Databáze Hot News 2014 December

Databáze Hot News 2014 December - 2014 January February March April May June July August September October November December

31.12.2014

Bugtraq

ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability 2014-12-30
Security Alert (Security_Alert emc com)

ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability 2014-12-30
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3116-1] polarssl security update 2014-12-30
Moritz Muehlenhoff (jmm debian org)

Remote Code Execution via Unauthorised File upload in Cforms 14.7 2014-12-29
z fedotkin infosec ru

[SECURITY] [DSA 3115-1] pyyaml security update 2014-12-29
Moritz Muehlenhoff (jmm debian org)

nullcon HackIM Challenge 9-11 Jan 2015 2014-12-29
nullcon (nullcon nullcon net)

[SECURITY] [DSA 3113-1] unzip security update 2014-12-28
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3114-1] mime-support security update 2014-12-29
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Spybot.bfr!3579B79FF705
Generic.bfr!0E361092DC71
RDN/Generic.dx!583FE8361C55
RDN/Generic PUP.x!3EA905D70130
RDN/Generic Dropper!vu!79C9E2DC17E9
RDN/Generic PUP.x!crc!2F6CF576D9D5
RDN/Generic PWS.y!bcf!945C7CEE1F68
RDN/Generic.dx!dhw!FB81F27EB7F8
RDN/Generic.bfr!986D34A2097B
RDN/DNSChanger.bfr!B47DC9E79E92
RDN/DNSChanger.bfr!DC4B059C45F1
Generic.dx!68BDFE238DF1
RDN/Generic.bfr!ia!E134EF50DB53
RDN/Generic.bfr!3B2CA5837595
RDN/Generic PUP.x!crc!7B9FECD3720B
RDN/Generic PUP.x!E373DD3B4B06
RDN/Generic BackDoor!bb3!AC56CD5EE486
Generic PUP.x!6F930603D4B4
RDN/Generic Dropper!vu!49A8BFA00F9D
Generic PUP.x!518478624A2E
Generic.bfr!4322AC83C313
RDN/Generic BackDoor!A4C8C8FCA02B
Generic PUP.x!0DE35E3F69AB
RDN/Generic Downloader.x!mf!C7E30DF91996
RDN/Generic PWS.y!bcf!B0543ED1E059
RDN/Generic BackDoor!1E82F9D68402
RDN/Generic PUP.z!68072D0618A6
RDN/Generic.tfr!eg!6DDE50B9BB29
Ransom!87E362E7540F
Generic PUP.x!DC2FA138F478

Phishing

Vulnerebility

Exploit

Liferay Portal 7.0.x <= 7.0.2 - Pre-Auth RCE

30.12.2014

Bugtraq

Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Wickr Desktop v2.2.1 Windows - Denial of Service Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

PHPLIST v3.0.6 & v3.0.10 - SQL Injection Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Pimcore v3.0 & v2.3.0 CMS - SQL Injection Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

ZTE Ucell 3G Modem App - Privilege Escalation Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Mobilis MobiConnect 3G ZDServer 1.x - Privilege Escalation Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Facebook Bug Bounty #17 - Migrate Privacy Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

DRAM unreliable under specific access patern 2014-12-24
Pavel Machek (pavel ucw cz)

Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 2014-12-24
steffen roesemann1986 gmail com

Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products 2014-12-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 3110-1] mediawiki security update 2014-12-23
Sebastien Delafond (seb debian org)

FreeBSD Security Advisory FreeBSD-SA-14:31.ntp 2014-12-23
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3112-1] sox security update 2014-12-23
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Generic.dx!dhv!1531860F1651
RDN/Generic.bfr!A4BB0D416E6E
RDN/Generic PUP.x!039DF24978E1
DNSChanger.bfr!8D679ACB9AF3
Downloader.gen.a!F907F3E12622
RDN/Generic Dropper!vu!E4011D6D0E33
Generic PUP.x!E38F99BC96C7
RDN/Generic PWS.y!bcf!2E25E96AA1EB
Generic PUP.x!B67D358929F5
Generic PUP.x!C7FC61FF2CEB
RDN/Downloader.gen.a!557407112CC1
Generic PUP.x!B5CC31261201
RDN/Generic Dropper!vu!B4FCB2CBCB3E
Generic PUP.x!520B07D599A1
RDN/Spybot.bfr!2065F9E63A43
DNSChanger.bfr!D160ED66D84A
Generic PUP.x!5925BDC40D67
Generic PUP.x!213B73DCDD90
Generic PUP.x!1A5CCA9830C8
RDN/Downloader.a!ud!219094AFC7BF
RDN/Generic PWS.y!bcf!B34D917EBD4C
RDN/Generic PUP.x!5BA186B231B4
RDN/Generic.bfr!ia!504DE29B7598
RDN/Generic PUP.x!cr3!742804B395D6
RDN/Downloader.a!ud!C50F3CD54AB0
RDN/Generic PUP.x!0DB1C7F87B25
RDN/Generic PUP.x!cr3!C1B4D476BDB6
RDN/Generic.bfr!0DEBECEAFD71
Generic PUP.x!DABD8FC77626
RDN/Generic.bfr!2CBC5A74DF65

Phishing

Vulnerebility

Exploit

29.12.2014

Bugtraq

Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Wickr Desktop v2.2.1 Windows - Denial of Service Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

PHPLIST v3.0.6 & v3.0.10 - SQL Injection Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Pimcore v3.0 & v2.3.0 CMS - SQL Injection Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

ZTE Ucell 3G Modem App - Privilege Escalation Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Mobilis MobiConnect 3G ZDServer 1.x - Privilege Escalation Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

Facebook Bug Bounty #17 - Migrate Privacy Vulnerability 2014-12-25
Vulnerability Lab (research vulnerability-lab com)

DRAM unreliable under specific access patern 2014-12-24
Pavel Machek (pavel ucw cz)

Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 2014-12-24
steffen roesemann1986 gmail com

Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products 2014-12-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 3110-1] mediawiki security update 2014-12-23
Sebastien Delafond (seb debian org)

