SRI releases Conficker scanner source code

The experts at SRI International, who have been tracking the Conficker worm as closely as anyone, have released the source code to the scanner they wrote to detect the active P2P scanning that Conficker-infected machines perform. The Conficker worm exhibits a number of interesting characteristics...

6KBBS system to break the back door file-vulnerability warning-the black bar safety net

From:Dream an end Hello, I'm Dream an end. See the September the the hackers Handbook the lone water around the city, my brother wrote that article, the alarm bells ringing-the vigilant hidden in the web site behind the trap of feeling quite a lot. In this crazy Internet era, made a rookie your o...

Code injection

NTFS TmaxSoft JEUS 5 before Fix 26 allows remote attackers to read the source code for scripts by appending ::$DATA to the URL, which accesses the alternate data stream...

CVE-2008-6528

CVE-2008-6528 affects NTFS on TmaxSoft JEUS 5 before Fix 26. The vulnerability allows remote attackers to read the source code of scripts by appending ::$DATA to the URL, which accesses the NTFS alternate data stream. This exposure could disclose script source contents. The NVD entry lists a CVSS...

Mac OS X xnu <=1228.x (vfssysctl) Local Kernel DoS PoC

No description provided by source. / xnu-vfssysctl-dos.c Copyright c 2008 by [email protected] Apple MACOS X xnu = 1228.x local kernel DoS POC by mu-b - Wed 19 Nov 2008 - Tested on: Apple MACOS X 10.5.5 xnu-1228.8.201/RELEASEI386 - Private Source Code -DO NOT DISTRIBUTE -...

HP unveils Flash vulnerability scanner

HP has released a free static-analysis tool designed to find vulnerabilities in applications developed on the Adobe Flash platform. But HP SWFScan is no security geek plaything. It’s meant specifically for developers without much in the way of security training. The tool is the brainchild of the...

Apple Mac OSX xnu 1228.x - 'hfs-fcntl' Kernel Privilege Escalation

!/bin/bash xnu-hfs-fcntl-v2.sh Copyright c 2008 by Apple MACOS X 792.0 \n" \ "http://www.digit-labs.org/ -- Digit-Labs 2008!@$!\n\n" if ! -f $EXPFILE ; then echo -n " compiling exploit..." gcc -Wall $EXPFILE.c -o $EXPFILE 2 /dev/null if $? != 0 ; then echo " failed" exit $? else echo "...

PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm...

PHPRunner 4.2 - 'SearchOption' Blind SQL Injection

www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm Fix: N/A - Description: PHPRunner...

[ECHO_ADV_104$2009] WeBid <= 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities

ECHOADV104$2009 ----------------------------------------------------------------------------------------- ECHOADV104$2009 WeBid = 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities ----------------------------------------------------------------------------------------- Author : K-159 Date ...

Moving-2 0 0 6 a few small flaws-vulnerability warning-the black bar safety net

The author of the article: the falling leaves swirlingJJSEX Information source: http://hi.baidu.com/jluoye Now they move easy companies are taking action easy content management system open source, Hey However with the move-2 0 0 6 people is still a lot, my hand on the SWI 0day almost never used,...

BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV102$2009 ----------------------------------------------------------------------------------------- ECHOADV102$2009 BusinessSpace = 1.2 id Remote SQL Injection Vulnerability...

NaviCOPA Web Server远程堆溢出和源码泄露漏洞

BUGTRAQ ID: 33585 NaviCOPA Web Server是一款安装在Windows系统上的Web服务器，可以自动配置HTTP访问。 如果远程攻击者向NaviCOPA Web Server提交了超长的HTTP GET请求的话，就可以触发堆溢出，导致执行任意代码；此外向服务器提交包含有圆点字符的特制HTTP请求还可以泄露PHP脚本的源码。 InterVations NaviCOPA Web Server 3.01 厂商补丁： InterVations ------------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

NaviCOPA Trailing Dot Source Code Disclosure

The version of the NaviCOPA web server software running on the remote host returns the source of scripts hosted on it if the URL ends in a dot '.'. A remote attacker can leverage this issue to view the source code of CGIs and possibly obtain passwords and other sensitive information from this hos...

SuSE Update for mono-web SUSE-SA:2007:002

Check for the Version of mono-web OpenVAS Vulnerability Test $Id: gbsuse2007002.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for mono-web SUSE-SA:2007:002 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

Code injection

front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers to read files and obtain PHP source code via a filename in the sFileName parameter...

CVE-2008-5936

CVE-2008-5936 affects front-end/edit.php in mini-pub 0.3 and earlier. The vulnerability allows remote attackers to read files and obtain PHP source code by manipulating the sFileName parameter, exposing partial confidentiality impact. The CVSS score is provided as 5.0 (MEDIUM) with network vector...

netsurf Web browser 1.2 - Multiple Vulnerabilities

netsurf Web browser 1.2 - Multiple Vulnerabilities -------------------------------------------------------------------------------------------------------------------------------------------- Jeremy Brown 01-14-2009 [email protected]/jbrownsec.blogspot.com netsurfmultipleadv.txt...

FreeLyrics 1.0 File Disclosure

Piker FreeLyrics Remote Source Code Disclosure Vulnerability Affected software: FreeLyrics Vendor: http://lyrics.sourceforge.net/ Risk: Medium http://target/path/source.php?p=FILE PoC: http://target/path/source.php?p=config.php Found by Piker piker0x90atgmaildotcom D.O.M Labs - Security Researche...

phpwind V7. 0 XSS vulnerabilities-vulnerability warning-the black bar safety net

http://site/upload2/admin.php?adminjob=%22%3E%3Cscript%3Ealert%27hiphop%2 7%3C/script%3E ! $REQUESTURI = $SERVER'PHPSELF'.'?'.$ SERVER'QUERYSTRING'; $windversion = '7.0'; $windrepair = "; From the outside any QUERYSTRING didn't do the filter leads to vulnerability ============================== S...