Databáze Hot News 2013 October

Databáze Hot News 2013 October - 2013 January February March April May June July August September October November December

16.10.2013

Bugtraq

[security bulletin] HPSBMU02931 rev.1 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) 2013-10-15
security-alert hp com

ZAPms v1.42 CMS - Client Side Cross Site Scripting Web Vulnerability 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] 2013-10-15
xys3c team (security xysec com)

DornCMS Application v1.4 - Multiple Web Vulnerabilities 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #105 MOS - Multiple Persistent Print Layout Vulnerabilities 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20131015-0 :: Multiple vulnerabilities in SpamTitan 2013-10-15
SEC Consult Vulnerability Lab (research sec-consult com)

OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] gnupg2 (SSA:2013-287-02) 2013-10-15
Slackware Security Team (security slackware com)

Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] 2013-10-15
xys3c team (security xysec com)

Critical vulnerabilities discovered in Gazelle and TBDEV.net 2013-10-15
Bogdan Calin (bogdan acunetix com)

[slackware-security] xorg-server (SSA:2013-287-05) 2013-10-15
Slackware Security Team (security slackware com)

[slackware-security] gnupg (SSA:2013-287-01) 2013-10-15
Slackware Security Team (security slackware com)

[slackware-security] gnutls (SSA:2013-287-03) 2013-10-15
Slackware Security Team (security slackware com)

Malware

Generic.bfr!72544520E3D7
RDN/Generic.bfr!3FAF57D97032
RDN/Generic PUP.x!bjp!1D202392AE64
Generic.bfr!767A2E3CAE2E
Generic PUP.x!48D5CC57BEBA
RDN/tdss!g!653022E052EF
RDN/Downloader.a!no!64CC6241697A
Generic PUP.x!3CBA5EF3100E
Generic PUP.x!C798364E6977
Generic PUP.x!F64278513094
Generic PUP.x!5AE196DFC552
RDN/Generic.bfr!ff!10CD9BB7910C
Generic PUP.x!7D8467B9C633
Generic PUP.x!773B01FB2288
Generic Downloader.x!6A636C479E5C
Generic Dropper!3C0AB53B40C0
RDN/Vundo!dn!739427798F28
Generic Downloader.x!7618C9BF742E
Generic PUP.x!3A8379A97EF4
Generic Downloader.x!5C49B60103AD
Generic Downloader.x!5F5D670046C9
Generic PUP.x!1FA321E8BAC6
Generic.bfr!A2ACFBE325EB
RDN/Generic PUP.x!CDDC97B36F57
Generic.bfr!8B8B3F5CB6C9
Generic.bfr!9520EA4BD054
RDN/Generic PUP.x!507B00718F88
RDN/Generic Dropper!361700950512
Generic PUP.x!5E54A9EEECA7
Generic.bfr!3C173F325D6C

Phishing

Barclays Bank Plc	16th October 2013
ACCOUNT SUSPENDED !
Chase Online	14th October 2013
1 NEW CHASE BANK UPDATE
Barclays Online Banking	14th October 2013
YOUR ACCOUNT HAS BEEN SUSPENDED

Vulnerebility

Exploit

Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability

Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)

Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection

Zabbix 2.0.8 SQL Injection and Remote Code Execution

My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities

OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability

UbiDisk File Manager v2.0 iOS - Multiple Web Vulnerabilities

15.10.2013

Bugtraq

[SECURITY] [DSA 2779-1] libxml2 security update 2013-10-13
Michael Gilbert (mgilbert debian org)

[CISTI'2014]: Call for Workshops 2013-10-13
Maria Lemos (marialemos72 gmail com)

CFP: Passwords^13 Bergen (Norway), December 2-3 2013 2013-10-13
Per Thorsheim (per thorsheim net)

Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities 2013-10-12
jsibley1 gmail com

[SECURITY] [DSA 2778-1] libapache2-mod-fcgid security update 2013-10-11
Salvatore Bonaccorso (carnil debian org)

Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities 2013-10-11
jsibley1 gmail com

[SECURITY] [DSA 2777-1] systemd security update 2013-10-11
Moritz Muehlenhoff (jmm debian org)

