BlackBerry Fixes Remote Code Vulnerability in BES10

Microsoft and Adobe weren’t the only companies releasing security updates yesterday. BlackBerry piled on the patch parade with an update for its BlackBerry Enterprise Service 10 mobile device management product, fixing a remote code execution vulnerability. The problem lies in the Universal Devic...

Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2863243)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Security Update for Microsoft .NET Framework 3.5 on Windows 8 (KB2863243)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Security Update for Windows 8 (KB2864058)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Microsoft Releases Security Advisory for Internet Explorer

Microsoft has released Security Advisory 2887505 regarding a remote code execution vulnerability CVE-2013-3893 impacting Internet Explorer versions 6 through 11. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Internet Explorer 8 and Internet Explorer 9. The...

DefCamp 2013 - International Hacking and Information Security Conference in Romania

The Fourth Edition of an International Information Security Conference hosted in Romania , The DefCamp 2013 is now open for Call for Papers. Over 300 Security experts, Researchers, and Enthusiasts from Romania and neighboring countries are expected to take part in the event in Bucharest, at the...

Description of the cumulative update for Lync Server 2010, Mediation Server: November 2011

Describes the bugs that are fixed in the November, 2011 cumulative update package for Lync Server 2010.SummaryThis article describes the issue that is fixed in the update package for Microsoft Lync Server 2010, Mediation Server that is dated November 2011.This article describes the following item...

Microsoft Releases Security Advisory

Microsoft has released Security Advisory 2862973 impacting applications and services using certificates with the MD5 hashing algorithm. Usage of the MD5 hash algorithm in certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. US-CERT...

Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2833959)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Security Update for Microsoft .NET Framework 4.5 on Windows 8 (KB2833958)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

server_header

This plugin GETs the server header and saves the result to the knowledge base. Nothing strange, just do a GET request to the url and save the server headers to the kb. A smarter way to check the server type is with the hmap plugin. Plugin type Infrastructure Options This plugin doesnt have any us...

svn_users

This plugin greps every page for users of the versioning system. Sometimes the HTML pages are versioned using CVS or SVN, if the header of the versioning system is saved as a comment in this page, the user that edited the page will be saved on that header and will be added to the knowledge base...

path_disclosure

This plugin greps every page for path disclosure vulnerabilities like: C:\www\files\… /var/www/htdocs/… The results are saved to the KB, and used by all the plugins that need to know the location of a file inside the remote web server. Plugin type Grep Options This plugin doesnt have any user...

spider_man

This plugin is a local proxy that can be used to give the framework knowledge about the web application when it has a lot of client side code like Flash or Java applets. Whenever a w3af needs to test an application with flash or javascript, the user should enable this plugin and use a web browser...

The Pirate Bay co-founder wants to stand in European elections

Peter Sunde, the former spokesman for The Pirate Bay has announced he will run in the European Parliament elections next year. Sunde, will participate for the Finnish branch of the Pirate Party. The Pirate Party was founded in Sweden in 2006, and in 2009 Christian Engström was the first member of...

RHEL 6 : kernel (RHSA-2013:0830)

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Aladdin Knowledge System ChooseFilePath Buffer Overflow

A remote code execution vulnerability has been reported in Aladdin Knowledge System...

CYME ChartFX ActiveX ShowPropertiesDialog pageNumber indexing error

Added: 12/17/2012 BID: 55765 OSVDB: 85894 Background The CYME Power Engineering Software is a suite of applications for power engineers. It includes the ChartFX ActiveX control. Problem An indexing error in ChartFX.ClientServer.Core.dll of the ChartFX ActiveX Control allows command execution when...

SafeNet PrivAgent.ocx ActiveX control ChooseFilePath buffer overflow

Added: 11/16/2012 BID: 56297 OSVDB: 86723 Background SafeNet Hardware Against Software Piracy HASP solutions include the PrivAgent.ocx ActiveX control. Problem A buffer overflow vulnerability in the ChooseFilePath method of the PrivAgent.ocx ActiveX control allows command execution when a user...

Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...