Red Hat Security Advisory 2013-1115-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. All bind97 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon will be restarted automatically.
2c4c9735dccdd293d6c3761af0e515e2e9e678a170f95e35d0d880ad6d09c2c9
Red Hat Security Advisory 2013-1116-01 - Red Hat Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that Red Hat Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker could use this flaw to determine the values of restricted attributes via a series of search queries with filter conditions that used restricted attributes.
448d2016b9f11404ae10246e1b670274cd1e5b82f293d08a61c049b9a5f1eb30
Red Hat Security Advisory 2013-1114-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon will be restarted automatically.
2004136b8895379be9ea87bd35769ff77ec069f6404a3d36a2ee61892442afc1
HP Security Bulletin HPSBGN02904 - Potential security vulnerabilities have been identified with HP SiteScope running SOAP. The vulnerabilities could be remotely exploited to allow execution of code. Revision 1 of this advisory.
2478f00abd186500bf4ec557873ea4be1a0c4be699444916f74a1abfffb67c68
The 2014 World Conference on Information Systems and Technologies Call For Papers has been announced. It will take place April 15th through the 18th, 2014, at Madeira Island, Portugal.
8672cf2f58fd6ee083082f4e9bb24a382db3dd6b067561b496758040201d29bb
dns_spquery.c is written in C and sends a DNS recursive name query to a name server of your choice with a spoofed source IP address selected at runtime. This tool was written in order to demonstrate a DNS reflection / amplification attack for testing purposes.
ee5f524a0cc4f2a2315ce105359420522610fbfdd31f128381a65dfc971bbaca
This is a brief paper discussing how tunneling works and how to leverage SSH and UDP tunneling. Written in Portuguese.
9bb1ba2673528899067c00d14ff731ebc9b1d8a37ed25d10b4dd90047f78a0e1
This brief whitepaper is about web crawlers, in particular DIRB web crawler, and an analysis on how gathering information with crawlers can be dangerous for sites. Written in Portuguese.
acfb9ae6fed3520d27cc11aaf35edcc58e4b5c854ea9853d0a8f787f0d1b428c
Bigace CMS version 2.7.8 suffers from a cross site request forgery vulnerability.
334578e319255af19b9ffd7d30e813d5f2ccfc342588bfb110915cb965de5cd3
Ubuntu Security Notice 1914-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
e281f113bfff532e219e71a683648538274d40404aebc19c9c92c26f5c2b8fad
Ubuntu Security Notice 1912-1 - Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. A flaw was discovered in the Linux kernel when an IPv6 socket is used to connect to an IPv4 destination. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). An information leak was discovered in the IPSec key_socket implementation in the Linux kernel. An local user could exploit this flaw to examine potentially sensitive information in kernel memory. Various other issues were also addressed.
7626eebe096c4f4e95a3b1cb1ff7acbc486115e31cb055a4cfc1d77520c9a968
Ubuntu Security Notice 1913-1 - Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. A flaw was discovered in the Linux kernel when an IPv6 socket is used to connect to an IPv4 destination. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). An information leak was discovered in the IPSec key_socket implementation in the Linux kernel. An local user could exploit this flaw to examine potentially sensitive information in kernel memory. Various other issues were also addressed.
c3d61e0fb4aa4f5494b3cdd1af09f21f215af1156fd6bf715ccecb2845b2618a
Ubuntu Security Notice 1918-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
c8f97df912321da182b75fcb3b114c33f25a5d98651841d3a4806a995ce33e6f
Ubuntu Security Notice 1917-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
44a241709486ac437e3d20c72250783b23943ac290361dfb2bdb8db6bb085b3e
Ubuntu Security Notice 1919-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
0533e65e4aac2acad7800b9fde2a21a7f12007d4006f2fa9c6894c704e67ef93
Ubuntu Security Notice 1915-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
4317fc6f210922b96aa5e09e8a48270f0ed5ca1f6c7e34a57b8415cda61d298a
Ubuntu Security Notice 1916-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
3ea1105eb40750e46ee7ad60c72217780c0ef311892fe7159278370fb2345251