Databáze Hot News 2014 August -

Databáze Hot News 2014 August - 2014 January February March April May June July August September October November December

29.8.2014

Bugtraq

Re: SaaS Marketing platform Hubspot export vulnerability 2014-08-28
security hubspot com

[SECURITY] [DSA 3014-1] squid3 security update 2014-08-28
Salvatore Bonaccorso (carnil debian org)

SEC Consult SA-20140828-0 :: F5 BIG-IP Reflected Cross-Site Scripting 2014-08-28
SEC Consult Vulnerability Lab (research sec-consult com)

Aerohive Hive Manager and Hive OS Multiple Vulnerabilities 2014-08-28
Disclosure (Disclosure security-assessment com)

[The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert 2014-08-27
Pedro Ribeiro (pedrib gmail com)

[SECURITY] [DSA 3013-1] s3ql security update 2014-08-27
Florian Weimer (fw deneb enyo de)

Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
jackie sdiwc info

[SECURITY] [DSA 3012-1] eglibc security update 2014-08-27
Florian Weimer (fw deneb enyo de)

Malware

RDN/Generic PUP.x!148DF3F2BC33
RDN/Generic PUP.x!05C6943090DC
RDN/Generic PUP.x!cmb!117932EAEA0B
RDN/PWS-Mmorpg!mb!5D53BE4FCC4F
RDN/PWS-Mmorpg!mb!5D59DAF8A72C
RDN/PWS-Mmorpg!mb!5D5E9F7B8F05
RDN/Generic BackDoor!zp!534A8DB4D9C1
RDN/PWS-Mmorpg!mb!5D5B155A404A
RDN/Generic PUP.x!cmb!068AA0D3D29E
RDN/Generic PUP.x!cmb!1BB8F0FB7EC9
RDN/PWS-Mmorpg!mb!5D2E7B78BBC3
RDN/PWS-Mmorpg!lp!5D67DA081574
Generic PUP.x!061A90EA5F76
RDN/Generic PUP.x!cmb!029EBAC414D3
RDN/Generic PUP.x!cmb!055C86BD2D55
RDN/PWS-Mmorpg!mb!5D2747EC935C
RDN/Generic PUP.x!cmb!172515A4AEFB
RDN/Generic PUP.x!cmb!117671717FCF
RDN/PWS-Mmorpg!mb!5D1D5522B81E
RDN/PWS-Mmorpg!mb!5D2006745E0B
RDN/PWS-Mmorpg!mb!5D2013414DA9
RDN/PWS-Mmorpg!mb!5D1EB5A70995
RDN/PWS-Mmorpg!mb!5D122C8FA307
RDN/PWS-Mmorpg!mb!5D1AD8031236
RDN/PWS-Mmorpg!mb!5D08BD382414
RDN/PWS-Mmorpg!mb!5D152DEBB9B0
CryptDomaIQ!6FBDE69E1C92
PUP-FLN!6FBB93EC196F
CryptInno!6FBBA52F69E5
PUP-FHQ!6FB7F8253C5C

Phishing

BT	28th August 2014
You have 1 new message
PayPal	28th August 2014
update account
PayPal Serviceâœ”	27th August 2014
Your Account Will Be Limited Until We Here From You Please Enable Protection Against Fraudulent Use Of Credit

Vulnerebility

Exploit

Internet Explorer MS14-029 Memory Corruption PoC

28.8.2014

Bugtraq

Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
jackie sdiwc info

[SECURITY] [DSA 3012-1] eglibc security update 2014-08-27
Florian Weimer (fw deneb enyo de)

SaaS Marketing platform Hubspot export vulnerability 2014-08-27
ehoward novacoast com

Fwd: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks 2014-08-27
Fernando Gont (fgont si6networks com)

Mathematica10.0.0 on Linux /tmp/MathLink vulnerability 2014-08-27
paul szabo sydney edu au

Encore Discovery Solution Multiple Vulnerability Disclosure 2014-08-27
Romano, Christian (cromano caanes com)

Malware

RDN/PWS-Mmorpg!lw!EA3E1AE9E276
CryptDomaIQ!6C4C60262A3C
RDN/PWS-Mmorpg!lw!EA1DEEA83380
RDN/PWS-Mmorpg!lw!EA95646BA683
RDN/PWS-Mmorpg!lw!EA56234958EB
RDN/PWS-Mmorpg!lw!EA034C45DBD0
Generic PUP.x!039261261CD5
RDN/PWS-Mmorpg!lw!EA0DAFB5FB08
RDN/PWS-Mmorpg!lw!EA10A2E7CE84
RDN/PWS-Mmorpg!lw!EA061E450D76
RDN/PWS-Mmorpg!lw!E9E688EA2172
RDN/PWS-Mmorpg!lw!E9FC38AEDB33
Generic PUP.x!6C4AC5BC6AB7
Generic PUP.x!AF645A521638
RDN/PWS-Mmorpg!lw!E9E31C6AD86D
Generic PUP.x!CE7D8068F6B8
Generic PUP.x!CE5A18FF18FB
RDN/Generic PUP.x!4DF58DF1E187
Generic PUP.x!676A616F61E6
Generic PUP.x!42690469D1FC
RDN/PWS-Mmorpg!lw!EA07EC7EAAF0
Generic PUP.x!84A8AE00A9B9
RDN/DNSChanger.bfr!d!EA700A4F0150
RDN/PWS-Mmorpg!lw!E9DBAC88A099
RDN/PWS-Mmorpg!lw!E9D085D79291
RDN/PWS-Mmorpg!lw!E9C6CD287053
RDN/PWS-Mmorpg!lw!E9B2C8A986E3
RDN/PWS-Mmorpg!lw!E9CB01FC9AC7
RDN/PWS-Mmorpg!lw!E9B441FE2FBF
Generic Downloader.x!11DA4C039643

Phishing

PayPal	28th August 2014
update account
PayPal Serviceâœ”	27th August 2014
Your Account Will Be Limited Until We Here From You Please Enable Protection Against Fraudulent Use Of Credit
Apple	27th August 2014
Confirm your informations for our new system !

