ClubHACK Magazine Issue 20 - Topics covered include rootkits with boot infection, reverse engineering and malware analysis, ostinato, angry malwares, and more.
541250687de732d09b0cf2b7dd708d11c8f1e5ecac477cad7e3f0d1a4f88512d
Advanced Image Hosting version 2.3 suffers from a cross site scripting vulnerability.
a5ae025bf98a344fffa6f8329ad130b41da72c050228b278dc66cd8ac62d5057
These are slides from a presentation called Jumping the Guard Page for Fun and Profit - Recursive Stack Overflows.
9c88c0b355adee8fb85374ea39f5d41224a4788bf9a35349adff4d4b8448912c
Webmodo News System suffers from a remote blind SQL injection vulnerability.
dfd2b8fe24c902fe03d6d52e8be66911737b7d5609b88e5a05d62e8d7e9fb59e
Kolifa News System suffers from cross site scripting and remote SQL injection vulnerabilities.
eea985084b2d605a5abc20cbc8acb3ba1036e58d088871e141b5c22d3339eb9a
Myisoft EasyGallery suffers from cross site scripting and remote blind SQL injection vulnerabilities.
eefd3753d650c65093d4742cd3f2aa25ab520803062e4d04842dc6fbbf73a991
WordPress oQey Gallery plugin versions 0.48 and below suffer from a remote SQL injection vulnerability.
c53df83897933017bf9d0b2e012f0a24e17e90ddcd819b412e9499b638bc6b4d
CoolPlayer Portable version 2.19.2 buffer overflow exploit with ASLR bypass and calc.exe bypass.
5194e3a74076a91240d0a9d25a7e77bd0b64a0ece05d9ae0aba221a285bb0c62
ZipX for Windows version 1.71 buffer overflow exploit that creates a malicious .zip file.
40cd23fffde49a160de4a4414f01484447f3061646c6c919f366dda6f26e9976
Mandriva Linux Security Advisory 2011-131 - Multiple vulnerabilities has been discovered and corrected in libxml/libxml2. Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.
0e812764cfec1dc00d4a20c2f40c95d7b05a99e379e3b52ea6a46a728dc54e04
Secunia Security Advisory - A vulnerability has been discovered in ZipX, which can be exploited by malicious people to compromise a user's system.
d64a933aa0861335f2dce57633e3f9ea9dd7838a29e5ec657b541c871ad2151a
Secunia Security Advisory - A vulnerability has been reported in BlueDragon Server, BlueDragon Server JX, BlueDragon for J2EE Application Servers, and BlueDragon for the Microsoft .NET Framework, which can be exploited by malicious people to conduct cross-site request forgery attacks.
18a41da41bc7fa1cbd8ccdc4ce9464dfdf6aec8dbb4ae3e50f933e41c3f1e402
Red Hat Security Advisory 2011-1251-01 - JBoss Enterprise Portal Platform 5.1.1, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal.
56e11547e75cc2aefc555123ff410ec27e3c1d7ec6d345079ab1b24bc4ebacbc
Rooted CON 2012 Call For Papers - Rooted CON is a security congress which will be held in Madrid (Spain) from March 1st through the 3rd, 2012. With an estimated capacity around 650 people, it is one of the biggest specialized congresses in Spain and one of the biggest in Europe. Having very different kinds of attendants going from students, police and government specialists, security professionals or just technology enthusiasts.
0b57d16ca78358270facc895d4781e98ae07e773264a17b61de735daf26ddcc8
Whitepaper called Better PHP Practices. It focuses on on security measures and implementations to enhance your code.
6ee3c89a53b24f31636bad8962204b1f5dedcf8be35915edc4dc0196fa23c6b7
Emerson.com suffers from a cross site scripting vulnerability.
d666b6fcc604ed9a2d3a1e17b284393412a96aa28abc9e37f1f539a68921c449
TOWeb version 3 local format string denial of service exploit.
9eeada9c67fd2b0f0f83be071fab4c4ed799cf5482982634020d332a452e8b8d
World of Warcraft local stack overflow denial of service exploit.
faabe10be185ab5b9ddf501c0a02dbf7b33ff1fd7728f76689bb06d7e91fff10