FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
1be7a3c5f6d0714c4d9003a23c706565
Nitro Pro 8 suffers from a DLL hijacking vulnerability.
db877ed71edba1b079e90b2476077edd
This is an analysis of APT1 that was inspired by the original work from Mandiant.
aa3c3157a2336623d96a7e2fa57fec02
Foscam versions FI8910W and FI8908W with embedded web interface version 2.4.10.3 suffer from multiple cross site request forgery vulnerabilities.
42a25fb6eeae86371d83e7a0260ff964
DartWebserver.dll version 1.9.2 suffers from a null pointer dereference denial of service vulnerability.
581cc1a10777cb563080fdeb7f9974a8
Slackware Security Advisory - New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues.
a1aef662839cd19f226ab1c50f9ce81f
ZeroClipboard.swf as included with multiple themes in WordPress suffers from cross site scripting and path disclosure vulnerabilities.
80dce9ff1e03246e909e1fc95299b1e8
This shellcode has been designed to format all the available drives on Windows.
e75c2fb2b63b997f58e082060fa5d65b
Mandriva Linux Security Advisory 2013-075 - Marko Myllynen discovered that ELinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate.
8ee7fe880b0fd694b2abca14e6357d7e
Ubuntu Security Notice 1798-1 - Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory Mathias Krause discovered an information leak in the Linux kernel's getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. Various other issues were also addressed.
21122747f48a1ce552eaf6f8ce90b555
Ubuntu Security Notice 1797-1 - Andrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). Various other issues were also addressed.
446c18778474d2f710b52be1a9930894
Ubuntu Security Notice 1796-1 - Andrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). Various other issues were also addressed.
270905acba7d9c2da321e18add8e8528
Mandriva Linux Security Advisory 2013-076 - Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file. lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file. Additionally a problem was fixed reading xz compressed files.
bcf203652b86fff1f89bf4fc253be523
Ubuntu Security Notice 1795-1 - Andrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). Various other issues were also addressed.
3a2087e77f4fdd0a6e79e672256eecce
Ubuntu Security Notice 1794-1 - Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). A memory use after free error was discover in the Linux kernel's tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). Various other issues were also addressed.
6935377eb279762079d9f8db2153aaf8
Ubuntu Security Notice 1793-1 - Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). A memory use after free error was discover in the Linux kernel's tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). Various other issues were also addressed.
3660d32f16c5ef84dba7ef11e99f69ac
Mandriva Linux Security Advisory 2013-074 - Drupal core's text filtering system provides several features including removing inappropriate HTML tags and automatically linking content that appears to be a link. A pattern in Drupal's text matching was found to be inefficient with certain specially crafted strings. This vulnerability is mitigated by the fact that users must have the ability to post content sent to the filter system such as a role with the post comments or Forum topic: Create new content permission. Drupal core's Form API allows users to set a destination, but failed to validate that the URL was internal to the site. Various other issues were also addressed.
9b0a828f4c06305f67bcae3f6697c71a
Gentoo Linux Security Advisory 201304-1 - Two vulnerabilities in NVIDIA drivers may allow a local attacker to gain escalated privileges. Versions prior to 304.88 are affected.
dbbd0535b7d88cd3f6aee05b5932ec7a
Ubuntu Security Notice 1792-1 - Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory Mathias Krause discovered an information leak in the Linux kernel's getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. Various other issues were also addressed.
650c42fd010ac3e04fda05c629a0c0ca
Mandriva Linux Security Advisory 2013-073 - DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to a.php file, which reveals the installation path in an error message, as demonstrated by lib/tpl/index.php and certain other files. A full path disclosure flaw was found in the way DokuWiki, a standards compliant, simple to use Wiki, performed sanitization of HTTP POST 'prefix' input value prior passing it to underlying PHP substr() routine, when the PHP error level has been enabled on the particular server. A remote attacker could use this flaw to obtain full path location of particular requested DokuWiki page by issuing a specially-crafted HTTP POST request.
d32fb0f92b709a1686d26d609f6e4b28
Slackware Security Advisory - New subversion packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2013-1845,CVE-2013-1846,CVE-2013-1847,CVE-2013-1849,CVE-2013-1884.
945b6de60e1764ac7e99f81e849c7b7d
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
69f299cb1ea3e5f232970f48c128f751
MiniWeb build 300 suffers from remote arbitrary file upload and directory traversal vulnerabilities.
d7d4c6430847f0af7f16ae7822ca5f7a
D-Link devices DIR-600 / DIR-300 revB / DIR-815 / DIR-645 / DIR-412 / DIR-456 / DIR-110 all suffer from a remote command injection vulnerability.
9c39d65f30a6ecb6ad9c6910d7a44d1f
EasyPHP Webserver suffers from a remote shell injection vulnerability.
f84a0d2186ab126bd25b2c5239bbc427