FreeBSD Security Advisory FreeBSD-SA-14:31.ntp 2014-12-23
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3112-1] sox security update 2014-12-23
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Generic.bfr!hz!861E69442CF5
RDN/Generic.bfr!8C83874A4C72
Generic PUP.x!A672475E0B7C
Generic PUP.x!945B4CF3D358
RDN/Generic.bfr!hz!8D1D7CA67258
Generic PUP.x!94802FD14984
RDN/Generic.bfr!hz!8FAD9011F4D3
RDN/Generic.bfr!hz!8975281D641A
RDN/Generic.dx!B7EA46C58E75
Generic PUP.x!A41F20088C1C
RDN/Generic.dx!dhs!27B01AF456B4
Generic PUP.x!1E4FEB1E9E1B
RDN/Generic PUP.x!A30E1A05028D
RDN/Generic.bfr!hz!8B8FF2790013
RDN/Generic PUP.x!D0B803786532
Generic PUP.x!0E9449E8464C
Generic PUP.x!A4CE34B1A9C9
RDN/Generic.bfr!hz!8A2C7317F1D1
Generic Dropper!C7E0D0E61A3C
Generic Dropper!9C8B9F0E283F
RDN/Generic.bfr!hz!8967F65ED6A2
Generic PUP.x!104D4374B1C2
Downloader.gen.a!DDF5D22B7E91
RDN/Generic.bfr!hz!88615C474B4B
RDN/Generic BackDoor!bbc!93A137415768
RDN/Generic.bfr!hz!7C4E8047F318
Generic PWS.y!D2A21A446577
Generic PUP.x!74E21FE9E7D6
RDN/Generic.bfr!81CDDA0756CE
Generic PUP.x!7FE494EF5B8F

Phishing

Vulnerebility

Exploit

WhatsApp <= 2.11.476 - Remote Reboot/Crash App Android

Pimcore 3.0 & 2.3.0 CMS - SQL Injection Vulnerability

PHPLIST 3.0.6 & 3.0.10 - SQL Injection Vulnerability

PMB <= 4.1.3 - Post-Auth SQL Injection Vulnerability

Wickr Desktop 2.2.1 Windows - Denial of Service Vulnerability

25.12.2014

Bugtraq

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367 2014-12-19
Onur Yilmaz (onur netsparker com)

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325 2014-12-19
Onur Yilmaz (onur netsparker com)

Facebook BB #18 - IDOR Issue & Privacy Vulnerability 2014-12-19
Vulnerability Lab (research vulnerability-lab com)

Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability 2014-12-19
Vulnerability Lab (research vulnerability-lab com)

iBackup v10.0.0.45 - Privilege Escalation Vulnerability 2014-12-19
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor 2014-12-19
SEC Consult Vulnerability Lab (research sec-consult com)

APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3 2014-12-18
Apple Product Security (product-security-noreply lists apple com)

[oCERT-2014-012] JasPer input sanitization errors 2014-12-18
Andrea Barisani (lcars ocert org)

SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted 2014-12-18
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager 2014-12-18
SEC Consult Vulnerability Lab (research sec-consult com)

iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability 2014-12-18
Vulnerability Lab (research vulnerability-lab com)

E-Journal CMS (ID) - Multiple Web Vulnerabilities 2014-12-18
Vulnerability Lab (research vulnerability-lab com)

Facebook Bug Bounty #16 (Studio) - Persistent Vulnerability 2014-12-18
Vulnerability Lab (research vulnerability-lab com)

Apple iOS v8.x - Message Context & Privacy Vulnerability 2014-12-18
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic.bfr!hz!3547F58037A5
DNSChanger.bfr!9AF8E550B515
RDN/Generic Dropper!1A05A342CAA7
Generic PUP.x!74ECA1F17961
RDN/Generic Downloader.x!mb!5DF1A6A37ECC
Generic PUP.x!23E85F8436A8
RDN/Generic PUP.x!cqt!2626F871ABB6
RDN/Generic.dx!dh3!269C9DC798E8
RDN/Generic PUP.x!cqt!2639738FFF7F
RDN/Generic PUP.x!9EFD7AB61465
RDN/Generic PUP.x!cqt!5A91F3388BBB
RDN/Spybot.bfr!747B6FD44CC1
RDN/Generic Downloader.x!8D7DF055C7CE
RDN/Spybot.bfr!0C7C3EA238A4
RDN/Spybot.bfr!0C8EF176E70C
RDN/Generic Downloader.x!mb!1A5B25DABA50
BrowseFox-FTQ!9C37005668CE
Generic PUP.x!2FB2AAD45CDE
RDN/Generic PUP.x!DD0F60FA4E0C
Generic PUP.x!2618569C3329
RDN/Generic.dx!2648B65474D1
RDN/Generic PUP.x!cqt!2614F3F2C7A2
RDN/Generic PUP.x!2653C83103F8
RDN/Generic PUP.x!26A5A06170A5
RDN/Downloader.a!ub!1B3FA6F7AFB2
Generic Downloader.x!1A3D1FA9761A
RDN/Generic StartPage!cc!B0C96F5BDDFF
RDN/Generic PUP.x!cqt!A235EB690301
RDN/Generic PUP.x!cqt!724B84E684AA
Generic PUP.x!04F683600409

Phishing

Vulnerebility

Exploit

Cacti Superlinks Plugin 1.4-2 RCE(LFI) via SQL Injection Exploit

Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities

miniBB 3.1 - Blind SQL Injection

Varnish Cache CLI Interface Remote Code Execution

19.12.2014

Bugtraq

Malware

Phishing

Vulnerebility

Exploit

17.12.2014

Bugtraq

[security bulletin] HPSBMU03217 rev.1 - HP Vertica Analytics Platform running Bash Shell, Remote Code Execution 2014-12-16
security-alert hp com

[security bulletin] HPSBOV03226 rev.1 - HP TCP/IP Services for OpenVMS, BIND 9 Resolver, Multiple Remote Vulnerabilities 2014-12-16
security-alert hp com

