Databáze Hot News 2014 July -

Databáze Hot News 2014 July - 2014 January February March April May June July August September October November December

31.7.2014

Bugtraq

Vulnerabilities in Facebook and Facebook Messenger for Android [STIC-2014-0529] 2014-07-29
Programa STIC (stic fundacionsadosky org ar)

[security bulletin] HPSBMU03078 rev.1 - HP CloudSystem Foundation and HP CloudSystem Enterprise Software running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-07-29
security-alert hp com

[ MDVSA-2014:141 ] java-1.7.0-openjdk 2014-07-29
security mandriva com

[Onapsis Security Advisory 2014-023] HTTP verb tampering issue in SAP_JTECHS 2014-07-29
Onapsis Research Labs (research onapsis com)

Malware

RDN/Generic Dropper!uy!05B9CE22C78C
Generic PUP.x!9788D5D70DAF
RDN/Generic Dropper!uy!21343AB51C9B
RDN/Generic.dx!9834CF05FE92
RDN/Generic PUP.x!BCFA4B4BAB7D
RDN/Generic.dx!4E3D06158622
RDN/Generic PUP.z!8241EF0E1E48
RDN/Generic.dx!2FAB026C650D
RDN/Generic.dx!FA0F54EFFBAD
Generic PUP.z!3186E2351D8D
Generic Downloader.x!8B6EF59B0CB9
RDN/Generic PUP.x!ck3!DEA2152247F1
Generic PUP.x!10B147851ED5
RDN/Generic PUP.x!AB422E003BF4
Generic.bfr!8E56CFC5DB68
RDN/Generic PUP.x!D975E01C91C1
RDN/Generic PUP.x!ADEFB5F6037C
RDN/Generic.bfr!9563A32F7466
Generic.dx!41BB53A4DA5E
Generic PUP.z!90339B7FFD36
Somoto-BetterInstaller!4544E05DF1EA
RDN/Generic PUP.x!ck3!3C32C76D6720
Generic PUP.x!62568192C39D
Generic PUP.x!BAF618224750
Generic PUP.x!6722FE89449E
Generic PUP.x!1DD778E673FA
RDN/Generic Dropper!uy!875D82F09673
RDN/Generic PUP.x!ck3!D12826863A13
Keylog-Ardamax.dll!96C2B9FDA079
RDN/Generic Dropper!uy!56109A3FFEB5

Phishing

Apple	31st July 2014
Update your apple account
Chase	30th July 2014
Online Notification #3281 Chase
BT	30th July 2014
We are unable to process your recent payment
Halifax	30th July 2014
Account restricted [HBOS-28734MV]

Vulnerebility

Exploit

Dlink DWR-113 Rev. Ax - CSRF Denial of Service

SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities

SkaDate Lite 2.0 - Remote Code Execution Exploit

D-Link AP 3200 Multiple Vulnerabilities

30.7.2014

Bugtraq

[Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-022] SAP HANA IU5 SDK Authentication Bypass 2014-07-29
Onapsis Research Labs (research onapsis com)

[ MDVSA-2014:139 ] nss 2014-07-29
security mandriva com

[Onapsis Security Advisory 2014-026] Missing authorization check in function modules of BW-SYS-DB-DB4 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-025] Multiple Cross Site Scripting Vulnerabilities in SAP HANA XS Administration Tool 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication 2014-07-29
Onapsis Research Labs (research onapsis com)

Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & Multiple Vulnerabilities 2014-07-29
Vulnerability Lab (research vulnerability-lab com)

WiFi HD v7.3.0 iOS - Multiple Web Vulnerabilities 2014-07-29
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2992-1] linux security update 2014-07-29
Salvatore Bonaccorso (carnil debian org)

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-28
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:140 ] owncloud 2014-07-29
security mandriva com

Kunena Forum Extension for Joomla Multiple Reflected Cross-Site Scripting Vulnerabilities 2014-07-28
vulns dionach com

Kunena Forum Extension for Joomla Multiple SQL Injection Vulnerabilities 2014-07-28
vulns dionach com

Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability 2014-07-28
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic PUP.x!347D4B4C4326
RDN/Generic Dropper!uy!3F1A117FB195
W32/Virut.gen!9A58C37833C4
RDN/Generic Dropper!uy!50AB979CCBB2
Generic PUP.x!3DEE2CD98EC1
Downloader.gen.a!BF6812F96F24
Generic PUP.x!C3FBD2B90161
RDN/Generic Dropper!uy!EF5B451AC51E
Generic.dx!56712E8DD619
Downloader.gen.a!22639189873A
Generic PUP.x!6CD9643A23B2
Generic.dx!9F47AD3ABBFC
RDN/Generic Downloader.x!kq!692139441961
RDN/Generic PUP.x!ckf!932080EDC6CF
Generic PUP.x!6C7CDFB07537
RDN/Generic PUP.x!ckf!45E634161A32
Generic PUP.x!57AE027CCD3D
RDN/Generic Downloader.x!kq!E7FD2E4E6016
Generic PUP.x!55D8EE4DA380
RDN/Generic PUP.x!12F900D43B03
RDN/Generic.tfr!18624E7023F5
Generic.dx!5EAB16967A03
Generic PUP.x!1363D42406F2
RDN/Generic PUP.x!6F0926C88FB2
RDN/Generic BackDoor!zg!EC3AD1FF8EB1
RDN/Generic Dropper!uy!0A0CD81B5F0E
RDN/Generic PUP.x!ckf!D9CA5E390CE4
RDN/Generic Dropper!uy!F0A4CAA0C9AE
Generic PUP.x!8C24E217A4C9
RDN/Generic PUP.x!ckf!2EA6F4569442

Phishing

BT	30th July 2014
We are unable to process your recent payment
Halifax	30th July 2014
Account restricted [HBOS-28734MV]
Skype	29th July 2014
Fw: PayPal Payment To Skype !
amazon customer	29th July 2014
WARNING YOUR AMAZON ACCOUNT HAS BEEN LIMITED