Vulnerebility

Exploit

glibc Off-by-One NUL Byte gconv_translit_find Exploit

WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities

Firefox WebIDL Privileged Javascript Injection

WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability

Plogger 1.0-RC1 - Authenticated Arbitrary File Upload

ManageEngine DeviceExpert 5.9 - User Credential Disclosure

ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution

PhpWiki - Remote Command Execution

XRMS - Blind SQL Injection and Command Execution

WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities

27.8.2014

Bugtraq

ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability 2014-08-26
Security Alert (Security_Alert emc com)

LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification 2014-08-26
advisories (advisories lsexperts de)

ntopng 1.2.0 XSS injection using monitored network traffic 2014-08-25
Steffen Bauch (mail steffenbauch de)

[security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-25
security-alert hp com

[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. 2014-08-25
WorldCIST (worldcist aisti eu)

MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
cseye_ut yahoo com

DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

Malware

RDN/Generic PUP.x!clz!2E0947B78E50
RDN/Generic PWS.y!b2u!2CDAC0446556
RDN/Generic PUP.x!2E0402515608
Generic PUP.x!2C4526C882C6
Generic PUP.x!301C1E58CC80
RDN/Generic.bfr!583A93256C4F
Generic PUP.x!2E6151D57092
Generic PUP.x!E1EC11BC302A
RDN/Generic PUP.x!clz!2B25F317194F
Generic PUP.x!56E460B97AE4
Generic PUP.x!773F105CC847
Generic PUP.x!C7E8D3D1A993
BackDoor-FBOB!6D43FE1902BB
Generic PUP.x!AE8C10232B34
RDN/Generic PUP.x!2BA92552F15C
RDN/Generic PUP.x!clz!71D53C9FEB08
RDN/Downloader.gen.a!5116E588B250
W32/Virut.gen!B6353F3B667F
BackDoor-FBOB!FD21D2BDB7F9
RDN/Generic Dropper!vc!B7D344EDD310
RDN/Generic PUP.x!clz!607B470EB2F6
RDN/Generic.bfr!2D0A667CB4E7
RDN/Generic PUP.x!clz!5FCA14074301
W32/Sality.gen!B3C59539F803
Generic PUP.x!BA92BD64077F
Downloader.gen.a!092FAC647C70
BackDoor-FBOB!DF52F81C950C
BackDoor-FBOB!7B4F49E67EED
RDN/Generic.grp!B5754BC23A19
RDN/Generic.bfr!hp!2B4BECCD6C44

Phishing

Apple	27th August 2014
Confirm your informations for our new system !
Support	26th August 2014
[Apple] Check your information REF:56452214-IOS

Vulnerebility

Exploit

glibc Off-by-One NUL Byte gconv_translit_find Exploit

ntopng 1.2.0 - XSS Injection

VTLS Virtua InfoStation.cgi - SQL Injection

26.8.2014

Bugtraq

[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. 2014-08-25
WorldCIST (worldcist aisti eu)

MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
cseye_ut yahoo com

DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699) 2014-08-25
Vulnerability Lab (research vulnerability-lab com)

Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707) 2014-08-25
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3011-1] mediawiki security update 2014-08-23
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3010-1] python-django security update 2014-08-22
Salvatore Bonaccorso (carnil debian org)

Malware

Generic Downloader.x!5DF28122FEB9
Generic PUP.x!8D3AF9130814
Generic Downloader.x!BEB3ACA13F38
Generic PUP.x!84AC7F327B5D
RDN/Generic PUP.x!BECF17CAB1A3
CryptDomaIQ!64050EDCE4B6
RDN/PWS-Mmorpg!lr!BE2C864B41E6
Generic PUP.x!BA9A223DAC46
RDN/Generic Downloader.x!kv!A4558BCC8F95
Generic PUP.x!B0B524DA1CFA
RDN/Downloader.a!st!D404575AA706
PUP-FMK!64083FD01A04
Generic PUP.x!01C05ED56557
Generic PUP.x!F3398D9A6D08
RDN/Generic PUP.x!cl3!C6FE804DF447
RDN/Generic.bfr!DB26A822E310
Generic PUP.x!B68CCD1BA4EC
CryptDomaIQ!640806A0912B
RDN/Downloader.a!st!1FF8AC1321F7
FakeAV-M.bfr!0DD23B0BD825
RDN/Generic BackDoor!zo!B336A06DDCA4
Generic PUP.x!268944FC49F5
Generic PUP.x!520C3B94B62C
Generic PUP.x!A9F7FAE56EC1
Generic PUP.x!D47526F4AE4D
Generic PUP.x!17C30BD32422
Downloader.gen.a!68C3509DEFCC
Generic PUP.x!E5AD8AAD4509
Generic PUP.x!4A4C65E38B4E
Generic PUP.x!D0C15F4DFD9A

Phishing

Barclays	24th August 2014
YOUR ACCOUNT IS TEMPORARILY LIMITED
Lloyds	24th August 2014
Account Limited
Barclays	23rd August 2014
Your Account Is Temporarily Limited

Vulnerebility

Exploit

Innovaphone PBX Admin-GUI - CSRF Vulnerability

ManageEngine Password Manager MetadataServlet.dat SQL Injection

ntopng 1.2.0 - XSS Injection

VTLS Virtua InfoStation.cgi - SQL Injection

Innovaphone PBX Admin-GUI - CSRF Vulnerability

ManageEngine Password Manager MetadataServlet.dat SQL Injection

25.8.2014

Bugtraq

DoS attacks (ICMPv6-based) resulting from IPv6 EH drops 2014-08-22
Fernando Gont (fgont si6networks com)

[security bulletin] HPSBST03098 rev.1 - HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-21
security-alert hp com

CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability 2014-08-21
Herbert Duerr (hdu apache org)

CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects 2014-08-21
Herbert Duerr (hdu apache org)

[SECURITY] [DSA 3009-1] python-imaging security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)

Malware

Downloader.gen.a!DC7C498A9931
PUP-FMK!FF62124BFC61
Generic PUP.x!EF2EF9E27990
CryptDomaIQ!FF78A2E7A332
Generic PUP.x!FF6ACD2E6F86
Generic PUP.x!96864469C5C3
RDN/Generic BackDoor!zo!3743A5BA18BB
Generic PUP.x!77B1DB3051E4
Generic.dx!DC783727A74C
Generic PUP.x!4073F47DA8BF
Generic PUP.x!AD0A1052FD6D
CryptDomaIQ!FF6789616D45
RDN/Generic.bfr!FB73645ECE86
CryptDomaIQ!FF4A49523D5F
Generic PUP.x!CFD816B07A4D
Generic PUP.x!DBD9953F84BB
FakeAV-M.bfr!139A29AC0E05
RDN/Downloader.gen.a!E1F31008F4EC
Generic PUP.x!DC3E5838A1A8
Generic PUP.x!084CE5BFBADA
Generic PUP.x!051E959FADCF
Generic PUP.x!DDBD77184305
RDN/Generic BackDoor!zo!DEB924414335
Generic Downloader.x!E4AAEF2A2811
CryptDomaIQ!FF4C15C4DD02
RDN/Generic PUP.x!clx!857EFFE1834F
Generic Downloader.x!F9F21E3FF2DE
MultiPlug!FF4A7FAD128F
RDN/Generic.bfr!32A6DE5D44D0
PUP-FMK!FF4BB4917C84

