Databáze Hot News 2014 April -

Databáze Hot News 2014 April - 2014 January February March April May June July August September October November December

28.4.2014

Bugtraq

[SECURITY] [DSA 2917-1] super security update 2014-04-28
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 2916-1] libmms security update 2014-04-28
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2915-1] dpkg security update 2014-04-28
Raphael Geissert (geissert debian org)

[security bulletin] HPSBMU03022 rev.1 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information 2014-04-26
security-alert hp com

[ANN] Struts 2.3.16.2 GA release available - security fix 2014-04-26
Lukasz Lenart (lukaszlenart apache org)

Malware

Generic.dx!C5D82D44BB86
Generic.bfr!618A32F9C97A
RDN/Generic.dx!dbj!B90CF6E074FD
RDN/Generic PUP.x!025D8193D0F2
q9.s_105021!9CAAEF359236
RDN/Generic.bfr!hb!1C091D9082BA
q9.s_105021!FAF892C6349B
RDN/Generic.dx!dbj!06537F86204D
RDN/Generic.dx!028DBA1F048E
RDN/Generic PUP.x!FB6435D8CC6D
RDN/Spybot.bfr!854E4A92DBAA
RDN/Generic PUP.x!cbv!5F531A29FD2E
Generic PUP.x!4DAF944A6059
Generic.bfr!38DF8C10C23E
q9.s_105021!8B1425F0568A
RDN/Generic PUP.x!cbv!41C657ED6C42
q9.s_105021!EC39D39C6609
RDN/Generic.dx!dbj!476024011E9D
RDN/Generic.bfr!hb!9E0EBCA24736
q9.s_105021!F764359713CE
Generic PUP.x!5C624216D9D5
q9.s_105021!7B45444EED82
RDN/Generic PUP.x!DF667A68C45B
q9.s_105021!9ECEBA1985D0
RDN/Generic.bfr!hb!27DAF7F97E05
Generic.bfr!0A8ED8B313B0
RDN/Generic BackDoor!ya!F6A138126902
Generic.bfr!89D73B696745
RDN/Generic.dx!FC4AF9AB24DA
q9.s_105021!7E35C2C7D78F

Phishing

Vulnerebility

Exploit

McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities

Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow

Adem 0.5.1 - Local File Inclusion

GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection

Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities

NTP ntpd monlist Query Reflection - Denial of Service

Symantec Endpoint Protection Manager 12.1.x - SEH Overflow POC

25.4.2014

Bugtraq

[security bulletin] HPSBMU03020 rev.1 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBPI03014 rev.1 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, Running OpenSSL, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBHF03006 rev.1 - HP Integrated Lights-Out 2 (iLO 2) Denial of Service 2014-04-24
security-alert hp com

Birebin.com Android App SSL certificate validation weakness 2014-04-24
harun esur sceptive com

Misli.com Android App SSL certificate validation weakness 2014-04-24
harun esur sceptive com

Weak firmware encryption and predictable WPA key on Sitecom routers 2014-04-24
roberto paleari emaze net

Malware

q9.s_105018!EB4BF277ADCD
q9.s_105018!1C066584588E
Generic.dx!952B5E8899BA
q9.s_105018!09CC5A6507AF
q9.s_105018!099C5F3EA8F2
q9.s_105018!6BADED7E9BF7
q9.s_105018!24C0BDA9FADE
Generic PUP.x!0889B1E847ED
Generic.bfr!6A047BD6F5D4
RDN/Generic BackDoor!69114194E654
q9.s_105018!C6A106C31C6B
q9.s_105018!CE5626A10406
q9.s_105018!758DFE49B50B
q9.s_105018!B6F17C2916AC
RDN/PWS-Banker!4519BF4A6D40
q9.s_105018!AA9031CF3A7A
q9.s_105018!E09BF19BEDC1
q9.s_105018!CEDFE316707D
RDN/Generic PWS.y!zh!38B7EA4F4A38
q9.s_105018!B3112FC886E0
q9.s_105018!F6A4B683695F
q9.s_105018!671950091656
q9.s_105018!523F06433325
q9.s_105018!A143365C9DDF
RDN/Generic PUP.x!cbr!BB428DF4E84A
RDN/Generic.dx!dbg!4BAA6121E8D5
q9.s_105018!1EA2358969FC
q9.s_105018!C11867346F88
q9.s_105018!0D6CD2185A9D
RDN/Generic.bfr!ha!29C87A24F792

Phishing

Apple ID	24th April 2014
WARNING ! : YOU MUST VERIFY YOUR ACCOUNT!
Barclays	24th April 2014
* * BARCLAYS.BANK.ONLINE..