[security bulletin] HPSBOV03225 rev.1 - HP OpenVMS running POP, Remote Denial of Service (DoS) 2014-12-16
security-alert hp com

[security bulletin] HPSBMU03221 rev.1 - HP Connect-IT running SSLv3, Remote Disclosure of Information 2014-12-16
security-alert hp com

RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

Konakart v7.3.0.1 CMS - CS Cross Site Web Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

Elefant CMS v1.3.9 - Persistent Name Update Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

iWifi for Chat v1.1 iOS - Denial of Service Vulnerability 2014-12-16
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3105-1] heirloom-mailx security update 2014-12-16
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 3104-1] bsd-mailx security update 2014-12-16
Florian Weimer (fw deneb enyo de)

W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface 2014-12-16
Mazin Ahmed (mazen150 hotmail com)

[Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA 2014-12-16
Onapsis Research Labs (research onapsis com)

"Ettercap 8.0 - 8.1" multiple vulnerabilities 2014-12-16
Nick Sampanis (n sampanis obrela com)

[SE-2014-02] Google App Engine Java security sandbox bypasses (status update) 2014-12-16
Security Explorations (contact security-explorations com)

Malware

RDN/Generic BackDoor!b2z!F542CA8889DF
W32/Expiro!E961D87DE3CE
Generic PWS.y!5ECF5F3F2731
RDN/Generic PUP.x!cqs!9AEB54781C52
RDN/Generic PUP.x!cqs!8398D4381A50
RDN/Generic PUP.x!07E3F54A4E44
RDN/Generic PWS.y!1C057DF9E4F6
Generic PUP.x!7951D50D9234
RDN/Generic PUP.x!cqs!0A5A2E682AD4
RDN/Generic PUP.x!cqs!56DA359E0AEB
RDN/Generic PUP.x!cqs!FA9C54D17D07
RDN/Generic.bfr!hr!1DD9DCA0D329
W32/Expiro!9F02E561D1F6
RDN/Generic PUP.x!cqs!E78537AE86AE
RDN/Generic PUP.x!cqs!CEE54E072D7C
RDN/Generic.tfr!ef!84B048B61C92
RDN/Generic PUP.x!cqs!00D64659159C
RDN/Generic PUP.x!cqs!D5D7D6E2590C
W32/Sality.gen!64E1558CC743
RDN/Generic BackDoor!b2z!0A1617359122
RDN/Generic.tfr!ef!856697A0B189
Generic PUP.x!120737EDD33D
RDN/BackDoor-FBSA!a!679E62CF3081
RDN/Generic PUP.x!cqs!CB88F0D39132
RDN/Generic Downloader.x!021CAAB2453A
RDN/Generic.bfr!hr!65265631A229
RDN/Generic PUP.x!EC2E573F2FC9
RDN/Spybot.bfr!087C41FA5614
Generic PUP.x!53F4CE07ABCD
RDN/Generic BackDoor!D6EB7C7A9404

Phishing

Vulnerebility

Exploit

ActualAnalyzer 'ant' Cookie Command Execution

CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution

CMS Papoo 6.0.0 Rev. 4701 - Stored XSS

16.12.2014

Bugtraq

CA20141215-01: Security Notice for CA LISA Release Automation 2014-12-15
Williams, Ken (Ken Williams ca com)

[ MDVSA-2014:252 ] nss 2014-12-15
security mandriva com

[ MDVSA-2014:253 ] apache-mod_wsgi 2014-12-15
security mandriva com

Malware

RDN/Spybot.bfr!o!573E6228C366
RDN/Generic.dx!B8BFCD6C2B8D
RDN/Generic.dx!B973C946394F
Generic Dropper!F67F5ACFDB7A
RDN/Generic.dx!B7E1BB056964
RDN/Generic.bfr!hy!5A83F889F1D5
Generic PUP.x!670FE5B3D191
Generic PUP.x!CA6D9DA1F479
RDN/Generic.dx!ADB24F1C4561
Generic PUP.x!97F875B92C6D
RDN/Generic Dropper!vs!111F2B3E1D26
RDN/Generic PUP.x!cqq!CB4E9CD380CB
RDN/Generic.dx!dhm!EA6816D2B24D
Generic PUP.x!21DB0BFA7902
RDN/Generic PUP.x!cqq!D90E0D49B21C
RDN/Generic.dx!dhm!A7373A3B327A
RDN/Generic PUP.x!B1AE742BAD81
Generic PUP.x!F26D1450CAA5
RDN/Generic BackDoor!b2z!7A2CBD82783C
RDN/Generic.dx!dhm!2B3BD772196E
Generic PUP.x!C4D6B4BF51D0
RDN/Generic.bfr!CBD9DF96C27D
Generic PUP.x!1153EFC27530
Generic PUP.x!C18590F1E5A9
RDN/Generic.bfr!hy!366BEB355C90
RDN/Generic.bfr!hy!3AA3BA0BB730
RDN/Generic.bfr!hy!85848A153B93
W32/Virut.gen!5A00083F332A
RDN/PWS-Banker.dldr!i!8041326FFE81
RDN/Generic PUP.x!cqq!8F7ECB797D42

Phishing

Vulnerebility

Exploit

Tuleap PHP Unserialize Code Execution

Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit Dos (.m3u)

Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit Dos (.lst)

jaangle 0.98i.977 - Denial of Service Vulnerability

HTCSyncManager 3.1.33.0 - Service Trusted Path Privilege Escalation

Avira 14.0.7.342 - (avguard.exe) Service Trusted Path Privilege Escalation

CodeMeter 4.50.906.503 - Service Trusted Path Privilege Escalation

GLPI 0.85 - Blind SQL Injection

Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass Exploit

Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability

ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling

Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit

15.12.2014

Bugtraq

[ MDVSA-2014:242 ] yaml 2014-12-14
security mandriva com

[SECURITY] [DSA 3103-1] libyaml-libyaml-perl security update 2014-12-13
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3102-1] libyaml security update 2014-12-13
Salvatore Bonaccorso (carnil debian org)

