Paper called Renegotiating TLS. Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle (MITM) attacks related to renegotiation. In general, these problems allow an MITM to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream, leading to a variety of abuse possibilities. In particular, practical attacks against HTTPS client certificate authentication have been demonstrated against recent versions of both Microsoft IIS and Apache httpd on a variety of platforms and in conjunction with a variety of client applications. Cases not involving client certificates have been demonstrated as well.
ad318f67f8665ad770bc1cf6e8f7832ad97aa4d2cdd2ebe8247c7503e4a60cdb
Core Security Technologies Advisory - Blender embeds a python interpreter to extend its functionality. Blender .blend project files can be modified to execute arbitrary commands without user intervention by design. An attacker can take full control of the machine where Blender is installed by sending a specially crafted .blend file and enticing the user to open it.
1fef8cb8fcac60f760b13718f93b477b71bdd1c6562c217b66231efa118f8715
HP Security Bulletin - A potential security vulnerability has been identified with HP Power Manager. The vulnerability could be exploited remotely to execute arbitrary code.
53080e1e2988e928bf4696c49f0cd570649bd4259d541307bb5c18f3d7d7a8c9
eoCMS versions 0.9.01 and below suffer from a remote SQL injection vulnerability.
26af20d0d7bd017809cc9c50b39a28b33b797dab5aeac3d3f85c464b6b73d780
Remote buffer overflow exploit for the Serv-U web client version 9.0.0.5.
8dc1389fcf83400effd619fdd1bb11bcf250e1f0e262650d97d8a4dad508d509
Zero Day Initiative Advisory 09-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image dimensions. When specifying large values to the dimensions of a subsample an integer overflow occurs leading to memory corruption. Successful exploitation of this vulnerability can lead to remote compromise under the credentials of the currently logged in user.
47ee5830c4dbdaefff07781e1bcdec30a4377a14962a51048810a3b53d3c3619
Zero Day Initiative Advisory 09-079 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of arguments to the setBytePixels AWT library function. Due to the lack of bounds checking on the parameters to the function a user controllable memcpy can result in a heap overflow. Successful exploitation of this vulnerability can lead to remote system compromise under the credentials of the currently logged in user.
4d1d6b0a4c0183614c191896497e022d9098104c6686228a4c19fbeaccd7c12b
Zero Day Initiative Advisory 09-078 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of arguments to the setDiffICM AWT library function. Due to the lack of bounds checking on one of the parameters to the function a stack overflow can occur. Successful exploitation of this vulnerability can lead to remote system compromise under the credentials of the currently logged in user.
d8ff737490bfd7484e57e6ae6d4b8ee4689639c478e82e1f7773a587a9f837d9
Zero Day Initiative Advisory 09-077 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java WebStart. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the implementation of security model permissions during the removal of installer extensions. By modifying an existing installer extension JNLP file, a condition occurs that allows for code supplied by a different URL than the original installer extension URL to run as a secure applet. This condition can result in arbitrary command injection under the privileges of the currently logged in user.
bafb05241862f71746a218ff5cd08fc620db8c8ed1f7effba706e14c73e0b0de
Zero Day Initiative Advisory 09-076 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page. The specific flaw exists in the parsing of long file:// URL arguments to the getSoundbank() function. Due to a lack of bounds checking on user supplied data a stack overflow can occur leading to remote code execution. Exploitation of this vulnerability can lead to system compromise under the credentials of the currently logged in user.
12b41a5dda9749bf93b9caa26fd1edf3c05e21b07772f9d680db8794d90a688c
12 bytes small Windows XP Pro SP2 English Wordpad shellcode.
c6adf5d5f8b9ce048d4fe598acb2ae75a7fb1112ed7f3ed07c144830f22a5fa7
Mac OS X versions 10.5.6 and 10.5.7 ptrace() mutex handling denial of service exploit. This code should be run in a loop and due to problems with mutex handling in ptrace a denial of service can occur when a destroyed mutex is attempted to be interlocked by the OSX kernel giving rise to a race condition. You may need to run this code multiple times.
280d49ab7dc2a6f1d65feb29ee1a9c5ba38aedb401fb0e81e12ef3860ea1d82f
Secunia Security Advisory - A vulnerability has been reported in the User Protect module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.
f6705f802261d5823a8dbe3b828dd3681bfb7ebf861e34a64d2171b41c294e9c
Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to bypass certain security restrictions.
322756def7252d2b248f8043a8801bf4ab07ca82dbc9a7aedb15476213c81bf5
Secunia Security Advisory - Debian has issued an update for typo3-src. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting or script insertion attacks, and by malicious users to bypass certain security restrictions, conduct script insertion attacks, manipulate certain data, conduct SQL injection attacks, or compromise a vulnerable system.
73fc0e4ecaf451e210f56becb62acc33f06dc8c686a09e25575903a8287e6ec2
Secunia Security Advisory - A vulnerability has been reported in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system.
4856a5684cb3811ac5a36d53642940485910abaa8f1ed0988a86c2d5e482beef
Secunia Security Advisory - Fedora has issued an update for rt3. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.
1631a10aeb2e7f3567dd4bcca462deb1200ad95094e289c996c0279dd3ca9c9d
Secunia Security Advisory - A weakness has been reported in Asterisk, which can be exploited by malicious people to determine valid usernames.
99157ec6fc7a3b82b525ecbabf39acfbf1045b7536dc1de7a14ab0ec1bed70d9
Secunia Security Advisory - A vulnerability has been reported in the Temporary Invitation module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
14b7526afe223e86893b2a72391d597ada5fc00870b1e7f43c4b8005151f5b17
Secunia Security Advisory - A vulnerability has been reported in the S5 Presentation Player module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
f47af9d980da9afec776a2c2eebbb5704c67437afbcd9a28d25a6ecef6e5844d
Secunia Security Advisory - Fedora has issued an update for python-4Suite-XML. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
5e45527d837b5eeb960129b9beeeed22fc6d7d46f9bb0385f927492097cb72f8
Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which can be exploited by malicious people to manipulate certain data.
5a922b94dbe98d37457631f6725af4bad4cf4adeced79dacd195097b5448a6cf
Secunia Security Advisory - A vulnerability has been reported in the Smartqueue OG module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
d75319bcc8f298a2379bf0242f4f6fd1fd0af2f7556d17f9ef9b9633b98d2870
Secunia Security Advisory - A vulnerability has been reported in the Node Hierarchy module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
01096cb34a5b02a455ab6a5a8c4c9cae8e6137b7ec7daaa8a50cfaa4b22244f6
Secunia Security Advisory - Cao Xuan Sang has reported a vulnerability in eoCMS, which can be exploited by malicious people to conduct SQL injection attacks.
2b54ec73ed481aeb21723a92eefa58e7846557f017dbf6c82c985cd1a55c2d23