Vulnerebility

Exploit

Bonefire v.0.7.1 - Reinstall Admin Account Exploit

dompdf 0.6.0 (dompdf.php, read param) - Arbitrary File Read

WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion

AlienVault 4.3.1 - Unauthenticated SQL Injection

24.4.2014

Bugtraq

[security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information 2014-04-23
security-alert hp com

[security bulletin] HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-23
security-alert hp com

CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability 2014-04-23
Vulnerability Lab (research vulnerability-lab com)

CVE-2014-2383 - Arbitrary file read in dompdf 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances 2014-04-23
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 2808-2] openjpeg regression update 2014-04-22
Raphael Geissert (geissert debian org)

[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

Malware

StartPage-NY!46F2D56AF5DA
Generic PUP.x!65278A193EB1
RDN/Generic PUP.x!cb3!60B2B8F48DBC
RDN/Generic PUP.x!cb3!60AD23211BD7
RDN/Generic PUP.x!cb3!F0CC294B963F
Generic PUP.x!C096F7634D4C
RDN/Generic PUP.x!cb3!252F6955F1BD
RDN/Generic PUP.x!cb3!35ED7296D8FF
Generic.bfr!60C1330CC27C
RDN/Generic PUP.x!cb3!4F29B40FAE80
RDN/Generic PUP.x!cb3!34944EE6B643
RDN/Generic.bfr!60B2197E2168
Generic PUP.x!C907FC075DA0
RDN/Generic PUP.x!cb3!613D6A80C043
RDN/Generic PUP.x!cb3!0B7767D99DFA
RDN/Generic Dropper!uh!EFF729BB6616
RDN/Generic PUP.x!cb3!1B3B01D4F720
Generic.bfr!6077F155B0FB
Generic PUP.x!922C02AE46CD
RDN/Generic PUP.x!cb3!6140DBF049EE
Generic PUP.x!47A7917AD58F
Generic PUP.x!67DF2556B471
RDN/Generic PUP.x!cb3!5FD1D20DC1F4
RDN/Generic PUP.x!cb3!AA7456E9F772
RDN/Generic PUP.x!cb3!608113C06A15
RDN/Generic PUP.x!cb3!47C1A188ED1F
Generic PUP.x!F00BE835330B
RDN/Generic.bfr!gz!613D3EC91A6A
RDN/Generic PUP.x!cb3!60191C682F95
RDN/Generic.bfr!1C1C7407B2FF

Phishing

Tesco	23rd April 2014
CUSTOMER SATISFACTION SURVEY
Service Update	23rd April 2014
WARNING! SOME INFORMATION ON YOUR ACCOUNT APPEARS TO BE MISSING OR INCORRECT.?
Dear Client.	23rd April 2014
YOUR ACCOUNT HAS BEEN TEMPORARILY SUSPENDED .
Nationwide	23rd April 2014
Account Review

Vulnerebility

Exploit

Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support

Acunetix 8 build 20120704 - Remote Stack Based Overflow

Bonefire v.0.7.1 - Reinstall Admin Account Exploit

23.4.2014

Bugtraq

APPLE-SA-2014-04-22-2 iOS 7.1.1 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-04-22-3 Apple TV 6.1.1 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-04-22-1 Security Update 2014-002 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 2911-1] icedove security update 2014-04-22
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

[security bulletin] HPSBMU03017 rev.1 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

Malware

Generic.dx!CBC4A7701FF9
RDN/Generic PUP.x!cb3!B7FAFA412568
Generic PUP.x!DD1A5171616F
RDN/Generic PUP.x!cb3!B7CF0EB0C75A
Generic PUP.x!FDB6DE4306A4
RDN/Generic PWS.y!zg!3B9A851ABB0D
RDN/Generic.tfr!dz!3269E9D28891
RDN/Generic PUP.x!cb3!4CFFB09B2FC2
RDN/Generic PUP.x!cb3!ABCD4FE6CA29
Generic PUP.x!EA599D14CD99
RDN/Generic PUP.x!cb3!2FED9D7617DB
RDN/Generic.bfr!FCF139FD988D
RDN/Hybris.kit!a!4AF5839BBA00
Generic PUP.x!B0DA62BC3E00
Generic PUP.x!40A70C14DAEE
RDN/Generic.bfr!gy!26D948AB6343
W32/Pate.b!1C0F0A58A7F4
Generic PUP.x!E538CFAC58D8
RDN/Generic PUP.x!cb3!8C3280DC3F49
RDN/Generic.bfr!gy!B1205BAE32CD
RDN/Generic.bfr!gf!0EBE9EE5028F
RDN/Generic.bfr!gf!1504D5903D08
RDN/Generic PUP.x!cb3!33A4684E4FB6
W32/Fujacks!A3A834E4C5C7
Generic.dx!E13047947714
RDN/Generic PUP.x!cb3!298AE814A5A6
Generic PUP.x!40798576C08A
RDN/Generic.tfr!dz!CE9340AA2710
RDN/Generic PUP.x!EF2FEFCA6EFD
RDN/Generic.tfr!dz!E5D9D345D426