Malware

W32/Expiro!48202E3E1D54
RDN/Generic PUP.x!27C24D2D0DF5
RDN/Generic PUP.x!C777401E264F
RDN/Generic PUP.x!9B4E9DCB3310
RDN/Generic BackDoor!tz!717B19B55E87
Generic PUP.x!9023B4F21A95
W32/Expiro!446BD8C94E08
W32/Expiro!37DD3809CAE3
Generic PUP.x!88F036BF1B5E
RDN/Generic PUP.x!13ACB0DCE451
W32/Expiro!39D135ACF0B9
W32/Expiro!019889A3221B
W32/Expiro!3CE238F0DAA4
RDN/PWS-Mmorpg!kf!49885B30AA52
RDN/Autorun.bfr!d!82A40A023BAC
Generic Dropper!3BAE8EF5259C
Generic.bfr!69664B6FC0E1
RDN/Generic.dx!crz!C7B20C943319
Generic.bfr!A5E3A676D6B7
RDN/Generic.dx!crz!472FE3D51BF4
Generic PUP.x!E0414047AD3B
RDN/Generic Downloader.x!iq!3A082B0C1285
W32/Expiro!358AC84DE951
RDN/PWS-Mmorpg!kf!455F46F1068B
RDN/Generic PUP.x!bj3!9F23F98C7D4C
RDN/Generic PUP.x!bj3!BE676240A5AB
W32/Expiro!2F99581EF072
RDN/Generic PUP.x!bj3!B922A101D3B0
RDN/Generic.bfr!fd!62B1A86DC617
RDN/Generic PUP.x!bj3!AD3BE9B3FC72

Phishing

Chase Online	14th October 2013
1 NEW CHASE BANK UPDATE
Barclays Online Banking	14th October 2013
YOUR ACCOUNT HAS BEEN SUSPENDED
NatWest - Management Team	13th October 2013
Your are locked out of NatWest Online Banking
National	13th October 2013
Service Information
Barclays Online Banking	13th October 2013
Your account has been suspended

Vulnerebility

Exploit

Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow

HP Data Protector Cell Request Service Buffer Overflow

MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free

Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow

Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)

Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection

Zabbix 2.0.8 SQL Injection and Remote Code Execution

14.10.2013

Bugtraq

Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities 2013-10-11
jsibley1 gmail com

[SECURITY] [DSA 2777-1] systemd security update 2013-10-11
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2776-1] drupal6 security update 2013-10-11
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2773-1] gnupg security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information 2013-10-10
security-alert hp com

[SECURITY] [DSA 2774-1] gnupg security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[ MDVSA-2013:249 ] libraw 2013-10-10
security mandriva com

[ MDVSA-2013:247 ] gnupg 2013-10-10
security mandriva com

[SECURITY] [DSA 2772-1] typo3-src security update 2013-10-10
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic PUP.x!bjm!4DFDCD71965A
RDN/Generic.dx!32EC7F8233A3
Generic PUP.x!88E3BD680FCB
RDN/Ransom!ds!8A873860FF9A
RDN/Generic PUP.x!bjm!4E43D774C052
RDN/Generic PUP.x!bjm!4FCAF4110CCB
Generic PUP.x!8D883982307C
Generic.bfr!4FB8FFDCEE2F
RDN/FakeAV-Z.bfr!d!59EB2F8AC970
Generic PUP.x!0940D347A235
RDN/Generic PUP.x!bjm!4F0F4FE6435E
Generic PUP.x!B693C393C8BB
Generic PUP.x!806A31EEE3C4
Generic PUP.x!4DE8E53966E6
RDN/Generic PUP.x!bjm!4FA9C3BCA370
RDN/Generic.bfr!fd!1C215DE11F77
RDN/Generic PWS.y!vc!916C0EF0726E
Generic.tfr!747E7F02977A
Generic PUP.x!F83C8B240183
HideWindow!DFE11A8627BA
Generic PUP.x!585689460B5E
Generic PUP.x!078773D1C0FA
Generic PUP.x!6F3292E5A3AD
Generic PUP.x!790DFEC30CB1
RDN/Generic PUP.x!bjm!4D61BCB3C72D
Generic.bfr!4DAEDFE94732
Generic PUP.x!4E9D5A2A38FF
RDN/Generic.bfr!fd!653B026E2866
RDN/Generic.tfr!DF465FA18205
Generic PUP.x!EF3CB60F07BE

Phishing

NatWest - Management Team	13th October 2013
Your are locked out of NatWest Online Banking
National	13th October 2013
Service Information
Barclays Online Banking	13th October 2013
Your account has been suspended
NatWest - Online Banking	13th October 2013
ONLINE BANKING : VIEW BALANCES charset=iso-8859-1">
BT Yahoo!	12th October 2013
E-mail Update
J.P. Morgan Chase & Co.	12th October 2013
November Order
PayPal	11th October 2013
Notification of Limited Account Access

Vulnerebility

Exploit

VMware Hyperic HQ Groovy Script-Console Java Execution

Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities

Android Zygote Socket Vulnerability Fork bomb Attack

Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH

11.10.2013

Bugtraq

[SECURITY] [DSA 2773-1] gnupg security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information 2013-10-10
security-alert hp com

