Kali Linux 1.0.7 Released

Kernel 3.14, Tool Updates, Package Improvements Kali linux 1.0.7 has just been released, complete with a whole bunch of tool updates, a new kernel, and some cool new features. Check out our changelog for a full list of these items. As usual, you don’t need to re-download or re-install Kali to...

Stable Channel Update

The Chrome Team is excited to announce the promotion of Chrome 35 to the Stable channel for Windows, Mac, and Linux. Chrome 35.0.1916.114 contains a number of fixes and improvements, including: More developer control over touch input New JavaScript features Unprefixed Shadow DOM A number of new...

JVN#68340046: intra-mart vulnerable to open redirect

intra-mart is a software framework for creating web applications. intra-mart contains an open redirect vulnerability. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Apply t...

Apple Fixes Critical Hole in Developer Center, Radar

Apple patched a potentially serious hole in its Developer Center earlier this week that could have given anyone unfettered access to the personal contact information of company developers, retail employees and even executives. Ironically enough, the bug existed in Apple’s internal bug reporting a...

Malicious Chrome Extension Hijacks CryptoCurrencies and Wallets

Although the number of malicious browser extensions has significantly increased in the past years, but recently a new extension of the Google Chrome is allegedly targeting Cryptocurrency users that is capable of stealing Bitcoins and other crypto coins silently. The malicious Chrome browser...

Bonefire 0.7.1 - Reinstall Admin Account

Bonefire 0.7.1 - Reinstall Admin Account !/usr/bin/env python coding: utf-8 Bonefire v.0.7.1 Reinstall Admin Account Exploit Author : Mehmet INCE Analysis write-up : http://www.mehmetince.net/ci-bonefire-reinstall-admin-account-vulnerability-analysis-exploit/ Description : Forgotten controls lead...

No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

Exploit for php platform in category web applications ?php / Static encryptionkey of No-CMS lead to Session Array Injection in order to hijack administrator account then you will be able for upload php files to server via theme/module upload. This exploit generates cookie for administrator access...

CVE-2013-4279

imapsync 1.564 and earlier performs a release check by default, which sends sensitive information imapsync, operating system, and Perl version to the developer's site...

Content Provider in CamiApp for Android fails to restrict access permissions

Overview The Content Provider in CamiApp for Android provided by KOKUYO S Co.,Ltd. contains an issue where access permissions are not restricted. Hiroshi Kumagai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impa...

WordPress 3.8.2 patch analysis HMAC timing attack-vulnerability warning-the black bar safety net

author: [email protected] 0x00 background On github over and over to see for a long time, the official version of the diff only in php where changes to a location: | 1 2 | - if $hmac != $hash + if hashhmac 'md5', $hmac, $key !== hashhmac 'md5', $hash, $key ---|--- WP developers just...

Stack overflow

Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network...

BlackBerry Z 10 Buffer Overflow

--------------------------------------------------------------------- modzero Security Advisory: BlackBerry Z 10 - Buffer Overflow in qconnDoor MZ-13-05 --------------------------------------------------------------------- --------------------------------------------------------------------- 1...

Beware of Zeus Banking Trojan Signed With Valid Digital Signature

A new dangerous variant of ZeuS Banking Trojan has been identified by Comodo AV labs which is signed by stolen Digital Certificate which belongs to Microsoft Developer to avoid detection from Web browsers and anti-virus systems. Every Windows PC in the world is set to accept software "signed" wit...

php-font-lib 0.3 Cross Site Scripting

========================================================== php-font-lib - Subset maker makesubset.php Reflected Cross-site Scripting Revision 1.0 ========================================================== Author: Daniel C. Marques @0xc0da Release date: 2014-03-23 Reference:...

JVN#81739241: sp mode mail issue when accessing attachments in incoming mail

sp mode mail provided by NTT DOCOMO contains a function that allows other Android applications to access attachments for incoming emails. This function contains an issue in the restriction of access permissions. Impact If a malicious Android application is installed on the device, attachments for...

crypto.generateCRMFRequest does not validate type of key — Mozilla

Mozilla developer David Keeler reported that the crypto.generateCRFMRequest method did not correctly validate the key type of the KeyParams argument when generating ec-dual-use requests. This could lead to a crash and a denial of service DOS attack...

Joomla AJAX Shoutbox SQL Injection

Joomla AJAX Shoutbox Remote SQL Injection vulnerability - Author: Ibrahim Raafat - Contact: https://twitter.com/RaafatSEC - Discovery date: 1 April 2010 4 years ago - Reported to vendor : 12 March 2014 - Response: Quick response from the developer, Patched and released version 1.7 in the same day...

Safari User-Assisted Download / Run Attack

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Safari User-Assisted Download & Run...

Safari User-Assisted Download and Run Attack

This module abuses some Safari functionality to force the download of a zipped .app OSX application containing our payload. The app is then invoked using a custom URL scheme. At this point, the user is presented with Gatekeeper's prompt: "APPNAME" is an application downloaded from the internet. A...

[Ncrack] High-Speed Network Authentication Cracker

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a...