SecurityFeed.info

Feeds

29336 items (29336 unread) in 97 feeds

• Aviv Raff On .NET (22 unread)
• Bugtraq (bugtraq) Mailing List (712 unread)
• CGISecurity.com: Your Web Site and Application Security Resource (135 unread)
• christian's weblog (25 unread)
• Irongeek's Security Site (160 unread)
• Jeremiah Grossman (85 unread)
• Heorot.net (13 unread)
• milw0rm.com (530 unread)
• Nmap Hackers (nmap-hackers) Mailing List (9 unread)
• Packet Storm Security Advisories (450 unread)
• Packet Storm Security Exploits (551 unread)
• Packet Storm Security Headlines (460 unread)
• Packet Storm Security Last 100 (2596 unread)
• Packet Storm Security Last 20 (1013 unread)
• Packet Storm Security Last 50 (1853 unread)
• Packet Storm Security Last Files (634 unread)
• Packet Storm Security Miscellaneous Files (172 unread)
• Packet Storm Security Tools (184 unread)
• Rootsecure.net (839 unread)
• SecuriTeam.com (273 unread)
• Security Vulnerability Research & Defense (48 unread)
• SecurityFocus News (179 unread)
• SecurityFocus Vulnerabilities (876 unread)
• Securityvulns news channel (416 unread)
• SecWatch - Latest Exploit Alerts (10 unread)
• Taking Network Security to the Streets (28 unread)
• The One And Only Matt Parnell.com (38 unread)
• The Register - Security (642 unread)
• The Register - Software (713 unread)
• VulnWatch (vulnwatch) Mailing List (19 unread)
• Web App Security (webappsec) Mailing List (121 unread)
• IceСμbeς (15 unread)
• Linmagazine (296 unread)
• ‫netcraft Bytes :) (52 unread)
• Digg (4421 unread)
• Blonde 2.0 (72 unread)
• The Microsoft Security Response Center (MSRC) (62 unread)
• (IN)SECURE Magazine Notifications RSS (18 unread)
• 0x000000 Security (95 unread)
• ----- Anti-Malware ----- Analysis and Defense (16 unread)
• Apple Fun (25 unread)
• Technorati Search for: aviv.raffon.net (264 unread)
• C.I.S.R.T. (10 unread)
• Determina Zero-Day Protection (6 unread)
• Didier Stevens (69 unread)
• eEye Digital Security - Research Blog (10 unread)
• Ryan Naraine's Security Watch (162 unread)
• Security - RSS Feeds (280 unread)
• Exploit Prevention Labs (28 unread)
• Software Vulnerability Exploitation Blog (22 unread)
• F-Secure Antivirus Research Weblog (120 unread)
• Full Disclosure (303 unread)
• George Ou (10 unread)
• GNUCITIZEN Media Portfolio (99 unread)
• ha.ckers.org web application security lab (44 unread)
• heise security (496 unread)
• invisiblethings' blog (35 unread)
• Jeff Jones's blog (12 unread)
• JScript Blog (18 unread)
• Matasano Chargen (43 unread)
• McAfee Avert Labs (97 unread)
• Michael Howard's Web Log (39 unread)
• PandaLabs (55 unread)
• Zero Day (343 unread)
• SANS Internet Storm Center, InfoCON: green (293 unread)
• Latest Secunia Security Watchdog Blog Entries (33 unread)
• SecuriTeam Blogs (85 unread)
• Security Fix (173 unread)
• HP ASC Portal (30 unread)
• Strike Center (12 unread)
• Sunbelt Blog (301 unread)
• Sunnet Beskerming Security Advisories (48 unread)
• Technobabylon
• The Recurity Lablog (33 unread)
• Wired: Threat Level (626 unread)
• TrendLabs | Malware Blog - by Trend Micro (223 unread)
• Uninformed Journal (49 unread)
• WabiSabiLabi's blog (23 unread)
• WatchGuard Wire (61 unread)
• Latest Blog Entires From WebSense Security Labs (71 unread)
• Hackszine.com (226 unread)
• DVLabs: Blogs (81 unread)
• Errata Security (91 unread)
• Robert Hensing's Blog (92 unread)
• PaulDotCom Community Blog (12 unread)
• David LeBlanc's Web Log (25 unread)
• Billy (BK) Rios (25 unread)
• David Litchfield's blog (21 unread)
• Farfromr00tin (23 unread)
• aut disce, aut discede (17 unread)
• pwn* (16 unread)
• hackademix.net (54 unread)
• SecurityDot Vulnerabilities (540 unread)
• Vulnerabilities & Exploits (38 unread)
• Malicious Code (34 unread)
• Security Risks (22 unread)
• Digg / Security / upcoming (4515 unread)