Defense in depth -- the Microsoft way (part 23): two quotes or not to quote... 2014-12-13
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:238 ] bind 2014-12-13
security mandriva com

[SECURITY] [DSA 3101-1] c-icap security update 2014-12-13
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2014:243 ] phpmyadmin 2014-12-14
security mandriva com

[ MDVSA-2014:244 ] openafs 2014-12-14
security mandriva com

[ MDVSA-2014:245 ] mutt 2014-12-14
security mandriva com

CVE-2014-2026 Reflected Cross-Site Scripting (XSS) in "Intrexx Professional" 2014-12-14
Christian Schneider (mail Christian-Schneider net)

CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional" 2014-12-14
Christian Schneider (mail Christian-Schneider net)

[SECURITY] [DSA 3100-1] mediawiki security update 2014-12-13
Sebastien Delafond (seb debian org)

[ MDVSA-2014:251 ] rpm 2014-12-14
security mandriva com

[ MDVSA-2014:239 ] flac 2014-12-14
security mandriva com

[ MDVSA-2014:250 ] cpio 2014-12-14
security mandriva com

[ MDVSA-2014:249 ] qemu 2014-12-14
security mandriva com

[ MDVSA-2014:248 ] graphviz 2014-12-14
security mandriva com

[ MDVSA-2014:247 ] jasper 2014-12-14
security mandriva com

[ MDVSA-2014:246 ] openvpn 2014-12-14
security mandriva com

Malware

Generic PUP.x!2162F7A0B0B1
RDN/Generic Dropper!EE586D102E0A
Generic PUP.x!457A1B32F266
Generic PUP.x!9D17AE644668
Generic PUP.x!55177817FFE5
Generic PUP.x!30CF353C836C
RDN/Generic PUP.x!cqp!9D8EAB90C30A
Generic PUP.x!7E189B586D4A
RDN/Generic PUP.x!0ED6209D0694
Generic PUP.x!40063A03E7EF
Generic PUP.x!246117D07613
Ransom!18919C306EA4
RDN/Generic.dx!DB0192556405
RDN/Generic.dx!dhm!A123EF553902
RDN/Generic PUP.x!cqp!A07C5716E874
RDN/Generic PUP.x!3808ED714971
RDN/Generic PUP.x!cqp!93CD1F8CF804
RDN/Generic PUP.x!165BD5981245
RDN/Generic PUP.x!34243A89DA6A
RDN/Generic PUP.x!cqp!937E15D5BB76
RDN/Generic PUP.x!cqp!91C0596595C0
RDN/Generic PUP.x!cqp!345A0020F5A8
Generic PUP.x!47C37AD484AD
Generic PUP.x!6433F15A9257
RDN/Generic PUP.x!cqp!9B05F89C97C2
RDN/Generic PUP.x!cqp!9AC2F7132046
Generic PUP.x!72396B1B5D8C
Generic PUP.x!C68FF433737C
Generic PUP.x!0B0A8B55C001
Generic PUP.x!9B36A075327F

Phishing

Vulnerebility

Exploit

12.12.2014

Bugtraq

[security bulletin] HPSBUX03162 SSRT101767 rev.3 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Man-in-the-Middle (MitM) Attack 2014-12-11
security-alert hp com

Docker 1.3.3 - Security Advisory [11 Dec 2014] 2014-12-12
Eric Windisch (eric windisch docker com)

[SECURITY] [DSA 3099-1] dbus security update 2014-12-11
Florian Weimer (fw deneb enyo de)

ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities 2014-12-11
petri iivonen tmbc gov uk

APPLE-SA-2014-12-11-1 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 2014-12-11
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 3098-1] graphviz security update 2014-12-11
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3097-1] unbound security update 2014-12-10
Yves-Alexis Perez (corsac debian org)

[slackware-security] openssh (SSA:2014-344-03) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] wpa_supplicant (SSA:2014-344-07) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] mozilla-firefox (SSA:2014-344-02) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] pidgin (SSA:2014-344-05) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] bind (SSA:2014-344-01) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] seamonkey (SSA:2014-344-06) 2014-12-11
Slackware Security Team (security slackware com)

[slackware-security] openvpn (SSA:2014-344-04) 2014-12-11
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3096-1] pdns-recursor security update 2014-12-11
Sebastien Delafond (seb debian org)

Malware

RDN/Generic PUP.x!800B12C999F0
RDN/Generic PUP.x!cqm!3E67D8A6B6E5
Generic PUP.x!182AD4EE434A
Generic PUP.x!D1390FE10703
RDN/Generic.bfr!hy!DC009B4CBECA
RDN/Generic Downloader.x!lx!EF1F320E4BC4
RDN/Generic PUP.x!cqm!32A855917E2C
Generic PUP.x!B722121B2F85
RDN/Generic.dx!dhk!CAF89054CA41
Generic PUP.x!8DCB06E5261C
RDN/Generic.bfr!hy!F69301B6A9C2
RDN/Generic Downloader.x!FEFDA7B4CD45
Generic PUP.x!3402B2256F3B
RDN/Spybot.bfr!o!091A5A811931
RDN/Ransom!680C3147CA83
Generic PUP.x!B55E0A4DCFAB
RDN/Generic PUP.x!cqm!31DFD3C67A31
RDN/Generic PUP.x!cqm!602BDCFDCDCB
RDN/Ransom!CC176FDF8DE8
RDN/Generic PUP.x!cqm!10F663474EB7
RDN/Generic BackDoor!b2w!EFB8156D0102
RDN/Generic Downloader.x!lx!7C054A348B82
RDN/Generic PUP.x!cqm!67BD3FC62352
Generic PUP.x!B714CADEACCD
RDN/DNSChanger.bfr!f!91DCEE49A884
RDN/DNSChanger.bfr!f!D6368D693751
RDN/Generic PUP.x!cqm!4BCCEB0D396A
RDN/Generic BackDoor!b2w!E738581CCC00
RDN/Generic PWS.y!bc3!DF87FED7B766
Generic.bfr!B88590217930