Phishing

Vulnerebility

Exploit

Sixnet Sixview 2.4.1 - Web Console Directory Traversal

No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

kitForm CRM Extension 0.43 (sorter.php, sorter_value param) - SQL Injection

22.4.2014

Bugtraq

[SECURITY] [DSA 2901-3] wordpress regression update 2014-04-21
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2895-2] prosody regression update 2014-04-20
Luciano Bello (luciano debian org)

Multiple Vulnerabilities in MODX Revolution < = MODX 2.2.13-pl 2014-04-19
craig arendt stratumsecurity com

Blind SQL Injection Vulnerability in KnowledgeTree <= 3.7.0.2 2014-04-19
craig arendt stratumsecurity com

[security bulletin] HPSBMU02994 rev.2 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information 2014-04-19
security-alert hp com

[SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability 2014-04-19
Brett Porter (brett apache org)

[SECURITY] [DSA 2901-2] wordpress regression update 2014-04-18
Thijs Kinkhorst (thijs debian org)

[security bulletin] HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running OpenSSL, Remote Disclosure of Information 2014-04-18
security-alert hp com

[security bulletin] HPSBMU02995 rev.4 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-18
security-alert hp com

[SECURITY] [DSA 2910-1] qemu-kvm security update 2014-04-18
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2909-1] qemu security update 2014-04-18
Salvatore Bonaccorso (carnil debian org)

[SECURITY] CVE-2013-2251: Apache Archiva Remote Command Execution 2014-04-19
Brett Porter (brett apache org)

Remote Command Injection in Ruby Gem sfpagent 0.4.14 2014-04-18
Larry W. Cashdollar (larry0 me com)

[SECURITY] [DSA 2908-1] openssl security update 2014-04-17
Raphael Geissert (geissert debian org)

Security advisory for Bugzilla 4.5.3, 4.4.3, 4.2.8, and 4.0.12 2014-04-17
LpSolit gmail com

[security bulletin] HPSBMU02995 rev.3 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02998 rev.2 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) 2014-04-17
security-alert hp com

[ MDVSA-2014:079 ] json-c 2014-04-17
security mandriva com

[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02935 rev.2 - HP LoadRunner Virtual User Generator, Remote Code Execution, Disclosure of information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17
security-alert hp com

D-Link DAP-1320 Wireless Range Extender Directory Traversal and XSS Vulnerabilities 2014-04-17
kyle Lovett (krlovett gmail com)

[security bulletin] HPSBMU02987 rev.1 - HP Universal Configuration Management Database Integration Service, Remote Code Execution 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code 2014-04-16
security-alert hp com

Buggy insecure "security" software executes rogue binary during installation and uninstallation 2014-04-16
Stefan Kanthak (stefan kanthak nexgo de)

CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server 2014-04-16
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable 2014-04-16
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:078 ] asterisk 2014-04-16
security mandriva com

Malware

Generic.bfr!35129A2B7E30
RDN/Generic BackDoor!xx!7B91C5FE92B9
Generic PUP.x!A6500816AA4B
Generic.bfr!33B0224D5BA4
Generic.bfr!38158E58CAD3
RDN/Generic.bfr!gy!2B12C06A1D75
RDN/Generic.bfr!91EE5232C984
RDN/Generic PUP.x!cbc!0CF95BA4E398
RDN/Generic.bfr!gy!2BBD42F0092C
Generic.bfr!34F614E6E543
RDN/Generic BackDoor!1589EA5207EE
RDN/Generic PUP.x!cbc!18D4A589811C
Generic.bfr!3826350E9A72
Generic.bfr!37C9EBAF812B
Generic.bfr!3804203BF91F
Generic.bfr!3558E34A5A62
RDN/Generic PUP.x!cbc!54DF10F5D7B4
Generic.bfr!381C28F10683
RDN/Generic.bfr!6D80A7553940
RDN/Generic PUP.x!cbc!4CD9C9EB5FC8
Generic.bfr!332AB5CA33B7
RDN/Generic.bfr!gy!85BA101D6A19
RDN/Generic.bfr!gz!30DB7E2467B1
RDN/Generic PUP.x!cbc!A93E16256DE6
Generic.bfr!34EB8099D961
RDN/Generic PUP.x!cbc!D4349F5C692D
Generic.bfr!2E12E902581B
Generic.bfr!AAD3C46509A2
RDN/Generic PUP.x!cbc!4FB6462C7296
RDN/Generic PUP.x!cbc!1CF64C2B3AF2

Phishing

Natwest	21st April 2014
NATWEST OFFERS YOU A BONUS
Dear Client.	21st April 2014
YOUR ACCOUNT HAS BEEN TEMPORARILY SUSPENDED .
Barclays Bank Plc	21st April 2014
Please Unflag Your Barclays Accounts
MBNA	18th April 2014
YOUR MBNA/VIRGIN CARD..
Chase	18th April 2014
IMPORTANT MESSAGE FROM CHASE

