Mandriva Linux Security Advisory : koffice (MDVSA-2008:197-1)

Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened CVE-2008-1693. This...

1 in 5 Windows PCs still hackable by Conficker

From Computerworld Gregg Keizer Although the media blitz about the Conficker worm prompted a significant number of enterprise users to finally fix a six-month-old Windows bug, about one in five business computers still lack the patch computerworld.com, a security company said today. Scans of more...

Partial disclosure, complete disagreement

The two most highly publicized vulnerability disclosures last year also were the most highly criticized disclosures: Dan Kaminsky’s DNS bug and the SSL flaw discovered by a group of independent and academic researchers. The two events played out in similar fashions, with some details coming out i...

Is your Java up to date?

For a long time, the experience of patching Sun’s Java software has been less than pleasant. The updates were huge and time consuming, the patching instructions were a mess and, even worse, Sun never removed older, vulnerable versions from the patched machine. Now it appears that things have been...

Ruby resolv.rb可预测事件ID和源端口DNS欺骗漏洞

BUGTRAQ ID: 31699 CVECAN ID: CVE-2008-3905 Ruby是一种功能强大的面向对象的脚本语言。 Ruby的resolv.rb对DNS请求使用了固定的源端口和顺序排列的事件ID，这允许远程攻击者相对容易的伪造DNS响应，扮演成中间人执行网络钓鱼等各种攻击。 Yukihiro Matsumoto Ruby 1.8.x 厂商补丁： RedHat ------ RedHat已经为此发布了一个安全公告（RHSA-2008:0897-01）以及相应补丁: RHSA-2008:0897-01：Moderate: ruby security update...

Secunia Research: Trend Micro OfficeScan Directory Traversal Vulnerability

====================================================================== Secunia Research 02/10/2008 - Trend Micro OfficeScan Directory Traversal Vulnerability - ====================================================================== Table of Contents Affected...

Prozilla Gaming Directory 1.0 - SQL Injection

source: https://www.securityfocus.com/bid/28676/info Prozilla Gaming Directory is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, acce...

MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS

Exploit for unknown platform in category dos / poc ============================================================= MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS ============================================================= !/usr/bin/python MailEnable SMTP Service VRFY/EXPN Command...

LightBlog Remote File Upload Vulnerability

LightBlog 9.5 - REMOTE FILE UPLOAD VULNERABILITY by Omni 1 Infos --------- Date : 2008-01-30 Product : LightBlog Version : v 9.5 Vendor : http://www.publicwarehouse.co.uk/ Vendor Status : 2008-01-31 Informed! 2008-01-31 Patch received from vendor! 2008-02-01 Published! Description : Lightblog...

hp-activex.txt

Advisory: ///////// There is another remotely exploitable flaw within software preinstalled in HP notebook machines. This time, the culprit is automatic software update tool provided by the vendor.The Potential exploitation may lead to user files loss or altering vital system files e.g. kernel,...

[DRUPAL-SA-2007-018] Drupal 4.7.7 and 5.2 fix multiple cross site scripting vulnerabilities

---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2007-018 ---------------------------------------------------------------------------- Project: Drupal core Version: 4.7.x, 5.x Date: 2007-July-26 Security risk: Moderately critical...

[EXPL] Microsoft Windows XVoice.dll and Xlisten.dll Buffer Overflow (Exploit)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability

TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-07-09 June 4, 2007 -- CVE ID: CVE-2007-2419 -- Affected Vendor: Macrovision -- Affected Products: Update Service 3.x Update Service 4.x Update Service 5.x FLEXnet...

[DRUPAL-SA-2007-005] Drupal 4.7.6 / 5.1 fixes arbitrary code execution issue

---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2007-005 ---------------------------------------------------------------------------- Project: Drupal core Version: 4.7.x, 5.x Date: 2007-Jan-29 Security risk: Highy critical Exploitabl...

exploit-of-the-apes.rb.txt

!/usr/bin/ruby Exploit Of The Apes: A practical pwnage for Application UNEnhancer aka APU c 2006 LMH and Johnny Pwnerseed. This goes dedicated to macdev. For the childish flaming and great brain lag. Lesson: Don't talk about stuff you have NFC about. And don't insult people. Once you do it, and g...

Vulnerability classification and to further explore-exploit warning-the black bar safety net

Vulnerability is a forever fairy tale. To achieve esque hero dream, to achieve to break the technological monopoly of the freedom blueprint, discover the vulnerability of the people, exploit the people, patching holes in people, like the vulnerability of people, afraid of the vulnerability of...

Application Enhancer (APE) 2.0.2 - Local Privilege Escalation

Application Enhancer APE 2.0.2 - Local Privilege Escalation !/usr/bin/ruby Exploit Of The Apes: A practical pwnage for Application UNEnhancer aka APU c 2006 LMH and Johnny Pwnerseed. This goes dedicated to macdev. For the childish flaming and great brain lag. Lesson: Don't talk about stuff you ha...

Application Enhancer (APE) 2.0.2 Local Privilege Escalation Exploit

Exploit for macOS platform in category local exploits =================================================================== Application Enhancer APE 2.0.2 Local Privilege Escalation Exploit =================================================================== !/usr/bin/ruby Exploit Of The Apes: A...

[CAID 34616, 34617, 34618]: CA eSCC and eTrust Audit vulnerabilities

Title: CAID 34616, 34617, 34618: CA eTrust Security Command Center and eTrust Audit vulnerabilities CA Vulnerability ID CAID: 34616, 34617, 34618 CA Advisory Date: 2006-09-20 Discovered By: Patrick Webster of aushack.com Impact: Remote attacker can read/delete files, or potentially execute replay...

FreeBSD Security Advisory FreeBSD-SA-06:21.gzip

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:21.gzip Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in gzip Category: contrib Module: gzip Announced: 2006-09-19 Credits: Tavis...