Unread items (100)

• November 21, 2008
• 2:25

  ISS X-Force vs. Trend Micro

   » ‎ Latest Secunia Security Watchdog Blog Entries
  IBM ISS X-Force recently reported multiple vulnerabilities in Trend Micro ServerProtect. As Trend Micro claims to have fixed the vulnerabilities, which X-Force disagrees with, X-Force issued a blog as well to clarify some issues.

• 2:25

  PHP safe_mode protection bypass

   » ‎ Securityvulns news channel
  It's possible to bypass protection with ini_set("error_log", "/hack/"); Applications: PHP 5.2 (21.11.2008)
• 2:25

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

   » ‎ Securityvulns news channel
  PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Webglimpse: crossite scripting. CimWebCenter: crossite scripting. Applications: boastMachine 3.1, vBulletin 3.7, Social Engine 2.7 (21.11.2008)
• 2:25

  BitDefender antivirus DoS

   » ‎ Securityvulns news channel
  Crash on PDF file check in bdc.exe. (21.11.2008)
• 2:25

  Microsoft Windows Vista memory corruption

   » ‎ Securityvulns news channel
  Kernel memory corruption on CreateIpForwardEntry2 call processing. Applications: Windows Vista (20.11.2008)
• 2:25

  Mozilla Firefox images information leak

   » ‎ Securityvulns news channel
  By using getImageData() with redirections it's possiblt to obtain crossite access to images. Applications: Firefox 2.0 (20.11.2008)
• 2:25

  Deutsche Telekom banking software multiple security vulnerabilities

   » ‎ Securityvulns news channel
  Outdated vulnerable versions of open source libraries are used. (19.11.2008)
• 2:25

  Exodus unuahorized files access

   » ‎ Securityvulns news channel
  It's possible to inject command argument via im:// URI. Applications: Exodus 0.10 (19.11.2008)
• 2:25

  Opera buffer overflow

   » ‎ Securityvulns news channel
  Buffer overflow on oversized file:// URI. Applications: Opera 9.62 (19.11.2008)
• 2:25

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

   » ‎ Securityvulns news channel
  PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Webglimpse: crossite scripting. CimWebCenter: crossite scripting. Applications: vBulletin 3.7, Pluck CMS 4.5, CimWebCenter 4.0, Webglimpse 2.18 (19.11.2008)

• 2:25

  Bugtraq: [ MDVSA-2008:233 ] libcdaudio

   » ‎ SecurityFocus Vulnerabilities
  [ MDVSA-2008:233 ] libcdaudio
• 2:25

  Bugtraq: Re: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow

   » ‎ SecurityFocus Vulnerabilities
  Re: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
• 2:25

  Bugtraq: Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani

   » ‎ SecurityFocus Vulnerabilities
  Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani
• 2:25

  Bugtraq: Re: Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani

   » ‎ SecurityFocus Vulnerabilities
  Re: Re: Cpanel 11.x Local File Inclusion & Cross Site Scripting - Discovered By Khashayar Fereidani