[SECURITY] [DSA 2774-1] gnupg security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[ MDVSA-2013:249 ] libraw 2013-10-10
security mandriva com

[ MDVSA-2013:247 ] gnupg 2013-10-10
security mandriva com

[SECURITY] [DSA 2772-1] typo3-src security update 2013-10-10
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2013:248 ] xinetd 2013-10-10
security mandriva com

[SECURITY] [DSA 2775-1] ejabberd security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 2771-1] nas security update 2013-10-09
Moritz Muehlenhoff (jmm debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software 2013-10-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2013-10-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 2770-1] torque security update 2013-10-09
Salvatore Bonaccorso (carnil debian org)

Malware

Generic.dx!5BF53B3ED33F
RDN/PWS-Banker!9894A2B76863
Generic.dx!96223CE65980
RDN/Generic.bfr!fd!174D03480E28
RDN/Generic Downloader.x!ip!8831F696BEDD
RDN/Generic PUP.x!bjg!0DEB4D9F1D70
RDN/Generic PUP.x!bjg!79CF8C2ECFDD
RDN/Generic PUP.x!bjg!9DA2C6FDFECE
RDN/Generic.dx!835A41FD5785
RDN/Generic PUP.x!bjg!48D2CAD65FFC
Generic.dx!F984E3D66E0A
RDN/Generic PUP.x!bjg!7128DAD0D8B6
RDN/Generic PUP.x!CCF2F6590762
Generic Dropper!C649EC4298EA
Generic.dx!D31D80FBC52C
RDN/Generic PUP.x!AEB416905491
RDN/Generic PUP.x!042964BCB075
RDN/Generic PUP.x!11F7C19BC42D
RDN/Generic PUP.x!087B4775B296
RDN/Generic.grp!gb!0EE92F3E8DBF
RDN/Generic Dropper!rt!61BEDA547910
Generic.dx!173F764C8B23
RDN/FakeAV-N.bfr!417F99DD689D
Generic.dx!BE230D5A3B5F
Generic.dx!1C3270A96EEA
Generic.dx!0B4F96644D0F
Generic.dx!CACC25AD190F
Generic.dx!3DF1CDD58B3F
Generic.dx!D683F17C660A
Generic.dx!1D46C2DB00BF

Phishing

Natwest	10th October 2013
Your NatWest Card Important Notification
Barclays Bank Plc	10th October 2013
ACCOUNT SUSPENDED !
PayPal	10th October 2013
Your PayPal account is limited - take action now
Chase Online	10th October 2013
1 NEW CHASE BANK UPDATE
PayPal	9th October 2013
Update your account information
Barclays Bank PLC	9th October 2013
New Security Notice On Your Barclays Account

Vulnerebility

Exploit

Indusoft Thin Client 7.1 ActiveX - Buffer Overflow

Linksys WRT110 Remote Command Execution

Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection

ONO Hitron CDE-30364 Router - Denial Of Service

ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow PoC

10.10.2013

Bugtraq

[SECURITY] [DSA 2771-1] nas security update 2013-10-09
Moritz Muehlenhoff (jmm debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software 2013-10-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2013-10-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 2770-1] torque security update 2013-10-09
Salvatore Bonaccorso (carnil debian org)

[ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in BoltWire <= v3.5 2013-10-09
ISecAuditors Security Advisories (advisories isecauditors com)

[ISecAuditors Security Advisories] Multiple Vulnerabilities in Uebimiau <= 2.7.11 2013-10-09
ISecAuditors Security Advisories (advisories isecauditors com)

Cross-Site Scripting (XSS) in Feng Office 2013-10-09
High-Tech Bridge Security Research (advisory htbridge com)

[security bulletin] HPSBGN02930 rev.1 - HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module, Remote Authentication Bypass, Disclosure of Information, Unauthorized Access, SQL Injection 2013-10-08
security-alert hp com

[security bulletin] HPSBGN02929 rev.1 - HP Intelligent Management Center (iMC), HP IMC Branch Intelligent Management System Software Module (BIMS), and Comware Based Switches and Routers, Remote Code Execution, Disclosure of Information 2013-10-08
security-alert hp com

