Criminals pay top money for hackable Nokia phone

From IDG News Jeremy Kirk Criminals are willing to pay thousands of euros for a discontinued Nokia mobile phone with a software problem that can be exploited to hack into online bank accounts cio.com, according to a fraud investigator in the Netherlands. About 10 days ago, investigators observed...

Mandriva Update for mandriva-kde-config MDVA-2008:027 (mandriva-kde-config)

Check for the Version of mandriva-kde-config OpenVAS Vulnerability Test Mandriva Update for mandriva-kde-config MDVA-2008:027 mandriva-kde-config Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Mandriva Update for krb5 MDKA-2007:026 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDKA-2007:026 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

CVE-2009-1174

The Web Services Security component in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.35 and 7.0 before 7.0.0.3 has an unspecified "security problem" in the XML digital-signature specification, which has unknown impact and attack vectors...

CVE-2009-1174

IBM WebSphere Application Server shows a vulnerability in its Web Services Security XML digital-signature handling. Affected products/versions: WebSphere Application Server 6.0.2 prior to 6.0.2.35 and 7.0 prior to 7.0.0.3. Root cause: an unspecified security problem in the XML digital-signature s...

CVE-2009-1174

The Web Services Security component in IBM WebSphere Application Server WAS 6.0.2 before 6.0.2.35 and 7.0 before 7.0.0.3 has an unspecified "security problem" in the XML digital-signature specification, which has unknown impact and attack vectors...

PYSEC-2009-12

The passwordchecker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service segmentation fault and crash via unknown vectors...

MemHT Portal 4.0.1 - Delete All Private Messages

MemHT Portal 4.0.1 - Delete All Private Messages !/usr/bin/perl MemHT Portal query"DELETE FROM memhtpvtmsg WHERE id=$value"; if isset$POST'deletepm' foreach $POST'deletepm' as $value $dblink-query"DELETE FROM memhtpvtmsg WHERE id=$value"; ? ok then foreach $POST'deletenewpm' as $value deletenewpm...

MemHT Portal <= 4.0.1 (pvtmsg) Delete All Private Messages Exploit

Exploit for unknown platform in category web applications ================================================================== MemHT Portal query"DELETE FROM memhtpvtmsg WHERE id=$value"; if isset$POST'deletepm' foreach $POST'deletepm' as $value $dblink-query"DELETE FROM memhtpvtmsg WHERE id=$value...

cryptsetup functionality problem

It's impossible to delete keyslot while using key from same keyslot...

SuSE Update for mozilla SUSE-SA:2007:006

Check for the Version of mozilla OpenVAS Vulnerability Test $Id: gbsuse2007006.nasl 8050 2017-12-08 09:34:29Z santu $ SuSE Update for mozilla SUSE-SA:2007:006 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free softwar...

CVE-2008-5675

Technical details are not publicly available in the provided documents; no concrete impact, vectors, or fixes are stated. Monitor for updates from official advisories.

Google Chrome - MetaCharacter URI Obfuscation

Google Chrome - MetaCharacter URI Obfuscation Google Chrome MetaCharacter URI Obfuscation Vulnerability. Google Chrome MetaCharacter URI Obfuscation Vulnerability.C SecNiche Security / Proof of Concept By:- Aditya K Sood. This POC has been designed with minimum object usage. This can be made more...

Google Chrome - MetaCharacter URI Obfuscation

Google Chrome MetaCharacter URI Obfuscation Vulnerability. Google Chrome MetaCharacter URI Obfuscation Vulnerability.C SecNiche Security / Proof of Concept By:- Aditya K Sood. This POC has been designed with minimum object usage. This can be made more critical dependent on the object usage. Check...

Adobe Acrobat和Reader 8.1.2多个安全漏洞

BUGTRAQ ID: 32100 CVE ID：CVE-2008-4812 CVE-2008-4813 CVE-2008-4814 CVE-2008-4815 Adobe Acrobat和Reader是PDF文件格式处理程序。 Adobe Acrobat和Reader存在多个安全问题，远程攻击者可以利用漏洞执行任意代码或提升特权等攻击。 -当处理包含在PDF文档中的恶意JavaScript时存在缺陷，当建立Collab对象并在之上执行特定序列操作时，存在内存破坏可导致任意代码执行。...

FreeBSD : flyspray -- multiple vulnerabilities (9d3020e4-a2c4-11dd-a9f9-0030843d3802)

The Flyspray Project reports : Flyspray is affected by a Cross Site scripting Vulnerability due to an error escaping PHP's $SERVER'QUERYSTRING' superglobal, that can be maliciously used to inject arbitrary code into the savesearch JavaScript function. There is an XSS problem in the history tab, t...

SuSE 10 Security Update : the OpenLDAP client (ZYPP Patch Number 5704)

The last security update for openldap2-client introduced a problem in libldap that could cause LDAP clients to prematurely truncate search results. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

Apache Tomcat RemoteFilterValve Security Bypass Vulnerability

Apache Tomcat Server is running on this host and that is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2008-3271

Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a...

CVE-2008-4057

Unspecified vulnerability in Objective Development Sharity 3 before 3.5 has unknown impact and attack vectors, related to a "serious security problem."...