Trojan.Ferret DDoS Botnet Discovered

Researchers at Arbor Networks have identified a new DDoS bot with a fancy for ferrets. Following a clue in a tweet, researcher Dennis Schwarz found Trojan.Ferret, including a command and control panel with some insight into targets. To date, a relatively small number of malware samples and comman...

Fedora Update for ruby FEDORA-2013-22423

Check for the Version of ruby OpenVAS Vulnerability Test Fedora Update for ruby FEDORA-2013-22423 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Microsoft Enhanced Mitigation Experience Toolkit (EMET) ROP Vulnerability

The host is installed with Microsoft Enhanced Mitigation Experience Toolkit EMET and is prone to return-oriented programming ROP vulnerability. OpenVAS Vulnerability Test $Id: gbmicrosoftemetropvuln.nasl 6104 2017-05-11 09:03:48Z teissa $ Microsoft Enhanced Mitigation Experience Toolkit EMET ROP...

[SECURITY] Fedora 18 Update: chicken-4.8.0.4-4.fc18

CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions...

Fedora Update for chicken FEDORA-2013-17912

Check for the Version of chicken OpenVAS Vulnerability Test Fedora Update for chicken FEDORA-2013-17912 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Moderate: Red Hat Security Advisory: ruby193-ruby security update

Updated ruby193-ruby packages that fix one security issue are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

How I Got Here: Katie Moussouris

Dennis Fisher talks with Katie Moussouris of Microsoft about her childhood exploits with Commodore 64 programming, ignoring her Barbies, growing up as a hacker, her days as a pen tester and the challenges of working on security at Microsoft. Download: 12moussouris.mp3 Microsoft image via Robert...

Software Defense: mitigating heap corruption vulnerabilities

Heap corruption vulnerabilities are the most common type of vulnerability that Microsoft addresses through security updates today. These vulnerabilities typically occur as a result of programming mistakes that make it possible to write beyond the bounds of a heap buffer a spatial issue or to plac...

[SECURITY] Fedora 18 Update: libguestfs-1.20.12-1.fc18

Libguestfs is a library for accessing and modifying guest disk images. Amongst the things this is good for: making batch configuration changes to guests, getting disk used/free statistics see also: virt-df, migrating between virtualization systems see also: virt-p2v, performing partial backups,...

Oracle Java java.awt.image.ByteComponentRaster Overflow

Added: 10/24/2013 CVE: CVE-2013-2473 BID: 60623 OSVDB: 94336 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

Oracle Java java.awt.image.ByteComponentRaster Overflow

Added: 10/24/2013 CVE: CVE-2013-2473 BID: 60623 OSVDB: 94336 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

Moderate: Red Hat Security Advisory: ruby193-ruby security update

Updated ruby193-ruby packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Debian DSA-2768-1 : icedtea-web - heap-based buffer overflow

A heap-based buffer overflow vulnerability was found in icedtea-web, a web browser plugin for running applets written in the Java programming language. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the us...

DSA-2768-1 icedtea-web - heap-based buffer overflow

Bulletin has no description...

SilverStripe Framework CMS 3.0.5 Cross Site Scripting

Title: ====== SilverStripe Framework CMS 3.0.5 - Multiple Vulnerabilities Date: ===== 2013-09-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1084 VL-ID: ===== 1084 Common Vulnerability Scoring System: ==================================== 3.9 Introduction:...

[SECURITY] [DSA 2764-1] libvirt security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2764-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 25, 2013 http://www.debian.org/security/faq -...

[SECURITY] Fedora 19 Update: chicken-4.8.0.4-4.fc19

CHICKEN is a compiler for the Scheme programming language. CHICKEN produces portable, efficient C, supports almost all of the R5RS Scheme language standard, and includes many enhancements and extensions...

Debian DSA-2764-1 : libvirt - programming error

Daniel P. Berrange discovered that incorrect memory handling in the remoteDispatchDomainMemoryStats function could lead to denial of service. The oldstable distribution squeeze is not affected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Debian Security Advisory DSA 2764-1 (libvirt - programming error)

Daniel P. Berrange discovered that incorrect memory handling in the remoteDispatchDomainMemoryStats function could lead to denial of service. The oldstable distribution squeeze is not affected. OpenVAS Vulnerability Test $Id: deb2764.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from...

Debian Security Advisory DSA 2594-1 (virtualbox-ose - programming error)

halfdog discovered that incorrect interrupt handling in VirtualBox, a x86 virtualization solution, can lead to denial of service. OpenVAS Vulnerability Test $Id: deb25941.nasl 14276 2019-03-18 14:43:56Z cfischer $ Auto-generated from advisory DSA 2594-1 using nvtgen 1.0 Script version: 1.0 Author...