• 2:25

  Oliver Day: Microsoft's Stance on Piracy Affects Us All

   » ‎ SecurityFocus News
  Microsoft's Stance on Piracy Affects Us All

• 2:25

  The Register: T-Mobile leaves 300,000 disconnected

   » ‎ Rootsecure.net
  The Register: T-Mobile leaves 300,000 disconnected
• 2:25

  Bruce Schneier: Secret German IP Addresses Leaked

   » ‎ Rootsecure.net
  Bruce Schneier: Secret German IP Addresses Leaked
• 2:25

  SC Magazine: Hot or not - Software update vulnerabilities

   » ‎ Rootsecure.net
  SC Magazine: Hot or not - Software update vulnerabilities
• 2:25

  The Register: Employees sue for unpaid Windows Vista overtime

   » ‎ Rootsecure.net
  The Register: Employees sue for unpaid Windows Vista overtime
• 2:25

  Apple Insider: Apple's new MacBooks have built-in copy protection measures

   » ‎ Rootsecure.net
  Apple Insider: Apple's new MacBooks have built-in copy protection measures
• 2:25

  Daily Artisan: The Manchurian Microchip

   » ‎ Rootsecure.net
  Daily Artisan: The Manchurian Microchip
• 2:25

  Heise Security: Two vulnerabilities eliminated in free XML library libxml2

   » ‎ Rootsecure.net
  Heise Security: Two vulnerabilities eliminated in free XML library libxml2
• 2:25

  Heise Security: Microsoft to replace OneCare with free consumer anti-malware

   » ‎ Rootsecure.net
  Heise Security: Microsoft to replace OneCare with free consumer anti-malware
• 2:25

  Computer World: Microsoft feared Mac vs. Vista comparison in '05, insider e-mails show "New...

   » ‎ Rootsecure.net
  Computer World: Microsoft feared Mac vs. Vista comparison in '05, insider e-mails show "Newspaper column sparked discussion about OSes and what 'premium' meant"
• 2:25

  Billy (BK) Rios: Stealing Files with Safari

   » ‎ Rootsecure.net
  Billy (BK) Rios: Stealing Files with Safari
• 2:25

  BBC News: Computer virus affects hospitals "Three London hospitals have been forced to shut...

   » ‎ Rootsecure.net
  BBC News: Computer virus affects hospitals "Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus"
• 2:25

  The Register: Teen hacker confesses three-year crime spree

   » ‎ Rootsecure.net
  The Register: Teen hacker confesses three-year crime spree
• 2:25

  BBC News: Tech that trumps traffic tangles

   » ‎ Rootsecure.net
  BBC News: Tech that trumps traffic tangles
• 2:25

  SANS: Security Awareness Training is Boring

   » ‎ Rootsecure.net
  SANS: Security Awareness Training is Boring
• 2:25

  Security Fix: 'Network Identity Theft' Politely Avenged

   » ‎ Rootsecure.net
  Security Fix: 'Network Identity Theft' Politely Avenged
• 2:25

  Computer World: Dodgy ISP McColo briefly comes online, updates botnet

   » ‎ Rootsecure.net
  Computer World: Dodgy ISP McColo briefly comes online, updates botnet
• 2:25

  BBC News: Pupils set for 'ringtone lessons' "Children in England and Wales are to be given ...

   » ‎ Rootsecure.net
  BBC News: Pupils set for 'ringtone lessons' "Children in England and Wales are to be given lessons in how to avoid scams and hidden charges when downloading mobile phone ringtones"
• 2:25

  c|net: British site focusing on online scams targeted in DDoS attack

   » ‎ Rootsecure.net
  c|net: British site focusing on online scams targeted in DDoS attack
• 2:25

  Heise Security: Vulnerability discovered in SSH specification "can in rare cases be exploit...