Phishing

Vulnerebility

Exploit

10.12.2014

Bugtraq

Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities 2014-12-09
simo morxploit com

[security bulletin] HPSBMU03043 rev.1 - HP Smart Update Manager for Windows and Linux, Local Disclosure of Information 2014-12-09
security-alert hp com

[security bulletin] HPSBST03106 rev.2 - HP P2000 G3 MSA Array System, HP MSA 2040/1040 Storage running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-12-09
security-alert hp com

NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability 2014-12-09
VMware Security Response Center (security vmware com)

[CVE-2014-8340] phpTrafficA SQL injection 2014-12-09
DaniÃ«l Geerts (dgeerts nikhef nl)

[security bulletin] HPSBGN03208 rev.1 - HP Cloud Service Automation running SSLv3, Remote Disclosure of Information 2014-12-09
security-alert hp com

[security bulletin] HPSBGN03222 rev.1 - HP Enterprise Maps running SSLv3, Remote Disclosure of Information 2014-12-09
security-alert hp com

Subrion CMS Security Advisory - XSS Vulnerability - CVE-2014-9120 2014-12-09
Onur Yilmaz (onur netsparker com)

Malware

RDN/Generic PUP.x!9229DE0F4550
Generic PUP.x!59BB1588B0D7
RDN/Generic Dropper!CB071AB48A43
W32/Autorun.worm.aaeh!5331BAED2229
RDN/Generic.dx!dhh!E908A7B34261
Generic PUP.x!CFEDE9614756
RDN/Generic PUP.x!cql!EFD29FEEFCD0
RDN/Generic.tfr!ef!131338C5DDFB
RDN/Generic PUP.x!cql!113BECD44DE2
RDN/Generic PUP.x!cql!2456B4D3C3C8
RDN/Generic BackDoor!b2v!9E03E7076352
Generic PUP.x!64B7C901809E
DNSChanger.bfr!212E6E26D255
Generic Dropper!EF81368C766B
Generic PUP.x!A2802E5DB212
RDN/Generic PUP.x!cql!AB72EF5A28D4
Downloader.gen.a!EC4498931F4B
RDN/Generic Downloader.x!lw!2568B9FC647C
RDN/Generic StartPage!4BAFA4A023E2
Generic PUP.x!F1FA25DE8E7F
RDN/Generic Downloader.x!lw!7F38656A8BC7
RDN/Generic BackDoor!b2v!CB7F315D1A36
Generic PUP.x!2F9CCA2FAA4F
Generic PUP.x!0055B1F813D7
RDN/Generic Downloader.x!lw!EB770CA7FBDE
RDN/Generic Downloader.x!lw!0AE10A8E3D35
RDN/Generic BackDoor!b2v!BACFA358FA87
RDN/Generic BackDoor!b2v!F55EDE4A7973
RDN/Generic PUP.x!19938D4EB609
RDN/Downloader.a!tz!74788F35DCFA

Phishing

Vulnerebility

Exploit

9.12.2014

Bugtraq

[CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds 2014-12-08
jlk apache org

[ANN] Apache Struts 2.3.20 GA release available with security fix 2014-12-08
Lukasz Lenart (lukaszlenart apache org)

CFP: InfoSec SouthWest 2015 (ISSW) 2014-12-08
Tod Beardsley (todb packetfu com)

Malware

Generic PUP.x!391008A6951A
RDN/Generic Downloader.x!lw!1B904B66BC2E
RDN/Generic PUP.x!6EF6FE98A3AB
Generic PUP.x!62EA1B9E4DB0
RDN/Generic.dx!0D16269BA604
Generic PUP.x!65AF418038BC
RDN/Spybot.bfr!o!74AC6FFD7A2F
Generic PUP.x!63048FB8C704
RDN/Generic.tfr!ef!062DFB0D87F6
RDN/Generic Downloader.x!lw!6314FE26A3B6
Generic PUP.x!295E252B1F82
RDN/Generic.dx!dhh!765CED612BAB
RDN/Generic.dx!66A176B3A70B
RDN/Generic.dx!190865AA137D
RDN/Generic PUP.x!626C7D510D9A
Generic PUP.x!64126E2A24F6
RDN/Generic.hra!cd!570313706885
Generic PUP.x!5A001CCDE177
Generic PUP.x!6249CC174D79
RDN/Generic PUP.x!cqk!3D06DE7CDC43
Generic PUP.x!5C9F42D85E29
Generic PUP.x!5AB2A956AE7D
Generic PUP.x!682A171D0C74
Generic PUP.x!C78B66E1679A
Generic PUP.x!6B01B593D558
RDN/Generic.dx!69B5792532E1
RDN/Spybot.bfr!448E404BA180
Generic PUP.x!61BCF0767085
Generic PUP.x!64DC1768D819
Generic PUP.x!60B0A0B51CFB

Phishing

Vulnerebility

Exploit

8.12.2014

Bugtraq

[SECURITY] [DSA 3091-1] getmail4 security update 2014-12-07
Giuseppe Iuculano (iuculano debian org)

[SECURITY] [DSA 3092-1] icedove security update 2014-12-07
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic.bfr!00DD55F14869
RDN/Generic.dx!D3A39A90401B
RDN/Generic.bfr!98020D83A9B4
RDN/Generic.bfr!CD1042080EA2
RDN/Generic.dx!D33627C8D4BB
RDN/Generic.bfr!5EB658A32E03
RDN/Generic.bfr!CCA81CD51AF1
RDN/Generic.bfr!18D758F08C92
RDN/Generic PWS.y!bb3!B68427EFCE31
RDN/Generic.dx!dhg!464DE1957DD6
RDN/Generic.dx!E728075A30B4
RDN/Generic.bfr!75D1F68DD7B1
RDN/Generic.dx!D36EF214F161
RDN/Generic.bfr!2AE7CC0FDF68
RDN/Generic.bfr!B7ED4D8E22A4
RDN/Generic.bfr!016D00B60E76
RDN/Sdbot.worm!62230CFE8AEF
RDN/Generic PUP.x!A64858F103B8
RDN/Generic.dx!D2D3C1BFADDE
RDN/Generic Dropper!7AE2189384D6
RDN/Generic.bfr!017B524C6E57
RDN/PWS-Banker!dp!BEFBBCD9839E
RDN/Generic PUP.x!1615087403C8
Generic PWS.y!CAC109385C51
Generic PWS.y!15BC0DFBBC3D
Generic PWS.y!ACD9608887D4
RDN/Generic.bfr!45492755ACCA
RDN/Generic.bfr!348E1DA52D6C
RDN/Generic.bfr!17D4E25658B3
RDN/Generic.bfr!8F3768A6C7DF