Malware

Generic.bfr!E2BEC9BA4925
RDN/Generic Downloader.x!ip!BB21298A0C3D
Generic.bfr!984720583207
RDN/Generic PUP.x!bj3!A7BB265A9AB0
RDN/Generic.dx!crt!00888DF918E7
Generic.bfr!239FA089C74E
Generic.bfr!0B39CF050437
Generic.bfr!47D1B9933C02
RDN/Generic PUP.z!25DBD5068BF6
Generic.bfr!1E484E50C9EC
Generic.bfr!9DD17993B503
RDN/Generic PUP.x!bj3!2C53A1BF580E
RDN/Generic PUP.x!bj3!626BA04C5D45
RDN/Generic PUP.x!bj3!91B05A5AE681
Downloader.gen.a!320453D0153B
Downloader.gen.a!0BB0F0355148
RDN/Generic PUP.x!bj3!B6E0947D9B3B
Generic PUP.x!59AF78C79249
RDN/Generic PUP.x!bj3!B5187901387F
RDN/Generic PUP.x!bj3!336B290AB3AD
RDN/Generic PUP.x!bj3!C743E7FFA27E
RDN/Generic PUP.x!bj3!FA1C73815784
RDN/Generic PUP.x!bj3!9383B06B5940
RDN/Generic PWS.y!va!73CA2C3EA510
RDN/Generic PUP.x!bj3!582D5376FC3C
Generic.bfr!0E519D55CA27
Generic.bfr!44762CD4A5AD
RDN/Generic.grp!6441CC82087E
RDN/Generic.bfr!292971527B03
RDN/Generic PUP.x!9AA2AD8F1667

Phishing

Chase Online	10th October 2013
1 NEW CHASE BANK UPDATE
PayPal	9th October 2013
Update your account information
Barclays Bank PLC	9th October 2013
New Security Notice On Your Barclays Account
Chase	8th October 2013
1 NEW CHASE BANK ACCOUNT ALERT

Vulnerebility

Exploit

9.10.2013

Bugtraq

[SECURITY] [DSA-2769-1] kfreebsd-9 security update 2013-10-08
Salvatore Bonaccorso (carnil debian org)

NotSoSecure CTF (in partnership with Appsec USA) 2013-10-08
sid (sid notsosecure com)

[ MDVSA-2013:246 ] openjpa 2013-10-07
security mandriva com

Apple Motion Integer Overflow Vulnerability 2013-10-07
pereira secbiz de

Malware

RDN/Generic PUP.x!bjb!62BEF729ACE4
RDN/Generic PUP.x!bjb!F039608031DE
Generic.bfr!1C6B97C04F08
Generic.bfr!3180A09D7EAD
Generic.bfr!69529F617A76
RDN/Generic.dx!F195A3B70BAF
RDN/Generic.bfr!61AAFB2F4FED
Generic.dx!8CABCE74159F
Generic.dx!DD201A5B943C
Generic PUP.x!376A097B57EF
Generic.bfr!9BC6FF7BFB3C
Generic.dx!0E387946C309
Generic.dx!AA536396042F
Generic.dx!DC274A41F4B2
Generic.dx!39EB59264B96
Generic.dx!C12BCF2D8D40
Generic.dx!2CF49DBFD511
Generic.dx!89C5C02E99B2
Generic.dx!BD21EAB0B686
Generic.dx!79419B97948F
RDN/Generic PUP.x!bjb!139D411C993E
Generic.dx!E83444E5B4F2
Generic.dx!0E111140B930
Generic.dx!A31ADA6C646A
Generic.dx!B1363FCD8ED2
Generic.dx!FD7FCEC8979F
Generic.dx!8743510656C1
Generic.dx!FA5772A64B9E
Generic.dx!D31FCEA0DCCA
RDN/Generic PUP.x!bjb!9DFCF6B48783

Phishing

PayPal	9th October 2013
Update your account information
Barclays Bank PLC	9th October 2013
New Security Notice On Your Barclays Account
Chase	8th October 2013
1 NEW CHASE BANK ACCOUNT ALERT
Barclays Bank PLC	8th October 2013
New Security Notice On Your Barclays Account

Vulnerebility

Exploit

8.10.2013

Bugtraq

[ MDVSA-2013:246 ] openjpa 2013-10-07
security mandriva com

Apple Motion Integer Overflow Vulnerability 2013-10-07
pereira secbiz de

[KIS-2013-09] Vanilla Forums <= 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability 2013-10-07
Egidio Romano (research karmainsecurity com)

