Debian Linux Security Advisory 2100-1 - George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code.
3909f527b897a5b897e023ce44d7c8ead354203ce693f5c7850f56715487e780
Mandriva Linux Security Advisory 2010-165 - Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service via a string that is inconsistent with the expected number of fields. The updated packages have been patched to correct this issue.
7c17832ce2648dd5df2b0c1c15a0b95e4de8654ea3c56acabf9bf515866c5190
AuditX is a shell script that performs initial information gathering for a given target. Can be used prior to a penetration test, etc.
a01a350bb540d200dca06d152ff91c9a912f5d90e82cf36ad84a9e9646b62f95
Whitepaper called Binary Modification [Patching Vulnerabilities]. This is the English version.
af82ee20ef73831193428f3a2a6559efa83590257c927a910ce46f38bf607354
Rapid7 Security Advisory - FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulnerability has been confirmed on FCKEditor 2.5.1 and 2.6.6.
d7ff7819bc5c1b9397d022f19065769fe00e58d1169b50c1ef3b83d03e7b2950
This Metasploit module exploits a memory trust issue in Apple QuickTime 7.6.7. When processing a specially-crafted HTML page, the QuickTime ActiveX control will treat a supplied parameter as a trusted pointer. It will then use it as a COM-type pUnknown and lead to arbitrary code execution. This exploit utilizes a combination of heap spraying and the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions. NOTE: The addresses may need to be adjusted for older versions of QuickTime.
ad2a818e38de29a3d18064e2a155fb84222ea75ee5b000f0fd2526843600bd1b
Apple QuickTime suffers from a "_Marshaled_pUnk" backdoor parameter client-side arbitrary code execution vulnerability.
644b799b15a352ece2eb968a2fc1a39765068d3237f090e9e9ad901abdde450d
Whitepaper called Global Constructor and Destructor Crashes in the ELF File System.
90ad9a853b2ca40febefb4c9a97cc44168335e4b1a985062b533ff7bae21329c
Whitepaper called DHCP Attack3r - DHCP Spoofing / Starvation. Written in Arabic.
adfc661f8296c5bd4ce62a456c30c7746aeb8eb419475e2d08b2e1d535bac89d
Mandriva Linux Security Advisory 2010-164 - It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. This upgrade provides phpmyadmin 3.3.5.1 which is not vulnerable for this security issue.
60db42d3354d6ff1f1c80b63abae9bea06cc95f164fa11a0f38df7f544c7f2f4
Safari for Windows invalid SGV text style denial of service vulnerability that leverages Webkit.dll.
e8a5b1311f426408047edca0da8c487d6d0d638b2dd706feca4f561119a2f731
Debian Linux Security Advisory 2099-1 - Charlie Miller has discovered two vulnerabilities in OpenOffice.org Impress, which can be exploited by malicious people to compromise a user's system and execute arbitrary code.
01d63c383e5b02942d801254b67b24a814e59377e006e583a93ee5ff2509616c
Formal announcement regarding the agenda and training related to the Ekoparty Security Conference and Training - 6th Edition. It is being held from September 13th through the 15th, 2010, in Buenos Aires City, Argentina.
783558bfbf79357edf916bc2ee97c2a68f3de8cef5f89d4af06a8bd55a27c918
Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability.
67133dc497539753267bc808925df732f7962b52ca82d47cc32471d4d61f8381
Orange Spain is adding the user MSISDN in every HTTP request it sends. Due to this, any web site you visit now has your number.
9030c3718066d74b2dc936155a5ca1bc3949578dc1c1980da9c84f71675859e8
Seagull version 0.6.7 suffers from remote file inclusion vulnerabilities.
3894dc1f951b61040f513ecb1490578469eca0b554740e2a24a940c336d2f1f9
CF Image Hosting Script version 1.3 suffers from a database disclosure vulnerability.
1ad84f8b647c73ca975147161aeab601ff85c2f7bfae97069dfdc3cd0d431148
Virtual DJ version 6.1.2 DLL hijacking exploit that leverages hdjapi.dll while loading .mp3 content.
dcd25bf9f4bf961d04adc02a8f0bbd62e6d4ff35423f5103c1e5fb84819b57d4
BS Player version 2.56 DLL hijacking exploit.
1138e666e26d184783548561e62217e74722851cbc6da3b4fc0a1c1b81932324
Microsoft Windows 7 / Vista backup utility sdclt.exe fveapi.dll DLL hijacking exploit.
e9a3f70c34d950830c001a7411b170513dad016f68fa1b229c110676f531a7d2
Daemon Tools Lite versions 4.35.6.0091 and below mfc80loc.dll DLL hijacking exploit.
436b05330dd8f07f7a229810298f9d46708f1f4909e13c4868f11d90655ac9cd
Mandriva Linux Security Advisory 2010-163 - The setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with the ability to save files on the server, this can allow unauthenticated users to execute arbitrary PHP code. It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. This upgrade provides phpmyadmin 2.11.10.1 which is not vulnerable for these security issues.
9986c79908b9ee4d1ba1f58ab5437dfb3312b87f607400d0eb139d1ac17b4e10
GuestBookPlus suffers from comment restriction bypass and html injection vulnerabilities.
d04398881aabed711212520e586cce8ba19d2ed3c5f5da45745a3f94fb0bebfe
Debian Linux Security Advisory 2098-1 - Several remote vulnerabilities have been discovered in the TYPO3 web SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code execution.
ea3f13e2fa8f96769e55b83ed985ffd5ddb20e1914df7e0b147151d2c74ce0f4
QtWeb Browser version 3.3 build 043 DLL hijacking exploit.
617db4e1c90c9939fbdbd8c5436f9e0e4902a383aed7ef5c648c7ffc3e984cb9