SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 7644)

This update adds openssl patches since 2007 for : - CVE-2009-0590 - CVE-2008-5077 - CVE-2009-0789 - CVE-2009-3555 - CVE-2010-4180 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc';...

[SECURITY] Fedora 14 Update: squirrelmail-1.4.22-2.fc14

SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 with no JavaScript for maximum compatibility across browsers. It has very few requirements and is very easy to configure and instal...

[SECURITY] Fedora 15 Update: squirrelmail-1.4.22-2.fc15

SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 with no JavaScript for maximum compatibility across browsers. It has very few requirements and is very easy to configure and instal...

Multi Manage Post Module Macro Execution

This module will execute a list of modules given in a macro file in the format of against the select session checking for compatibility of the module against the sessions and validation of the options provided. This module requires Metasploit: https://metasploit.com/download Current source:...

Ubuntu: Security Advisory (USN-1168-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 14 : wordpress-3.1.4-1.fc14 (2011-8908)

Upstream security release. Details at http://wordpress.org/news/2011/06/wordpress-3-1-4/ Fix old FSF address and Summary to make rpmlint happy. Make wp-content directory owned by apache:apache. Correctly Provides/Obsoletes with versions. Upgrade to the latest upstream version security fixes and...

AST-2011-011: Possible enumeration of SIP users due to differing authentication responses

Asterisk Project Security Advisory - AST-2011-011 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Possible enumeration of SIP users due to | | | differing...

Custom Payload

Use custom string or file as payload. Set either PAYLOADFILE or PAYLOADSTR. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include...

THC-HYDRA v6.4 - Fast network logon cracker

THC-HYDRA v6.4 - Fast network logon cracker THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote...

CVE-2011-1276

Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code or cau...

CVE-2011-1709

GNOME Display Manager gdm before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type...

Security Update for the 2007 Microsoft Office System (KB2541012)

A security vulnerability exists in the 2007 Microsoft Office System and the Microsoft Office Compatibility Pack that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

April, 2007: Sony ARccOS Copy Protection Bricks DVD Players

With the DRM rootkit debacle still visible in the rear view mirror, Sony again found itself in hot water over copy protection gone wrong in 2007. This time the problem was with Sony’s Advanced Regional Copy Control Operating Solution ARccOS, which shipped with some DVDs. The technology was...

openSUSE Security Update : OpenOffice_org (openSUSE-SU-2011:0337-1)

Maintenance update to LibreOffice-3.3.1. It adds some interesting features, fixes many bugs, including several security vulnerabilities. The previous OpenOfficeorg packages are also renamed to libreoffice. LibreOffice is continuation of the OpenOffice.org project. This update replaces the...

Microsoft Windows Malicious Software Removal Tool - Download !

Microsoft Windows Malicious Software Removal Tool - Download ! The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including...

Fedora 14 : fail2ban-0.8.4-27.fc14 (2011-5153)

fail2ban used predictable /tmp files which a local user can allocate before fail2ban does. All tmp files have been moved to /var/lib/fail2ban. This also helps with selinux policies. Another security related fix is that fail2ban defaulted to gamin which conflicts with selinux, so users had to...

Universal Fuzzer by Codenomicon !

Codenomicon is a Finland based Information Security company. Recently it has released a universal fuzzer, a fuzz testing solution that combines heuristics and multiple fuzzers with a graphical user interface, automated test executions and reporting features. Fuzzing has been popular between hacke...

Cherry enterprise website management system v1. 0 Upload vulnerability-vulnerability warning-the black bar safety net

Cherry enterprise website management system full DIV+CSS template, multi-browser adapt perfectly compatible with IE6-IE8,Firefox, Google, etc. standards-compliant browser, the template styles centralized in a CSS style, content and style completely separated convenient website designers to develo...

Integer overflow

Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute...

CVE-2011-0097

Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary cod...