Vulnerebility

Exploit

Dlink DWR-113 Rev. Ax - CSRF Denial of Service

WiFi HD v7.3.0 iOS - Multiple Vulnerabilities

29.7.2014

Bugtraq

Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability 2014-07-28
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2991-1] modsecurity-apache security update 2014-07-27
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN02936 rev.1 - HP and H3C VPN Firewall Module Products, Remote Denial of Service (DoS) 2014-07-25
security-alert hp com

Web Encryption Extension security update 2014-07-25
Ralf Senderek (support senderek ie)

Malware

RDN/Autorun.worm!dl!23960BDAA96B
Generic.tfr!F3145EAD6387
Generic.tfr!F18BA3F881F8
RDN/Generic Downloader.x!kq!A70F945A8B16
RDN/Generic.bfr!DDB196FF4DE1
RDN/Generic PUP.x!ckd!C4E04A8A7D10
RDN/Generic PUP.x!cgj!245D04B7E251
RDN/Generic PUP.x!ckd!AD589883C8C6
RDN/Generic.bfr!ho!D70D73C2AB12
RDN/Generic BackDoor!AB54C5017AC4
Generic PUP.x!0CE8649679F4
RDN/Downloader.gen.a!355FAFE0B9FC
RDN/Generic Downloader.x!kk!00402FF7ACD5
Generic.dx!186DEE900ADC
RDN/Generic.dx!d2i!036898628862
RDN/Generic PUP.x!4B5CDA711DA2
Generic PUP.x!178718679375
CryptDomaIQ!6C5CCE42DFA5
RDN/Generic PUP.x!ckd!3CDFCF1A3B1E
RDN/Generic PUP.x!ckd!1C98B86418C0
RDN/Generic PUP.x!ckd!584CFD8E439D
RDN/Generic PUP.x!ckd!D5A22317ECD1
RDN/Generic PUP.z!ed!EF2292EDFFCA
RDN/Generic PUP.x!ckd!2BD7A7661D58
Generic.tfr!0FB55B0CE6FB
RDN/Generic PUP.x!cgg!26857ABDDBFF
CryptDomaIQ!6C123F9338E3
RDN/Generic.dx!dc3!7B317D66F39D
RDN/BackDoor-CMQ!e!0DC192AB6F2C
Generic PUP.x!CF0DAFBDFEA3

Phishing

Vulnerebility

Exploit

Oxwall 1.7.0 - Remote Code Execution Exploit

Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability

Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities

28.7.2014

Bugtraq

Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities 2014-07-25
Vulnerability Lab (research vulnerability-lab com)

Easy file sharing web server - persist XSS in forum msgs 2014-07-25
joseph giron13 gmail com

[SECURITY] [DSA 2989-1] apache2 security update 2014-07-24
Stefan Fritsch (sf debian org)

Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14 2014-07-24
dkl mozilla com

Malware

Generic PUP.x!7054A6D105A8
Generic PUP.x!825E00D3772B
Generic PUP.x!F9FCDBF1BF87
Generic PUP.x!366DAA1CFF85
RDN/Generic PUP.x!ckc!04F21DBAB65F
Generic PUP.x!2B055F3E8DFE
RDN/Generic.tfr!39E73C262941
Generic PUP.x!AF50DBBB85E3
Generic.dx!8C962249B186
Generic PUP.x!67E0DC1A43F7
RDN/Generic PUP.x!3117175A7400
CryptDomaIQ!4E1F5A9B9E59
Generic PUP.x!CF392432A7D2
RDN/Generic.dx!d2i!0F6149BEF7C4
RDN/Generic.bfr!hn!5696FEF7A995
Generic PUP.x!AF4A58E7D6A7
CryptDomaIQ!43C67EA4B0CC
CryptDomaIQ!4F8CF66D4755
Generic PUP.x!32FE47D0E8A0
Generic PUP.x!DAA70A391BB4
Generic PUP.x!A28CD307DA82
Generic PUP.x!509092C1C25A
Adware-FFN!FEA838DCBF26
RDN/Generic PUP.x!ckc!FB3AECDBD69E
Generic PUP.x!1CBC1C4C0DCD
Generic PUP.x!4BDC8C1821C6
Generic PUP.x!450113E10535
RDN/Generic PUP.x!4C18ECD314B0
Generic PUP.x!77A30D43AA43
RDN/Generic PUP.x!ckc!0EF67E7FBC5A

Phishing

NationWide	25th July 2014
Account Review
PayPal	25th July 2014
YOUR ACCOUNT WILL BE LIMITED !
Apple Inc.	25th July 2014
VALIDATE YOUR ACCOUNT INFORMATION APPLE ! CASE : 958
Apple	25th July 2014
[iTunes] Credit Card - Decliend =?UTF-8?Q?=E2=9C=94_?=

Vulnerebility

Exploit

Moodle 2.7 - Persistent XSS

ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability

Sagem Fast 3304-V1 - Denial Of Service Vulnerability

DirPHP 1.0 - LFI Vulnerability

25.7.2014

Bugtraq

[slackware-security] mozilla-thunderbird (SSA:2014-204-03) 2014-07-24
Slackware Security Team (security slackware com)

Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398 2014-07-24
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] mozilla-firefox (SSA:2014-204-02) 2014-07-24
Slackware Security Team (security slackware com)

[slackware-security] httpd (SSA:2014-204-01) 2014-07-24
Slackware Security Team (security slackware com)

[security bulletin] HPSBMU03076 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-07-23