Malware

RDN/Generic PUP.x!bj3!8D6710A9BBE3
ZeroAccess-FBJ!64932E143FC5!64932E143FC5
Generic Downloader.x!8AE2C95CB61B
RDN/Generic PUP.x!bj3!5D8670BF5B02
RDN/Generic PUP.x!bj3!704C5CBF03CB
Generic PUP.x!EC5833409666
RDN/Generic PUP.x!bj3!86ACDE5CA6BC
RDN/Generic PUP.x!bj3!523BAC233AA9
Generic.bfr!5A29EC685E11
Generic Downloader.x!816DEE37270E
RDN/Generic StartPage!bp!5D632E2D43BC
Generic Downloader.x!5C0C3017934B
RDN/BackDoor-CEP!bv!697A8016A317
RDN/Generic.tfr!dq!7E9F82ACB825
RDN/Generic PUP.x!bj3!589B9D7A206E
RDN/Generic PUP.x!bj3!8287AF11099B
RDN/Generic PUP.x!bj3!4E9B5C74AA39
RDN/Generic PUP.x!bj3!52A61F582FB5
RDN/Generic PUP.x!bj3!4DD57763B457
RDN/Generic PUP.x!bj3!50DA2044B6F5
RDN/Generic PUP.x!bj3!554BA5711D53
RDN/Generic PUP.x!bj3!60B21B40603C
RDN/Generic PUP.x!bj3!63E93D41126C
RDN/Generic PUP.x!bj3!58ECFE93310C
RDN/Generic PUP.x!bj3!65E8D5ADE079
Generic PUP.x!BBB14720D4CE
RDN/Generic PUP.x!bj3!5095CFA6BE45
Generic Downloader.x!5F155BBA7A31
RDN/Generic PUP.x!bj3!444D8EADA8BD
RDN/Generic.dx!crs!5D9BE5B66BB6

Phishing

Vulnerebility

HP LoadRunner magentproc.exe Overflow

GestioIP Remote Command Execution

davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit

WHMCS 5.2.7 - SQL Injection Vulnerability

Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS

Apple Motion 5.0.7 Integer Overflow Vulnerability

Exploit

Understanding C Integer Boundaries (Overflows & Underflow)

Linux Classic Return-to-libc & Return-to-libc Chaining Tutorial

Linux Stack Based Buffer Overflows

Linux Format String Exploitation

Linux Integer Overflow and Underflow

Linux Off By One Vulnerabilities

Return Oriented Programming (ROP FTW)

7.10.2013

Bugtraq

SEC Consult SA-20131004-0 :: SQL injection vulnerability in Zabbix 2013-10-04
SEC Consult Vulnerability Lab (research sec-consult com)

APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update 2013-10-03
Apple Product Security (product-security-noreply lists apple com)

Malware

RDN/Generic.grp!60496E72EED3
Generic PUP.x!A81623B834E6
W32/Generic.worm!p2p!47D7A4B36905
RDN/Generic PUP.x!b2x!E14B4394695D
Generic PUP.x!46288039A82A
RDN/Generic PUP.x!147304FB748B
RDN/Generic.grp!67FD53CC7165
W32/Generic.worm!p2p!406845CFAA52
RDN/Qhost-Gen!ba!C115435497E7
RDN/Generic.dx!5676417FF349
W32/Generic.worm!p2p!2ABBEEDA0137
RDN/Generic Exploit!69DEF9DB82C7
W32/Generic.worm!p2p!0875AB03199D
W32/Generic.worm!p2p!7B95394F29E4
W32/Generic.worm!p2p!DD6CBD959076
W32/Generic.worm!p2p!10E0FEBEB3E9
W32/Autorun.worm.gen!84C876E6F9EE
W32/Autorun.worm.gen!8CDF01FC8153
W32/Autorun.worm.gen!8AE92D086305
W32/Generic.worm!p2p!3DBECFC1FBFA
W32/Autorun.worm.gen!90F837FA475F
W32/Generic.worm!p2p!470D23A421A7
W32/Autorun.worm.gen!316FB83A3AC1
W32/Autorun.worm.gen!CE39913AC411
W32/Generic.worm!p2p!B7CD4E98162F
W32/Generic.worm!p2p!9F9FFF3E71C3
W32/Generic.worm!p2p!9AEA4E32E833
W32/Autorun.worm.gen!F2B213C06F5E
W32/Autorun.worm.gen!E5E90861C0F5
W32/Autorun.worm.gen!B51D1F2C0786

Phishing

Halifax Bank PLC	6th October 2013
Halifax Bank: Unconfirmed Payment Notification
PayPal	5th October 2013
Your PayPal Account Re-Confirmation Alert
Natwest Credit Cards	4th October 2013
YOUR NATWEST CREDIT CARD SECURITY & PRIVACY
paypal	4th October 2013
Important: We noticed unusual activity in your PayPal account

Vulnerebility

Exploit

5.10.2013

Bugtraq

APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update 2013-10-03
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBPI02892 rev.1 - Certain HP FutureSmart MFP, Weak PDF Encryption, Local Disclosure of Information 2013-10-03
security-alert hp com

ESA-2013-062: EMC Atmos Unauthenticated Database Access Vulnerability 2013-10-03
Security Alert (Security_Alert emc com)

[SOJOBO-ADV-13-01] - Zenphoto 1.4.5.2 multiple vulnerabilities 2013-10-03
advisories enkomio com

