Filter Proxy HTTP Headers Mismatch

Filter web Proxy is a proxy tool that interferes between a web server and a client browser. It enables users to change the HTTP headers and client side content, e.g. HTML and JavaScript. The filter proxy can also block pop-ups and malicious content. Malicious users can use this technique to chang...

Voice of America (VOA) website hacked by Iranian Cyber Army !

Iranian computer hackers on Monday hijacked the website of the Voice of America, replacing its Internet home page with a banner bearing an Iranian flag and an image of an AK-47 assault rifle. The group called on Secretary of State Hillary Clinton to "hear the voice of oppressed nations." The bann...

Protests and Website Hackings in Tunisia !

We are concerned about demonstrations that have occurred over the past few weeks in Tunisia, which we understand to be the result of social and economic unrest. We encourage all parties to show restraint as citizens exercise their right of public assembly. We have also conveyed our views directly...

USN-1024-2: OpenJDK regression

USN-1024-1 fixed vulnerabilities in OpenJDK. Some of the additional backported improvements could interfere with the compilation of certain Java software. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that certain system property...

B-Hind CMS (tiny_mce) Remote File Upload

Exploit for php platform in category web applications ======================================== B-Hind CMS tinymce Remote File Upload ======================================== Title: B-Hind CMS tinymce Remote File Upload Vendor: http://www.b-hind.eu/ AUTHOR: innrwrld & h00die DESCRIPTION by vendor:...

B-Hind CMS (tiny_mce) - Arbitrary File Upload

B-Hind CMS tinymce - Arbitrary File Upload Title: B-Hind CMS tinymce Remote File Upload Vendor: http://www.b-hind.eu/ AUTHOR: innrwrld & h00die DESCRIPTION by vendor: B-interference Lite is a simple CMS for small websites. Ideal for local merchants or organizations. The content of page can be...

The Low-Down on Daonol

A relatively new trojan has been making the rounds and causing some problems, particularly on Windows XP systems. Trojan:Win32/Daonol is malware which hooks various system calls in order to steal credential information and redirect some web traffic. It also protects itself by keeping some...

IPv6 implementations insecurely update Forwarding Information Base

Overview A vulnerability in some implementations of the IPv6 Neighbor Discovery Protocol may allow a nearby attacker to intercept traffic or cause congested links to become overloaded. Description IPv6 networks use the Neighbor Discovery Protocol NDP to detect and locate routers and other on-link...

PCI DSS compliance

Binary data pcicompliance.nbin...

phpmyadmin -- SQL injection vulnerability

A phpMyAdmin security announcement report: phpMyAdmin used the $REQUEST superglobal as a source for its parameters, instead of $GET and $POST. This means that on most servers, a cookie with the same name as one of phpMyAdmin's parameters can interfere. Another application could set a cookie for t...

Raiders: CAPTCHA cracking-vulnerability warning-the black bar safety net

The so-called verification code, is a string of randomly generated numbers or symbols, to generate a picture, the pictures of Riga on some interference pixel to prevent OCR, and by the user to visually identify where the verification code information, The input form submission site verification,...

Update Protections against Recent Malware Threats (7-Nov-07)

Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network...

Hijacking Bluetooth Headsets for Fun and Profit?

Hijacking Bluetooth Headsets for Fun and Profit? kfatdigitalmunitiondotcom http://www.digitalmunition.com/HijackHeadSet.txt A few years ago when I worked for SNOSoft my business partner 'Simon' was one of those guys who rocked out a Bluetooth Headset just about every time I talked to him on his...

Sun Java JRE Plug-in Capability Arbitrary Package Access

The remote host is using a vulnerable version of Sun Java Runtime Plug-in, a web browser addon used to display Java applets. Two security issues have been reported in the remote version of this product : - An untrusted applet may escalate its privileges in order to read, write or execute files on...

[SA13918] Sun Java Plug-In Two Vulnerabilities

TITLE: Sun Java Plug-In Two Vulnerabilities SECUNIA ADVISORY ID: SA13918 VERIFY ADVISORY: http://secunia.com/advisories/13918/ CRITICAL: Highly critical IMPACT: Security Bypass, System access WHERE: From remote SOFTWARE: Sun Java SDK 1.4.x http://secunia.com/product/1661/ Sun Java SDK 1.3.x...

3Ware 3DM denial of service attack

I've reported this to 3ware at least twice, and never received any response. Previously I didn't have a test case other than "run a nessus scan against the host". I've narrowed it down to a reproducible minimum test case now. If you connect to 3dm port 1080 on either linux or windows and send: GE...

PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change

source: https://www.securityfocus.com/bid/2544/info PHP-Nuke is a website creation/maintainence tool written in PHP3. A PHP-Nuke feature supporting cycling ad banners is subject to interference from a remote user. A querystring can be submitted to an unpatched server which allows the remote user ...

AIX 4.24.3 - netstat -Z Statistic Clearing

AIX 4.24.3 - netstat -Z Statistic Clearing source: https://www.securityfocus.com/bid/1660/info A vulnerability exists in versions 4.x. x of AIX, from IBM. Any local user can utilize the -Z command to netstat, without needing to be root. This will cause interface statistics to be reset. This could...

Security update 1970-01-01

...