Phishing

Barclays	24th August 2014
YOUR ACCOUNT IS TEMPORARILY LIMITED
Lloyds	24th August 2014
Account Limited
Barclays	23rd August 2014
Your Account Is Temporarily Limited

Vulnerebility

Exploit

Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities

22.8.2014

Bugtraq

[SECURITY] [DSA 2940-1] libstruts1.2-java security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3008-1] php5 security update 2014-08-21
Salvatore Bonaccorso (carnil debian org)

ToorCon 16 Call For Papers! 2014-08-20
h1kari toorcon org

ArcGIS for Server Vulnerability Disclosure 2014-08-20
Romano, Christian (cromano caanes com)

CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

Malware

CryptDomaIQ!D78A92FCE66B
CryptDomaIQ!D7B9D9617294
iBryte!7B760BAC4CB7
RDN/Generic.bfr!hp!5D8629DC6644
Generic PUP.x!40AB98A5212F
PUP-FNX!3D31CF6CE619
Generic PUP.x!AA4D882A5605
Generic PUP.x!B5CFCD0D4330
Generic PUP.x!B2F1FEDF883A
Generic PUP.x!A634162F7DAE
RDN/Generic Downloader.x!kv!4D950A3923E8
RDN/Downloader.a!sr!1C2D6D6E2FF7
Generic PUP.x!91C583C9E2CB
Generic PUP.x!8211F008ACE6
RDN/Generic BackDoor!zn!EB44359AE361
Generic PUP.x!00F243CA7407
RDN/Spybot.bfr!n!EE95DC154F8A
RDN/Generic PUP.x!clr!6FA5A54C546F
MultiPlug!D869F6259C6A
Generic PUP.x!72FF3FAB00AB
Generic PUP.x!821366AA2E77
Generic PUP.x!A8E4F772823C
Generic PUP.x!8B1DE6A55E02
Generic PUP.x!A6999089A586
CryptDomaIQ!D7F39CCCECA8
Generic PUP.x!ADA8227219D7
Generic PUP.x!79BE0E13BDC4
CryptDomaIQ!D7D9BCC242A9
Generic PUP.x!693E4F7657D9
Generic.dx!9549CD8D855E

Phishing

PayPal	22nd August 2014
Temporarely Blocked Account
Halifax	20th August 2014
[SUSPECTED ] Halifax - Monthly e-statement is ready

Vulnerebility

Exploit

HybridAuth install.php PHP Code Execution

MyBB 1.8 Beta 3 - Multiple Vulnerabilities

21.8.2014

Bugtraq

CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

SQL Injection Vulnerability in ArticleFR 2014-08-20
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-5307 - Privilege Escalation in Panda Security Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 3007-1] cacti security update 2014-08-20
Moritz Muehlenhoff (jmm debian org)

Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities 2014-08-20
CERT telekom de

ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 2014-08-20
jackie sdiwc info

[security bulletin] HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities 2014-08-19
security-alert hp com

[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-08-19
security-alert hp com

Malware

Generic PUP.x!0C204FDE7B86
RDN/Generic PUP.x!clq!FF671F5AA3E5
Generic PUP.x!5C0F16FF5863
RDN/Downloader.a!sq!A3C3FD650D87
Generic PUP.x!8939F187BB57
PUP-FMK!3D9279CB2352
RDN/Generic PUP.x!8AD8A57D3C30
Generic PUP.x!8B9E18721B78
PUP-FMK!89B3A792B87A
Generic PUP.x!60503134FC5D
Generic PUP.x!89FAC80D5C6D
RDN/Generic Downloader.x!kv!64EAD1CE8C6C
RDN/Spybot.bfr!45A1E07D0A66
PUP-FMK!8974090249A0
Generic PUP.x!E99409CD2D43
RDN/Generic PUP.x!8D130A9842B1
PUP-FMK!8B0F63C711EA
PUP-FMK!8B069AE89AFA
Generic PUP.x!8B78E33964B8
Generic PUP.x!5F030CF87FCF
PUP-FMK!8B645CC4137C
Generic PUP.x!397839349DD4
Generic PUP.x!632507E475FB
Generic PUP.x!612F0BCC8106
Generic PUP.x!3C9259606529
Generic PUP.x!3C832DFC43EC
PUP-FMK!3D8111762A6F
PUP-FMK!3C019A6C6A4F
Generic PUP.x!5E44C8FB463F
Generic PUP.x!3D29C4F18403

Phishing

Halifax	20th August 2014
[SUSPECTED ] Halifax - Monthly e-statement is ready
Amazon.com	19th August 2014
Account Confirmation
Barclays Bank PLC	19th August 2014
YOUR ACCOUNT HAS BEEN FLAGGED

Vulnerebility

Exploit

MyBB 1.8 Beta 3 - Multiple Vulnerabilities

20.8.2014

Bugtraq

ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities 2014-08-19
Security Alert (Security_Alert emc com)

[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19
Jacopo Cappellato (jacopoc apache org)

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
Security Alert (Security_Alert emc com)

Malware

RDN/Generic.bfr!CC375F631A4E
Generic PUP.x!52928A444DEC
Generic PUP.x!30B7C7480C0F
Generic PUP.x!045F3825D781
Generic PUP.x!64986BE36D9C
W32/Agent!486C0E6EEADF
Generic PWS.y!A7D0D53F0F69
Generic PUP.x!3623875E6B76
W32/Agent!6C4A668450F8
RDN/Generic.tfr!ed!9C4B91425BFF
RDN/Generic PUP.x!cln!D89813CC07F9
Generic.dx!C07C67CB80BA
W32/Agent!C11E2E01CFB8
Generic PUP.x!336F42DC8711
RDN/Generic PWS.y!b2s!593869F46AE2
RDN/Generic.dx!d2t!5F5B3ED8A3D9
RDN/Generic PUP.x!cln!DFE89220324D
RDN/Generic.tfr!ed!6632B9A411C1
RDN/Generic BackDoor!zm!9875E4DB4956
RDN/Generic PUP.x!cln!0AFFA6025D26
RDN/Generic PUP.x!cln!48E06AB96DF3
W32/Agent!B0DFAA10B66E
Generic PUP.x!8D07C2A47AF4
Generic PUP.x!2146DFDBB8E5
RDN/Generic PWS.y!b2s!57C9D5C5AE94
W32/Agent!4CFBE029BDF6
Downloader.gen.a!1CACD40DA3B9
Generic PUP.x!02FA1F62876E
Generic PUP.x!02D61E35B35E
W32/Agent!F8D28E6337D8

