HackerOne: RTL override symbol not stripped from file names

Any U+202E RIGHT-TO-LEFT OVERRIDE and similar symbols in file names of uploaded files are not stripped from the file name, causing potentially malicious executables to look like harmless images, for example. This might trick HackerOne panel members into accidentally opening evil h4x0r filez. I’ve...

Reputation of Windows Executables: Unknown Process(es)

Binary data wmiunknownrunning.nbin...

Reputation of Windows Executables: Known Process(es)

Binary data wmiknowngoodrunning.nbin...

PSF-2013-3 CGI directory traversal (URL parsing)

An error in separating the path and filename of the CGI script to run in http.server.CGIHTTPRequestHandler allows running arbitrary executables in the directory under which the server was started...

Apple's own Encryption Mechanism allows hacker to create an Undetectable Mac OS X Malware

In the past, there was a general belief that Macs is much more secure than Windows PCs, but now Mac malware is a serious threat to the security of users' computers and information. One of the reasons behind the increase in Mac related Malware attacks is the fact that Apple products are popular wi...

Mozilla Updater does not lock MAR file after signature verification — Mozilla

Security researcher Seb Patane reported that the Mozilla Updater does not write-lock the MAR update file when it is in use by the Updater. This leaves open the possibility of altering the contents of the MAR file after the signature on the file has been verified as valid but before it has been...

Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units

Note: In June I released a partial disclosure for just the RT-N66U on the issue of directory traversal. I have only heard back from ASUS a twice on the issue, and I understand they are working on a fix. However, no serious attempt to our knowledge has been made to warn their customers in the...

Adobe Acrobat Multiple Vulnerabilities April-2012 (Mac OS X)

This host is installed with Adobe Acrobat and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeacrobatmultvulnapr12macosx.nasl 6093 2017-05-10 09:03:18Z teissa $ Adobe Acrobat Multiple Vulnerabilities April-2012 Mac OS X Authors: Thanga Prakash S Copyright: Copyright c...

Fujitsu notebooks privilege escalation

Untrusted path to executables...

[REMnux] A Linux Distribution for Malware Analysis

REMnux incorporates a number of tools for analyzing malicious executables that run on Microsoft Windows, as well as browser-based malware, such as Flash programs and obfuscated JavaScript. This popular toolkit includes programs for analyzing malicious documents, such PDF files, and utilities for...

Researchers Uncover Polymorphic AutoRun Worm

W32/Autorun.worm.aaeb-h is an evolved, virtual machine-aware AutoRun worm that makes use of obfuscation and polymorphic techniques in order to evade detection and infect removable media and mounted network shares, according to McAfee. Researchers have seen an increase in samples for the year-old...

Security Firms Warn Users of Fake Java Updates

It’s really starting to feel like we’re piling on the perennially vulnerable, industry punching bag that is Java. That said, GFI Labs and other security firms are warning their users to be wary of malicious fake Java updaters taking advantage of all the patches Oracle had to ship last week. Trend...

BloXor - A Metamorphic Block Based XOR Encoder

A Metamorphic Block Based XOR Encoder. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/encoder/bloxor/bloxor' BloXor is a cross architecture metamorphic block based xor encoder/decoder for Metasploit...

Opera Truncated Dialogs Code Execution Vulnerability (Mac OS X)

The host is installed with Opera and is prone to code execution vulnerability. OpenVAS Vulnerability Test $Id: gboperatruncationdialogcodeexecvulnmacosx.nasl 6079 2017-05-08 09:03:33Z teissa $ Opera Truncated Dialogs Code Execution Vulnerability Mac OS X Authors: Antu Sanadi Copyright: Copyright ...

Opera Truncated Dialogs Code Execution Vulnerability - Mac OS X

Opera is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: execshield: predictable ascii armour base address

The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux RHEL 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protecti...

Tool Scans for RTF Files Spreading Malware in Targeted Attacks

Exploits embedded inside Microsoft Office documents such as Word, PDFs and Excel spreadsheets have been at the core of many targeted attacks during the past 24 months. Detection of these attack methods is improving and nimble hackers are recognizing the need for new avenues into enterprise...

Backdoor.LV Samples On the Rise

A strain of malware called Backdoor.LV that uses a custom protocol over port 80 to communicate with its command and control server has been consistently increasing its reach since May, according to a report from FireEye. The security firm observed Backdoor.LV determining its host’s NetBIOS name,...

Mozilla Thunderbird < 15.0 Multiple Vulnerabilities

Binary data 6560.prm...

Mozilla Thunderbird 14.x <= 14 Multiple Vulnerabilities

Binary data 801365.prm...