DSA-2504-1 libspring-2.5-java - information disclosure

Bulletin has no description...

Windows Gather Generic File Collection

This module downloads files recursively based on the FILEGLOBS option. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Generic File Collection', 'Description' = %q This module...

E-mail Trends Show Hackers Working Weekends Less and Less

While there are an increasing number of weekends catered to hacking, even hackers need a day off – and it shouldn’t surprise many that increasingly, that day is usually Sunday. Network security company FireEye reviewed statistics on email-based attacks for 2012 that suggest that Sunday has slowed...

Stable and Beta Channel Updates

The Chrome Stable and Beta channels have been updated to 18.0.1025.151 on Windows, Mac, Linux and Chrome Frame. This release fixes issues including: black screen on Hybrid Graphics system with GPU accelerated compositing enabled Issue: 117371 CSS not applied to element Issue: 114667 Regression...

Walk This Way

The British Comedy troupe Monty Python famously joked about the strange strides emanating from the farcical Ministry of Funny Walks. But even normal looking walks can be quite distinctive. According to researchers at Shinshu University in Tokida, Japan, computers aided by 3D image processing...

http-grep NSE Script

Spiders a website and attempts to match all pages and urls against a given string. Matches are counted and grouped per url under which they were discovered. Features built in patterns like email, ip, ssn, discover, amex and more. The script searches for email and ip by default. Script Arguments...

R71.40 Patterns Granularity fix

...

Researchers Analyzing Attack Patterns With Cloud-Based Malware Data

BARCELONA–Successful targeted attacks against companies such as RSA, Google and others have made huge splashes in the news in the last year or two and drawn a lot of attention to the phenomenon. But it’s not just the successful attacks that are interesting, security researchers say. In many cases...

Researchers Graph Social Networks to spot Spammers

Spammers, it turns out, aren’t like everyone else: they have fewer friends. That, according to new research by Microsoft scientists who have developed a new method of distinguishing attacker-created spam email accounts from legitimate ones. The new finding, from researchers Yinglian Xie and Fang ...

apr: DoS flaw in apr_fnmatch() due to fix for CVE-2011-0419

The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...

DEBIAN-CVE-2011-1928

The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...

CVE-2011-1928

The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...

CVE-2011-1928

The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...

Fingerprinting the author of the ZeuS Botnet !

The source code of the ZeuS Botnet is now available for Download. Derek Jones the author this article imagine there are a few organizations who would like to talk to the authors of this code. All developers have coding habits, that is they usually have a particular way of writing each coding...

SuSE 10 Security Update : vsftpd (ZYPP Patch Number 7373)

Certain file patterns could cause vsftpd to consume excessive CPU resulting in denial of service CVE-2011-0762. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Researchers Propose New Steganography System for Hiding Data

A group of researchers has developed a new application that can hide sensitive data on a hard drive without encrypting it or leaving any obvious signs that the data is present. The new steganography system relies on the old principle of hiding valuables in plain sight. Developed by a group of...

RedHat Update for vsftpd RHSA-2011:0337-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

vsftpd: remote DoS via crafted glob pattern

The vsffilenamepassesfilter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service CPU consumption and process slot exhaustion via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632...

FreeBSD : mediawiki -- multiple vulnerabilities (8d04cfbd-344d-11e0-8669-0025222482c5)

Medawiki reports : An arbitrary script inclusion vulnerability was discovered. The vulnerability only allows execution of files with names ending in '.php' which are already present in the local filesystem. Only servers running Microsoft Windows and possibly Novell Netware are affected. Despite...

CVE-2010-0219

creationtimestamp| type| source ---|---|--- 2010-12-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16315 2010-12-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16312 2010-12-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15869 2018-05-29...