[ MDVSA-2013:245 ] proftpd 2013-10-03
security mandriva com

SEC Consult SA-20131003-0 :: Denial of service vulnerability in Citrix NetScaler 2013-10-03
SEC Consult Vulnerability Lab (research sec-consult com)

Apple iOS 7 iPad2 Face-Time 1.0.2 - Privacy Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

WebAssist PowerCMS PHP - Multiple Web Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

elproLOG MONITOR WebAccess 2.1 - Multiple Web Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

SilverStripe Framework CMS 3.0.5 - Multiple Web Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability 2013-10-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic PUP.x!4D3706503DDE
RDN/Generic PUP.x!914774D15B79
RDN/Generic PUP.x!b2s!22F2F957486E
RDN/Vundo!dn!419A4CBEDA4D
RDN/Generic Dropper!2024AE1CD52E
RDN/Generic BackDoor!tv!BE97D4150207
Generic PUP.x!D83337C1AF07
RDN/Generic.bfr!fc!751A9AAB20B2
Generic PWS.y!F87575EA00EA
RDN/Generic PUP.x!A1360C61D4FD
RDN/Generic PUP.x!6CC0FECD2148
Generic PUP.x!AF6A9883E803
Generic BackDoor!0040A76FCEED
RDN/Generic PUP.x!F50DE5773951
Generic PUP.x!2DFF6552C3D4
W32/Spybot.bfr!989E79655A78
Generic.bfr!9FA4697080E0
RDN/Autorun.worm.gen!4F18D43878DA
RDN/Generic BackDoor!tv!B1BB354ED024
RDN/Generic BackDoor!tv!74758E0C204B
RDN/Generic.bfr!es!E026191C9F8C
RDN/Generic PUP.x!b2s!61B3649F99E6
RDN/Generic PUP.x!b2s!A2FE7FD855FE
RDN/Downloader.gen.a!9079E592E1AA
Generic PUP.x!4C206AD434C9
Generic BackDoor!880415C853F2
Generic BackDoor!A6C14B74D80C
RDN/Generic.bfr!E7BC4293F243
Generic PUP.x!96C75B8009B5
Downloader.gen.a!839AF5A444E8

Phishing

Lloyds Banking Online	3rd October 2013
ONLINE BANKING - ONLINE SECURITY - STAYING SAFE ONLINE
auto-confirm1117@amazon.co.uk	3rd October 2013
YOUR AMAZON.CO.UK ORDER #NRR-6147155-1778100
auto-confirm1318@amazon.co.uk	2nd October 2013
YOUR AMAZON.CO.UK ORDER #7N:-0644934-8103229
auto-confirm1116@amazon.co.uk	2nd October 2013
YOUR AMAZON.CO.UK ORDER #NAD-8519638-3736711

Vulnerebility

Exploit

Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE

SIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution

elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities

CMS Formulasi 2.07 - Multiple Vulnerabilities

Aanval 7.1 build 70151 - Multiple Vulnerabilities

4.10.2013

Bugtraq

Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability 2013-10-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

RootedCON 2014 - Call For Papers 2013-10-02
Javier Olascoaga (deese spezialk net)

All in One SEO Pack Plugin for WordPress 1.3.6.4 - 2.0.3 XSS 2013-10-02
Charlie Briggs (charlie cysha co uk)

Malware

Generic PUP.x!5BBC9C6446ED
Generic PUP.x!5B5539E2F021
Generic PUP.x!5BC176680D15
Generic.bfr!F0A140351141
Generic.bfr!C7BE047B5C36
RDN/Generic.bfr!5956071BC2AC
Generic PUP.x!5A44C623C821
Generic PUP.x!A8CAF1926700
Generic PUP.x!5BBBF2FFCA12
RDN/Generic PUP.x!b2o!5A80AB6F310F
Generic PUP.x!0E91FDDEF7B6
RDN/Downloader.a!nm!5A7723E3919F
RDN/Generic BackDoor!tv!5AB3F746043E
RDN/Generic PUP.x!b2o!59DF1E0E3D7E
Generic.bfr!834F7569DF65
Generic PUP.x!5B8EAF718DE3
Generic PUP.x!5A42A5B8F604
RDN/Generic PUP.x!b2o!1C2B53886D4B
Generic PUP.x!599D31258941
Generic PUP.x!586DE51B28E4
RDN/Generic.dx!58B6D010617D
Generic.bfr!A62FFF85F562
RDN/Generic BackDoor!tv!84AFEEAE28F4
Generic.bfr!6F7CAF43B2AB
Generic.bfr!1A3D5328812D
Generic PUP.x!0C7195A55BEF
Generic BackDoor!599C8B519651
Generic PUP.x!590D8A370CE0
Generic PUP.x!59327149969A
Generic PUP.x!5B054DC3EC75