Phishing

Amazon.com	19th August 2014
Account Confirmation
Barclays Bank PLC	19th August 2014
YOUR ACCOUNT HAS BEEN FLAGGED
HSBC Bank	19th August 2014
Your Account is Innactive
Amazon	19th August 2014
AMAZON : YOUR ACCOUNT HAS BEEN SUSPENDED .! 19/08/2014 01:46:55

Vulnerebility

Exploit

19.8.2014

Bugtraq

[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19
Jacopo Cappellato (jacopoc apache org)

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3006-1] xen security update 2014-08-18
Moritz Muehlenhoff (jmm debian org)

Outlook.com for Android fails to validate server certificates 2014-08-17
Securify B.V. (lists securify nl)

CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request 2014-08-17
tekwizz123 riseup net

Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more) 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more) 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Malware

Generic PUP.x!D17D556AB2A1
RDN/Generic PWS.y!b2r!1CE828E65DA1
RDN/Generic PUP.x!13EFCA0531D6
Generic PUP.x!E5251D67DF41
Generic PUP.x!0F1539BC11C0
RDN/Spybot.bfr!n!76009EEDBFD5
RDN/Generic PUP.x!clm!F8B2336E860A
CryptDomaIQ!F31B767EC17F
Generic.dx!427351117509
Generic PUP.x!14ED09D6ACC4
W32/Virus.gen!B8115DBA7C22
Generic PUP.x!605128B8DB0E
Generic PUP.x!772235C96E34
Generic PUP.x!6A54F0010CE8
RDN/Generic.dx!d2t!BA27E95FA7FC
Generic PUP.x!0625CACA32D6
RDN/PWS-Mmorpg!le!72E0A7408FA9
Generic PUP.x!83AF022CFA43
Generic PUP.x!3A81F3F93D2C
RDN/Generic.bfr!14AF329F39B5
RDN/PWS-Mmorpg!le!7244F461E98C
Generic PUP.x!FC1EA541274C
RDN/Generic Downloader.x!kt!B223377D6A89
Generic PUP.x!A46F9AC8BA84
RDN/Generic PUP.x!clm!8CB82925E1EA
Generic PUP.x!0F84D578996A
Generic PUP.x!18618C80353F
PUP-FMK!F309D612922F
Generic PUP.x!79C39106E78C
Generic PUP.x!73AF95D35908

Phishing

Amazon	19th August 2014
AMAZON : YOUR ACCOUNT HAS BEEN SUSPENDED .! 19/08/2014 01:46:55
HSBC Bank ;	18th August 2014
Your Account is Innactive
Natwest	18th August 2014
Verify your online account
Paypal	17th August 2014
YOUR ACCOUNT HAS BEEN LIMITED
Service Paypal	17th August 2014
YOUR ACCOUNT WILL BE LIMITED !
NatWest	17th August 2014
* CACTUS * review your account activity

Vulnerebility

Exploit

Tenda A5s Router 3.02.05_CN - Authentication Bypass Vulnerability

Firefox toString console.time Privileged Javascript Injection

15.8.2014

Bugtraq

[SECURITY] [DSA 3005-1] gpgme1.0 security update 2014-08-14
Salvatore Bonaccorso (carnil debian org)

APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6 2014-08-13
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBMU03090 rev.1 - HP SiteScope, running Apache Struts, Remote Execution of Arbitrary Code 2014-08-13
security-alert hp com

[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-13
security-alert hp com

Reflected Cross-Site Scripting (XSS) in Jamroom 2014-08-13
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-006] Ganeti insecure archive permission 2014-08-12
Andrea Barisani (lcars ocert org)

Malware

Generic PUP.x!5EAF4DC5656F
CryptDomaIQ!613DEE1AA9E4
CryptDomaIQ!61A4606F9F7B
Generic PUP.x!D592A80D7EA3
Generic PUP.x!BD19C7D6EFB9
RDN/Generic.dx!d2r!439AC4BF6F9D
Generic PUP.x!07B47210CFA1
W32/Virut.n.gen!DDC0396D5BC6
RDN/Generic BackDoor!zl!CED420B564FF
RDN/Generic.dx!d2r!694F0B99D9DC
Generic.bfr!C4FF5021A5A1
RDN/Generic Downloader.x!kt!E7954A704FDF
RDN/Generic Downloader.x!77BC1B2BD9A3
Generic PUP.x!1E91A68167B9
Generic PUP.x!799557409014
Generic.bfr!62988F8D0E6A
iBryte!A1B03AFC72DA
Generic PUP.x!37B7E8CC72D9
Generic PUP.x!1DBAD420686C
RDN/PWS-Banker!dk!A921E6800E4E
RDN/Generic PWS.y!b2r!D57962293480
RDN/Generic.tfr!ed!577783DB7328
RDN/Generic.bfr!hp!BD1F672233F7
RDN/Generic PUP.z!ed!A9E10036ABAF
Generic PUP.x!1D2C6843FC93
CryptDomaIQ!6131045B79C3
RDN/Generic PUP.x!cl3!A83C5AFCBAC4
CryptDomaIQ!61211D33DB54
CryptDomaIQ!61B955BF39EA
RDN/Generic.bfr!hp!258D7ED949D9

Phishing

Customerservice@MBNA.co.uk	14th August 2014
MBNA - NEW ASSIGNED CREDIT LIMIT
Wells Fargo	13th August 2014
Important Notice Regarding Your Account
Apple	13th August 2014
YOU APPLE ACCOUNT HAS BEEN LIMITED

Vulnerebility

Exploit

VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution

VirtualBox 3D Acceleration Virtual Machine Escape

Disqus for Wordpress 2.7.5 Admin Stored CSRF and XSS

14.8.2014

Bugtraq

[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-13
security-alert hp com

Reflected Cross-Site Scripting (XSS) in Jamroom 2014-08-13
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-006] Ganeti insecure archive permission 2014-08-12
Andrea Barisani (lcars ocert org)