Phishing

Vulnerebility

Exploit

6.12.2014

Bugtraq

NASA Orion Mars Program - Bypass, Persistent Issue & Embed Code Execution Vulnerability (Boarding Pass) 2014-12-05
Vulnerability Lab (research vulnerability-lab com)

NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities 2014-12-05
VMware Security Response Center (security vmware com)

Offset2lib: bypassing full ASLR on 64bit Linux 2014-12-04
Hector Marco (hecmargi upv es)

[security bulletin] HPSBGN03205 rev.1 - HP Insight Remote Support Clients running SSLv3, Remote Disclosure of Information 2014-12-05
security-alert hp com

Malware

RDN/Generic PUP.x!cq3!87B6EA190355
RDN/Generic PUP.x!3217DC0D978E
Generic PUP.x!2C2F22733F56
Generic PUP.x!0106BC5B4A78
Generic PUP.x!B2D43C998B84
Generic PUP.x!1C41135C3730
Generic PUP.x!1D2696F0BE06
RDN/Generic PUP.x!9FEEB7FA4EDB
RDN/Generic PUP.x!cq3!F9F93597F11C
RDN/Generic PUP.x!019AE0E9D6D0
RDN/Generic PUP.x!D13E402D8D92
RDN/Generic PUP.x!58A3420FB44F
Generic PUP.x!20951CF0817D
RDN/Generic PUP.x!99920706BF86
RDN/Generic.dx!6DD1446DA6B7
Generic PUP.x!9DEDFCE1277B
Generic Downloader.x!E8605FC052A8
RDN/Generic BackDoor!b2t!BE45946FCB4D
RDN/Generic PUP.x!7CD5B3183FC1
RDN/Generic PUP.x!9682A88AB2BD
RDN/Generic PUP.x!06C0D336DC76
RDN/Generic PUP.x!DA69897C63FD
RDN/Generic PUP.x!9A83CFC86968
RDN/Generic PUP.x!8DBBFDA12D03
Downloader.gen.a!2F28800649B2
RDN/Generic.dx!dhf!FCE52F14C722
RDN/Downloader.a!ty!09CB8DBB3812
Generic PUP.x!D893776612A0
RDN/Downloader.a!ty!5FBF7819D65B
Downloader.gen.a!38BF8B2D2F81

Phishing

Vulnerebility

Exploit

Windows Kerberos - Elevation of Privilege (MS14-068)

Offset2lib: Bypassing Full ASLR On 64bit Linux

PBBoard CMS 3.0.1 - SQL Injection

5.12.2014

Bugtraq

NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities 2014-12-05
VMware Security Response Center (security vmware com)

Offset2lib: bypassing full ASLR on 64bit Linux 2014-12-04
Hector Marco (hecmargi upv es)

[security bulletin] HPSBGN03205 rev.1 - HP Insight Remote Support Clients running SSLv3, Remote Disclosure of Information 2014-12-05
security-alert hp com

[security bulletin] HPSBUX03218 SSRT101770 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-12-05
security-alert hp com

[SECURITY] [DSA 3090-1] iceweasel security update 2014-12-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3089-1] jasper security update 2014-12-04
Salvatore Bonaccorso (carnil debian org)

[oCERT-2014-009] JasPer input sanitization errors 2014-12-04
Andrea Barisani (lcars ocert org)

[SECURITY] [DSA 3088-1] qemu-kvm security update 2014-12-04
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3087-1] qemu security update 2014-12-04
Salvatore Bonaccorso (carnil debian org)

Re: Slider Revolution/Showbiz Pro shell upload exploit 2014-12-04
assistenz crm-br com

CVE-2014-9215 - SQL Injection in PBBoard CMS 2014-12-04
tien d tran itas vn

Malware

RDN/Generic.dx!343CF189A818
Generic PUP.x!4AE63E42B433
RDN/Generic Dropper!vq!35F55097DB42
RDN/Generic BackDoor!b2t!36388B28CFAB
FakeAV-M.bfr!976F9202EEFA
Generic PUP.x!FC10088FEBCA
RDN/Generic PUP.x!cq3!C572EE23AF44
Generic PUP.x!253860E5413C
RDN/Generic Downloader.x!lv!CE5E6E9D2C1C
RDN/Generic PWS.y!520BAAE837CF
Generic PUP.x!67199DE2EE80
Generic Downloader.x!5B8CA093491A
RDN/Generic PUP.x!cq3!964C1D7756C6
Generic.dx!CC8DD1E9A5B8
RDN/Generic PUP.x!cq3!CD66DF1EDFF6
RDN/Generic PUP.x!cq3!6B600649B029
RDN/Generic PUP.x!cq3!1F4366455542
RDN/Generic Downloader.x!lv!CDD4ECE0A925
Generic PUP.x!60123132637F
RDN/Generic Dropper!vq!FA0DA4B0EFB5
RDN/Generic PUP.x!6B2807497B47
Generic.bfr!A60CFBABDE0E
RDN/Generic BackDoor!b2t!7E254702A871
Downloader.gen.a!5F926E2C92CC
RDN/Generic PUP.x!79A3AE4F634B
RemAdm-Gneric!A41FFEDFF6CE
RDN/Generic.bfr!hy!1E2EEAA82CE0
RDN/Generic PUP.x!cq3!6E3033CEB9B7
FakeAV-M.bfr!D0250AA731D6
RDN/Generic.dx!6BFA39C53802

