php: bypass __wakeup() in deserialization of an unexpected object

ext/standard/varunserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a 1 destruct call or 2 magic method call...

Microsoft Windows Authentication Methods Multiple Vulnerabilities (3199173)

This host is missing an important security update according to Microsoft Bulletin MS16-137. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

November 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

November 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security updates includes improvements and fixes from update 3192403. To learn more about the non-security improvements and fixes in this update, see the October 18, 2016 — KB3192403 Previe...

November 2016 Security Monthly Quality Rollup for Windows Server 2012

November 2016 Security Monthly Quality Rollup for Windows Server 2012 Summary This security updates includes improvements and fixes from update 3192406. To learn more about the non-security improvements and fixes in this update, see the October 18, 2016 — KB3192406 Preview of Monthly Rollup entry...

MS16-137: Security Update for Windows Authentication Methods (3199173)

The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in Windows Virtual Secure Mode due to improper handling of objects in memory. An authenticated, remote attacker can exploit this, via a...

Inside the RIG Exploit Kit

Today’s most prolific exploit kit is RIG, which has filled a void left by the departure of Angler, Neutrino and Nuclear. That has made it public enemy No. 1 when it comes exploit kits. Now Cisco Talos researchers are hoping to shed new light into the ongoing development of the potent EK in hopes ...

Alienvault OSSIM/USM 5.3.1 - PHP Object Injection

Details ======= Product: Alienvault OSSIM/USM Vulnerability: PHP Object Injection Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-8580 Vulnerable Versions: =5.3.1 Fixed Version: 5.3.2 Vulnerability Details ===================== A PHP object injection vulnerability exists in multiple widget...

Alienvault OSSIM/USM 5.3.1 PHP Object Injection

Details ======= Product: Alienvault OSSIM/USM Vulnerability: PHP Object Injection Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-8580 Vulnerable Versions: =5.3.1 Fixed Version: 5.3.2 Vulnerability Details ===================== A PHP object injection vulnerability exists in multiple widget...

Alienvault OSSIM/USM 5.3.1 - PHP Object Injection Vulnerability

Exploit for php platform in category web applications Details ======= Product: Alienvault OSSIM/USM Vulnerability: PHP Object Injection Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-8580 Vulnerable Versions: =5.3.1 Fixed Version: 5.3.2 Vulnerability Details ===================== A PHP objec...

Nymaim Dropper Updates Delivery, Obfuscation Methods

A new variant of the Nymaim dropper has been identified that includes updated delivery and obfuscation methods, and the use of PowerShell routines to download its payloads. The updated dropper, used primarily to download banking Trojans in the past, has also been spreading ransomware, according t...

CVE-2016-8580

PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes...

CVE-2016-8580

PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes...

Following Lull, New Campaigns Pushing Retooled 'Pumpkin' Locky

New and increasingly diverse variants of ransomware are released weekly, but developers behind the Locky strain have managed to keep the malware fresh in the face of changing trends. Researchers with Cisco’s Talos Security Intelligence and Research Group said this week they observed three separat...

[SECURITY] Fedora 24 Update: libgit2-0.24.2-2.fc24

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

Internet Bug Bounty: Illegal write access through Locale methods

Upstream Bug --- https://bugs.php.net/bug.php?id=73248 Summary -- The functions localegetallvariants and localegetprimarylanguage do not validate the length of the locale name supplied, this causes an integer overflow inside ulocimpgetLanguage, since it uses int32t type as index, and strings with...

October 2016 security monthly quality rollup for Windows 8.1 and Windows Server 2012 R2

October 2016 security monthly quality rollup for Windows 8.1 and Windows Server 2012 R2 Summary This security updates includes improvements and fixes from an update that was shipped earlier by update 3185279. To learn more about the non-security improvements and fixes in this update, see the...

Cumulative update for Windows 10 Version 1607 and Windows Server 2016: October 11, 2016

Cumulative update for Windows 10 Version 1607 and Windows Server 2016: October 11, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10 Version 1607 and Windows Server 2016. It also resolves the following vulnerabilities in Windows: 3193229 MS16-125...

Syhunt ScanTools - Console Web Vulnerability Scan Tools

Syhunt released the new generation of its console-based scan tools, simply called ScanTools. The first release of ScanTools comes with four console applications: - ScanURL ,ScanCode , ScanLog and ScanConf , incorporating the functionality of the scanners Syhunt Hybrid/Dynamic, Syhunt Code, Syhunt...

CVE-2016-6026

The Configuration Manager in IBM Sterling Secure Proxy SSP 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows man-in-the-middle attackers to obtain sensitive information via an HTTP method that is neither GET nor POST...

How to find the hotfix applied on XenServer ?

Get a list of hotfixapplied on XenServer and when it was applied on the Host both from XenCenter or from the command line...