825 matches found
Got Pwned? PwnedList.com Knows
With more and more victims of identity theft minted every day, figuring out if you’re one of the unlucky masses with a leaked email password is yeoman’s work. Now one security researcher is trying to make it easy with PwnedList.com, a Web site that collects leaked and stolen data, then tells...
Thehacker12 Dumps Logins for 20,000 Customers and U.S. Employees
Thehacker12 Dumps Logins for 20,000 Customers and U.S. Employees ThEhAcKeR12 has hacked into an events management company and obtained sensitive information belonging to 20,000 individuals, many of whom were United States government employees or contractors. Hacker posted an Excel spreadsheet...
4 big business sites database backup leaked by Serious BLack !
4 big business sites database backup leaked by Serious BLack ! One of the Indian hacker "Serious BLack " found the SQL database backup on the 4 big business sites. These SQL dumps are hosted by Site admins on FTP that has been leaked. Sites are: https://www.assembla.com/ =...
Anonymous Antisec leaks Zimbabwe, Australia and Brazil governments data dumps
Anonymous Antisec leaks Zimbabwe, Australia and Brazil governments data dumps Anonymous Hackers have published a mass of data including passwords that appears to have been stolen from the governments of Brazil, Zimbabwe, Australia and the Caribbean island Anguilla. One of the files released via...
Anonymous Antisec leaks Zimbabwe, Australia and Brazil governments data dumps
Anonymous Antisec leaks Zimbabwe, Australia and Brazil governments data dumps Anonymous Hackers have published a mass of data including passwords that appears to have been stolen from the governments of Brazil, Zimbabwe, Australia and the Caribbean island Anguilla. One of the files released via...
Wireshark 1.5.1 Development Release !
Wireshark 1.5.1 Development Release ! Wireshark 1.5.1 has been released. Installers for Windows, OS X, and source code are now available. New and Updated Features The following features are new or have been significantly updated since version 1.4: 1. Wireshark can import text dumps, similar to...
WikiLeaks
Many people in the security and privacy communities have been aware of the activities of WikiLeaks for several years now, but in 2010 the group hit the mainstream like a hurricane. First came document dumps that revealed embarrassing details about the way the U.S. has conducted the war in Iraq...
kernel: net sched: fix some kernel memory leaks
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors relate...
Multiple Media Players ((iTunes QuickTime) - HTTP DataHandler Overflow
Multiple Media Players iTunes QuickTime - HTTP DataHandler Overflow ScaryMovie Exploit Study By: DrIDE October, 2009 There is a widespread failure in the way that .MOV files are handled by the Quicktime Library. I have attempted to compound my findings on this issue. Nearly every .MOV enabled...
CentOS 4 : kernel (CESA-2009:0014)
Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...
Multiple BSD Operating Systems setusercontext() Vulnerabilities
No description provided by source. BSD setusercontext vulnerabilites discovered by Kingcope, July 2009 lewls XD Let's go.. BSD derived operating systems have a special function to set a "user context". The function setusercontext is available on for example FreeBSD 5.0 and 7.0. An example from...
Multiple BSD Operating Systems setusercontext() Vulnerabilities
Exploit for multiple platform in category local exploits =============================================================== Multiple BSD Operating Systems setusercontext Vulnerabilities =============================================================== BSD setusercontext vulnerabilites discovered by...
kernel security update
CentOS Errata and Security Advisory CESA-2009:1193 Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages...
Unsniff Network Analyzer 1.0 - 'usnf' Local Heap Overflow (PoC)
!/usr/bin/perl Unsniff Network Analyzer 1.0 usnf Local Heap Overflow PoC Summary: Dont just look at hex dumps and protocol trees. With Unsniff Network Analyzer, you can view network traffic at various levels of detail. View high level objects like images, video, HTML pages, VOIP calls, drill down...
MPlayer 1.0rc2 - TwinVQ Stack Buffer Overflow (PoC)
!/usr/bin/perl MPlayer 1.0rc2 TwinVQ Stack Buffer Overflow PoC PoC by Amirreza Aminsalehi "sCORPINo" Proud To be an Abay scorpino x40 gmail x2e com Snoop Security Researching Committee www.snoop-security.com Originaly this bug discovered by Tobias Klein advisory @...
MPlayer Stack Buffer Overflow
!/usr/bin/perl MPlayer 1.0rc2 TwinVQ Stack Buffer Overflow PoC PoC by Amirreza Aminsalehi "sCORPINo" Proud To be an Abay scorpino x40 gmail x2e com Snoop Security Researching Committee www.snoop-security.com Originaly this bug discovered by Tobias Klein advisory @...
Repository Security improvement - the default for creating a new repository should be restricted to admins until specifically configured.
I just noticed that when setting up repositories, they were created with 'default' which mean if public sign up was on, they were able to see the repos. For the sake of security, a fresh install should default to restricting access to admins, perhaps through a default-created group 'admins'. Anon...
Ubuntu 5.04 / 5.10 / 6.06 LTS : linux-source-2.6.10/-2.6.12/-2.6.15 vulnerabilities (USN-311-1)
A race condition was discovered in the doaddcounters functions. Processes which do not run with full root privileges, but have the CAPNETADMIN capability can exploit this to crash the machine or read a random piece of kernel memory. In Ubuntu there are no packages that are affected by this, so th...
RHEL 5 : kernel (RHSA-2007:0099)
Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...
iG Shop 1.0 (eval/sql injection) Multiple Remote Vulnerabilities
No description provided by source. "If eval is the answer, then you are asking the wrong question." --Unknowen ig-shop suffers from two eval's that can be controlled by an attacker: http://127.0.0.1/igshop/cart.php?action=;phpinfo;// ./cart.php line 692: eval "cart$action;";...