Phishing

Vulnerebility

Exploit

Offset2lib: Bypassing Full ASLR On 64bit Linux

PBBoard CMS 3.0.1 - SQL Injection

Technicolor DT5130 V2.05.C29GV - Multiple Vulnerabilities

4.12.2014

Bugtraq

CVE-2014-9215 - SQL Injection in PBBoard CMS 2014-12-04
tien d tran itas vn

APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 2014-12-03
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 3086-1] tcpdump security update 2014-12-03
Salvatore Bonaccorso (carnil debian org)

Wireless N ADSL 2/2+ Modem Router - DT5130 - Xss / URL Redirect / Command Injection 2014-12-03
Ewerson GuimarÃ£es (Crash) - Dclabs (crash dclabs com br)

[slackware-security] mozilla-thunderbird (SSA:2014-337-01) 2014-12-03
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3085-1] wordpress security update 2014-12-03
Yves-Alexis Perez (corsac debian org)

Malware

RDN/Generic PUP.x!cqh!D465E754F1BE
Generic PUP.x!899B175F4B8A
RDN/Generic PUP.x!0A2570CF8123
Generic-FAVO!42B5B68762AC
RDN/Generic Dropper!vp!A45BB31A2176
RDN/Generic StartPage!cb!438D4B2CDF5F
RDN/Generic StartPage!cb!D87134986F56
Generic-FAVO!465FCD4E9E58
RDN/Generic BackDoor!b2s!FB58875E93B1
RDN/Generic BackDoor!b2s!A170B88E68EA
W32/Virut.gen!0F43F01EB8A2
Generic PUP.x!E2EC744CB09A
DNSChanger.bfr!8875804EFA93
Generic PUP.x!DDD969DC77DD
Generic-FAVO!6FED865F5E56
Generic PUP.x!1B1FBD382555
Generic.dx!DAB4BC8BEC6D
Generic PUP.x!1E84C66BBA9C
RDN/Qhost-Gen!be!FA6E631924E4
RDN/Generic.bfr!EE999CA4B4BB
RDN/Generic.bfr!hy!2A69217C18B7
RDN/Generic PUP.x!cqh!D3B8BC6A0E40
Generic.dx!1F6051137BAB
RDN/Generic PUP.x!5092B8A6AA7C
RDN/Generic PUP.x!CD58EC23AF66
FakeAV-M.bfr!0F6E5C509E33
Generic PWS.y!C911B724EC01
RDN/Generic.grp!hr!9FA101CE841F
RDN/Generic.dx!dh3!0D585906CE24
RDN/Generic PUP.x!C961774BF2F1

Phishing

Vulnerebility

Exploit

Technicolor DT5130 V2.05.C29GV - Multiple Vulnerabilities

Advertise With Pleasure! (AWP) 6.6 - SQL Injection Vulnerability

3.12.2014

Bugtraq

[SECURITY] [DSA 3085-1] wordpress security update 2014-12-03
Yves-Alexis Perez (corsac debian org)

F5 BIGIP - (OLD!) Persistent XSS in ASM Module 2014-12-02
jplopezy gmail com

ESA-2014-160: RSA® Adaptive Authentication (On-Premise) Authentication Bypass Vulnerability 2014-12-02
Security Alert (Security_Alert emc com)

ESA-2014-156: EMC Documentum Content Server Insecure Direct Object Reference Vulnerability 2014-12-02
Security Alert (Security_Alert emc com)

CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress 2014-12-02
Henri Salo (henri nerv fi)

[RT-SA-2014-012] Unauthenticated Remote Code Execution in IBM Endpoint Manager Mobile Device Management Components 2014-12-02
RedTeam Pentesting GmbH (release redteam-pentesting de)

[SECURITY] [DSA 3084-1] openvpn security update 2014-12-01
Florian Weimer (fw deneb enyo de)

[RT-SA-2014-011] EntryPass N5200 Credentials Disclosure 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-007] Remote Code Execution in TYPO3 Extension ke_dompdf 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4 2014-12-01
Stephan Rickauer swisscom com

Malware

RDN/Generic BackDoor!b2s!07BB07F1111E
RDN/Generic FakeAlert!FC924071FACD
RDN/Downloader.gen.a!69B98C806EE1
RDN/Generic BackDoor!b2s!BFAE6E15F91F
RDN/Generic PUP.x!F6EC39B4D3A7
DNSChanger.bfr!16AF421598CA
RDN/Generic.dx!A942E36830AA
RDN/Generic PUP.x!5B622DD95C38
RDN/Generic PUP.x!064DF4B4176A
RDN/Generic PWS.y!bbw!D6B4B6C8FE1C
RDN/Generic.dx!4C0D5348022D
RDN/Generic Downloader.x!lv!2250B2B7FA61
RDN/Generic Dropper!vp!AED0EF2C4AB0
Generic.dx!1CB526B022E6
Generic PUP.x!7087B861AF99
RDN/Generic PUP.x!48CA2E09A302
RDN/Generic PUP.x!3DAD8B2E3517
Generic StartPage!CA03719731FA
RDN/Generic PUP.x!207E6BDDE7A6
RDN/Generic.bfr!5FA8C8966926
RDN/Generic.dx!dh3!96165A5D2B81
RDN/Generic PUP.x!05E1F69EB946
RDN/Generic PUP.x!cqg!5245A8191005
Generic PUP.x!7E020E35EE9B
RDN/Generic PUP.x!4D7BF7EBB13C
RDN/Generic.bfr!630F3AC6DC67
RDN/Generic PUP.x!58F9F09EE4BA
RDN/Downloader.gen.a!A4E8F0AF9D1B
Downloader.gen.a!C948D623B541
RDN/Generic BackDoor!b2s!7AE2EFA5F3A8

