Bala Krishna, Sergey Yakovlev Security Vulnerabilities

GNU CFEngine 2.0.x/2.1 AuthenticationDialogue Remote Heap Based Buffer Overrun Vulnerability (2)

No description provided by...

GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple Vulnerabilities

No description provided by...

Web Wiz Forum Injection Vulnerability

No description provided by...

Kiwi CatTools TFTP <= 3.2.8 - Remote Path Traversal Vulnerability

No description provided by...

mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read

No description provided by...

GNU CFEngine 2.0.x/2.1 AuthenticationDialogue Remote Heap Based Buffer Overrun Vulnerability (1)

No description provided by...

Apache 1.3.x - 2.0.48 - mod_userdir Remote Users Disclosure Exploit

No description provided by...

Researchers Uncover Spying Tool Used by Governments to Hijack all Types of Smartphones

Purchasing malware to victimize people is illegal by laws but if the same thing any government official do, then its not!! Yes, the police forces around the World are following the footsteps of U.S. National Security Agency (NSA) and FBI. Researchers from the Citizen Lab at the Munk School of...

Kaspersky, Citizen Lab Uncover HackingTeam Mobile Malware

Controversial spyware commercially developed by Italy’s HackingTeam and sold to governments and law enforcement for the purpose of surveillance, has a global command and control infrastructure and for the first time, security experts have insight into how its mobile malware components work....

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt30

3:11-alt30 built June 16, 2014 Sergey V Turchin in task #121576 June 16, 2014 Sergey V Turchin - new version - security fixes: CVE-2014-0531, CVE-2014-0532, CVE-2014-0533, CVE-2014-0534, CVE-2014-0535,...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt30

3:11-alt30 built June 16, 2014 Sergey V Turchin in task #121575 June 16, 2014 Sergey V Turchin - new version - security fixes: CVE-2014-0531, CVE-2014-0532, CVE-2014-0533, CVE-2014-0534, CVE-2014-0535,...

openSUSE Security Update : chromium (openSUSE-SU-2012:0492-1)

Security update for Chromium and V8 to 18.0.1025.142. Following bugs are listed in the Chrome changelog : [$500] [109574https://code.google.com/p/chromium/issues/detail ?id=109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato ...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-3422)

This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-64: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of.....

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3421)

This update brings Mozilla XULRunner to version 1.9.1.15, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3141)

Mozilla XULRunner 1.9.1 was updated to version 1.9.1.13, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...

openSUSE Security Update : seamonkey (openSUSE-SU-2010:0632-2)

Mozilla SeaMonkey 2.0 was updated to version 2.0.8, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...

openSUSE Security Update : seamonkey (seamonkey-3372)

This update brings Mozilla SeaMonkey to version 2.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3378)

This update brings Mozilla Thunderbird to version 3.0.9, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based....

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3154)

Mozilla Thunderbird 3.0 was updated to version 3.0.7, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0632-1)

Mozilla Firefox was updated to version 3.6.10, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products....

PT-2014-11: Information Disclosure in nginx

PT-2014-11: Information Disclosure in nginx Vulnerable software nginx Version: 1.7.3 and earlier Link: http://nginx.org/ Severity level Severity level: Low Impact: Information Disclosure Access Vector: Local CVSS v2: Base Score: 1.9 Vector: (AV:L/AC:M/Au:N/C:P/I:N/A:N) CVE: not assigned...

Foscam IP Camera - Predictable Credentials Security Bypass

Foscam IP Camera - Predictable Credentials Security...

Foscam IP Camera - Predictable Credentials Security Bypass

...

Released Emails Show 'Google in a Relationship With NSA'

Edward Snowden's leaks last year questioned the integrity of several big and reputed companies such as Apple, Google and Microsoft that were found in relation with the NSA in its surveillance programs. Thereafter they maintained distance with the Agency and claimed to be unaware of such...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt29

3:11-alt29 built April 29, 2014 Sergey V Turchin in task #118985 April 29, 2014 Sergey V Turchin - new version - security fixes:...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt29

3:11-alt29 built April 29, 2014 Sergey V Turchin in task #118984 April 29, 2014 Sergey V Turchin - new version - security fixes:...

PT-2014-16: Privilege Gaining in Siemens SIMATIC WinCC

PT-2014-16: Privilege Gaining in Siemens SIMATIC WinCC Vulnerable platform SIMATIC WinCC Version: 7.2 and earlier SIMATIC PCS7 Version: 8.0 and earlier Link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Privilege Gaining Access Vector: Remote CVSS v2: Base Score:...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt28

3:11-alt28 built April 15, 2014 Sergey V Turchin in task #118324 April 15, 2014 Sergey V Turchin - new version - security fixes: CVE-2014-0506, CVE-2014-0507, CVE-2014-0508,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt28

3:11-alt28 built April 15, 2014 Sergey V Turchin in task #118325 April 15, 2014 Sergey V Turchin - new version - security fixes: CVE-2014-0506, CVE-2014-0507, CVE-2014-0508,...

Security fix for the ALT Linux 8 package libssh version 0.6.3-alt1

March 25, 2014 Sergey V Turchin 0.6.3-alt1 - new version - security fixes: CVE-2014-0017,...

Security fix for the ALT Linux 9 package libssh version 0.6.3-alt1

March 25, 2014 Sergey V Turchin 0.6.3-alt1 - new version - security fixes: CVE-2014-0017,...

Security fix for the ALT Linux 7 package libssh version 0.6.3-alt1

March 25, 2014 Sergey V Turchin 0.6.3-alt1 - new version - security fixes: CVE-2014-0017,...