Malware

CryptDomaIQ!2E975734AB10
Generic PUP.x!665AD7EC274F
RDN/Generic.bfr!hn!E720AC27FDFC
RDN/Generic.bfr!hn!CEA8B35DDCE4
RDN/Downloader.a!sf!C331B371E02D
RDN/Generic PUP.x!cj3!E81CC32D6D5F
RDN/Generic PUP.z!ed!968674DAFC05
RDN/Generic PUP.z!ed!5896773C5591
RDN/Downloader.a!sf!C5BB92F0D255
Generic PUP.x!11AF7970DA7A
RDN/Generic PUP.x!cj3!78171FE1D588
RDN/Generic.dx!438614CC102F
Generic PUP.x!66536690BF85
Generic PUP.x!21F4982B6DDA
RDN/Generic PUP.x!cj3!752252B7CCA6
RDN/Generic Dropper!uw!74B15FEAA61E
RDN/Generic PUP.x!cj3!73FDA746466D
RDN/Downloader.a!sf!0A961870B6EC
RDN/Generic Downloader.x!kp!136213B0F2A6
RDN/Generic PUP.x!cj3!75038F8A313D
RDN/Downloader.a!sf!39341696DCC5
Generic PUP.x!4CDF4B145BCE
RDN/Generic PUP.x!cj3!73106E9E17DF
RDN/Generic PUP.x!cj3!732300FE0F51
RDN/Generic PUP.x!cj3!7982F03E48BD
RDN/Generic PUP.x!cj3!7142EF8CD946
RDN/Generic PUP.x!cj3!78BB1FD0C802
RDN/Generic PUP.x!cj3!712A51A131E1
RDN/Generic PUP.x!cj3!7544E7EA0BC3
RDN/Generic PUP.x!cj3!75AC3E93A8E7

Phishing

MBNA	24th July 2014
Urgent Update Required.
National	23rd July 2014
NATWEST
apple	23rd July 2014
your apple account has been limited !

Vulnerebility

Exploit

Omeka 2.2.1 - Remote Code Execution Exploit

Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities

Lian Li NAS - Multiple Vulnerabilities

BulletProof FTP Client 2010 - Buffer Overflow (SEH)

Make 3.81 - Heap Overflow PoC

24.7.2014

Bugtraq

[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information 2014-07-23
security-alert hp com

SQL Injection in Ð?2 2014-07-23
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-005] LPAR2RRD input sanitization errors 2014-07-23
Daniele Bianco (danbia ocert org)

Multiple Vulnerabilities in Parallels® Plesk Sitebuilder 2014-07-23
cseye_ut yahoo com

[SECURITY] [DSA 2985-1] mysql-5.5 security update 2014-07-22
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2984-1] acpi-support security update 2014-07-22
Luciano Bello (luciano debian org)

Malware

Generic PUP.x!FBB683D93F91
Generic PUP.x!DCF13596A558
Generic PUP.x!CB5720D62F21
Generic PUP.x!92C35355184B
Generic PUP.x!77009A8B173B
Generic PUP.x!169ABD35FD2F
Generic PUP.x!DE9D75F705B0
RDN/Generic.bfr!EF0B7939D99B
Generic PUP.x!D2984610BD77
Generic PUP.x!14F70E2B8A25
Generic PUP.x!67CAD928ECEF
Generic PUP.x!271FDF1C0F23
RDN/Generic.bfr!23C21945FFB0
Generic PUP.x!603585DAC1BA
Generic PUP.x!8BF6CA1339F5
RDN/Generic PWS.y!5CB706E921A9
Generic PUP.x!E8485C7275D0
Generic PUP.x!C6B0878222F7
RDN/Generic.bfr!E097321E6844
Generic PUP.x!F604EE96D042
Generic PUP.x!92361EBA422A
Generic PUP.x!BC7D47DFEE15
RDN/Generic PUP.x!cjs!60D4C46DEE2B
Generic PUP.x!BD67BB124A65
Generic PUP.x!70C68391CA3B
Generic.tfr!85A5DE10520F
Generic PUP.x!D34E38EA0AA9
Generic.tfr!4D20546FAE10
Generic PUP.x!A12556193EFD
Generic PUP.x!FD5D17ED1EE2

Phishing

National	23rd July 2014
NATWEST
apple	23rd July 2014
your apple account has been limited !

Vulnerebility

Exploit

Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability

23.7.2014

Bugtraq

[security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information 2014-07-22
security-alert hp com

Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability 2014-07-22
Vulnerability Lab (research vulnerability-lab com)

Web Login Bruteforce in Symantec Endpoint Protection Manager 12.1.4023.4080 2014-07-22
audit1 a2secure com

Cross-site Scripting in EventLog Analyzer 9.0 build #9000 2014-07-22
audit1 a2secure com

[oCERT-2014-004] Ansible input sanitization errors 2014-07-22
Andrea Barisani (lcars ocert org)

Call for Papers / Speakers for ISACA Ireland Conference on 3rd Oct in Dublin 2014-07-21
president isaca ie

[SECURITY] [DSA 2983-1] drupal7 security update 2014-07-20
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic BackDoor!ze!740CDC3C12EF
Generic PUP.x!F3BB19EA9674
Generic.tfr!73F59DC6A2E0
Generic PUP.x!3681A013D157
Downloader.gen.a!DF4248209B24
Generic PUP.x!3677C7D70563
Generic.tfr!1F67FD9D1F97
Generic.tfr!73CA039688D7
Generic.dx!838AF843905F
Generic.tfr!1D4F60427F18
Generic BackDoor!1BC18FD73F60
RDN/Generic.dx!5C668FBC846D
Generic Downloader.x!76342CFD6B41
RDN/Generic Dropper!uv!006D526A88F3
Generic.bfr!46B81620501D
RDN/Generic.bfr!hn!910B0097085D
RDN/Generic Downloader.x!kp!72F88BD3652D
Generic PUP.x!72E3CE106531
Generic PUP.x!72E8375552FF
RDN/Generic Dropper!uv!1648FE70B5EF
W32/Sdbot.worm!72C992ABE67D
Generic.tfr!8A8AEDC3857F
Generic Downloader.x!72D2CFE5EB9D
SoftDropper!8FC15B64B8F8
Generic PUP.x!362593BEE9AF
RDN/Generic PUP.x!cjp!10416630832D
FakeAV-M.bfr!B12F11DDDE7C
RDN/Generic PUP.x!cjp!728F7B54330D
RDN/Generic.dx!F57B1F415F28
RDN/Generic BackDoor!ze!981BA1A68F51