BlackBerry Z 10 - Storage and Access File-Exchange Authentication By-Pass [MZ-13-04] 2014-08-12
security (security modzero ch)

CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service 2014-08-12
Gregory Pickett (gpickett71 yahoo com)

Apache Cordova 3.5.1: CVE-2014-3502 update 2014-08-11
Marcel Kinard (cmarcelk gmail com)

[security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information 2014-08-11
security-alert hp com

[SECURITY] [DSA 2984-2] acpi-support regression update 2014-08-11
Raphael Geissert (geissert debian org)

Malware

RDN/Generic BackDoor!zl!E68B1B9A909D
RDN/Generic BackDoor!zl!D87E239269F8
RDN/Generic Downloader.x!kt!8F858D36A167
RDN/Generic Downloader.x!kt!FDC0A04B588B
Generic PUP.x!C4FB73B94C1A
Generic PUP.x!B7CEB1116131
Generic PUP.x!0020F4091EEF
Generic PUP.x!BA0E734C3E04
Generic PUP.x!1B53D9330121
RDN/Generic PUP.x!clh!C14853CF221A
DNSChanger.bfr!FCEB0BD6DC79
iBryte!6CB2A8B6B14A
Generic PUP.x!0021559049AF
PWS-Lineage!FCA0C564703B
RDN/PWS-Mmorpg!le!C708D98F6896
Generic PUP.x!BFA9B5157153
RDN/Generic PUP.x!FB0C34E2BF2A
RDN/Generic.bfr!hp!B439364F47F2
Generic PUP.x!65CB25F3A1E9
Generic Downloader.x!02DF46777E28
Generic PUP.x!D4FDA0479187
Generic PUP.x!EA909393FE47
RDN/Generic BackDoor!zl!BF2A095BCB4A
RDN/Generic PUP.x!clh!3D0A9AE977B4
RDN/Generic.tfr!eb!EAC0EAC1D114
RDN/PWS-Banker!dk!F3F4C6B45308
iBryte!230D02990BD8
Generic PUP.x!001389F978FB
RDN/Generic.bfr!hp!EAB758DEBBDC
RDN/Generic.bfr!hp!A8E17CFE73B5

Phishing

Wells Fargo	13th August 2014
Important Notice Regarding Your Account
Apple	13th August 2014
YOU APPLE ACCOUNT HAS BEEN LIMITED
PayPal	12th August 2014
Your PayPal Account Has Been Limited PP:6755

Vulnerebility

Exploit

VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation

13.8.2014

Bugtraq

CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service 2014-08-12
Gregory Pickett (gpickett71 yahoo com)

Apache Cordova 3.5.1: CVE-2014-3502 update 2014-08-11
Marcel Kinard (cmarcelk gmail com)

[security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information 2014-08-11
security-alert hp com

[SECURITY] [DSA 2984-2] acpi-support regression update 2014-08-11
Raphael Geissert (geissert debian org)

IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915) 2014-08-11
Jamie Riden (jamie riden gmail com)

[SECURITY] [DSA 3004-1] kde4libs security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!9013C2196DC9
Generic PUP.x!8A9B26012124
Generic BackDoor!8626B626C1DF
RDN/Generic.bfr!33AF5259E1AA
RDN/Generic.grp!D7E433C049B0
Generic PUP.x!2C51624F9F37
Generic PUP.x!ABF910D3EC3E
Generic PUP.x!AC4406EF9CB1
RDN/Generic BackDoor!zk!D1F88DCB9459
RDN/Generic Dropper!va!8A600BDF0C66
RDN/Generic PUP.x!clg!AE7F20E9DF44
Generic PUP.x!FBEB8E96BD7F
Generic PUP.x!18628EAAAC47
RDN/Generic BackDoor!zk!F5875D99901B
RDN/Downloader.gen.a!90F26DD090E4
Generic PUP.x!641F17466338
Generic PUP.x!25CB943F21ED
Generic PUP.x!CDD46FE4F30F
Generic PUP.x!AB611FD1E3D6
Generic PUP.x!90F973E397D3
RDN/Generic BackDoor!zk!499390CC4A85
RDN/Generic PUP.x!90E0F365FA42
RDN/Generic PUP.x!clg!D8F8EFFCA3E6
RDN/Generic PUP.x!clg!65F8DF39564F
RDN/Generic.tfr!eb!EA9A3D4FDF70
RDN/Generic PUP.x!clg!906446C564FD
RDN/Generic PUP.x!clg!90C0C078D6DA
RDN/Generic PUP.x!clg!7AD6E0D0DD78
SquareNet!D5EF5196E1A8
RDN/Generic PWS.y!b2q!254185AD26BB

Phishing

PayPal	12th August 2014
Your PayPal Account Has Been Limited PP:6755
Google	11th August 2014
Important Document

Vulnerebility

Exploit

10.8.2014

Bugtraq

[SECURITY] [DSA 3004-1] kde4libs security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3003-1] libav security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3002-1] wireshark security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3001-1] wordpress security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend 2014-08-09
Benjamin Kaduk (kaduk MIT EDU)

[SECURITY] [DSA 3000-1] krb5 security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2999-1] drupal7 security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!F2448D269864
RDN/Generic PUP.x!DCCF14667FEF
CryptDomaIQ!4A4A980FED95
Somoto-BetterInstaller!4A4F6A31A839
Generic PUP.x!2F6696046CDD
Generic PUP.x!4A0472CF5447
PUP-FMK!4A575BA30588
CryptDomaIQ!4A5E3900424B
CryptDomaIQ!4ABF22512E1D
CryptDomaIQ!4A87260DDCAD
iBryte!7B039DA43CF7
CryptDomaIQ!4A956AEE49E3
Generic.bfr!F22F7C0BB929
Generic PUP.x!3044ED379E96
CryptDomaIQ!4A8B21ACD4EB
CryptDomaIQ!4A83AF88F3CA
RDN/Generic.dx!DBB650E32BE7
CryptDomaIQ!4A6462895D3E
Generic PUP.x!F3130A5AAB42
iBryte!4A96543FD9FD
CryptDomaIQ!4A4C01FABEA1
iBryte!7409EDDCBA81
Generic.tfr!D6EFDD77C0EE
Generic PUP.z!F32AC518557E
CryptDomaIQ!4A86C26015AC
CryptDomaIQ!4A8A3D903C58
CryptDomaIQ!4A4F795BFFDC
CryptDomaIQ!4A64AD6B0106
PUP-FMU!4A5B32B0B18F
CryptDomaIQ!49DA1BB2CDBB

Phishing

Google	11th August 2014
Important Document
AMAZON	10th August 2014
Amazon : Verify your account âœ”
PayPal	10th August 2014
PayPal Security & Privacy Update.

