stoneware webnetwork6 - Multiple Vulnerabilities

Stoneware WebNetwork6 Vulnerability Assessment CVE-2012-0285 – XSS CVE-2012-0286 - CSRF Conducted by: Leland Public Schools Stoneware Customer Jacob Holcomb Network Engineer for LPS Conducted for: Leland Public Schools Purchaser of WebNetwork product. Test was to assure cloud security Stoneware...

BIG-Ant-Server-XPLT

BigAnt Server version 2.50 SEH Overwrite - 0day remote buffer overflow exploit suffer because it fails to perform adequate boundary-checks. Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts...

Avira-Guard

Avira AntiVir personal edition avguard.exe 7.00.00.52 is prone to a local heap overflow because it fails to perform adequate boundary-checks. Successfully exploiting will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will resul...

Fedora Update for nss FEDORA-2011-17399

Check for the Version of nss OpenVAS Vulnerability Test Fedora Update for nss FEDORA-2011-17399 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 16 Update: qt-4.8.0-7.fc16

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...

phpVideoPro Multiple XSS vulnerabilities

Advisory: phpVideoPro Multiple XSS vulnerabilities Advisory ID: SSCHADV2011-041 Author: Stefan Schurtz Affected Software: Successfully tested on phpVideoPro 0.9.7 Vendor URL: http://sourceforge.net/projects/phpvideopro/ Vendor Status: fix in the latest development code ==========================...

Formalized IT Security Policy Now Required for Government Prime and Sub-contractors

This month the GSA announced an IT security mandate for government prime- and sub-contractors that requires them to have a formalized IT security plan that includes periodic audits. Many government sub-contractors, large and small, will benefit from a third-party compliance program review so they...

HP OpenView Network Node Manager - 'ov.dll' _OVBuildPath Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HEAD', :uri =...

JDK: unspecified vulnerability fixed in 6u29 (Sound)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknow...

OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via...

Offensive Research Continuing to Advance

MIAMI BEACH–It’s the accepted wisdom these days that many of the traditional security defenses organizations depend on just aren’t effective at deterring attackers. But this glosses over the fact that the last few years have included some major advances in defensive technologies, including the...

Update: Hacking Group TeaMp0isoN Claims Breach of T-Mobile

The hacking group TeaMp0isoN claims to have compromised Web servers used by T-Mobile, and absconded with account information for company employees, including members of T-Mobile’s media team. The group used a post on its official Twitter account taking responsibility for the attack, which targete...

[SECURITY] Fedora 15 Update: plib-1.8.5-5.fc15

This is a set of OpenSource LGPL libraries that will permit programmers to write games and other realtime interactive applications that are 100% portable across a wide range of hardware and operating systems. Here is what you need - it's all free and available with LGPL'ed source code on the web...

Warm up the keyboard, Its time for February The Hacker News Magazine !

Warm up the keyboard, Its time for February The Hacker News Magazine ! Warm up the keyboard, hack into the internet security of your mind and help us fill the February The Hacker News Magazine with fun, interesting and educational web security info. Our readers love to see what you are up to and...

libxml2 security update

CentOS Errata and Security Advisory CESA-2012:0016 Updated libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS bas...

Apache Struts remote command execution and arbitrary file overwrite vulnerabilities-vulnerability warning-the black bar safety net

Release Date: 2 0 1 2 year 0 1 month 0 8 day Affected Software and systems Apache Struts 2.3.1 and following versions Vulnerability description Apache Struts is a development of Java Web application open source Web application framework. Apache Struts in the realization of the presence of the...

Typo3 4.5 < 4.7 - Remote Code Execution / Local File Inclusion / Remote File Inclusion

Exploit Title: Typo3 v4.5-4.7 - Remote Code Execution RFI/LFI Date: 4th January 2012 Author: MaXe Software Link: https://typo3.org/download/ Version: 4.5.0 up to 4.5.8, 4.6.0 and 4.6.1 + development releases of 4.7 branch Typo3 v4.5-4.7 - Remote Code Execution RFI/LFI Versions Affected: 4.5.0 up ...

Japan developing cyber weapons for Counter Attacks

Japan developing cyber weapons for Counter Attack Japanese technology firm Fujitsu is developing a 'seek and destroy' virus which could identify and combat hacking and other cyber threats in a more effective way. The weapon is the culmination of a 179 million yen three-year project entrusted by t...

Hackers Plan Satellite Network to Fight Internet Censorship

A group of hackers are reportedly declaring war on Internet censorship, and they plan to fight back with their own satellite communications network. Sound like science fiction? According to BBC News, the plan was recently outlined at the Chaos Communication Congress in Berlin. Dubbed the...

Thinking About Software Security Holistically

While assessing software systems of all types a few common mistakes regularly come up. These aren’t mistakes that lead directly to vulnerabilities, but mistakes in how some software companies think about security, that can lead to invalid assumptions, and ultimately which can allow real security...