Phishing

Vulnerebility

Exploit

Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation

Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation

DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation

22.7.2014

Bugtraq

Malware

Generic PUP.x!FFFD5AF1D6A9
RDN/Generic BackDoor!zd!CB5A802D59A5
RDN/Generic PUP.x!cjm!19B9376E7039
Generic PUP.x!9E6DAEF4F8D0
Generic.bfr!60E48EF986E5
Generic PUP.x!0B6E92C44621
RDN/Generic.bfr!ho!EF43FF9F445E
Generic.tfr!EC8672711BD6
Generic.tfr!E8A79E786E54
Generic Downloader.x!E5E8D5BFACA4
Generic PUP.x!8422260342BA
RDN/Generic PUP.x!cjm!830E913C85A0
Generic PUP.x!F6CF2EC25B4D
Generic.dx!2F8E3C5A3AE6
Downloader.gen.a!DB82E1F9D9EC
RDN/Generic PUP.x!cjm!9BCACF3FFA85
Generic.tfr!D8C1FF44D853
Generic PUP.x!41955A93F9C1
Generic Downloader.x!63993D2E34A2
Generic PUP.x!5925E7B4609B
Generic PUP.x!AE1C2980B882
RDN/Generic PUP.x!E7EE9B3C7453
RDN/Generic PUP.x!7BD01FDB12F8
Generic PUP.x!776D0DC2B43F
Generic PUP.x!9BAE5AD3CCD9
RDN/Generic.dx!d2d!ABC1FA4FA27C
RDN/Generic PUP.x!7C21D007DB6D
iBryte!7423B42E40AC
Somoto-BetterInstaller!A2F230FE672B
Generic.tfr!CC2AC4C9985C

Phishing

Bay	21st July 2014
eBay Customer Support made a decision
PayPal	21st July 2014
This is the last chance to update your paypal account information !
AMAZON	20th July 2014
You Must Confirm Your Amazon Account Before We Close it

Vulnerebility

Exploit

Linux Kernel ptrace/sysret - Local Privilege Escalation

Apache 2.4.7 mod_status Scoreboard Handling Race Condition

21.7.2014

Bugtraq

Malware

RDN/Generic PUP.x!cjl!462C0A052B11
Generic PUP.x!7E0F291B5DFE
Generic.tfr!9B87F8DB94D4
RDN/Generic PUP.x!cjl!0C57980A5258
Generic.tfr!8B9FD7BF6877
RDN/Generic PUP.x!cjl!1F06A190539B
RDN/Generic PUP.x!cjl!333C715F221C
RDN/Generic BackDoor!zd!F70FD15A2449
Generic PUP.x!C3C198E49829
Generic PUP.x!51291298E108
Generic PUP.x!666D4CA5C72E
RDN/Generic PUP.x!cjl!9F97B8A2E81F
Generic PUP.x!7D691C0F7D84
Generic PUP.x!F7F69B8709D7
Generic PUP.x!7DB477A2450C
Generic PUP.x!7D61FB5AEEEB
Generic PUP.x!949B1024B58B
RDN/Generic PUP.x!cjl!6CCA4701CC7F
Generic PUP.x!2D0A2CD216EC
Generic PUP.x!12418A20627D
CryptDomaIQ!FE6F605D76A2
Generic PUP.x!5A23535EF3BA
RDN/Downloader.a!sc!E31A2B71254B
RDN/Generic.bfr!ho!90823538FAAF
RDN/Spybot.bfr!E02D3A234477
CryptDomaIQ!F26671074CE9
RDN/Generic PUP.x!cjl!FB04FA838867
Generic Downloader.x!298257DB93E7
PUP-FIC!FE7AB5CA56DA
PowerPack!FE71E0B34A05

Phishing

AMAZON	20th July 2014
You Must Confirm Your Amazon Account Before We Close it
MBNA	19th July 2014
MBNA - Refund Stated In Your Account

Vulnerebility

Exploit

IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities

Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability

MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities

World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow

18.7.2014

Bugtraq

Ignore the amount customers confirm is no security vulnerability according to PayPal 2014-07-17
Jan Kechel (jan kechel de)

IP.Board 3.4 cross-site scripting in Referer header 2014-07-16
stormhacker hotmail com

[SECURITY] [DSA 2765-2] davfs regression update 2014-07-16
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability 2014-07-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[HITB-Announce] REMINDER: #HITB2014KUL CFP Deadline: 1st August 2014-07-17
Hafez Kamal (aphesz hackinthebox org)

Malware

RDN/Generic PUP.x!cj3!796CC3DA9D01
RDN/Generic PUP.x!cj3!4E96AEB2C0F6
RDN/Downloader.a!sb!B368CE62FE32
RDN/Generic PUP.x!cj3!C29E3C6AAF1F
RDN/Generic PUP.x!cj3!CABAE545AF74
RDN/Generic PUP.x!cj3!2E46071ADC76
Generic PUP.x!D3FF3E894097
Generic PUP.x!FCBEA1A3842C
W32/Sdbot.worm!B29030063EFA
RDN/Generic PUP.x!cj3!2CE402874C4E
RDN/Generic PUP.x!cj3!E56BD9BA40A4
Generic PUP.x!BC3CD2F6F93A
Generic PUP.x!DDB0E2AA8561
RDN/Generic PUP.x!CBCA184F9B82
RDN/Generic PUP.x!cj3!2F33BE731846
Generic PUP.x!C2248C521F53
RDN/Generic PUP.x!cj3!12FB3FF1ECBB
RDN/Generic BackDoor!zc!91C931F256F0
RDN/Generic PUP.x!cj3!081D9D6EFC9D
RDN/Generic PUP.x!cj3!C0A63E72490D
CryptDomaIQ!D69DBEFA4ACD
RDN/Generic PUP.x!cj3!99C0259BA1DF
RDN/Generic PUP.x!cj3!43B564A4701A
PUP-FLT!923B22A7FC1A
RDN/Generic PUP.x!cj3!4F876D29233E
RDN/Generic PUP.x!cj3!C8BF0712C37C
iBryte!53899B73E938
RDN/Generic PUP.x!cj3!4DC9EA7D6689
RDN/Generic PUP.x!cj3!52BBBB604F61
RDN/Generic PUP.x!cj3!4F7392CE0885