Vulnerebility

Exploit

9.8.2014

Bugtraq

[security bulletin] HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-08
security-alert hp com

[ MDVSA-2014:158 ] openssl 2014-08-08
security mandriva com

[ MDVSA-2014:159 ] wireshark 2014-08-08
security mandriva com

ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability 2014-08-08
Security Alert (Security_Alert emc com)

[WorldCIST'15]: Call for Workshops Proposals - Proceedings by Springer 2014-08-07
ML (marialemos72 gmail com)

[security bulletin] HPSBUX03087 SSRT101413 rev.1 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-08-07
security-alert hp com

Beginners error: QuickTime for Windows runs rogue program C:\Program.exe when opening associated files 2014-08-07
Stefan Kanthak (stefan kanthak nexgo de)

[security bulletin] HPSBMU03086 rev.1 - HP Operations Agent running Glance, Local Elevation of Privilege 2014-08-07
security-alert hp com

[ MDVSA-2014:157 ] ipython 2014-08-08
security mandriva com

[security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code 2014-08-07
security-alert hp com

Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities 2014-08-07
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PUP.x!7E5E04B6DBB7
RDN/Generic PWS.y!8AD39AE900FE
Generic PUP.x!FA919C009814
RDN/Generic PUP.x!310FAE209BFD
RDN/Generic PUP.x!C1F195AFFBF0
Generic PUP.x!61FFE105D74D
Generic PUP.x!9B765B9DC201
RDN/Generic.bfr!97B290BF2888
RDN/Ransom!9086F66B397B
RDN/Generic PUP.x!974585DD7C7E
RDN/Generic.bfr!hp!2F5318283D20
Generic PUP.x!E37E8643EB0E
RDN/Generic PUP.x!E1A9A5D14805
Generic Dropper!D5705F627BAE
Generic.dx!7F9D3169E171
Downloader.gen.a!1F8DA5B5367F
Generic PUP.x!14B5B0F9EFA1
Generic PUP.x!D0C6D4C0D314
RDN/Generic.grp!hl!4CCB956FB142
Generic PUP.x!3B20DDB5566B
Generic PUP.x!0AE8332F429F
Generic PUP.x!B25FEC7B2BE3
RDN/Spybot.bfr!106F567745FB
RDN/Generic PUP.x!402C60F04680
RDN/BackDoor-CMQ!03B878E7493A
RDN/Generic PUP.x!29C660BFE681
Generic PUP.x!B2801F5F579D
Generic PUP.x!95EE3853B9F8
Generic Downloader.x!A25E15BD4F38
RDN/Generic PUP.x!442078F0D373

Phishing

AMAZON	10th August 2014
Amazon : Verify your account âœ”
PayPal	10th August 2014
PayPal Security & Privacy Update.
PayPal	10th August 2014
Your PayPal account is limited until we hear from you.
support	9th August 2014
YOU HAVE A PROBLEM IN YOUR ACCOUNT PLEASE UPDATE YOUR INFORMATION
support	8th August 2014
YOU HAVE A PROBLEM IN YOUR ACCOUNT PLEASE UPDATE YOUR INFORMATION
Amazon	8th August 2014
ACCOUNT CONFIRMATION

Vulnerebility

Exploit

8.8.2014

Bugtraq

[SECURITY] [DSA 2998-1] openssl security update 2014-08-06
Raphael Geissert (geissert debian org)

[ MDVSA-2014:152 ] glibc 2014-08-06
security mandriva com

[ MDVSA-2014:154 ] readline 2014-08-06
security mandriva com

[ MDVSA-2014:153 ] mediawiki 2014-08-06
security mandriva com

[ MDVSA-2014:151 ] cups 2014-08-06
security mandriva com

Cisco Security Advisory: Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability 2014-08-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic.bfr!3B29609A2250
Downloader.gen.a!FD5FC2EDEF54
RDN/BackDoor-CMQ!f!16E30608BBAC
RDN/Spybot.bfr!02C2333F6E4A
RDN/Generic Dropper!uz!7FD40CB71BC8
Generic PUP.x!15282FD5BCAB
RDN/Generic PUP.x!cl3!BDEAB08A6988
RDN/Generic.dx!d2q!EFA1AE2A7768
RDN/Generic PUP.x!1D09F27288D3
RDN/Generic PUP.x!cl3!062C1DB72C65
RDN/Generic.dx!d2q!6CEE7A5D0E8A
RDN/Generic PUP.x!cl3!B032210337F1
RDN/Generic Dropper!uz!E4F0C2B45294
Generic PUP.x!1F9A60626FF9
RDN/Generic PUP.x!cl3!AEAD6A2C5E6E
RDN/Generic PUP.x!cl3!43B0A1AE1E39
RDN/Generic PUP.x!cl3!02D3F09A5BD3
RDN/Generic PUP.x!cl3!D5B1F0754EEF
RDN/Generic PUP.x!cl3!9BAD0AC8F813
RDN/Generic PUP.x!cl3!5CC4E432E392
RDN/Generic.grp!hl!1593AD1449AD
RDN/Generic Dropper!uz!78897DA6D20E
RDN/Generic.bfr!hp!A992D563F820
Generic PUP.x!1FA0D800EF14
RDN/Generic Downloader.x!682944D849ED
RDN/Generic Dropper!uz!FBD1DB524D09
RDN/Generic Dropper!uz!EB9B675561F2
Downloader.gen.a!6C2DDD0FA240
Generic BackDoor!2108012364F9
RDN/BackDoor-AWQ!bv!1489F7656119

Phishing

ON BEHALF OF Customer Financ	7th August 2014
Access to your Visa card has been blocked!
NatWest	7th August 2014
Restriction On Your Account
Visa Service	6th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
service-customer	6th August 2014
ALERT#3245:PLEASE CHECK THE INFORMATION ASSOCIATED WITH YOUR ACCOUNT DATA
=?UTF-8?Q?PayPal?=	6th August 2014
=?UTF-8?Q?Your_account_will_be _locked_within_=32=34_hours=2e ?=
PayPal	6th August 2014
Your Credit/Debit Card expired in your account #PP-982-761-668

