4974 matches found
DSA-2609-1 rails - SQL query manipulation
Bulletin has no description...
About Shellcodes in C
This is a follow up of our previous introductory post about shellcodes. Here we aim for coding more complex shellcodes directly in C. We'll mostly use default tools like gcc and as, at the end also a small python script to reorder and pack things. We'll play with linux but the concepts and script...
Japanese Police 'Collar' Cat Carrying Malware Code
A hacker, or possibly group, that’s issued terrorists threats using remotely controlled computers in Japan remains at large despite a rare 3 million yen bounty and continuous games with media and police. The latest antic to generate considerable attention this week was leading Japanese authoritie...
Debian DSA-2603-1 : emacs23 - programming error
Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if enable-local-variables is set to 'safe'. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2603. The...
[SECURITY] [DSA 2603-1] emacs23 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2603-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 09, 2013 http://www.debian.org/security/faq -...
Warm up your keyboard for Facebook Hacker Cup 2013
Dear Hackers, Warm up your keyboards! Because Facebook open Registration for third Hacker Cup 2013, an annual worldwide programming competition where hackers compete against each other for fame, fortune, glory and a shot at the title of world champion, with $5,000 top prize. The qualification rou...
Warm up your keyboard for Facebook Hacker Cup 2013
Dear Hackers, Warm up your keyboards! Because Facebook open Registration for third Hacker Cup 2013, an annual worldwide programming competition where hackers compete against each other for fame, fortune, glory and a shot at the title of world champion, with $5,000 top prize. The qualification rou...
Debian DSA-2594-1 : virtualbox-ose - programming error
'halfdog' discovered that incorrect interrupt handling in VirtualBox, a x86 virtualization solution, can lead to denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2594. Th...
Debian DSA-2592-1 : elinks - programming error
Marko Myllynen discovered that ELinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2592. The...
DSA-2586-1 perl - several
Bulletin has no description...
New Linux Rootkit Attacks Internet Users
Security researchers have discovered what appears to be an experimental Linux rootkit designed to infect its highly select victims during a classic drive-by website attack. The malware allows hackers to inject code directly in any infected web page. The new malware, discovered on November 13 of...
[SECURITY] Fedora 18 Update: ruby-1.9.3.327-22.fc18
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...
AVerCaster Pro RS3400 Web Server - Directory Traversal
AVerCaster Pro RS3400 Web Server - Directory Traversal Exploit Title: AVerCaster Pro RS3400 web server directory traversal Date: 2012-10-06 Exploit Author: Patrick Saladino Vendor Homepage: http://www.avermedia.com/product/ProductDetail.aspx?Id=560 Version: v.3.1.20 Tested on: Not relevant CVE :...
AVerCaster Pro RS3400 Web Server Directory Traversal Vulnerability
Exploit for hardware platform in category web applications Exploit Title: AVerCaster Pro RS3400 web server directory traversal Date: 2012-10-06 Exploit Author: Patrick Saladino Vendor Homepage: http://www.avermedia.com/product/ProductDetail.aspx?Id=560 Version: v.3.1.20 Tested on: Not relevant CV...
AVerCaster Pro RS3400 Web Server - Directory Traversal
Exploit Title: AVerCaster Pro RS3400 web server directory traversal Date: 2012-10-06 Exploit Author: Patrick Saladino Vendor Homepage: http://www.avermedia.com/product/ProductDetail.aspx?Id=560 Version: v.3.1.20 Tested on: Not relevant CVE : none yet Hello, I just wanted to let you know that the...
Oracle Java SE Multiple Vulnerabilities (October 2012 CPU)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 7 Update 9 / 6 Update 37 / 5.0 Update 38 / 1.4.240 and is, therefore, potentially affected by security issues in the following components : - 2D - Beans - Concurrency - Deployment - Hotspo...
Microsoft Office Excel ReadAV Arbitrary Code Execution
!/usr/bin/perl Microsoft Office Excel ReadAV Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://office.microsoft.com Vendor Description: Microsoft Excel is a commercial spreadsheet application written and distributed by Microsoft for Microsoft Windows and Ma...
[SECURITY] Fedora 16 Update: ruby-1.8.7.358-4.fc16
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...
[SECURITY] Fedora 17 Update: ruby-1.9.3.194-17.fc17
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...
Python不安全文件权限漏洞
BUGTRAQ ID: 55882 Python是一种面向对象、直译式计算机程序设计语言。 Python 3.3.0及其他版本的安装目录存在不安全文件权限漏洞,本地攻击者可利用此漏洞以提升的权限执行任意代码。 0 python 3.x 厂商补丁: Python ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: www.python.org...