Phishing

Natwest	18th July 2014
IMPORTANT NATWEST NOTIFICATION
Halifax	17th July 2014
IMPORTANT MESSAGE FROM HALIFAX BANK CUSTOMER SERVICE
Halifax Bank	17th July 2014
HALIFAX ACCOUNT NOTICE

Vulnerebility

Exploit

Omeka 2.2 - CSRF And Stored XSS Vulnerability

17.7.2014

Bugtraq

SEC Consult SA-20140716-3 :: Multiple critical vulnerabilities in Bitdefender GravityZone 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Reflected Cross-Site Scripting (XSS) in e107 2014-07-16
High-Tech Bridge Security Research (advisory htbridge com)

VUPEN Security Research - Microsoft Windows "DirectShow" Privilege Escalation Vulnerability (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer "ShowSaveFileDialog()" Sandbox Bypass (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer "Request" Object Confusion Sandbox Bypass (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

SEC Consult SA-20140716-0 :: Multiple SSRF vulnerabilities in Alfresco Community Edition 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20140716-1 :: Remote Code Execution via CSRF in OpenVPN Access Server "Desktop Client" 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

RDN/Generic.bfr!F57D6C773F5B
Generic PUP.x!FB04E96DBC1D
RDN/Generic PUP.x!cjb!45687DE66FA7
RDN/Generic.tfr!38A592F8A0E8
Generic PUP.x!E87DE9AF9C28
Generic PUP.x!ED4434313D78
W32/Sality.gen.z!2AA0C13C7C88
RDN/Generic Downloader.x!ko!9B6058EF99D6
RDN/Generic PUP.x!cjb!6ED6EAAEE164
RDN/Generic PUP.x!cjb!EB1EC7BCF1E4
PUP-FLN!E53205CAEC3E
Generic PUP.x!A9DDF8552E8E
W32/Sality.gen.z!A6A271552823
RDN/Generic PUP.x!cjb!FAB8ED9F30F7
RDN/Generic PUP.x!cjb!BABFE724DCB7
Generic PUP.x!31BCBF253ECC
RDN/Generic.dx!816422A7E325
PUP-FLN!EADBFC783931
Generic PUP.x!91715A5F67DB
RDN/Generic PUP.x!cjb!3CB1575FE513
RDN/Generic PUP.x!cjb!EDFE7D031A9D
RDN/Generic PUP.x!cjb!A1A3563DC24B
RDN/Downloader.a!sb!134409FC325E
RDN/Generic PUP.x!cjb!B99906B597B4
Generic PUP.x!8310BB7F3328
RDN/Generic BackDoor!zc!AD23306B5A01
Generic.bfr!7733020793C7
RDN/Generic PUP.x!cjb!08A7CAFD46BD
RDN/Generic PUP.x!cjb!51889FAD0048
PUP-FLN!E9DB5373977A

Phishing

Halifax Bank	17th July 2014
HALIFAX ACCOUNT NOTICE
RBS	16th July 2014
RBS - Secure Message.
HSBC	16th July 2014
Account Notification
Halifax Bank	16th July 2014
Halifax Account Notice
itunes	16th July 2014
Important message from Apple itunes !

Vulnerebility

Exploit

Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities

Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability

Joomla Youtube Gallery Component - SQL Injection Vulnerability

Node Browserify 4.2.0 - Remote Code Execution Vulnerability

16.7.2014

Bugtraq

Node Browserify RCE vuln (<= 4.2.0) 2014-07-15
Cal Leeming \[Simplicity Media Ltd\] (cal leeming simplicitymedialtd co uk)

[security bulletin] HPSBGN03068 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information 2014-07-15
security-alert hp com

Ruxcon 2014 Final Call For Presentations 2014-07-15
cfp ruxcon org au

[security bulletin] HPSBHF02913 rev.1 - HP Intelligent Management Center (iMC) and HP Branch Intelligent Management System (BIMS), Remote Disclosure of Information 2014-07-14
security-alert hp com

Malware

RDN/Generic PUP.x!c2y!743ED6323429
Generic PUP.x!1491892063BC
RDN/Downloader.gen.a!91180C182246
RDN/Generic.bfr!5B0D7E317664
CryptDomaIQ!E6F5215DA2D3
RDN/Generic BackDoor!zb!BEDE883DE987
CryptDomaIQ!E6FA23690A36
Generic PUP.x!7885C6ED25CE
Trojan-FDSS!E6F91E9200A2
Adware-DomaIQ!987962A11850
RDN/Generic.bfr!ho!8287915B8425
Generic PUP.x!2404797898B4
Generic.bfr!7AC755D3413B
RDN/Generic BackDoor!zb!E8931E76E821
RDN/Generic PWS.y!0FE96D5DF110
Generic PUP.x!D9BBFEEB1288
RDN/Spybot.bfr!n!C3F585CDEECA
PUP-FHQ!E6E27A6B7F98
RDN/Generic BackDoor!zb!FC4E7AD60258
PUP-FIC!E6EDB30CD9C3
RDN/Generic BackDoor!zb!BF4202ED6442
CryptDomaIQ!E6FE1BA1CA39
Adware-DomaIQ!9843350DDFD4
Generic Downloader.x!6FB96E5E744A
Generic PUP.x!F0D17D9BF8B2
CryptDomaIQ!E6E27D26D5D9
RDN/Generic.bfr!ho!32C39407353E
CryptDomaIQ!E6FA7B7EFAAF
PUP-FLN!E6FC38FB375C
Generic PUP.x!A7A2AF864D4A

Phishing

Inc Apple	15th July 2014
YOUR ACCOUNT HAS BEEN LIMITED
BT	15th July 2014
Your account might be de-activated.
PAYPAL INC	15th July 2014
Your Paypal Account Will be banned

Vulnerebility

Exploit

15.7.2014

Bugtraq

[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability 2014-07-14
Egidio Romano (research karmainsecurity com)