Vulnerebility

Exploit

7.8.2014

Bugtraq

PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-08-06
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:149 ] php 2014-08-06
security mandriva com

[security bulletin] HPSBMU03085 rev.1 - HP Application Lifecycle Management / Quality Center, Elevation of Privilege 2014-08-05
security-alert hp com

PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability 2014-08-06
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2997-1] reportbug security update 2014-08-05
Salvatore Bonaccorso (carnil debian org)

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java 2014-08-05
Georg Lukas (lukas rt-solutions de)

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-08-05
mike manzotti dionach com

Apache Cordova 3.5.1 2014-08-04
Marcel Kinard (cmarcelk gmail com)

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] 2014-08-04
Mike Antcliffe (mikeantcliffe logicallysecure com)

SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director 2014-08-05
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

RDN/Generic PUP.x!clc!E8FF5FF1D3A0
RDN/Generic PUP.x!clc!5D6A09BE4670
RDN/Generic PUP.x!clc!0FBE07BF61F7
RDN/Generic.tfr!eb!D2EB83586600
RDN/Generic BackDoor!zj!E47138296721
RDN/Generic Dropper!E408F16FB487
RDN/Generic PUP.x!clc!DBC697DA98B1
RDN/Generic PUP.x!clc!1925F434586B
RDN/Generic PUP.x!clc!8D8F36CBB344
RDN/Generic.dx!d2o!7CB0F9922B61
RDN/Generic PUP.x!clc!CF0DBFAACCD3
GenericATG-FACO!138434AC9516
RDN/Generic BackDoor!zj!387339B51FA0
RDN/Downloader.gen.a!6357BB1B0377
PUP-FLT!F769AA76515D
RDN/Generic PUP.x!clc!C1B98F772ECB
RDN/Downloader.a!sl!6357BB1B0377
Generic PUP.x!84027B280340
Generic PUP.x!B8F5FC1D972F
Trojan-FEKR!7F4CCE5073AE
RDN/Generic Downloader.x!kr!34F456651A47
RDN/Generic PUP.x!D693583628C4
RDN/Generic PUP.x!4DDF6B193DE7
RDN/Generic.dx!A97AD32C01CC
RDN/Downloader.a!sl!D489B5AE4D4A
RDN/BackDoor-CMQ!f!0058849D0CAD
Trojan-FDKL!67A5766EDB6D
RDN/Generic PUP.x!clc!F2DF207A29CB
RDN/Generic Dropper!uz!339A1203649B
PUP-FLT!90EC4E499CC9

Phishing

NatWest	7th August 2014
Restriction On Your Account
Visa Service	6th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
service-customer	6th August 2014
ALERT#3245:PLEASE CHECK THE INFORMATION ASSOCIATED WITH YOUR ACCOUNT DATA
=?UTF-8?Q?PayPal?=	6th August 2014
=?UTF-8?Q?Your_account_will_be _locked_within_=32=34_hours=2e ?=
PayPal	6th August 2014
Your Credit/Debit Card expired in your account #PP-982-761-668

Vulnerebility

Exploit

6.8.2014

Bugtraq

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java 2014-08-05
Georg Lukas (lukas rt-solutions de)

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-08-05
mike manzotti dionach com

Apache Cordova 3.5.1 2014-08-04
Marcel Kinard (cmarcelk gmail com)

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] 2014-08-04
Mike Antcliffe (mikeantcliffe logicallysecure com)

SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director 2014-08-05
SEC Consult Vulnerability Lab (research sec-consult com)

[security bulletin] HPSBMU03037 rev.2 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information 2014-08-04
security-alert hp com

CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall 2014-08-04
Portcullis Advisories (advisories portcullis-security com)

[security bulletin] HPSBMU03083 rev.1 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-04
security-alert hp com

Ebay Inc Magento ProStore CP #4 - Filter Validation Bypass & Persistent (Payment Information) Vulnerability 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

ownCloud Unencrypted Private Key Exposure 2014-08-04
Senderek Web Security (support senderek ie) (1 replies)

Re: ownCloud Unencrypted Private Key Exposure 2014-08-04
Frank Stanek (frank frank-stanek de) (2 replies)

RE: ownCloud Unencrypted Private Key Exposure - version (6.0.4) reported not vulnerable 2014-08-05
Choulat, Trace (tchoula ufl edu)

Re: ownCloud Unencrypted Private Key Exposure 2014-08-05
Anthony Dubuissez (anthony dubuissez webera fr)

Malware

Phishing

Visa Service	5th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
Visa Service	4th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
Discover Customer Service	4th August 2014
IMPORTANT MESSAGE ABOUT YOUR DISCOVERÂ®
Apple.inc	4th August 2014
YOU HAVE A PROBLEM IN YOUR ACCOUNT PLEASE UPDATE YOUR INFORMATION

Vulnerebility

Exploit

Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow

5.8.2014

Bugtraq

FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

ownCloud Unencrypted Private Key Exposure 2014-08-04
Senderek Web Security (support senderek ie)

[SECURITY] [DSA 2996-1] icedove security update 2014-08-03
Moritz Muehlenhoff (jmm debian org)

Video WiFi Transfer 1.01 - Directory Traversal Vulnerability 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2995-1] lzo2 security update 2014-08-03
Salvatore Bonaccorso (carnil debian org)

[slackware-security] dhcpcd (SSA:2014-213-02) 2014-08-01
Slackware Security Team (security slackware com)

[slackware-security] samba (SSA:2014-213-01) 2014-08-01
Slackware Security Team (security slackware com)

Microsoft Exchange Multiple Vulnerabilities 2014-08-01
np securitypentest com

Malware

Phishing

Visa Service	4th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
Discover Customer Service	4th August 2014
IMPORTANT MESSAGE ABOUT YOUR DISCOVERÂ®
Apple.inc	4th August 2014
YOU HAVE A PROBLEM IN YOUR ACCOUNT PLEASE UPDATE YOUR INFORMATION
NatWest Online Banking	2nd August 2014
Your Securtiy is important
BARCLAYS	2nd August 2014
ACCOUNT VALIDATION REQUIRED [#9384-BDA]

Vulnerebility

Exploit

Video WiFi Transfer 1.01 - Directory Traversal Vulnerability

FreeDisk v1.01 iOS - Multiple Vulnerabilities

Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh

4.8.2014

Bugtraq

[security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure 2014-07-31
security-alert hp com