Vulnerebility

Exploit

Adobe Flash Player Regular Expression Heap Overflow

SAP Router - Timing Attack Password Disclosure

Teracom Modem T2-B-Gawv1.4U10Y-BI - CSRF Vulnerability

17.4.2014

Bugtraq

[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable 2014-04-16
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:078 ] asterisk 2014-04-16
security mandriva com

[CORE-2014-0003] - SAP Router Password Timing Attack 2014-04-16
CORE Advisories Team (advisories coresecurity com)

[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16
webmaster josephzeng com

[Security Advisory] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16
webmaster josephzeng com

ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities 2014-04-16
Security Alert (Security_Alert emc com)

[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information 2014-04-16
security-alert hp com

SQL Injection in mAdserve 2014-04-16
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-2735 - WinSCP: missing X.509 validation 2014-04-16
Micha Borrmann (micha borrmann syss de)

[SECURITY] [DSA 2905-1] chromium-browser security update 2014-04-16
Michael Gilbert (mgilbert debian org)

Malware

RDN/Generic PUP.x!bzw!DD65E7C49E9D
RDN/Generic PUP.x!bzw!CA7FCF6BFAC4
Generic PUP.x!220090B85E2B
RDN/Generic PWS.y!ze!2B21F38E19FE
Generic.bfr!A9364122DB0C
RDN/Generic PUP.x!bzw!48FD2EE78379
RDN/Generic PUP.x!bzw!3C6D11423297
Generic PUP.x!1E1B19288276
Generic PUP.x!DA081F4DC549
Generic PUP.x!29E9DC26EF73
Generic PUP.x!96625FD13F56
Generic PUP.x!76C7AFE36883
Generic PUP.x!62BEBB5ECE80
Generic PUP.x!8277EA469CC8
RDN/Generic BackDoor!3774B700C629
Generic PUP.x!D0A87A0F7810
RDN/Generic PUP.x!bzw!36DF9747F557
RDN/Spybot.bfr!B70079A52842
Generic PUP.x!B1995FFCD3A0
Generic PUP.x!5D562C54EFF6
RDN/Generic PUP.x!bzw!27A613BF0902
Generic PUP.x!D975614CB3A0
Generic PUP.x!8C06D1ACF437
Generic PUP.x!B4D15B4CB7A0
RDN/Generic PUP.x!A47D6F67BE9F
Generic PUP.x!0A62B729EE42
RDN/Generic PUP.x!bzw!83E053030AC4
W32/Sdbot.worm!7E735FDF0862
RDN/Downloader.a!pz!29107EFB9690
RDN/Generic PUP.x!bzw!F23BE4276A9D

Phishing

Vulnerebility

Exploit

MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free

16.4.2014

Bugtraq

[SECURITY] [DSA 2904-1] virtualbox security update 2014-04-15
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information 2014-04-15
security-alert hp com

[SECURITY] CVE-2014-0111 Apache Syncope 2014-04-15
Francesco Chicchiriccò (ilgrosso apache org)

RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 2014-04-14
Ruckus Product Security Team (security ruckuswireless com)

VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own) 2014-04-14
VUPEN Security Research (advisories vupen com)

[SECURITY] [DSA 2903-1] strongswan security update 2014-04-14
Moritz Muehlenhoff (jmm debian org)

PDF Album v1.7 iOS - File Include Web Vulnerability 2014-04-14
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic PUP.x!A1A6C8335AE1
Generic PUP.x!240E7127CAA7
Generic Downloader.x!B7910320D00A
Generic PUP.x!19AFA7066E57
RDN/Generic PUP.x!bzp!8D921007BCAB
Generic PUP.x!F844FBA4F882
Generic PUP.x!2AA958169F15
RDN/Generic.bfr!gv!C9B382DCB5D4
RDN/Generic.bfr!gv!EC4E83CE0A77
Generic PUP.x!E2EAC351FA35
Generic PUP.x!3B5B9BB262F5
RDN/Generic PUP.x!bzp!FC781C33472F
RDN/Generic PUP.x!bzp!2815D329BAD5
RDN/Generic Dropper!uf!457228228207
Generic PUP.x!77679D973EB6
Generic PUP.x!8480093F96A9
RDN/Generic PUP.x!bzp!C4458C4B7CDE
Downloader.gen.a!738F858DBD38
RDN/Generic PUP.x!bzp!D4479B0A9F49
Generic PUP.x!D86FC2AF37A1
RDN/Generic PUP.x!bzp!1469EF91EFA5
Generic PUP.x!80E2BAF0F5C6
Generic.bfr!ECBACFA82AFA
Generic PUP.x!8AF1ECC67E45
RDN/Generic PUP.x!7CB77D8ECED9
Generic.tfr!31C2255D6751
RDN/Generic.bfr!gv!ECC2D5826E26
Generic PUP.x!301E94758B71
Generic PUP.x!F9A755CA00C6
RDN/Generic PUP.x!bzp!1682110C691B