[ MDVSA-2014:138 ] asterisk 2014-07-11
security mandriva com

Malware

Generic PUP.x!5E1E22E0F429
CryptDomaIQ!0E121C45A9C7
Generic PUP.x!E01A07C2A0F0
Generic PUP.x!AD360808C7F7
RDN/Generic PUP.x!D8FA966F14B3
Generic.bfr!98C3705879E9
RDN/Spybot.bfr!59865A9AFAC8
RDN/PWS-ZBot.auh!a!724994970A81
RDN/BackDoor-FBSA!a!7000C5DD9A07
RDN/Downloader.gen.a!E8F90104CBFD
CryptDomaIQ!1479B1D4D8C4
PUP-FLY!0DFC1788CF3E
Generic PUP.x!EDBE609F4AA5
PUP-FLN!1486370D4348
RDN/Generic PUP.x!c2x!9F56B46D01BC
RDN/Generic PUP.x!c2x!9964F144A235
RDN/Generic.dx!CA78DC3FC569
Generic PUP.x!72DD34217EF5
Generic PUP.x!CF3E4946CC3D
RDN/PWS-Mmorpg!lc!61279722355E
RDN/Generic.bfr!97E5CAA94ED9
RDN/Generic PUP.x!c2x!759FF41D4E37
RDN/Generic PUP.x!c2x!9604FFF54611
iBryte!148431D8E579
CryptDomaIQ!147C50B4851E
Generic PUP.x!A518A1747B4D
Generic Downloader.x!9899D93D80B0
Generic PUP.x!9D035A01AB22
Generic PUP.x!B3A57B6C9E01
RDN/Downloader.gen.a!526479194A75

Phishing

PAYPAL INC	15th July 2014
Your Paypal Account Will be banned
Btinternet	13th July 2014
EXPIRATION OF YOUR BTINTERNET EMAIL !

Vulnerebility

Exploit

D-Link info.cgi POST Request Buffer Overflow

D-Link HNAP Request Remote Buffer Overflow

D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection

HP Data protector manager 8.10 remote command execution

Shopizer 1.1.5 - Multiple Vulnerabilities

14.7.2014

Bugtraq

[SECURITY] [DSA 2976-1] eglibc security update 2014-07-10
Florian Weimer (fw deneb enyo de)

Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:135 ] python 2014-07-10
security mandriva com

[ MDVSA-2014:134 ] liblzo 2014-07-10
security mandriva com

SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)

[ MDVSA-2014:133 ] gd 2014-07-10
security mandriva com

Malware

RDN/Generic PUP.x!2AB0A95436EC
Generic PUP.x!0C0569C86B11
RDN/Generic.bfr!ho!4276D0EBDA40
Generic.dx!4581F73EB6E7
RDN/Generic PUP.x!c2v!D66BB496A44E
Generic PUP.x!A4F2C321C18B
Generic PUP.x!49E5141BBEF9
PUP-FHQ!ED1E3B6C08D0
Generic.dx!856D1D886122
Generic PUP.x!4FAE9060641E
Generic PUP.x!7015CB220C15
PUP-FLN!12F00BCBFE9A
CryptInno!12F05854B605
RDN/Downloader.a!rz!0D244EBEC070
Generic PUP.x!BABA08DF01D4
RDN/Generic.dx!E73855B66515
RDN/Autorun.worm.gen!6B8A6CF58C2F
Generic PUP.x!2EF4248573AA
Generic.dx!AED2CBEEBDB3
RDN/Generic.dx!dd3!60C9628CBF00
RDN/Generic BackDoor!za!A36C1E279963
RDN/Generic BackDoor!za!A42CE501C83D
RDN/Generic BackDoor!za!A3C6B8434ED6
CryptDomaIQ!ED34DC3CAD43
CryptDomaIQ!12E64396620C
Generic PUP.x!A33977B81928
PUP-FLN!ED1EB4EDAE0F
PUP-FLN!ED24C92DB8A7
PUP-FIC!12E5F4EB8212
Generic PUP.x!C886F8153B57

Phishing

Btinternet	13th July 2014
EXPIRATION OF YOUR BTINTERNET EMAIL !
WESTERN UNION PAYMENT SERVICE	12th July 2014
Pick Up Your First Payment
NatWest	11th July 2014
Restriction On Your Account !
Halifax	11th July 2014
NEW MESSAGE FROM HALIFAX CUSTOMER SERVICE.
Paypal	11th July 2014
VERIFY YOUR PAYPAL ACCOUNT INFORMATION
NatWest ;	11th July 2014
Your Account As Temporarily Limited
NatWest	11th July 2014
Access to Online Banking Service
PAYPAI	11th July 2014
Security notice!

Vulnerebility

Exploit

11.7.2014

Bugtraq

[SECURITY] [DSA 2976-1] eglibc security update 2014-07-10
Florian Weimer (fw deneb enyo de)

Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:135 ] python 2014-07-10
security mandriva com

[ MDVSA-2014:134 ] liblzo 2014-07-10
security mandriva com

SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)

[ MDVSA-2014:133 ] gd 2014-07-10
security mandriva com

Malware

RDN/Generic PUP.x!c2q!2C62561A14DA
RDN/Generic PUP.x!c2q!2988F6AE5A82
Generic PUP.x!1DAD7D8D16C7
Generic PUP.x!57DB6AD90A19
Generic PUP.x!A43C1C64AA28
RDN/Generic PUP.x!c2q!8B0DC6A437DA
Generic PUP.x!60257433A6F1
Generic PUP.x!4A27F236340B
Generic PUP.x!CE2DB4FDDF5E
RDN/Generic PUP.x!c2q!A45A67078272
Generic PUP.x!AEC6CD4C344D
Generic PUP.x!81A2FC0365D1
RDN/Generic PUP.x!c2q!E0A70AAD9457
RDN/Generic PUP.x!c2q!7BEB7DEEEC15
RDN/Generic PUP.x!c2q!A20847612D7E
Generic PUP.x!1A27D0D4F11C
Generic.tfr!007DAA750AB5
Generic PUP.x!373DCD6CFCF8
Generic PUP.x!5DC875C59A96
RDN/Generic PUP.x!c2q!3ECDCC103355
Generic PUP.x!5747E9F7FC07
Generic PUP.x!6A8E71BCCDCD
RDN/Generic PUP.x!c2q!55295D81FC31
Generic PUP.x!5B974969D889
Generic PUP.x!9C91E274E0F4
Generic PUP.x!66C82829E2A7
Generic PUP.x!BFC09B15DFBA
Generic PUP.x!0A981C8678E9
Generic PUP.x!8EABA4859314
Generic PUP.x!F15D2A0FE779

