Hackers and Anti-Government Protests rage across Iraq

Four Iraqi Government websites defaced today by hacker going by name "riSky". Defaced domains include Iraq National Investment Commission website also. Where, Tens of thousands of protesters rallied across Iraq on Friday, charging that Sunni Muslims had been disenfranchised under the Shiite-led...

Changes to Mozilla Security Program Foster Open Source Security Tool Development

Mozilla recently announced some changes to the way it will interact with members of the security community who contribute code, bug reports and fixes for the Firefox Web browser and other open source tools under Mozilla’s watch. Michael Coates, director of security assurance at Mozilla, recently...

CubeCart 5.0.7 Insecure Backup Handling

OVERVIEW CubeCart 5.0.7 and lower versions are vulnerable to Insecure Backup File Handling which leads to the disclosure of the application configuration file. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that...

Fedora Update for Django FEDORA-2012-20224

Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2012-20224 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

[SECURITY] Fedora 17 Update: Django-1.4.3-1.fc17

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

Nissi Infotech / Pej Studio / Plante Graffix Cross Site Scripting

Exploit Title : nissiinfotech Cross-Site Scripting Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://www.nissiinfotech.com Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork : intext:"Created ...

WebConnection / Toto / Tides Cross Site Scripting

Exploit Title : WebConnection Cross-Site Scripting Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://www.webconnection.com Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork : intext:"Site...

Fedora Update for php-symfony-symfony FEDORA-2012-19195

Check for the Version of php-symfony-symfony OpenVAS Vulnerability Test Fedora Update for php-symfony-symfony FEDORA-2012-19195 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...

[SECURITY] Fedora 16 Update: php-symfony-symfony-1.4.20-2.fc16

Symfony is a complete framework designed to optimize the development of web applications by way of several key features. For starters, it separates a w eb application's business rules, server logic, and presentation views. It contains numerous tools and classes aimed at shortening the development...

[SECURITY] Fedora 17 Update: php-symfony-symfony-1.4.20-2.fc17

Symfony is a complete framework designed to optimize the development of web applications by way of several key features. For starters, it separates a w eb application's business rules, server logic, and presentation views. It contains numerous tools and classes aimed at shortening the development...

Marketing Development Script SQL Injection

Exploit Title; Marketing Development Script SQL Injection Vulnerability Date; 3/12/12 Author; 3spi0n Script Vendor or Software Link; http://www.marketingdev.com/ Category; Webapps Type; SQL Injection MySQLi Tested on; Ubuntu 12.10 / Win7 / Backtrack 5 Demo Analyzing ;...

[SECURITY] Fedora 18 Update: php-symfony-symfony-1.4.20-2.fc18

Symfony is a complete framework designed to optimize the development of web applications by way of several key features. For starters, it separates a w eb application's business rules, server logic, and presentation views. It contains numerous tools and classes aimed at shortening the development...

[SECURITY] Fedora 18 Update: mingw-openssl-1.0.1c-1.fc18

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows MinGW libraries and development tools...

Critical: Red Hat Security Advisory: java-1.4.2-ibm security update

Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. This is the last update of these packages for Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical...

Use-after-free and buffer overflow issues found using Address Sanitizer — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team discovered a series critically rated of use-after-free and buffer overflow issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We wou...

OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ...

ClubHack 2012 Hacking and Security Conference

Carrying reputation of being India's choicest and oldest hacker's conference, Team ClubHack proudly brings the 6th edition of ClubHack Hacking and Security Conference with more exciting activities. ClubHack 2012 hacker's convention will be held from Nov. 30th to Dec 3rd, 2012 in Pune, India...

[SECURITY] Fedora 16 Update: plib-1.8.5-8.fc16

This is a set of OpenSource LGPL libraries that will permit programmers to write games and other realtime interactive applications that are 100% portable across a wide range of hardware and operating systems. Here is what you need - it's all free and available with LGPL'ed source code on the web...

UNESCO Etxea website hacked by #NullCrew

Hacking group NullCrew deface UNESCO Etxea website unescoetxea.org, which is an internationally oriented NGOs working for the culture of peace, sustainable human development and human rights, at local and global levels. Deface page reads, "Welcome to the new front page of unesco etxea You have be...