Fedora Update for eclipse FEDORA-2010-1936

Check for the Version of eclipse OpenVAS Vulnerability Test Fedora Update for eclipse FEDORA-2010-1936 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

A Chat With Adobe's Brad Arkin

Adobe has been in the security spotlight for some time now, and in an effort to give our readers a better perspective on the company’s efforts to improve the security of its products, Threatpost had a live chat with Brad Arkin, director of product security and privacy at Adobe, on Feb. 24. This i...

SilverStripe CMS Running in Development Mode

The SilverStripe CMS install hosted on the remote web server appears to be running in development mode. When running in development mode, debugging tools are accessible without authentication, which could enable an attacker to gain sensitive information relating to the application. %NASLMINLEVEL...

Sun Java Runtime Environment Type1 Font Parsing Integer Overflow (CVE-2009-1099)

Java Technology is a programing platform developed by Sun Microsystems which aims to provide a system for developing and deploying cross-platform applications. Java is used in a wide variety programs that are deployed on personal computers as well as embedded devices and cell phones. Java...

MediaCoder v0.7.3.4605 Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ==================================================== MediaCoder v0.7.3.4605 Local Buffer Overflow Exploit ==================================================== / Download: http://www.mediacoderhq.com/download.htm Compilation:...

[SECURITY] Fedora 11 Update: chmsee-1.0.1-15.fc11

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized. ...

Taking Vendors to Task on Security Flaws

A loose consortium of security experts from more than 30 organizations today called on enterprises to exert more pressure on their software vendors to ensure that they use secure code development practices. Read the full article. Computerworld...

[SECURITY] Fedora 11 Update: gambas-1.0.19-12.fc11

Gambas is a free development environment based on a Basic interpreter with object extensions, like Visual Basic but it is NOT a clone !. With Gambas, you can quickly design your program GUI, access MySQL or PostgreSQL databases, pilot KDE applications with DCOP, translate your program into many...

[SECURITY] Fedora 12 Update: gambas-1.0.19-12.fc12

Gambas is a free development environment based on a Basic interpreter with object extensions, like Visual Basic but it is NOT a clone !. With Gambas, you can quickly design your program GUI, access MySQL or PostgreSQL databases, pilot KDE applications with DCOP, translate your program into many...

Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow

Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow !/usr/bin/env python Wireshark 1.2.5 LWRES getaddrbyname stack-based buffer overflow Discovered by babi Reference: http://www.exploit-db.com/exploits/11288 Exploit Dev by Nullthreat & Pure|Hate import socket, sys try: host = sys.argv1 except:...

Apple iPhone / iPod My DBLite Edition Denial Of Service

!/usr/bin/python Apple Iphone/Ipod - My DBLite Edition Remote 0day DOS exploit Found by: Jason Bowes - admin @ blue-dogz.com App Homepage: www.xenugo.co Price: Free Download: From the app store use your itunes account Tested on: Iphone 3GS - firmware 3.1.2 What's up to slicc1 Advisory: print "+...

Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow

!/usr/bin/env python Wireshark 1.2.5 LWRES getaddrbyname stack-based buffer overflow Discovered by babi Reference: http://www.exploit-db.com/exploits/11288 Exploit Dev by Nullthreat & Pure|Hate import socket, sys try: host = sys.argv1 except: print "usage: " + sys.argv0 + " " exit2 port = 921 add...

EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (PoC)

EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow PoC !/usr/bin/python Title: EasyFtp Server v1.7.0.2 Post-Authentication BoF PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Hat's off to dookie2000ca Date Found: 13/02/2010 Developer contacted: 14/02/201...

Blue Dove Word Press Development Sql Injection Vulnerability

Exploit for unknown platform in category web applications ===================================== Blue Dove Sql Injection Vulnerability ===================================== .:. Bug Type : Sql Injection .:. Dork : "powered by Blue Dove Web Design" === Exploit ===...

Microsoft Tries to Boost SDL Adoption

Microsoft is trying to boost adoption of the software security practices in its Security Development Lifecycle by releasing a revised set of instructions to make implementation of the process easier and faster. At the Black Hat DC conference on Tuesday, the company announced the release of its...

Insufficient User Input Validation in VP-ASP 6.50 Demo Code

======================================================================== = CodeScan Advisory, codescan.com [email protected] = = Insufficient User Input Validation in VP-ASP 6.50 Demo Code = = Vendor Website: = http://www.vpasp.com/ = = Affected Version: = VP-ASP Shopping Cart 6.50 Demo Cod...

JDK: XML parsing Denial-Of-Service (6845701)

Previously, a denial-of-service flaw was found in Java which allowed the creation of an inifinte loop in XML headers that would consume all CPU resources. This issue was patched and Java is no longer vulnerable to a denial-of-service flaw due to the initiation of an infinte loop by means of XML...

OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948...

OpenJDK GIF processing buffer overflow vulnerability (6804998)

Buffer overflow in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.219 and earlier; and 1.3.124 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998...

WD-CMS 3.0 XSS / File Disclosure

Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3 --------------------------------------------------------------- WD-CMS 3.0 Multiple Vulnerabiliti...