   » ‎ Rootsecure.net
  Heise Security: Vulnerability discovered in SSH specification "can in rare cases be exploited to reconstruct part of the plain text"
• 2:25

  SANS: Finding stealth injected DLLs

   » ‎ Rootsecure.net
  SANS: Finding stealth injected DLLs

• 2:25

  php526-bypass.txt

   » ‎ Packet Storm Security Last Files
  PHP version 5.2.6 suffers from an error_log related safe_mode bypass vulnerability.
• 2:25

  phpfusion7001-sql.txt

   » ‎ Packet Storm Security Last Files
  PHP-Fusion version 7.00.1 remote SQL injection exploit that makes use of messages.php.
• 2:25

  social-sql.txt

   » ‎ Packet Storm Security Last Files
  Social Engine versions 2.7 and below suffer from remote SQL injection and cookie manipulation vulnerabilities.

• 2:25

  java2-malware.pdf

   » ‎ Packet Storm Security Miscellaneous Files
  Whitepaper entitled Java 2 Micro Edition (J2ME or Java ME) Based Computer Malware Propagation Technique.
• 2:25

  return-to-libc-linux.txt

   » ‎ Packet Storm Security Miscellaneous Files
  Brief whitepaper discussing return to LIBC exploitation on Linux.
• 2:25

  stack-overflow-linux.txt

   » ‎ Packet Storm Security Miscellaneous Files
  Brief whitepaper discussing stack overflow exploit on Linux.
• 2:25

  smallest_setuid_execve_sc.c

   » ‎ Packet Storm Security Miscellaneous Files
  26 byte (the smaller) GNU/Linux x86 setuid/execve shellcode without NULLs.
• 2:25

  sudoers-shellcode.txt

   » ‎ Packet Storm Security Miscellaneous Files
  86 byte Linux/x86 edit /etc/sudoers for full access.
• 2:25

  strongswan-4.2.9.tar.gz

   » ‎ Packet Storm Security Miscellaneous Files
  strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
• 2:25

  hodetector-shellcode.txt

   » ‎ Packet Storm Security Miscellaneous Files
  Ho' Detector is shellcode that detects sniffing on all interfaces in Linux by parsing /proc/net/packet.
• 2:25

  rtm-essential5.pdf

   » ‎ Packet Storm Security Miscellaneous Files
  Road Technological Minds - Essential #5 - This issue covers fuzzing, remote file inclusion, Samurai Framework testing, and more. Written in Spanish.
• 2:25

  unixasm-1.3.0.tar.gz

   » ‎ Packet Storm Security Miscellaneous Files
  A collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
• 2:25

  bnd-networks.pdf

   » ‎ Packet Storm Security Miscellaneous Files
  This PDF document holds a single paged scan of an internally distributed mail from German telecommunications company T-Systems (Deutsche Telekom), revealing over two dozen secret IP address ranges in use by the German intelligence service Bundesnachrichtendienst (BND).

• 2:25

  pysumpas-0.2.0.tar.gz

   » ‎ Packet Storm Security Tools
  PySumpas is a simple, graphical password generating utility. Using the Python Cryptography Toolkit and Damien Miller's py-bcrypt, it generates a hash or cipher from user input. The resulting output, in part or entirety, can be used as a secure password.
• 2:25

  framework-3.2.tar.gz

   » ‎ Packet Storm Security Tools
  The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
• 2:25

  tor.uclibc.i686.20081115.iso

   » ‎ Packet Storm Security Tools
  Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.
• 2:25

  RFIDIOt-Windows-0.1u.zip

   » ‎ Packet Storm Security Tools
  RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r). This is the Windows version.
• 2:25