Phishing

Vulnerebility

Exploit

Evince PDF Reader - 2.32.0.145 (Windows) and 3.4.0 (Linux) - Denial Of Service

3.10.2013

Bugtraq

Multiple Vulnerabilities in Gnew 2013-10-02
High-Tech Bridge Security Research (advisory htbridge com)

Remote Code Execution in GLPI 2013-10-02
High-Tech Bridge Security Research (advisory htbridge com)

Defense in depth -- the Microsoft way (part 11): privilege escalation for dummies 2013-10-01
Stefan Kanthak (stefan kanthak nexgo de)

CORE-2013-0828 - PDFCool Studio Buffer Overflow Vulnerability 2013-10-01
CORE Advisories Team (advisories coresecurity com)

CORE-2013-0904 - PinApp Mail-SeCure Access Control Failure 2013-10-01
CORE Advisories Team (advisories coresecurity com)

iOS: List of available trusted root certificates 2013-09-30
Jeffrey Walton (noloader gmail com) (1 replies)

Re: iOS: List of available trusted root certificates 2013-10-01
Jason Hellenthal (jhellenthal dataix net)

Malware

RDN/Generic PUP.x!b2m!741AFA6B8DE6
RDN/Generic PUP.x!b2m!8780E1673DED
Generic PUP.x!8A6C6A73BC8E
Generic.bfr!89E5C4CCCF60
Generic PUP.x!2E11A5394F12
RDN/PWS-Mmorpg.gen!3546150F0CCD
RDN/Generic Dropper!rq!EDAD6524B95F
Generic PUP.x!8F6BF4FE17D1
RDN/Generic PUP.x!b2m!8723DA1F37F5
RDN/Generic PUP.x!b2m!28C7BC127096
Generic PUP.x!8C7CB4C50C81
Generic PUP.x!8F3FBA16D494
Generic.bfr!8AD904D6E326
RDN/Generic.tfr!dq!8BAC33843F3A
RDN/Generic PUP.x!b2m!8A2A1BB07CCF
Generic PUP.x!8809F08CABA5
Generic PUP.x!8B6075C29645
RDN/Generic PUP.x!b2m!888E0C1B04B0
Generic PUP.x!7D7A804B8D08
RDN/Generic PUP.x!897BB88A4DEF
Generic PUP.x!890F2777DC92
Generic PUP.x!8FA7ECEBFE5A
Generic PUP.x!799F5D00FB0E
RDN/Generic PUP.x!b2m!88CA739EA139
RDN/Generic PUP.x!b2m!88A2A4CBC5AE
RDN/Generic BackDoor!tu!8E56445B6667
Generic.bfr!897915142129
Generic.bfr!876EA47F2891
Generic PUP.x!771B4D70F579
RDN/Generic.bfr!fc!858B14602831

Phishing

auto-confirm1116@amazon.co.uk	2nd October 2013
YOUR AMAZON.CO.UK ORDER #NAD-8519638-3736711
Apple	1st October 2013
Update your apple Account
Amazon	1st October 2013
[!! ] Please Confirm Your Account Information
Ralph Fabiano	1st October 2013
RE: Get prescriptions to increase energy levels at discounts
Lindsay Schrupp	1st October 2013
=?utf-8?B?WW91IGNhbiBhY2hpZXZl IHRoZSB3aG9sZSB3b3JsZCB3aXRoIH lvdXIgc2Vj?= =?utf-8?B?cmV0IHBvd2VyIOqzmQ== ?=

Vulnerebility

Exploit

freeFTPd PASS Command Buffer Overflow

Micorosft Internet Explorer SetMouseCapture Use-After-Free

PinApp Mail-SeCure 3.70 - Access Control Failure

Gnew 2013.1 - Multiple Vulnerabilities

GLPI 0.84.1 - Multiple Vulnerabilities

HylaFAX+ 5.2.4 - 5.5.3 - Buffer Overflow

2.10.2013

Bugtraq

iOS: List of available trusted root certificates 2013-09-30
Jeffrey Walton (noloader gmail com) (1 replies)

Re: iOS: List of available trusted root certificates 2013-10-01
Jason Hellenthal (jhellenthal dataix net)

CFP: WorldCIST'14 - World Conference on IST, at Madeira Island 2013-09-30
Maria Lemos (marialemos72 gmail com)

CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic. 2013-09-30
Dennis Jenkins (dennis jenkins 75 gmail com)

[ MDVSA-2013:244 ] davfs2 2013-09-30
security mandriva com

Open-Xchange Security Advisory 2013-09-30 2013-09-30
Martin Braun (martin braun open-xchange com)