Malware

W32/Expiro!08DB7DDE3814
W32/Expiro!056E87849E07
RDN/Generic PUP.x!ckt!0A5AFC45C3A6
RDN/Generic PUP.x!ckt!CA5362C7469F
RDN/Generic PUP.x!ckt!C70525C46D4A
Generic PUP.x!159ABAC7A572
Generic PUP.x!2DBE68F6E8EB
RDN/FakeAV-M.bfr!8BBE1B37FA4B
W32/Expiro!05B2A253463C
Generic PUP.x!8C14093241EF
Generic.tfr!E44566C58343
W32/Expiro!04A09DE44611
Downloader.gen.a!FEE1BC2B60EF
Generic PUP.x!36E6DFC40F67
Generic PUP.x!0085CB177B28
Generic.tfr!2B32D9BCA821
Somoto-BetterInstaller!5655811B468F
PUP-FMH!C66C0A0C5812
CryptDomaIQ!C622A061874A
CryptDomaIQ!C6EFEDDC16C4
Generic PUP.x!E7A29C8ADAB5
Generic.dx!39F09EEDBB74
CryptDomaIQ!C64238627A2E
Downloader.gen.a!BEBDD8448060
PUP-FMU!C71617B70793
CryptDomaIQ!C662BC2AF6F9
CryptDomaIQ!C70C239C2D64
Generic PUP.x!21841B079132
Generic PUP.x!8C0FC97C4407
W32/Expiro!08FBA30FB1B1

Phishing

NatWest Online Banking	2nd August 2014
Your Securtiy is important
BARCLAYS	2nd August 2014
ACCOUNT VALIDATION REQUIRED [#9384-BDA]
Microsoft	1st August 2014
For security purposes, your online account has been locked.

Vulnerebility

Exploit

TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution

2.8.2014

Bugtraq

[security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure 2014-07-31
security-alert hp com

[ MDVSA-2014:148 ] dbus 2014-07-31
security mandriva com

[ MDVSA-2014:147 ] sendmail 2014-07-31
security mandriva com

[SECURITY] [DSA 2994-1] nss security update 2014-07-31
Raphael Geissert (geissert debian org)

Malware

Generic.dx!EEDB021B4107
RDN/Downloader.a!si!FCF87BC81A5C
Generic PUP.x!C85F72BE47E0
RDN/Generic PUP.x!ckp!91718CE7DF49
RDN/Downloader.a!si!9FCE9CA3EAA1
RDN/Generic PUP.x!CF9A187C4140
RDN/Generic PUP.x!ckp!B0E0AA08AEC6
RDN/Generic PUP.x!ckp!D2907F32D3CD
RDN/Downloader.a!si!955FCDD7C6D5
RDN/Generic PUP.x!ckp!C91E19742A91
RDN/Downloader.a!si!7DFD452CD00E
RDN/Generic PUP.x!ckp!DA1442EF00B2
Generic.tfr!CD9F60E3921E
RDN/Downloader.a!si!604162E987A6
RDN/Generic Dropper!uy!9E6EB4FC4214
RDN/Generic PUP.x!ckp!A5308C29F05A
RDN/Downloader.a!si!D009C32F14E4
Generic.bfr!B0FFF36BF2B5
RDN/Downloader.a!si!402CC248306D
RDN/Downloader.a!si!C079FE18B514
Generic.dx!D9B152FE7207
RDN/Generic PUP.x!573A22EE2532
RDN/Generic PUP.x!ckp!4EE62C3F1B49
RDN/Downloader.a!si!1A37C6F758CD
RDN/Generic PUP.x!CD7A281E9FC6
Generic PUP.x!0A829E08A0A9
Generic PUP.x!BC798CE217F9
RDN/Generic PUP.x!ckp!716983CD6054
RDN/Downloader.a!si!FB52784E4A50
RDN/Generic Dropper!uy!2AD89A67786E

Phishing

BARCLAYS	2nd August 2014
ACCOUNT VALIDATION REQUIRED [#9384-BDA]
Microsoft	1st August 2014
For security purposes, your online account has been locked.

Vulnerebility

Exploit

1.8.2014

Bugtraq

[ MDVSA-2014:144 ] live 2014-07-30
security mandriva com

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

RE: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Joe Souza (Joe Souza NetMotionWireless com) (1 replies)

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:143 ] phpmyadmin 2014-07-30

Malware

RDN/Generic PUP.x!ckm!3E423F5F8F30
RDN/Generic.tfr!CB6A7DBABD38
RDN/Generic Downloader.x!kh!C37092056D60
RDN/Generic PUP.x!ckm!D8977D71ECB0
PUP-FMU!89B26B09C874
Generic PUP.x!6A2348DF5D07
Generic Downloader.x!11B9D320C370
Generic PUP.x!5E69780849E8
RDN/Generic PUP.x!E0D5C8BA68FC
Generic PUP.x!50988E37F4CB
PUP-FMU!FC88EAC1B034
RDN/Generic PWS.y!DBC0D4AF2723
CryptDomaIQ!9504335A721E
Generic PUP.x!4644B244F268
PUP-FMU!4576D80B3D68
PUP-FMU!25054506CF8E
RDN/Generic Dropper!uy!2AF0D9057C2D
RDN/Generic BackDoor!3DFF29FC14FC
RDN/Generic Dropper!uy!4E85CA323FF2
PUP-FMU!7ED025401F9C
RDN/Generic PUP.x!ckm!5F22DB062A0A
RDN/Generic PUP.x!0BB41C1261B0
Generic PUP.x!0B6A06193743
RDN/Generic.grp!hj!7CD8725E9561
Generic PUP.x!A556729C4351
RDN/Generic PUP.x!ckm!3D5F913DEBA1
RDN/Downloader.a!ry!E2304190B95A
RDN/Generic.dx!ddv!DB87E324A3E1
Generic PUP.x!63F3C1D81140
CryptDomaIQ!94FF124814A9

Phishing

Microsoft	1st August 2014
For security purposes, your online account has been locked.
PaypalService	1st August 2014
Update Your Account
MBNA Europe Bank Limited	31st July 2014
New Security Update.
Discover Customer Service	31st July 2014
MESSAGE ABOUT YOUR DISCOVERÂ®
Halifax	31st July 2014
1 New Halifax Account Messege

Vulnerebility

Exploit