  RFIDIOt-0.1u.tgz

   » ‎ Packet Storm Security Tools
  RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
• 2:25

  dps-v1.5.tar.gz

   » ‎ Packet Storm Security Tools
  Dynamic Port Scanner - The sole idea of the Dynamic Port Scanner (DPS) is to provide a reliable spoofed source IP port scanner. The spoofed source IP is dynamically generated at run time and it varies for every scan packet; every scan packet carries a random spoofed source IP. Traditionally, a port scan with a spoofed source IP has been considered unreliable due to the fact that reply packets would not reach back the scanning system. However, the technique used by DPS ensures the reliability of such spoofed scan.
• 2:25

  smbrelay3.zip

   » ‎ Packet Storm Security Tools
  SmbRelay3 is a proof of concept tool that is able to replay NTLM authentication from several protocols like SMB/HTTP/IMAP/etc.
• 2:25

  mptrey.tar.gz

   » ‎ Packet Storm Security Tools
  mpTREY is a MP3 fuzzing utility that manipulates tags. Written in Perl.
• 2:25

  dotnetsploitsrc-1.0.zip

   » ‎ Packet Storm Security Tools
  .NET-Sploit is a new tool for building MSIL rootkits that will enable the user to inject preloaded/custom payloads to the Framework core DLL.
• 2:25

  MultiInjectorV0.3.tar.gz

   » ‎ Packet Storm Security Tools
  MultiInjector is an automatic SQL injection utility. It uses a list of URI addresses to test parameter manipulation. Once a vulnerable parameter has been found, a signature-evasive SQL injection is performed in order to achieve arbitrary OS command execution and automatic defacement on database server. Written in Python.

• 2:25

  phprsgal-sql.txt

   » ‎ Packet Storm Security Last 20
  phpRS versions 2.6.x and 2.8.x suffer from a remote SQL injection vulnerability in gallery.php.
• 2:25

  MDVSA-2008-233.txt

   » ‎ Packet Storm Security Last 20
  Mandriva Linux Security Advisory 2008-233 - A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code. In addition, the fixes for were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 (this was originally fixed in MDKSA-2005:075). This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this fix already applied. The updated packages have been patched to prevent these issues.
• 2:25

  java2-malware.pdf

   » ‎ Packet Storm Security Last 20
  Whitepaper entitled Java 2 Micro Edition (J2ME or Java ME) Based Computer Malware Propagation Technique.
• 2:25

  natterchat-sql.txt

   » ‎ Packet Storm Security Last 20
  Natterchat versions 1.12 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.
• 2:25

  php526-bypass.txt

   » ‎ Packet Storm Security Last 20
  PHP version 5.2.6 suffers from an error_log related safe_mode bypass vulnerability.
• 2:25

  phpfusion7001-sql.txt

   » ‎ Packet Storm Security Last 20
  PHP-Fusion version 7.00.1 remote SQL injection exploit that makes use of messages.php.
• 2:25

  social-sql.txt

   » ‎ Packet Storm Security Last 20
  Social Engine versions 2.7 and below suffer from remote SQL injection and cookie manipulation vulnerabilities.
• 2:25

  vbulletin-xssxsrf.txt

   » ‎ Packet Storm Security Last 20
  The Visitor Messages add-on for vBulletin version 3.7.3 suffers from cross site scripting and cross site request forgery vulnerabilities. This is a worm exploit that takes advantage of these issues.
• 2:25

  askpert-sql.txt

   » ‎ Packet Storm Security Last 20
  AskPert suffers from a remote SQL injection vulnerability that allows for authentication bypass.
• 2:25

  return-to-libc-linux.txt

   » ‎ Packet Storm Security Last 20
  Brief whitepaper discussing return to LIBC exploitation on Linux.
• 2:25

  stack-overflow-linux.txt

   » ‎ Packet Storm Security Last 20
  Brief whitepaper discussing stack overflow exploit on Linux.
• 2:25

  backlinkspider-sql.txt

   » ‎ Packet Storm Security Last 20
  The BackLinkSpider Exchange Links script suffers from remote SQL injection vulnerabilities in links.asp and links.php.
• 2:25

  exodus-injection.txt

   » ‎ Packet Storm Security Last 20
  Exodus version 0.10 suffers from an URI handler arbitrary parameter injection vulnerability.
• 2:25

  smallest_setuid_execve_sc.c

   » ‎ Packet Storm Security Last 20
  26 byte (the smaller) GNU/Linux x86 setuid/execve shellcode without NULLs.
• 2:25

  wportfolio-upload.txt

   » ‎ Packet Storm Security Last 20
  wPortfolio versions 0.3 and below remote arbitrary file upload exploit.
• 2:25

  boastmachine-sql.txt

   » ‎ Packet Storm Security Last 20
  BoastMachine version 3.1 suffers from a remote SQL injection vulnerability.
• 2:25