Phishing

REGIONS BANK	16th April 2014
Security Change To Your Online Banking Profile
BT Yahoo Mail	14th April 2014
Account Verification
Linda Spells	14th April 2014
RE: ATTENTION: ACCOUNT RESTRICTED

Vulnerebility

Exploit

Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE

Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution

NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities

Xerox DocuShare - SQL Injection

13.4.2014

Bugtraq

ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue 2014-04-11
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server 2014-04-11
SEC Consult Vulnerability Lab (research sec-consult com)

[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-11
security-alert hp com

[SECURITY] [DSA 2900-1] jbigkit security update 2014-04-10
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:076 ] a2ps 2014-04-10
security mandriva com

OWASP ZAP 2.3.0 2014-04-10
psiinon (psiinon gmail com)

Sendy 1.1.9.1 - SQL Injection Vulnerability 2014-04-10
marduk369 gmail com

[ MDVSA-2014:075 ] php 2014-04-10
security mandriva com

BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

iVault Private P&V 1.1 iOS - Path Traversal Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2899-1] openafs security update 2014-04-09
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 2898-1] imagemagick security update 2014-04-09
Moritz Muehlenhoff (jmm debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-04-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[ MDVSA-2014:073 ] file 2014-04-09
security mandriva com

[ MDVSA-2014:070 ] yaml 2014-04-09
security mandriva com

[ MDVSA-2014:072 ] php-ZendFramework 2014-04-09
security mandriva com

[ MDVSA-2014:071 ] yaml 2014-04-09
security mandriva com

[ MDVSA-2014:069 ] perl-YAML-LibYAML 2014-04-09
security mandriva com

[ MDVSA-2014:068 ] openssh 2014-04-09
security mandriva com

SQL Injection in Orbit Open Ad Server 2014-04-09
High-Tech Bridge Security Research (advisory htbridge com)

Ð¡ross-Site Request Forgery (CSRF) in XCloner Standalone 2014-04-09
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-0160 mitigation using iptables 2014-04-09
Fabien Bourdaire (lists ecsc co uk)

[ MDVSA-2014:067 ] openssl 2014-04-09
security mandriva com

Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products 2014-04-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Generic.bfr!C047E34DDE75
StartPage-NY!24B3F9B4CDA2
RDN/Generic.bfr!42FDD3B7953B
Generic.bfr!C09C0D4C218D
Generic.bfr!3D2B9AECC8C8
Generic.bfr!0F868CB52202
Adware-FFN!33A333319A6B
Generic.bfr!09B5676E4579
Generic.bfr!BBDD9902881C
Generic.dx!339D728BEA78
Generic.bfr!1A2F56EA1536
RDN/Generic.bfr!gu!C084B6E43002
RDN/Generic.bfr!gu!C0A6470E8916
RDN/Generic.bfr!gu!6393677B46DE
RDN/Generic.bfr!gu!C0C7E4CCD8B8
Generic.bfr!BAA06577B7BC
RDN/Generic.bfr!gu!9B69F4336EA6
RDN/Generic.bfr!gu!E316330276A0
RDN/Generic.bfr!gu!D5ECB1041720
RDN/Generic.bfr!gu!B58BDF9DFEC5
RDN/Generic.bfr!CB75B9FA6DEA
RDN/Generic.bfr!gu!1A5994F205AD
RDN/Generic.bfr!gu!99F17568919A
RDN/Generic PUP.x!bzl!617FDBA6DB01
RDN/Generic PUP.x!bzl!3D76C1877F21
Generic.bfr!3C748870C1EC
RDN/Generic PUP.x!55BBC49E4458
RDN/Generic.bfr!gu!5C64E1807536
RDN/Generic.bfr!6649A570A523
RDN/Generic PUP.x!863E49053C27

Phishing

Microsoft	13th April 2014
Dear Westpac Customer,
Halifax	12th April 2014
OFFICIAL NOTIFICATION FROM HALIFAX BANK
AKIN BADMUS	12th April 2014
RE:SECURE THIS OFFER!!!
eBay	12th April 2014
Your question from an eBay member
Barclays Bank PLC	11th April 2014
YOUR ACCOUNT HAS BEEN FLAGGED !
www.apple.com	11th April 2014
The important updates !
PayPal	10th April 2014
Update Your information

Vulnerebility

Exploit

CubeCart 5.2.8 - Session Fixation

Microweber CMS 0.93 - CSRF Vulnerability

8.4.2014

Bugtraq

MacOSX/XNU HFS Multiple Vulnerabilities 2014-04-07
submit cxsec org

Pearson eSIS Enterprise Student Information System SQL Injection 2014-04-06
tudor enache helpag com

Pearson eSIS Enterprise Student Information System Stored XSS 2014-04-06
tudor enache helpag com

[SECURITY] [DSA 2894-1] openssh security update 2014-04-05
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2895-1] prosody security update 2014-04-05
Luciano Bello (luciano debian org)

