Michelles L2J Dropcalc <= 4 - Remote SQL Injection Vulnerability

No description provided by source. ============================================================================================== Title: Michelle's L2J Dropcalc Version: = v4 Web Site: http://www.msknight.com/comps/lineage2/myl2jdropcalc.htm Discovered By: Codebreak [email protected] |...

Peer2Mail <= 1.4 Encrypted Password Dumper Exploit

No description provided by source...

HP Data Protector 6.20 - Multiple Vulnerabilities

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in HP Data Protector 1. Advisory Information Title: Multiple vulnerabilities in HP Data Protector Advisory ID:...

EFTP 2.0.7 .337 Buffer Overflow Code Execution and Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3330/info Encrypted FTP EFTP is both an FTP client and server application for Windows platforms. A malicious user with upload permissions to the target host can cause a buffer overflow in EFTP to execute code of the...

Excite for Web Servers 1.1 Administrative Password Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2665/info Excite for Web Servers 1.1 EWS is a search engine suite for web servers running under Windows NT and UNIX. By default the file containing the administrative password, architext.conf, is world readable and world...

Linux Kernel 2.6.x Cryptoloop Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13775/info Both cryptoloop and dm-crypt are reported prone to an information disclosure vulnerability. Reports indicate that certain watermarked files may be detected on a filesystem that is encrypted using the affected...

Snort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit

No description provided by source. / THCsnortbo 0.3 - Snort BackOrifice PING exploit by [email protected] THC PUBLIC SOURCE MATERIALS Bug was found by Internet Security Systems http://xforce.iss.net/xforce/alerts/id/207 v0.3 - removed/cleaned up info for public release v0.2 - details added, minor change...

New Banking Malware with Network Sniffer Spreading Rapidly Worldwide

The hike in the banking malware this year is no doubt almost double compared to the previous one, and so in the techniques of malware authors. Until now, we have seen banking Trojans affecting devices and steal users’ financial credentials in order to run them out of their money. But nowadays,...

PDF Containing Encrypted Data

PDF files may include encrypted data. A remote attacker may use such encrypted data inside PDF files to hide attacks against various PDF vulnerabilities, in order to evade IPS inspection. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it m...

IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities

According to its version, the installation of IBM DB2 10.1 running on the remote host is prior to Fix Pack 3a. It is, therefore, affected by one or more of the following vulnerabilities : - The included version of GSKit contains an error related to CBC-mode and timing that could allow an attacker...

Dyreza Banker Trojan Seen Bypassing SSL

Banker Trojans have proven to be reliable and effective tools for attackers interested in quietly stealing large amounts of money from unwitting victims. Zeus, Carberp and many others have made piles of money for their creators and the attackers who use them, and researchers have been looking at ...

New Pandemiya Banking Trojan Written From Scratch

Brand new, written-from-scratch malware is a relatively rare undertaking on the underground. Aside from some private endeavors, source code is available for a number of popular Trojans, including Zeus, Citadel and Carberp, making it easy for attackers to simply grab one off the shelf and get...

[SECURITY] Fedora 19 Update: openssh-6.2p2-8.fc19

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

UBUNTU-CVE-2014-0224

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessio...

Critical GnuTLS Flaw Leaves SSL Clients Vulnerable to Remote Code Execution

GnuTLS, a widely used open source SSL/TLS cryptographic library is vulnerable to a buffer overflow vulnerability that could be exploited to crash TLS clients or potentially execute malicious code on underlying systems. The GnuTLS library implements secure sockets layer SSL and transport layer...

USPS Spam Campaign Drops Asprox Botnet Malware

A new spam campaign has emerged in support of the Asprox botnet. The scheme involves shipping receipt emails that contain malicious links and purport to come from the United States Postal Service USPS. Anyone who receives one of these emails and clicks on the link therein will have a zip file...

Kali Linux 1.0.7 Released

Kernel 3.14, Tool Updates, Package Improvements Kali linux 1.0.7 has just been released, complete with a whole bunch of tool updates, a new kernel, and some cool new features. Check out our changelog for a full list of these items. As usual, you don’t need to re-download or re-install Kali to...

ProtonMail: 'NSA-Proof' End-to-End Encrypted Email Service

The Edward Snowden revelations triggered a large-scale movement worldwide towards deploying encryption across the Internet for secure services, which is something the government agencies like NSA and GCHQ have targeted repeatedly, as exemplified by abruptly shutting down Lavabit, a Texas-based...

[SECURITY] Fedora 20 Update: openssh-6.4p1-4.fc20

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

eBay Compromised in Data Breach, Urges Password Change

The online retail and auction giant eBay will be asking its customers to change their passwords later today because of a cyberattack that compromised a server containing encrypted passwords and other non-financial information. The company says it does not believe that there has been any...