  SSRT080059.txt

   » ‎ Packet Storm Security Last 20
  HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM).The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).

• 2:25

  ZDI-08-076.txt

   » ‎ Packet Storm Security Last 50
  A vulnerability allows remote attackers to retrieve arbitrary files on systems with vulnerable installations of EMC Control Center SAN Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SAN Manager Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_SENDFILE requests the service does not validate the requestor allowing any remote attacker to download arbitrary files.
• 2:25

  ZDI-08-075.txt

   » ‎ Packet Storm Security Last 50
  A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC Control Center SAN Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SAN Manager Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_CTGTRANS requests the process copies packet data into a fixed length stack buffer. Exploitation allows for arbitrary code execution under the context of the SYSTEM user.
• 2:25

  toursmanager-blindsql.txt

   » ‎ Packet Storm Security Last 50
  ToursManager suffers from a blind SQL injection vulnerability in tourview.php.
• 2:25

  phprsgal-sql.txt

   » ‎ Packet Storm Security Last 50
  phpRS versions 2.6.x and 2.8.x suffer from a remote SQL injection vulnerability in gallery.php.
• 2:25

  MDVSA-2008-233.txt

   » ‎ Packet Storm Security Last 50
  Mandriva Linux Security Advisory 2008-233 - A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code. In addition, the fixes for were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 (this was originally fixed in MDKSA-2005:075). This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this fix already applied. The updated packages have been patched to prevent these issues.
• 2:25

  java2-malware.pdf

   » ‎ Packet Storm Security Last 50
  Whitepaper entitled Java 2 Micro Edition (J2ME or Java ME) Based Computer Malware Propagation Technique.
• 2:25

  natterchat-sql.txt

   » ‎ Packet Storm Security Last 50
  Natterchat versions 1.12 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.
• 2:25

  php526-bypass.txt

   » ‎ Packet Storm Security Last 50
  PHP version 5.2.6 suffers from an error_log related safe_mode bypass vulnerability.
• 2:25

  phpfusion7001-sql.txt

   » ‎ Packet Storm Security Last 50
  PHP-Fusion version 7.00.1 remote SQL injection exploit that makes use of messages.php.
• 2:25

  social-sql.txt

   » ‎ Packet Storm Security Last 50
  Social Engine versions 2.7 and below suffer from remote SQL injection and cookie manipulation vulnerabilities.
• 2:25

  vbulletin-xssxsrf.txt

   » ‎ Packet Storm Security Last 50
  The Visitor Messages add-on for vBulletin version 3.7.3 suffers from cross site scripting and cross site request forgery vulnerabilities. This is a worm exploit that takes advantage of these issues.
• 2:25

  askpert-sql.txt

   » ‎ Packet Storm Security Last 50
  AskPert suffers from a remote SQL injection vulnerability that allows for authentication bypass.
• 2:25

  return-to-libc-linux.txt

   » ‎ Packet Storm Security Last 50
  Brief whitepaper discussing return to LIBC exploitation on Linux.
• 2:25

  stack-overflow-linux.txt

   » ‎ Packet Storm Security Last 50
  Brief whitepaper discussing stack overflow exploit on Linux.
• 2:25

  backlinkspider-sql.txt

   » ‎ Packet Storm Security Last 50
  The BackLinkSpider Exchange Links script suffers from remote SQL injection vulnerabilities in links.asp and links.php.