Call for Papers 2014-04-05
education crownjournal org

Malware

Generic PUP.x!2A89A902E235
Generic PUP.x!A74099059E0E
RDN/Generic BackDoor!xs!3D137B3AB5AA
RDN/Generic.bfr!06AF0BCDC3EE
RDN/Generic.bfr!973B72E921B0
Generic.tfr!06B4C815FB9F
Generic PUP.x!AABD33AD11EC
RDN/Generic.bfr!F966997C16CD
RDN/Downloader.a!pv!A8C2D6E7E543
RDN/Generic PWS.y!zb!A6ACDDFB266E
Generic PUP.x!A6BC11F8BE73
RDN/Generic.bfr!gr!A6C8B314874E
RDN/PWS-Lineage!bf!05DD45A56DB1
Generic.tfr!A6B165F6B6BE
RDN/Generic.dx!d2o!064E70AF2DD1
Generic PUP.x!40541C0CBA78
RDN/Generic PWS.y!zb!A20DA976AAA5
RDN/Generic PUP.x!b2v!9EE0433268B6
Generic.dx!AE026B57987E
RDN/Generic PUP.x!b2b!9EDB559657EF
Generic.tfr!083CF144A090
RDN/Downloader.a!pv!07E86CA7054D
RDN/Generic BackDoor!D08C63A6D713
RDN/Downloader.a!pv!A4F5DA82999C
RDN/Generic.bfr!gr!A0C59CC3E9A2
RDN/Generic PWS.y!zb!04CAB1859D9D
RDN/PWS-Banker!A5438D923670
RDN/Generic.bfr!9EE3C58CC835
Generic PUP.x!504AC1DDC43A
Generic.bfr!3AE58B1E701B

Phishing

CreditCardOnline	8th April 2014
Credit card security - NatWest
NatWest	8th April 2014
ACCESS TO ONLINE BANKING SERVICE
Lucy Snell	8th April 2014
Lloyds Packaged Current Account Visits Available
Lloyds	8th April 2014
Irregular activity on your Lloyds Debit Card
HALIFAX BANK UK	8th April 2014
HALIFAX BILLS MINIMUM PAYMENT IS DUE

Vulnerebility

Exploit

XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities (XSS & CSRF)

JIRA Issues Collector Directory Traversal

7.4.2014

Bugtraq

CA20140403-01: Security Notice for CA Erwin Web Portal 2014-04-03
Kotas, Kevin J (Kevin Kotas ca com)

ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

Malware

RDN/Generic PUP.x!b2t!AC24489522EB
RDN/Generic PUP.x!b2t!00BD739F3453
RDN/Generic PUP.x!b2t!975201FBB44C
RDN/Generic PUP.x!b2t!14F6E5B74B83
RDN/Generic PUP.x!b2t!2F0A0B8C3326
RDN/Downloader.a!pv!A0A3CD4C1684
RDN/Generic PUP.x!b2t!AE6D379A4F23
Generic PUP.x!3CFD69A7602B
Generic PUP.x!EAAE74DC4244
Generic PUP.x!298FE4BD760F
Generic PUP.x!14AC7EFDE352
Generic PUP.x!F743262265C8
Generic PUP.x!90E07CA5E793
Generic Downloader.x!ECC5081351FA
Generic PUP.x!841B705F9E6A
RDN/Generic PUP.x!b2t!827D6BDE6DA5
RDN/Generic.dx!d2n!CFB72747D3E6
Generic PUP.x!86D8B70A96E4
Generic PUP.x!22A78D5EFD78
Generic PUP.x!3217023256DD
Generic PUP.x!2370C9FC2907
Generic PUP.x!6A0E745943E6
Generic PUP.x!E7B8AAEFE25A
Generic PUP.x!10B040338431
Generic PUP.x!EAA41DB5C250
Generic PUP.x!0B3A89E94681
Generic PUP.x!3BF09BCEA21D
RDN/Generic PUP.x!BC679FE0ECFB
Generic PUP.x!BCD2712F4D9F
Generic PUP.x!0B06EBE4FFEB