Phishing

Vulnerebility

Exploit

Infoblox 6.8.2.11 - OS Command Injection

C99.php Shell - Authentication Bypass

10.7.2014

Bugtraq

[SECURITY] [DSA 2975-1] phpmyadmin security update 2014-07-09
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Weak Local Database Credentials in Infoblox Network Automation 2014-07-09
nate depthsecurity com

OS Command Injection Infoblox Network Automation 2014-07-09
nate depthsecurity com

[ MDVSA-2014:132 ] libxfont 2014-07-09
security mandriva com

[ MDVSA-2014:131 ] file 2014-07-09
security mandriva com

[ MDVSA-2014:129 ] ffmpeg 2014-07-09
security mandriva com

[ MDVSA-2014:130 ] php 2014-07-09
security mandriva com

[ MDVSA-2014:128 ] iodine 2014-07-09
security mandriva com

[ MDVSA-2014:127 ] gnupg 2014-07-09
security mandriva com

Android NFC Service Denial of Service 2014-07-09
vuln nipc org cn

CVE-2014-4331 OctavoCMS reflected XSS vulnerability 2014-07-09
andreu antonio gmail com

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic PUP.x!c2m!F1D3969F39D2
Generic PUP.x!BC4A8B125CB7
Generic PWS.y!D6CF2C52D42A
Generic PUP.x!C5AEDFDAA272
Generic PUP.x!115BD571B053
Generic PUP.x!1FD399C7F624
Generic PUP.x!54466D4C094A
Generic PUP.x!7E386F9295C4
Downloader.gen.a!D352EC7B94BC
RDN/Generic.bfr!ho!30A9E6863FCE
Generic PUP.x!F3344D9B5794
Generic.bfr!81CCFB1F0FBC
RDN/DNSChanger.bfr!d!3FB4C40A98BD
RDN/Generic BackDoor!yz!0DB782839A71
Generic PUP.x!030248669920
Generic PUP.x!D3B209B7BE6B
Generic PUP.x!06A5D489E677
Generic PUP.x!F7289BEF2C09
Generic PUP.x!842CFF6BB1E1
RDN/Generic.tfr!1E5BD179FCCB
RDN/Generic.hra!bz!DFA6C95527D8
Generic PUP.x!F859B3C772F2
Generic PUP.x!42DC35E41DE9
Generic PUP.x!044FA3272242
RDN/Generic PUP.x!c2m!7538AAFE3938
Generic PUP.x!7CB1DAE6E8E3
Generic PUP.x!05B1981E8C44
Generic PUP.x!49CF057AAEED
RDN/Generic.grp!hj!36E5B97F7A4A
Generic PUP.x!4FD281AAC7FB

Phishing

LLOYDS TSB	10th July 2014
* * ACCOUNT ON HOLD
NatWest	9th July 2014
Access to Online Banking Service.
BT	9th July 2014
Your BT Account Validation

Vulnerebility

Exploit

9.7.2014

Bugtraq

[ MDVSA-2014:126 ] phpmyadmin 2014-07-08
security mandriva com

CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX 2014-07-08
Portcullis Advisories (advisories portcullis-security com)

Abusing Oracle's CREATE DATABASE LINK Privilege for fun and Profit 2014-07-08
Sumit Siddharth (sid notsosecure com)

[security bulletin] HPSBGN03050 rev.1 - HP IceWall SSO Dfw and HP IceWall MCRP running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-07-08
security-alert hp com

[SECURITY] [DSA 2973-1] vlc security update 2014-07-07
Moritz Muehlenhoff (jmm debian org)

ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
Security Alert (Security_Alert emc com)

Malware

Generic PUP.x!01F25DE45911
RDN/Generic.bfr!ho!A37DF268A5A0
Generic PUP.x!FAABB628B84D
Generic PUP.x!4F07C5FDFCB2
RDN/Generic PUP.x!c2h!897AE36999C2
Generic PUP.x!029AFA627816
Generic PUP.x!0DCA2E568C73
Generic PUP.x!15968C8E3983
Generic PUP.x!2B0360693D4B
CryptDomaIQ!785429AB3E6F
Generic PUP.x!63527212A000
Generic PUP.x!F966C17CD501
Generic PUP.x!FC0D37A0F51D
Generic PUP.x!D16FEA1E4C0B
Generic PUP.x!DFF5DDF565CF
Generic PUP.x!FA1479BB67F7
CryptDomaIQ!792E3378647D
Generic PUP.x!E22D0E098A35
RDN/Downloader.a!rw!7A51DE8EBC24
RDN/Generic.dx!dd3!D3D0D6A45DD3
RDN/Generic PWS.y!b2g!B919F3340BFB
RDN/Generic PUP.x!c2h!2EACF378B500
Generic PUP.x!7CAD0541199B
Generic PUP.x!C1AD9367C4A3
Generic PUP.x!6DFCB5E19353
Generic PUP.x!9A592DD647AC
CryptDomaIQ!7878A43E78FD
Generic PUP.x!E582686EC23E
RDN/Generic PUP.x!BF158A8D3E93
RDN/Generic PUP.x!D6E8BE5004B1

Phishing

NatWest Bank	9th July 2014
ACCOUNT UPDATE
service@paypal.co.uk	8th July 2014
Notice of changes to the PayPal User Agreement :
PayPal	7th July 2014
PayPal Update !

