Pay-Per-Install Malware Models Affiliate Marketing

From Black Hat DC: Sites like Amazon offer affiliate programs that pay users for sending them new customers. And now, malware authors, always quick to adopt tactics that work elsewhere, have developed their own affiliate program. Read the full article. MIT Technology Review...

IBM Installation Manager iim URI Handling Code Execution

IBM Installation Manager IIM is a software tool that helps to install, update, modify, and install packages. It helps to manage IBM applications or packages by providing tools to keep packages up to date, modify the packages, manage the licenses for those packages, and uninstall the packages from...

Input validation

The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a...

CVE-2010-0027

The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a...

Multiple Media Players ((iTunes QuickTime) - HTTP DataHandler Overflow

Multiple Media Players iTunes QuickTime - HTTP DataHandler Overflow ScaryMovie Exploit Study By: DrIDE October, 2009 There is a widespread failure in the way that .MOV files are handled by the Quicktime Library. I have attempted to compound my findings on this issue. Nearly every .MOV enabled...

Multiple Media Players ((iTunes / QuickTime) - HTTP DataHandler Overflow

ScaryMovie Exploit Study By: DrIDE October, 2009 There is a widespread failure in the way that .MOV files are handled by the Quicktime Library. I have attempted to compound my findings on this issue. Nearly every .MOV enabled application that I tested fell victim to this exploit. This is a local...

CentOS 5 : acpid (CESA-2009:1642)

An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. acpid is a daemon that dispatches ACPI Advanced Configuration and Power Interface events to...

Persits XUpload ActiveX MakeHttpRequest Directory Traversal

$Id: persitsxuploadtraversal.rb 7760 2009-12-08 21:24:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2009-4261

Multiple directory traversal vulnerabilities in the iallocator framework in Ganeti 1.2.4 through 1.2.8, 2.0.0 through 2.0.4, and 2.1.0 before 2.1.0rc2 allow 1 remote attackers to execute arbitrary programs via a crafted external script name supplied through the HTTP remote API RAPI and allow 2...

[SECURITY] Fedora 12 Update: postgresql-8.4.2-1.fc12

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

[SECURITY] Fedora 12 Update: mozvoikko-1.0-7.fc12

This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...

[SECURITY] Fedora 11 Update: postgresql-8.3.9-1.fc11

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

HP LoadRunner XUpload.ocx ActiveX Control Arbitrary File Download

An arbitrary file download vulnerability exists in an HP LoadRunner ActiveX control. The vulnerability is due to a design flaw in a certain method. The method can be leveraged by attackers to execute arbitrary programs on the vulnerable host...

CVE-2009-4323

The installation for Zen Cart stores sensitive information and insecure programs under the 1 docs, 2 extras, and 3 zcinstall folders, and 4 install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different...

DISA UNIX SRR scripts execute untrusted programs as root

Overview The Defense Information Systems Agency DISA UNIX Security Readiness Review SRR scripts find1 and execute -exec various programs to obtain version information. The SRR scripts are designed to be run as root. An attacker who can write a file under the root file system may be able to exploi...

Persits XUpload ActiveX MakeHttpRequest Directory Traversal

This module exploits a directory traversal in Persits Software Inc's XUpload ActiveX controlversion 3.0.0.3 that's included in HP LoadRunner 9.5. By passing a string containing ".." sequences to the MakeHttpRequest method, an attacker is able to write arbitrary files to arbitrary locations on...

Code injection

Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions Everyone: Full Control for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs...

HP OpenView Network Node Manager CGI programs HTTP Request Buffer Overflow (CVE-2007-6204; CVE-2008-0067)

HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes hundreds of optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, OpenView Network Node Manager, etc. A buffer overflow...

U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Executive Summary - ----------------- Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run. If a remote user can introduce a file into the filesystem e.g. anonymous ftp, http upload, cdrom, samba share,...

MediaWiki Language Option PHP Code Execution (CVE-2005-4031)

MediaWiki is a web-based enterprise collaboration platform developed in the PHP scripting language. The software is a set of CGI programs that are loaded and executed by an HTTP server. It typically runs as a document management system, or a knowledge base. The web content of a MediaWiki...