Red Hat Security Advisory 2013-1115-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. All bind97 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon will be restarted automatically.
2c4c9735dccdd293d6c3761af0e515e2e9e678a170f95e35d0d880ad6d09c2c9
Red Hat Security Advisory 2013-1116-01 - Red Hat Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that Red Hat Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker could use this flaw to determine the values of restricted attributes via a series of search queries with filter conditions that used restricted attributes.
448d2016b9f11404ae10246e1b670274cd1e5b82f293d08a61c049b9a5f1eb30
Red Hat Security Advisory 2013-1114-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon will be restarted automatically.
2004136b8895379be9ea87bd35769ff77ec069f6404a3d36a2ee61892442afc1
HP Security Bulletin HPSBGN02904 - Potential security vulnerabilities have been identified with HP SiteScope running SOAP. The vulnerabilities could be remotely exploited to allow execution of code. Revision 1 of this advisory.
2478f00abd186500bf4ec557873ea4be1a0c4be699444916f74a1abfffb67c68
The 2014 World Conference on Information Systems and Technologies Call For Papers has been announced. It will take place April 15th through the 18th, 2014, at Madeira Island, Portugal.
8672cf2f58fd6ee083082f4e9bb24a382db3dd6b067561b496758040201d29bb
dns_spquery.c is written in C and sends a DNS recursive name query to a name server of your choice with a spoofed source IP address selected at runtime. This tool was written in order to demonstrate a DNS reflection / amplification attack for testing purposes.
ee5f524a0cc4f2a2315ce105359420522610fbfdd31f128381a65dfc971bbaca
This is a brief paper discussing how tunneling works and how to leverage SSH and UDP tunneling. Written in Portuguese.
9bb1ba2673528899067c00d14ff731ebc9b1d8a37ed25d10b4dd90047f78a0e1
This brief whitepaper is about web crawlers, in particular DIRB web crawler, and an analysis on how gathering information with crawlers can be dangerous for sites. Written in Portuguese.
acfb9ae6fed3520d27cc11aaf35edcc58e4b5c854ea9853d0a8f787f0d1b428c
Bigace CMS version 2.7.8 suffers from a cross site request forgery vulnerability.
334578e319255af19b9ffd7d30e813d5f2ccfc342588bfb110915cb965de5cd3
Ubuntu Security Notice 1914-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
e281f113bfff532e219e71a683648538274d40404aebc19c9c92c26f5c2b8fad
Ubuntu Security Notice 1912-1 - Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. A flaw was discovered in the Linux kernel when an IPv6 socket is used to connect to an IPv4 destination. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). An information leak was discovered in the IPSec key_socket implementation in the Linux kernel. An local user could exploit this flaw to examine potentially sensitive information in kernel memory. Various other issues were also addressed.
7626eebe096c4f4e95a3b1cb1ff7acbc486115e31cb055a4cfc1d77520c9a968
Ubuntu Security Notice 1913-1 - Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. A flaw was discovered in the Linux kernel when an IPv6 socket is used to connect to an IPv4 destination. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). An information leak was discovered in the IPSec key_socket implementation in the Linux kernel. An local user could exploit this flaw to examine potentially sensitive information in kernel memory. Various other issues were also addressed.
c3d61e0fb4aa4f5494b3cdd1af09f21f215af1156fd6bf715ccecb2845b2618a
Ubuntu Security Notice 1918-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
c8f97df912321da182b75fcb3b114c33f25a5d98651841d3a4806a995ce33e6f
Ubuntu Security Notice 1917-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
44a241709486ac437e3d20c72250783b23943ac290361dfb2bdb8db6bb085b3e
Ubuntu Security Notice 1919-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
0533e65e4aac2acad7800b9fde2a21a7f12007d4006f2fa9c6894c704e67ef93
Ubuntu Security Notice 1915-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
4317fc6f210922b96aa5e09e8a48270f0ed5ca1f6c7e34a57b8415cda61d298a
Ubuntu Security Notice 1916-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.
3ea1105eb40750e46ee7ad60c72217780c0ef311892fe7159278370fb2345251
This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the test_li_connection.php component, due to the insecure usage of the system() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.
f986755f0d0b80f4f24f3b0cebb979f77db7ba99a7a250f60cf38a00b1bfde1c
This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the ldapsyncnow.php component, due to the insecure usage of the shell_exec() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.
6d5046291504d28d39d79d096fba6a69e382c338c97f38b517a66277e740b9dd
This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the livelog.html component, due to the insecure usage of the shell_exec() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.
51fca1c0fcae3623e2c9c69f04d8e43a10745b7c2cfa4634796a3d1d61a9cf15
The Windows kernel does not properly isolate broadcast messages from low integrity applications from medium or high integrity applications. This allows commands to be broadcasted to an open medium or high integrity command prompts allowing escalation of privileges. We can spawn a medium integrity command prompt, after spawning a low integrity command prompt, by using the Win+Shift+# combination to specify the position of the command prompt on the taskbar. We can then broadcast our command and hope that the user is away and doesn't corrupt it by interacting with the UI. Broadcast issue affects versions Windows Vista, 7, 8, Server 2008, Server 2008 R2, Server 2012, RT. But Spawning a command prompt with the shortcut key does not work in Vista so you will have to check if the user is already running a command prompt and set SPAWN_PROMPT false. The WEB technique will execute a powershell encoded payload from a Web location. The FILE technique will drop an executable to the file system, set it to medium integrity and execute it. The TYPE technique will attempt to execute a powershell encoded payload directly from the command line but it may take some time to complete.
ec4132f8b9ac70f158c3461e225396c2635aeb7d0ad1f9877329265b9fd215b8
FluxBB version 1.5.3 suffers from cross site scripting, cross site request forgery, and URL redirection vulnerabilities.
3d2a429f0d7f7702aac350cfb0a31594ad3302501c55568dfa29c8812f3a4a6e
Debian Linux Security Advisory 2731-1 - Yarom and Falkner discovered that RSA secret keys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system.
f0a1666c4812d4dc7cb9b02be9a71e7f903c37c2ee68d1a36864059533ee2595
Ubuntu Security Notice 1911-1 - It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash.
c54d93e57fe6f1c6159d8072be1042ae818e7c132c0787c9995ef18ce37ff500
A vulnerability exists in EMC NetWorker that could allow exposure of certain sensitive configuration information under specific circumstances. Versions affected include EMC NetWorker 8.0.0.x, 8.0.1.x, and 7.6.x.x.
9dec0bf3a8508498074bb32c9d7dcad0227b5a46110ee20ca656d7dbb5260323