Berkeley-AL20, Berkeley-BD Security Vulnerabilities

ISC BIND 9 resolver cache vulnerability

Overview ISC BIND 9 resolver contains a vulnerability that could allow a attacker to keep a domain name in the cache even after it has been deleted from registration. Description According to ISC: I__SC has been notified by Haixin Duan (a professor at Tsinghua University in Beijing China, who is...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community. [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne. [93106] High...

Stable Channel Update

The Chrome team is excited to announce the release of Chrome 17 to the Stable Channel for Windows, Mac, Linux and Chrome Frame. 17.0.963.46 contains a number of new features including: New Extensions APIs Updated Omnibox Prerendering Download Scanning Protection Many other small changes...

linux/x86 - port bind shellcode 84 bytes

...

linux/x86 - netcat : connect back port 8081 - 77 bytes

...

Microsoft Adds Kelihos Botnet Operator To Civil Complaint

A Russian man was added to the list of defendants in a civil complaint filed by Microsoft at the operators of the Kelihos botnet. In an amended complaint filed in U.S. District Court on Monday, the company said that Andrey Sabelnikov controlled Kelihos using 21 Internet domains bought from a...

Debian DSA-2379-1 : krb5 - several vulnerabilities

It was discovered that the Key Distribution Center (KDC) in Kerberos 5 crashes when processing certain crafted requests : CVE-2011-1528 When the LDAP backend is used, remote users can trigger a KDC daemon crash and denial of service. CVE-2011-1529 When the LDAP or Berkeley DB...

[SECURITY] [DSA 2379-1] krb5 security update

Debian Security Advisory DSA-2379-1 [email protected] http://www.debian.org/security/ Florian Weimer January 04, 2012 http://www.debian.org/security/faq Package : krb5 Vulnerability : several Problem type : remote...

krb5 - several

It was discovered that the Key Distribution Center (KDC) in Kerberos 5 crashes when processing certain crafted requests: CVE-2011-1528 When the LDAP backend is used, remote users can trigger a KDC daemon crash and denial of service. CVE-2011-1529 When the LDAP or Berkeley DB backend is used,...

China Software Developer Network (CSDN) 6 Million user data Leaked

China Software Developer Network (CSDN) 6 Million user data Leaked The "Chinese Software Developer Network" (CSDN), operated by Bailian Midami Digital Technology Co., Ltd., is one of the biggest networks of software developers in China. A text file with 6 Million CSDN user info including user...

Capexweb universal password-vulnerability warning-the black bar safety net

Title: Capexweb Sql Vulnerable Author: D1rt3 Dud3 Affected version: 1.1 A description of the problem: Capexweb is a Web based Backoffice client used by leading Stock Exchanges like Berkeley Gains, angle broking house etc. http://www.badguest.cn /capexweb/capexweb/ Log in details: Username:...

Unfixed XSS vulnerability at www.vokrugsveta.ru

Security researcher Atmon3r, has submitted on 17/12/2011 a cross-site-scripting (XSS) vulnerability affecting www.vokrugsveta.ru, which at the time of submission ranked 29109 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/12/2011. It is...

Capexweb 1.1 SQL Injection

...

Capexweb 1.1 - SQL Injection

...

Capexweb 1.1 - SQL Injection

Capexweb 1.1 - SQL...

cApexWEB ver1.1 SQL Injection

Exploit for php platform in category web...

RedHat Update for bind RHSA-2011:1496-01

Check for the Version of...

CentOS Update for bind CESA-2011:1496 centos4 i386

The remote host is missing an update for...

CentOS Update for bind CESA-2011:1496 centos4 i386

Check for the Version of...

RedHat Update for bind RHSA-2011:1496-01

The remote host is missing an update for...

CentOS 4 : bind (CESA-2011:1496)

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

RHEL 4 : bind (RHSA-2011:1496)

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

bind security update

CentOS Errata and Security Advisory CESA-2011:1496 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying...

(RHSA-2011:1496) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw...

Fedora Update for bind FEDORA-2011-16002

Check for the Version of...

Fedora Update for bind FEDORA-2011-16036

Check for the Version of...

[SECURITY] Fedora 15 Update: bind-9.8.1-3.P1.fc15

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....

[SECURITY] Fedora 14 Update: bind-9.7.4-2.P1.fc14

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....

Multi Gather Mozilla Thunderbird Signon Credential Collection

This module will collect credentials from Mozilla Thunderbird by downloading the necessary files such as 'signons.sqlite', 'key3.db', and 'cert8.db' for offline decryption with third party tools. If necessary, you may also set the PARSE option to true to parse the sqlite file, which contains...

CentOS 5 : bind97 (CESA-2011:1459)

Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

CentOS 5 : bind (CESA-2011:1458)

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating,...

CentOS Update for bind97 CESA-2011:1459 centos5 i386

Check for the Version of...

CentOS Update for bind97 CESA-2011:1459 centos5 i386

The remote host is missing an update for...

CentOS Update for bind CESA-2011:1458 centos5 i386

Check for the Version of...

CentOS Update for bind CESA-2011:1458 centos5 i386

The remote host is missing an update for...

[SECURITY] Fedora 16 Update: bind-9.8.1-4.P1.fc16

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....

bind97 security update

CentOS Errata and Security Advisory CESA-2011:1459 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying...

bind, caching security update

CentOS Errata and Security Advisory CESA-2011:1458 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying...

RedHat Update for bind97 RHSA-2011:1459-01

Check for the Version of...

RedHat Update for bind97 RHSA-2011:1459-01

The remote host is missing an update for...

RedHat Update for bind RHSA-2011:1458-01

Check for the Version of...

RedHat Update for bind RHSA-2011:1458-01

The remote host is missing an update for...

(RHSA-2011:1459) Important: bind97 security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw...

(RHSA-2011:1458) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw...

Medium: krb5

Issue Overview: Multiple NULL pointer dereference and assertion failure flaws were found in the MIT Kerberos KDC when it was configured to use an LDAP (Lightweight Directory Access Protocol) or Berkeley Database (Berkeley DB) back end. A remote attacker could use these flaws to crash the KDC....

Mandriva Update for krb5 MDVSA-2011:160 (krb5)

The remote host is missing an update for...

Mandriva Update for krb5 MDVSA-2011:160 (krb5)

Check for the Version of...

Dedecms variable coverage vulnerability Exploit-vulnerability warning-the black bar safety net

Title: Dedecms variable coverage vulnerability Exploit Time: 2011-09-06 Team:MakeBug Author: cfKing / |/ | / | | | / / | _| | _ | | | | / | / _/ / /| /| | / /| | | |/ / | | | || | | | | | | | | | / / |/ | | / / | | | | | | | _ { | | | | | | _ _ / / | | / / | | | | | | | || | | || | | ||...

Multiple MIT KRB5 KDC daemon vulnerabilities

Overview MIT's KRB5 KDC version 1.8 and 1.9 contain multiple vulnerabilities. Description The MIT krb5 Security Advisory 2011-006 states: _CVE-2011-1527: In releases krb5-1.9 and later, the KDC can crash due to a null pointer dereference if configured to use the LDAP back end. A trigger condition.....

MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-006 MIT krb5 Security Advisory 2011-006 Original release: 2011-10-18 Last update: 2011-10-18 Topic: KDC denial of service vulnerabilities CVE-2011-1527: null pointer dereference in KDC LDAP back end CVSSv2 Vector:...