0fdd69e45b3257d9e47c84084bda06dcefabe26958eafb28fbcacb1f2743ff31
Secunia Security Advisory - Ubuntu has issued an update for mesa. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
35e239115e0f8c197f3496e2378253e3b3e1d07e5ca30762143ebdf075c756a6
Secunia Security Advisory - A security issue has been reported in Apache Axis, which can be exploited by malicious people to conduct spoofing attacks.
dcc3bcff3d2691f8bd962b23dd4af66a78754d8c120434679ddcb30dc63558f2
Secunia Security Advisory - Multiple vulnerabilities have been reported in Opera, where some have unknown impacts and other can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
f2c47c679779c3f8f1db8c235858a3380e6ed476139e651d7ecb349c27abfc8d
Secunia Security Advisory - Multiple vulnerabilities have been discovered in ZPanel, which can be exploited by malicious people to conduct cross-site request forgery and SQL injection attacks.
49d988805a25e4bdda52eb4aa92e3cf051deeaf8b71464db064bf7776314a9e3
Secunia Security Advisory - Multiple vulnerabilities have been reported in VeriCentre Web Console, which can be exploited by malicious users to conduct SQL injection attacks.
60f90f390a1714d5e867919172001364645cac5264ab132660aeb84b8f585f83
This Metasploit module exploits a format string vulnerability in the lg_sprintf function as implemented in liblocal.dll on EMC Networker products. This Metasploit module exploits the vulnerability by using a specially crafted RPC call to the program number 0x5F3DD, version 0x02, and procedure 0x06. This Metasploit module has been tested successfully on EMC Networker 7.6 SP3 on Windows XP SP3 and Windows 2003 SP2 (DEP bypass).
187180f15865924443eeaee0cc3daf29243c56a73fe15621b307d1808e687b71
This Metasploit module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2.0 and VBS CmdStager. The module will check if Powershell 2.0 is available, and if so uses that method. Otherwise it falls back to the VBS Cmdstager which is less stealthy. IMPORTANT: If targeting an x64 system with the Powershell method you MUST select an x64 payload. An x86 payload will never return.
058f6afb598d02e80da84c0e4ea89c3ba856e987c8c0b5e3601f4daf16120377
Three weaknesses in Apache Tomcat's implementation of DIGEST authentication were identified and resolved. Tomcat tracked client rather than server nonces and nonce count. When a session ID was present, authentication was bypassed. The user name and password were not checked before when indicating that a nonce was stale. Tomcat versions 5.5.0 through 5.5.35, 6.0.0 through 6.0.35, and 7.0.0 through 7.0.29 are affected.
f21889923bf7d5548e26d54f6d23a9e7cb97188d566be43efdeb034fc1ccc1d2
Apache Tomcat suffers from a denial of service vulnerability. The checks that limited the permitted size of request headers were implemented too late in the request parsing process for the HTTP NIO connector. This enabled a malicious user to trigger an OutOfMemoryError by sending a single request with very large headers. Tomcat versions 6.0.0 through 6.0.34 and 7.0.0 through 7.0.27 are affected.
4b381434f76f5509cd4b1e048e50886bad81c0880d9575db95a7a732d9839225
Sophos Antivirus version 8.0.6 PDF revision 3 encryption exploit as discussed in the Sophail whitepaper.
2c16a524399c2a500b943b2b99acdae689be3704d09294f5df81e83f3b0a1e62
By design, antivirus products introduce a vast attack surface to a hostile environment. The vendors of these products have a responsibility to uphold the highest secure development standards possible to minimize the potential for harm caused by their software. This second paper in a series on Sophos internals applies the results previously presented to assess the increased threat Sophos customers face. This paper is intended for a technical audience, and describes the process a sophisticated attacker would take when targeting Sophos users.
6e947610a5f61d4dfef968f6267c1b7f69d040adf4a3f5f08d7edf9ebe6f3000
The Call for Papers for the fourth annual HITBSecConf in Europe is now open. Taking place from the 8th through the 11th of April at the Okura Hotel in Amsterdam, it will be a triple track conference featuring keynotes by Eddie Schwartz, Chief Information Security Officer at RSA and Bob Lord, Chief Security Officer at Twitter.
8d341c6bb5536e5652a30f3ecbc0907a65e71e1e829be0e3f07e5e353b0eddd5
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
1c23b26b0b27926fa98b3ad7645e984467e54470ca56d23e913decad992bffec
EmpireCMS version 6.6 template parser suffers from a remote PHP code execution vulnerability.
3211c6bbb7954a96bd64ab3c1caf4c9d30db269cb5813905a4ef4160ffa27234
This research paper intends to provide a brief summary of the cybercriminal underground and shed light on the basic types of hacker activity in Russia. The bulk of the information in this paper was based on data gathered from online forums and services used by Russian cybercriminals. The authors also relied on articles written by hackers on their activities, the computer threats they create, and the kind of information they post on forums’ shopping sites.
c62bce64c508bbe4d762facbdcfd7e27d28784fa55e38942d305479289dea9ac
Ubuntu Security Notice 1624-1 - It was discovered that Remote Login Service incorrectly purged account information when switching users. A local attacker could use this issue to possibly obtain sensitive information.
87122e7720303a71d4c2530e7456201648df5b7b3f7ff6878afc9293cc38b288
Ubuntu Security Notice 1623-1 - It was discovered that Mesa incorrectly handled certain arrays. An attacker could use this issue to cause Mesa to crash, resulting in a denial of service, or possibly execute arbitrary code.
6dfadee66df174311328fe4b61ecfe3bfa5ccb26a4165dd50496dd21870d8f7a
Debian Linux Security Advisory 2572-1 - Several vulnerabilities have been discovered in Iceape, an internet suite based on Seamonkey.
629513cff444f391b17a72ccd643c1a5c30d2044ba9c098aaa61b3c98ee582d7
Ubuntu Security Notice 1622-1 - It was discovered that the Munin qmailscan plugin incorrectly handled temporary files. A local attacker could use this issue to possibly overwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10, and Ubuntu 12.04 LTS. It was discovered that Munin incorrectly handled plugin state file permissions. An attacker obtaining privileges of the munin user could use this issue to escalate privileges to root. Various other issues were also addressed.
1b268ec2b09054bfb0535aa6abaf12527eaf93f09e1557383542ee104c9b38fa
Debian Linux Security Advisory 2571-1 - The Red Hat Security Response Team discovered that libproxy, a library for automatic proxy configuration management, applied insufficient validation to the Content-Length header sent by a server providing a proxy.pac file. Such remote server could trigger an integer overflow and consequently overflow an in-memory buffer.
d071b3013090ffba7d81166f1e448fe065b00dccf3cc293082d4d594ef5ea254