Phishing

Barclays Bank	7th April 2014
Important Notice On Your Account
HALIFAX Bank	7th April 2014
New Security Message
Barclays	7th April 2014
Account Review
Lloyds	7th April 2014
ALERT - BANKING SERVICES RESTRICTED
Barclays	7th April 2014
Barclays Important Message - Security & Privacy
Congratulations-CITIBank Accep	7th April 2014
Congratulations! jmcrews@aol.com CITIBank approval notice
National	7th April 2014
NatWest Bank Alert: Unauthorized Access On Your Account.
NatWest	6th April 2014
Access to Online Banking Service !
Barclays Bank Plc	6th April 2014
New Payment Notification From Barclays Bank Plc!
NatWest	6th April 2014
NatWest Online Banking Security
Natwest	6th April 2014
UPDATES AND CONFIRMATION TO YOUR ACCOUNT
Co-operative Bank Plc	6th April 2014
New Payment Notification From Co-operative Bank Plc.
Blizzard Entertainment	6th April 2014
World of Warcraft - Account Investigation
PayPal	6th April 2014
UPDATE YOUR INFORMATION
MBNA credit card	6th April 2014
* CACTUS * your official notification from MBNA credit card
Regions	6th April 2014
Regions - Update Your Online Banking Information
NatWest	6th April 2014
NatWest Bank Alert: Unauthorized Access On Your Account.
Eve	6th April 2014
APPLICATION FOR THE POSITION OF OUTDOOR SALES EXECUTIVE, MARKETING EXECUTIVE, BUSINESS DEVELOPMENT EXECUTIVE
O2	6th April 2014
Your O2 username
NatWest Credit Card	6th April 2014
ONLINE SERVICES - ACCOUNT LOCKED
Verizon	5th April 2014
Verizon Notification ID : FCWWUPLSXC
NatWest Credit Card	5th April 2014
* * ONLINE SERVICES - ACCOUNT LOCKED
Pay Pal	5th April 2014
NOTICE OF POLICY UPDATES
Barclays Bank PLC	5th April 2014
Your Account Has Been Flagged

Vulnerebility

Exploit

4.4.2014

Bugtraq

ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

[security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2014-04-03
security-alert hp com

[softScheck] Denial of Service in Microsoft Office 2007-2013 2014-04-03
Lubomir Stroetmann (lubomir stroetmann softscheck com)

Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability 2014-04-03
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic.bfr!gi!10D04F9E0DD9
RDN/Generic.bfr!0ED19411EE02
RDN/Generic.bfr!gi!052040AEC1AF
RDN/Generic.bfr!gi!0FB26BA3D0B5
RDN/Generic.bfr!gi!033ACD2195C6
RDN/Generic.bfr!gi!169308FD40D3
RDN/Generic.bfr!gi!0378CBBE0611
RDN/Generic.bfr!go!046C483538C4
Generic PUP.x!296EBA8CDBC9
RDN/Generic.bfr!gi!0692DA9B1D6B
RDN/Generic.bfr!go!16F6BDFDE098
RDN/Generic.bfr!go!05C9627BA208
RDN/Generic.bfr!gi!1B70B4077794
RDN/Generic PUP.x!b2g!293FAFDFECF8
Generic PUP.x!E68F4D835F23
RDN/Generic.bfr!gi!09AB76029919
RDN/Generic.bfr!go!14E66A0EF87A
RDN/Generic.bfr!go!070CEA8A8241
RDN/Generic.bfr!gi!064C64D45DD2
RDN/Generic PUP.x!b2g!E68180334ADF
Generic PUP.x!2975590ED429
Generic.tfr!2976A393F1B9
RDN/Generic.bfr!go!0F6B0644EE9B
RDN/Generic PUP.x!b2g!E67DA7773FAB
Generic PUP.x!A529C00AD44B
PUP-FID!E6735C0550B5
RDN/Generic PUP.x!b2g!E67ED722DC20
RDN/Generic.tfr!dx!F2116F0064A6
RDN/Generic PUP.x!b2g!F606A822543A
RDN/Generic.bfr!go!0034C74FFDE0

Phishing

Vulnerebility

Exploit

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

3.4.2014

Bugtraq

[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02
Florent Daigniere (florent daigniere trustmatta com)

Ð¡ross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!917DA1F34FB8
Generic PUP.x!3F7B145F06CD
Downloader.gen.a!10FAEAB55EE9
Generic PUP.x!972D907586D7
Generic PUP.x!CC57CFF205B1
Downloader.gen.a!EEB3B1FAF8B0
Generic PUP.x!6951B93FC45A
RDN/Generic PWS.y!za!0E82B2A9E737
RDN/Generic PUP.x!bxx!4C7F84E7DD19
Downloader-FYH!855FDCE4A806
RDN/Generic PUP.x!bxx!67A0EBED8E7D
Generic PUP.x!D4185BECDD7F
RDN/Generic PUP.x!bxx!541DB675FA78
RDN/Generic PUP.x!bxx!761565561A48
RDN/Generic PUP.x!bxx!144484B739E5
RDN/Generic PUP.x!bxx!EDC34C5598A3
Generic PUP.x!DBEBF0B18622
Generic PUP.x!CC194EE1DC5A
Generic PUP.x!EFA2DF6B46DF
Generic PUP.x!93C30493BB81
Generic PUP.x!37B752BD5CD9
Generic PUP.x!1780BD6DE159
Generic PUP.x!ECD240095230
Generic PUP.x!4D098BC3639F
Generic PUP.x!94D4B4CDC085
Generic PUP.x!DF5ABA91F517
Generic PUP.x!E73A1A08EC5A
Generic PUP.x!FDDEC10DD472
Generic PUP.x!F8E95DBB57CF
Generic PUP.x!E825FF83571F