Phishing

Vulnerebility

Exploit

Cart66 Lite WordPress Ecommerce 1.5.1.17 - Blind SQL Injection

Google Document Embedder 2.5.16 - mysql_real_escpae_string bypass SQL Injection

Tincd Post-Authentication Remote TCP Stack Buffer Overflow

Mac OS X IOKit Keyboard Driver Root Privilege Escalation

Prolink PRN2001 - Multiple Vulnerabilities

IPUX Cube Type CS303C IP Camera - (UltraMJCamX.ocx) ActiveX Stack Buffer Overflow

IPUX CL5452/CL5132 IP Camera - (UltraSVCamX.ocx) ActiveX Stack Buffer Overflow

IPUX CS7522/CS2330/CS2030 IP Camera - (UltraHVCamX.ocx) ActiveX Stack Buffer Overflow

Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability

EntryPass N5200 - Credentials Exposure

TYPO3 ke DomPDF Extension - Remote Code Execution

2.12.2014

Bugtraq

[SECURITY] [DSA 3084-1] openvpn security update 2014-12-01
Florian Weimer (fw deneb enyo de)

[RT-SA-2014-011] EntryPass N5200 Credentials Disclosure 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-007] Remote Code Execution in TYPO3 Extension ke_dompdf 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire 2014-12-01
RedTeam Pentesting GmbH (release redteam-pentesting de)

CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4 2014-12-01
Stephan Rickauer swisscom com

[SECURITY] [DSA 3081-1] libvncserver security update 2014-11-29
Luciano Bello (luciano debian org)

[The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360 2014-11-30
Pedro Ribeiro (pedrib gmail com)

Malware

Generic PUP.x!E41709B9B1FC
RDN/Generic PUP.x!590485900AED
Generic.dx!DF72EA725B65
RDN/Generic.dx!DEA5F9A60B57
Generic PUP.x!9218911A9FDF
RDN/Generic.dx!DDD7E8D6F019
RDN/Generic.dx!DDCE64D63FC5
Generic PUP.x!0A5BA1B1685F
Generic PUP.x!67DBCC7ABD59
RDN/Generic PUP.x!BBDCD75B4BAA
RDN/Generic.bfr!DF20845E1F40
Generic.bfr!9CED1AE8A6A9
RDN/Generic.bfr!hy!E906BDF5528B
RDN/Generic.dx!DDB099D74746
RDN/Generic PUP.x!87B7E9C36BA3
RDN/Generic PUP.x!AE5D9EFA46F1
RDN/Generic PUP.x!cqf!DEFDADBC1573
RDN/Spybot.bfr!o!93453FBA8DE4
RDN/Generic.dx!DE3E3E7C6D11
RDN/Generic.dx!DD7322E81D8B
RDN/Generic Downloader.x!lv!EF777F531ED6
RDN/Generic PUP.x!DE920A989D74
RDN/Generic.dx!DDABB1A8EC49
RDN/Generic BackDoor!830DA0D2003E
RDN/Generic.dx!DD420F1472DD
RDN/Generic PUP.x!cqf!DE746FD836B4
RDN/Generic BackDoor!A843119C8DAC
RDN/Generic PWS.y!bbw!DE6DC637BF01
RDN/Generic PUP.x!A17B579837C7
RDN/Generic.dx!DD09A81B4BF1

Phishing

Yahoo.com	29th November 2014
Atn Dear Customer,

Vulnerebility

Exploit

1.12.2014

Bugtraq

[SECURITY] [DSA 3080-1] openjdk-7 security update 2014-11-29
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3079-1] ppp security update 2014-11-29
Sebastien Delafond (seb debian org)

WordPress <=4.0 Denial of Service Exploit (CVE-2014-9034) 2014-11-29
john secureli com

[ MDVSA-2014:237 ] perl-Mojolicious 2014-11-28
security mandriva com

Malware

RDN/Generic BackDoor!b2s!74490E7396D0
RDN/Generic Dropper!vp!88FFF8924E55
RDN/Generic BackDoor!b2s!0B072A4189E0
RDN/Generic BackDoor!b2s!79046CEB2E5B
Generic PUP.x!5D5F99B10DF6
RDN/Generic.dx!dhc!9BFD27B1EE51
Generic.dx!9423FB506267
RDN/Downloader.gen.a!0055BAA9A6F5
RDN/Downloader.gen.a!01D601993AEA
RDN/Generic PUP.x!2F12D9B8B66D
Generic Downloader.x!A7F5027B7E98
RDN/Generic PUP.x!cqf!F2DF1E7F9B7A
RDN/Generic StartPage!cb!CF5C52A7E908
RDN/Generic PWS.y!bbw!51FB66AA10EF
RDN/Generic.bfr!hy!F5DBF6D8F1D4
RDN/Generic StartPage!cb!6043E7958526
Generic PUP.x!B7DBE0761D56
Generic PUP.x!AC21AA7493F9
RDN/Downloader.a!tv!4B1AA1978701
RDN/Generic.hra!cc!E74A68564D03
RDN/Generic.dx!dhc!9F6B8004B1C9
RDN/Spybot.bfr!CDAA35954DCD
Trojan-FFHL
RDN/Generic BackDoor!b2s!87399E1F75BB
RDN/Generic.bfr!BB09E0EFEC43
Generic PUP.x!59543FE1C821
RDN/Generic PUP.x!03FF0C9B8705
RDN/Generic PUP.x!cqf!F6BDA8C6F920
RDN/Generic.dx!66BD1EFED291
RDN/Generic StartPage!cb!F0A732C70AB9

Phishing

Yahoo.com	29th November 2014
Atn Dear Customer,
Support Paypal	28th November 2014
[NOTICE] YOU HAVE TO UPDATE YOUR INFORMATION FOR SECURITY REASON WITHIN 24 HOURS

Vulnerebility

Exploit

WordPress <=4.0 Denial of Service Exploit

Wordpress < 4.0.1 - Denial of Service

Drupal < 7.34 - Denial of Service