Malware

RDN/Generic PUP.x!b2j!8D6F8B441699
RDN/Generic PUP.x!b2j!9F13DD07772B
Generic PUP.x!DDF2F4314652
Generic PUP.x!833EEC2B8751
RDN/Generic PUP.x!b2j!03E29093483B
RDN/Generic PUP.x!b2j!D296D13B5718
RDN/Generic PUP.x!b2j!A5D3302C85B7
RDN/Generic PUP.x!b2j!24E53EED9483
RDN/Generic PUP.x!b2j!904B63766A10
Generic PUP.x!003072D2B841
Generic PUP.x!71356F473A11
Generic.bfr!12253864BF00
Generic PUP.x!112D40BF5E70
Generic PUP.x!C5387ADB0798
Generic PUP.x!947ADF7FA3FD
RDN/Generic PUP.x!b2j!A54D1D155DE2
Generic PUP.x!383952726C0B
Generic PUP.x!DA66BD74EF82
RDN/Generic PUP.x!b2j!98DD307564AD
Generic PUP.x!3EDBAAFA6E10
Generic.bfr!B2FCA710438A
RDN/Generic PUP.x!b2j!3CDB5E72BB0B
RDN/Generic PUP.x!b2j!969628201460
RDN/Generic PUP.x!1C903C5F6E5E
Generic PUP.x!2E365C1F5A73
RDN/Generic BackDoor!tu!A11C742DC94D
RDN/Generic PUP.x!b2j!1CE8549E8E16
Generic PUP.x!4964B80A8EDB
RDN/Generic PUP.x!b2j!7EFC9A5CD12A
RDN/Generic PUP.x!b2j!8CC1FF790B9A

Phishing

BT Yahoo! Mail Policy	30th September 2013
An Update would be made!
auto-confirm1218@amazon.co.uk	30th September 2013
YOUR AMAZON.CO.UK ORDER #NND-4727068-9691852

Vulnerebility

Exploit

KMPlayer 3.7.0.109 (.wav) - Crash PoC

1.10.2013

Bugtraq

iOS: List of available trusted root certificates 2013-09-30
Jeffrey Walton (noloader gmail com) (1 replies)

Re: iOS: List of available trusted root certificates 2013-10-01
Jason Hellenthal (jhellenthal dataix net)

CFP: WorldCIST'14 - World Conference on IST, at Madeira Island 2013-09-30
Maria Lemos (marialemos72 gmail com)

CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic. 2013-09-30
Dennis Jenkins (dennis jenkins 75 gmail com)

[ MDVSA-2013:244 ] davfs2 2013-09-30
security mandriva com

Open-Xchange Security Advisory 2013-09-30 2013-09-30
Martin Braun (martin braun open-xchange com)

Malware

RDN/Generic PUP.x!b2j!8D6F8B441699
RDN/Generic PUP.x!b2j!9F13DD07772B
Generic PUP.x!DDF2F4314652
Generic PUP.x!833EEC2B8751
RDN/Generic PUP.x!b2j!03E29093483B
RDN/Generic PUP.x!b2j!D296D13B5718
RDN/Generic PUP.x!b2j!A5D3302C85B7
RDN/Generic PUP.x!b2j!24E53EED9483
RDN/Generic PUP.x!b2j!904B63766A10
Generic PUP.x!003072D2B841
Generic PUP.x!71356F473A11
Generic.bfr!12253864BF00
Generic PUP.x!112D40BF5E70
Generic PUP.x!C5387ADB0798
Generic PUP.x!947ADF7FA3FD
RDN/Generic PUP.x!b2j!A54D1D155DE2
Generic PUP.x!383952726C0B
Generic PUP.x!DA66BD74EF82
RDN/Generic PUP.x!b2j!98DD307564AD
Generic PUP.x!3EDBAAFA6E10
Generic.bfr!B2FCA710438A
RDN/Generic PUP.x!b2j!3CDB5E72BB0B
RDN/Generic PUP.x!b2j!969628201460
RDN/Generic PUP.x!1C903C5F6E5E
Generic PUP.x!2E365C1F5A73
RDN/Generic BackDoor!tu!A11C742DC94D
RDN/Generic PUP.x!b2j!1CE8549E8E16
Generic PUP.x!4964B80A8EDB
RDN/Generic PUP.x!b2j!7EFC9A5CD12A
RDN/Generic PUP.x!b2j!8CC1FF790B9A

Phishing

BT Yahoo! Mail Policy	30th September 2013
An Update would be made!
auto-confirm1218@amazon.co.uk	30th September 2013
YOUR AMAZON.CO.UK ORDER #NND-4727068-9691852

Vulnerebility

Exploit

KMPlayer 3.7.0.109 (.wav) - Crash PoC