Phishing

Vulnerebility

Exploit

2.4.2014

Bugtraq

[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02
Florent Daigniere (florent daigniere trustmatta com)

Ð¡ross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
High-Tech Bridge Security Research (advisory htbridge com)

SEC Consult SA-20140402-0 :: Multiple vulnerabilities in Rhythm File Manager 2014-04-02
SEC Consult Vulnerability Lab (research sec-consult com)

iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities 2014-04-02
Vulnerability Lab (research vulnerability-lab com)

APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3 2014-04-01
Apple Product Security (product-security-noreply lists apple com)

[IMF 2014] Call for Participation 2014-04-01
Oliver Goebel (goebel cert uni-stuttgart de)

Malware

RDN/Generic PUP.x!bxt!9B081DB4578F
RDN/Generic.bfr!gf!9B3515642B5E
RDN/Generic PUP.x!bxt!9AFDABFA3D74
RDN/Generic PUP.x!bxt!9AEF93192B58
RDN/Generic PUP.x!bxt!9AF5736DE71D
RDN/Generic PUP.x!bxt!9AEC6DC2B356
RDN/Generic PUP.x!bxt!9AEE1BBA2A86
RDN/Generic PUP.x!bxt!9AFE0577B1B7
RDN/Generic.bfr!gf!1563211B5158
RDN/Generic PUP.x!bxt!9B0EB48940A7
RDN/Generic PUP.x!bxt!9B13FC3948E0
RDN/Generic PUP.x!bxt!9AE8B0A9A1DB
RDN/Generic PUP.x!bxt!9AEEC4BD35DD
Generic PUP.x!119B529F4A5E
RDN/Generic PUP.x!bxt!9AF7CF60A71C
RDN/Generic PUP.x!bxt!9AF9C8C2AF54
DirectDownminer!9B2F8436298B
RDN/Generic PUP.x!bxt!9AE0B347E7D5
RDN/Generic PUP.x!bxt!9B13AE49B8BA
RDN/Generic PUP.x!bxt!9AE2445060CF
RDN/Generic PUP.x!bxt!9B0E9E437755
RDN/Generic PUP.x!bxt!9AD3D04BE03A
RDN/Generic PUP.x!bxt!9AEB064FB63E
RDN/Generic PUP.x!bxt!9ADF3C1828F6
StartPage-NY!9B2D0E6DBAF0
Generic PUP.x!9B05773325BC
Generic PUP.x!9B1B79A1A266
RDN/Generic PUP.x!bxt!9AE45518C6FF
RDN/Generic PUP.x!bxt!9AE895890F59
RDN/BackDoor-FBSA!a!08C14BFB20DF

Phishing

Vulnerebility

Exploit

1.4.2014

Bugtraq

[SECURITY] [DSA 2891-2] mediawiki regression update 2014-03-31
Thijs Kinkhorst (thijs debian org)

PhonerLite 2.14 SIP Soft Phone - SIP Digest Leak Information Disclosure (CVE-2014-2560) 2014-03-31
Jason Ostrom (jostrom storasec net)

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities 2014-03-31
Vulnerability Lab (research vulnerability-lab com)

PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities 2014-03-31
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2891-1] mediawiki security update 2014-03-30
Thijs Kinkhorst (thijs debian org)

Malware

Generic PUP.x!50D4A36BA7C0
Generic PUP.x!2F4C58DCD882
Generic PUP.x!C78FB76BE4C9
Generic Downloader.sd!4725C040EB7A
Generic PUP.x!EEDA1FE33D22
Generic PUP.x!87308E2DA6CF
Generic PUP.x!5A6342DAD071
Generic PUP.x!93E3A2D8C32F
Generic PUP.x!3C34FB3C1B14
Generic PUP.x!C7582097A087
Generic PUP.x!05855C7D62A3
Generic PUP.x!5117363027C6
Generic PUP.x!535466C10799
Generic PUP.x!1B8188EFBDF9
Generic PUP.x!DA075FD73A00
Generic.bfr!5158F5BD285D
Generic PUP.x!5058D7F4D068
RDN/Generic PUP.x!bxj!3E208CB41B83
RDN/Generic PUP.x!bxj!C659E2A8B55E
RDN/Generic PUP.x!bxj!C6918377E4DF
Generic PUP.x!C03BB1F63B1C
Generic PUP.x!CB13D31C5CFB
Generic PUP.x!7AB14C8733F8
Generic PUP.x!5D695F4FBB93
Generic PUP.x!C4CEAC064B1F
Generic PUP.x!045B70CCBE0F
Generic PUP.x!518D173E741F
Generic PUP.x!E3CF93C31B8F
Generic PUP.x!11A413E12425
Generic PUP.x!B76C29D71CDC

Phishing

Vulnerebility

Exploit

SePortal SQLi Remote Code Execution

PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion

EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read