new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus...
This report describes any new scripts/modules/exploits added to Nmap,OpenVAS, Metasploit, and Nessus since yesterday.== OpenVAS plugins (16) ==r15675 803433...
View ArticleCLONE_NEWUSER|CLONE_FS root exploit
Seems like CLONE_NEWUSER|CLONE_FS might be a forbiddencombination.During evaluating the new user namespace thingie, it turned outthat its trivially exploitable to get a (real) uid 0,as demonstrated...
View Article[RHSA-2013:0645-01] Important: apache-cxf security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Important: apache-cxf...
View ArticleCodefight CMS (tiny_mce) Arbitrary File Delete Vulnerability
########################################### Exploit Title: Codefight CMS (tiny_mce) Arbitrary File Delete Vulnerability# Date: 2013-03-12# Author: DaOne aka Mocking Bird# Software Link:...
View ArticleMicrosoft Office PowerPoint 2007 Memory Corruption
# Title : Microsoft Office PowerPoint 2007 Memory Corruption# Date: 2013-01-12# Software Link: http://office.microsoft.com/# Author: The Black Devils# Tested on: Windows XP SP2# Special Thanks To :...
View ArticleCisco Video Surveillance Operations Manager Multiple vulnerabilities
# Exploit Title:Cisco Video Surveillance Operations Manager Multiple vulnerabilities# Google Dork: intitle:"Video Surveillance Operations Manager > Login"# Date: 22 Feb 2013 reported to the vendor#...
View ArticleOpen-Xchange Security Advisory 2013-03-13
Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already...
View ArticleTrend Micro chief warns Russian cyber mobsters pose bigger threat than...
Security industry needs to rethink approach to targeted attacks, says Raimund GenesTrend Micro chief technology officer Raimund Genes has warned that businesses' concern about state-sponsored attacks...
View Article[ MDVSA-2013:024 ] firefox
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory...
View ArticleTemporary Notifications of New CVE Entries During NVD Outage
As some people know, the National Vulnerability Database (NVD) ishaving a temporary outage. At http://nvd.nist.gov/, NIST says "We areworking to restore service as quickly as possible."Many people rely...
View ArticleRSA Show Floor Survey: Mobility making it easier for insiders to take IP
The show floor at RSA last week was buzzing with discussion of attacks against critical infrastructure and state-sponsored attacks – the words hactivist and A.P.T. were uttered frequently. But, while...
View Article[Drupal SA-CONTRIB-2013-034 - Node Parameter Control - Access Bypass
View online: http://drupal.org/node/1942330 * Advisory ID: DRUPAL-SA-CONTRIB-2013-034 * Project: Node Parameter Control [1] (third-party module) * Version: 6.x * Date: 2013-Mar-13 * Security risk:...
View ArticleUS national vulnerability database (NIST) hacked
The US government's online catalog of cyber-vulnerabilities has been taken offline – ironically, due to a software vulnerability.The National Institute of Standards and Technology's National...
View ArticleownCloud Security Advisories (2013-008, 2013-009, 2013-010)
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1# Multiple XSS vulnerabilities (oC-SA-2013-008)Web: https://owncloud.org/about/security/advisories/oC-SA-2013-008/## CVE IDENTIFIERS- CVE-2013-1822##...
View ArticleA confirmed security vulnerability has been identified with 30 high traffic...
# VULNERABILITY SUMMARY# ---------------------# A confirmed security vulnerability has been identified with 30 high traffic web# sites owned by QuinStreet. Vendor stores database IDs in cookies which...
View ArticleSurvey: Backup and Disaster Recovery Challenges Persist at Small and...
Forty-Five Percent of Respondents Have Experienced Data LossAUSTIN, TX--(Marketwire - Mar 14, 2013) - Data protection and disaster recovery planning is a priority but remains a challenge for small and...
View ArticleChrome Null Pointer in InspectDataSource::StartDataRequest
---| overviewVulnerability: Chrome Null Pointer in InspectDataSource::StartDataRequestDate: 03/14/2012Author: @HeyderAndrade (heyder.andrade[at]gmail[dot]com)Chrome Version: =< 21.0.1180.57...
View ArticleUsers Weighed Down by Multiple Gadgets and Mobile Devices, New Sophos Survey...
Infographic Highlights the Most Carried Devices, and How Different Countries CompareBOSTON, MA--(Marketwire - Mar 14, 2013) - Tech lovers can't bear to be apart from their gadgets, a new Sophos survey...
View Article[ MDVSA-2013:025 ] pidgin
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory...
View ArticleClipShare 4.1.4 SQLi / Plaintext Password
=====================================================================Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4Official site: http://www.clip-share.comSoftware License:...
View Article