| 01/25/2010 08:24 PM |
| LedgerSMB Multiple Vulnerabilities |
It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase. |
| |
| 01/04/2010 02:26 PM |
| Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability |
Insecure permissions have been detected in the multiple Kaspersky Lab antivirus products. |
| |
| 12/11/2009 02:42 PM |
| Piwik Cookie Unserialize Vulnerability |
Piwik unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized utilizes Piwik's classes to upload arbitrary files or execute arbitrary PHP code. |
| |
| 12/08/2009 06:49 PM |
| Invision Power Board SQL PHP File Inclusion and SQL Injection |
Invision Power Board has a PHP file inclusion vulnerability that is trivial to exploit with a web browser and a known location of a php file residing on the target system. Authorisation is not required. The SQL injection vulnerability is somewhat tricky to exploit as there are quite a few restrictions that make creating a successful sql attack vector difficult. Nevertheless a crafty attacker might issue a series of requests that might allow him to gain some information about the target system or even read files from the disk depending on permissions granted to the db account that is used by the forum. |
| |
| 12/07/2009 06:22 PM |
| U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) Vulnerability |
The U.S. Defense Information Systems Agency (DISA) publishes Security Readiness Review scripts (SRRs) to ensure systems and software meet security baselines required by the Department of Defense. Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run. |
| |
| 04/12/2009 10:01 AM |
| Netifera - Modular Open Source Platform for Security Tools |
|
| |
| 03/09/2009 04:59 AM |
| WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems |
|
| |
| 02/23/2009 12:28 PM |
| Webshag - Web Server Audit Tool |
|
| |
| 01/20/2009 09:01 AM |
| Browser Fuzzer |
|
| |
| 12/31/2008 07:04 AM |
| FSpy - Linux Filesystem Activity Monitoring |
|
| |
| 01/25/2010 08:44 PM |
| Publique! CMS and SQL Injection Vulnerabilities |
A remotely exploitable vulnerability was found in the framework core component. Exploitation of this bug does not require authentication and will lead to remotely exposed potentially sensitive information from the Publique! database. Particularly, an attacker can extract usernames and passwords needed to authenticate to the administrative interface and gain full control of the web site and (depending on certain conditions) the server itself. |
| |
| 01/25/2010 07:27 PM |
| Files2Links F2L-3000 SQL Injection Vulnerability |
The login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers to bypass authentication and access sensitive information stored on the device. |
| |
| 01/04/2010 02:20 PM |
| HP-UX Running Apache Data Injection and DoS Vulnerability |
A potential security vulnerability has been identified with HP-UX running Apache v2.0.59.12 and earlier. The vulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS). |
| |
| 01/02/2010 01:51 PM |
| MIT krb5 KDC denial of service in cross-realm referral processing |
An unauthenticated remote attacker could cause the KDC to crash due to a null pointer dereference. Legitimate requests can also cause this crash to occur. |
| |
| 01/01/2010 06:38 PM |
| AproxEngine Multiple Vulnerabilities |
Vulnerabilities have been discovered in AproxEngine, which can be exploited by malicious users to manipulate certain data, conduct spoofing, SQL injection, and script insertion attacks and by malicious people to conduct SQL injection and script insertion attacks. |
| |
| 12/09/2009 10:07 PM |
| Microsoft Indeo Codec Memory Corruption Vulnerability |
The Indeo codec on systems running Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow code to run on users systems when opening specially crafted content. |
| |
| 11/18/2009 02:18 PM |
| HP DDMI Execution of Arbitrary Code |
A potential security vulnerability has been identified with HP Discovery & Dependency Mapping Inventory (DDMI) running on Windows. The vulnerability could be exploited remotely by an authorized user to execute arbitrary code. |
| |
| 11/13/2009 03:16 PM |
| Microsoft Windows License Logging Service Heap Corruption Vulnerability |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required on certain configurations to exploit this vulnerability. |
| |
| 11/13/2009 02:41 PM |
| Microsoft Office Excel Code Execution Vulnerabilities |
Attackers using specially crafted XLS files can execute arbitrary code via memory corruptions, invalid index, and invalid pointer errors. |
| |
| 11/02/2009 08:51 PM |
| Microsoft SharePoint 2007 ASP.NET Source Code Disclosure |
It was found that the download facility of Microsoft SharePoint Team Services can be abused to reveal the source code of ASP.NET files. |
| |
| 01/02/2010 01:40 PM |
| Trango Broadband Wireless Rogue SU Authentication Bug |
Currently there is a flaw in the authentication mechanism of these radios which, if an attacker knows some details, can allow interception of ethernet packets broadcast from the Access Point to the Subscriber Unit and potentially allows injection into the communication from the Subscriber Unit to the Access Point. |
| |
| 01/01/2010 06:52 PM |
| Exposing HMS HICP Protocol and Intellicom NetBiterConfig.exe Remote Buffer Overflow |
SCADA weaknesses created by HICP Protocol and NetBiter WebSCADA. |
| |
| 12/17/2009 06:16 PM |
| Family Connections Multiple Remote Vulnerabilities |
Many fields are not properly sanitised and some checks can be bypassed. |
| |
| 12/17/2009 06:07 PM |
| VideoCache vccleaner Root Vulnerability |
VideoCache is a Squid URL rewriter plugin written in Python for bandwidth optimization while browsing video sharing websites. Version 1.9.2 allows a user with the privileges of the Squid proxy server to append semi-arbitrary data to arbitrary files with root privileges, upon the administrator's execution of the 'vccleaner' utility. |
| |
| 12/17/2009 05:57 PM |
| QuickHeal Antivirus 2010 Local Privilege Escalation |
All files under the install folder have Full control for BUILTIN\users and can be replace with malicious files. |
| |
| 05/10/2009 02:35 PM |
| Why Silent Updates Boost Security |
Thomas Duebendorfer Google Switzerland GmbH and Stefan Frei Communication Systems Group, ETH Zurich, Switzerland looked into the performance of Web browser update mechanisms. The analysis of anonymized Google Web server logs allowed us to compare and rank the update strategies deployed by Google Chrome, Mozilla Firefox, Apple Safari, and Opera. |
| |
| 05/10/2009 02:29 PM |
| PDF Silent HTTP Form Repurposing Attacks |
This paper sheds light on a modified approach to triggering web attacks through JavaScript protocol handler in the context of opening a PDF in a browser. |
| |
| 12/03/2008 11:24 AM |
| Frame Pointer Overwrite Demonstration (Linux) |
This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please do so, because this read does not include key concepts but instead technical exploitation examples. That being said, enjoy. Knowledge is power. |
| |
| 12/02/2008 11:22 AM |
| Format String Exploitation Demonstration (Linux) |
This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please do so, because this read does not include key concepts but instead technical exploitation examples. That being said, enjoy. Knowledge is power. |
| |
| 11/12/2008 12:54 PM |
| Hacking SOHO Routers |
The purpose of this paper is to outline the security measures being taken by vendors to prevent such attacks in their home routing products, what those security measures accomplish, and where they fall short. We will use existing network tools to examine common vulnerabilities in a range of popular devices and demonstrate weaknesses in the security of those devices; additionally, we will examine common trends in security measures that have been duplicated across vendors, and examine how those trends help and hinder the security of their devices. In particular, we will examine the following home routers, which are some of the latest offerings from their respective vendors at the time of this writing: * Linksys WRT160N |
| |