MtGox Hacker tricks people to install Bitcoin Stealer

This News will blow everyone’s mind! If you are a bitcoins holder then you might be aware of MtGox, Once the World's biggest Bitcoin exchange. MtGox filed for bankruptcy last month after saying it lost some 8,50,000 Bitcoins to hackers and suddenly went dark with no explanations. A few days ago,...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt27

3:11-alt27 built March 13, 2014 Sergey V Turchin in task #116325 March 13, 2014 Sergey V Turchin - new version - security fixes: CVE-2014-0503,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt27

3:11-alt27 built March 13, 2014 Sergey V Turchin in task #116326 March 13, 2014 Sergey V Turchin - new version - security fixes: CVE-2014-0503,...

Tor Network used to Host 900 Botnets and hidden Darknet Markets

Tor network offers users browse the Internet anonymously and is mostly used by activists, journalists to conceal their online activities from prying eyes. But it also has the Dark side, as Tor is also a Deep Web friendly tool that allows hackers and cyber criminals to carry out illicit activities.....

Microsoft, Kaspersky Shed Light on Sefnit Tor Botnet

Alarm bells went off last August when spikes in Tor client downloads were traced to a large click-fraud and Bitcoin-mining botnet called Sefnit. The malware was using the popular anonymity network to communicate with hackers in order to transmit stolen data and receive additional commands. In...

Unbreakable Enterprise kernel security and bug fix update (Unbreakable Enterprise Kernel Release 3 QU1)

[3.8.13-26.el6uek] - spec: Don't remove crashkernel=auto setting (Jerry Snitselaar) [Orabug: 18137993] [3.8.13-25.el6uek] - ocfs2: fix i_mutex deadlock between aio_write and sync_file (Darrick J. Wong) [Orabug: 18068931] - Revert 'x86, mm: Revert back good_end setting for 64bit' (Jerry Snitselaar)....

Siemens WinCC Multiple Vulnerabilities

Overview Independent researchers Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov from Positive Technologies have identified multiple vulnerabilities in the Siemens WinCC application. In evaluating these reported...

23-Year-old Russian Hacker confessed to be original author of BlackPOS Malware

In the previous reports of Cyber Intelligence firm 'IntelCrawler' named Sergey Tarasov, a 17-year-old teenager behind the nickname "ree[4]", as the developer of BlackPOS malware. BlackPOS also known as "reedum" or 'Kaptoxa' is an effective crimeware kit, used in the massive heist of possibly 110...

More details about alleged 17-year-old Russian BlackPOS Malware Author released

Security experts at_ IntelCrawler_ provided a new interesting update on BlackPOS malware author, that he forgot to delete his Social networking profile even after the last exposure from the investigators. As we have reported a few days before that the Intelligence firm IntelCrawler has identified.....

BlackPOS Malware used in TARGET Data Breach developed by 17-Year Old Russian Hacker

The Holiday data breach at TARGET appeared to be part of a broad and highly sophisticated international hacking campaign against multiple retailers, involving the heist of possibly 110 million Credit-Debit cards, and personal information. Target confirmed last weekend that a malicious software was....

[THC-Hydra v7.6] Fast Parallel Network Logon Cracker

Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast. Features IPv6 Support Graphic User Interface Internationalized support (RFC 4013) HTTP proxy support SOCKS proxy support The...

PT-2014-19: Multiple Cross-Site Scripting (XSS) vulnerabilities in Wonderware Information Server

PT-2014-19: Multiple Cross-Site Scripting (XSS) vulnerabilities in Wonderware Information Server Vulnerable software Wonderware Information Server Version: 4.0 SP1 Portal, 4.5 Portal, 5.0 Portal, and 5.5 Portal Link: http://www.invensys.com/ Severity level Severity level: Medium Impact: Cross-Site....

PT-2014-21: Multiple SQL injection vulnerabilities in Wonderware Information Server

PT-2014-21: Multiple SQL injection vulnerabilities in Wonderware Information Server Vulnerable software Wonderware Information Server Version: 4.0 SP1 Portal, 4.5 Portal, 5.0 Portal, and 5.5 Portal Link: http://www.invensys.com/ Severity level Severity level: High Impact: Remote Code Execution...

PT-2014-17: Weak encryption of account data in Wonderware Information Server

PT-2014-17: Weak encryption of account data in Wonderware Information Server Vulnerable software Wonderware Information Server Version: 4.0 SP1 Portal, 4.5 Portal, 5.0 Portal, and 5.5 Portal Link: http://www.invensys.com/ Severity level Severity level: High Impact: Privilege Gaining, Disclosure...

PT-2014-18: Weak encryption of account data in Wonderware Information Server

PT-2014-18: Weak encryption of account data in Wonderware Information Server Vulnerable software Wonderware Information Server Version: 4.0 SP1 Portal, 4.5 Portal, 5.0 Portal, and 5.5 Portal Link: http://www.invensys.com/ Severity level Severity level: Low Impact: Privilege Gaining, Disclosure...

ProFTPD 1.3.3g Server Remote Root Exploit (ftp.bbc.co.uk)

Exploit for multiple platform in category remote exploits This is private exploit. You can buy it at...

Neverquest Banking Trojan Targets More Than 100 Banks

Banking malware with a particular liking for Fidelity Investments has infected several thousand victims worldwide, and has the capacity for much greater harm, in particular during the upcoming holidays, according to researchers at Kaspersky Lab. A report released today describes the threat posed...

Questions Arise About Bitcoin Security Paper

In the wake of the publication of a new academic paper that says there is a fundamental flaw in the Bitcoin protocol that could allow a small cartel of participants to become powerful enough that it could take over the mining process and gather a disproportionate amount of the value in the system,....