Vulnerebility

Exploit

Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow

Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities

8.7.2014

Bugtraq

ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
Security Alert (Security_Alert emc com)

ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities 2014-07-07
Security Alert (Security_Alert emc com)

Photo Org WonderApplications v8.3 iOS - File Include Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic.dx!C68E97ECEF94
PUP-FIC!4A2652F26AB9
CryptDomaIQ!97A9C2BD0886
PUP-FIC!96D4743B1463
Generic PUP.x!4A0807CC8087
CryptInno!49C0E98CB5D4
PowerPack!49C2C5C8E72F
CryptDomaIQ!95F049D120F7
PUP-FIC!4A7FB1F2A585
Generic PUP.x!5635A3B281BC
Adware-FFN!4A6D978DD2FB
RDN/Generic StartPage!BA5B7B0D04F2
CryptDomaIQ!96051C35AEFF
PUP-FLN!960880F0DE62
CryptDomaIQ!96069A733F2D
PUP-FIC!957EE307FE30
CryptDomaIQ!499BE40F0567
PUP-FIC!96175103557B
Generic PUP.x!961550F9471D
PUP-FIC!971B2649E08C
PUP-FIC!499A0E3F7640
CryptDomaIQ!95B8A9FB11E9
CryptDomaIQ!95B07D8FCFE7
CryptDomaIQ!4A511F0B4BA5
PowerPack!4A0D1DEAC0D8
CryptDomaIQ!49F4E7B086FA
Generic PUP.x!2AF65ADEABF7
CryptDomaIQ!95B35166199F
PowerPack!4A7B6DBF67C6
Generic PUP.x!2BB8FC5B01C6

Phishing

Vulnerebility

Exploit

Oracle Event Processing FileUploadServlet Arbitrary File Upload

Gitlist Unauthenticated Remote Command Execution

Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload

Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability

7.7.2014

Bugtraq

[SECURITY] CVE-2014-3503 Apache Syncope 2014-07-07
Francesco Chicchiriccò (ilgrosso apache org)

Yahoo! Bug Bounty #25 Flickr API - Persistent Service Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability 2014-07-07
Vulnerability Lab (admin vulnerability-lab com)

PayPal Inc Bug Bounty #74 - Persistent Core Backend Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Backdoor access to Techboard/Syac devices 2014-07-07
roberto paleari emaze net

{CVE-ID request} - OCS-Inventory-NG Multiple Stored Cross Site Scripting Vulnerabilities. 2014-07-07
Madhu Akula (madhu akula hotmail com)

iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries 2014-07-07
Stefan Kanthak (stefan kanthak nexgo de)

CVE-2014-3863 - Stored XSS in JChatSocial 2014-07-07
Teodor Lupan (teodor lupan safetech ro)

Re: Android KeyStore Stack Buffer Overflow (CVE-2014-3100) 2014-07-07
a blas actisec com

[SECURITY] [DSA 2972-1] linux security update 2014-07-06
Salvatore Bonaccorso (carnil debian org)

Lime Survey 2-05+ Multiple Vulnerabilities 2014-07-06
g-damore outlook com

Malware

RDN/Generic PUP.x!c2c!6A6767A2517C
Generic PUP.x!E65DA192DC9C
Generic PUP.x!E9F18A00408F
Generic PUP.x!83DC7837C31E
RDN/Generic PUP.x!02A4325D91F6
Generic PUP.x!C80C4296C438
Downloader.gen.a!4499F7605801
Generic PUP.x!EBD228CD7B15
Downloader.gen.a!7A60098A38F0
Generic PUP.x!2C868E1CA7F2
Somoto-BetterInstaller!802236535680
RDN/Generic PUP.x!382297DF380B
Generic PUP.x!E46D97C21FF7
RDN/Generic PUP.x!c2c!595F753285BD
RDN/Generic PUP.x!c2c!58BA57BE409E
RDN/Generic PUP.x!c2c!5970C43D41BD
RDN/Generic PUP.x!c2c!58B7597C3A59
RDN/Generic Dropper!ut!5D27BB8E90C2
Generic PUP.x!40170F39B862
Generic PUP.x!5ED0EE35DF6F
Generic PUP.x!594F99580D2A
RDN/Generic PUP.x!c2c!5B36FC067321
RDN/Generic PUP.x!c2c!401FFA92D22A
RDN/Generic PUP.x!c2c!F1AF1492E14D
RDN/Generic PUP.x!c2c!5CC287A2AB9C
CryptInno!80172A045334
RDN/Generic PUP.x!c2c!582CCC7C2AE8
RDN/Generic PUP.x!c2c!565153409427
RDN/Generic PUP.x!c2c!56743A23ED9A
RDN/Generic.dx!dds!55D01F96B7CF

Phishing

PayPal	7th July 2014
PayPal Update !
HSBC BANK PLC	7th July 2014
YOUR HSBC SECURE KEY
NatWest	7th July 2014
Important information about your account
HSBC BANK PLC	6th July 2014
YOUR HSBC SECURE KEY
Natwest	5th July 2014
Access to Online Banking Service
Apple	5th July 2014
Apple
HSBC BANK PLC	5th July 2014
Your Hsbc Online Secure Key..
NatWest Bank	4th July 2014
NATWEST BANK ALERT: UNAUTHORIZED ACCESS ON YOUR ACCOUNT

Vulnerebility

Exploit

Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability

4.7.2014

Bugtraq

POC2014 Call for Paper 2014-07-03
pocadm gmail com

[security bulletin] HPSBMU03059 rev.1 - HP SiteScope, Remote Authentication Bypass 2014-07-02
security-alert hp com

[security bulletin] HPSBMU03064 rev.1 - HP Universal CMDB, Remote Information Disclosure, Execution of Code 2014-07-02
security-alert hp com

Malware

RDN/Generic PUP.x!ch3!C6E9BC74AE01
RDN/Generic Downloader.x!km!F93A05E9A2FB
RDN/Generic.dx!273D3A1A4307
RDN/Generic PWS.y!101B987D40F4
RDN/Generic PWS.y!F88B487390F0
Generic.bfr!7145A5385929
PUP-FLN!4FB79AF808C7
Generic PUP.x!CE3ACBE91579
Generic PUP.x!21C9D3938428
Generic PUP.x!EB43BC91005D
Generic PUP.x!8BFDEADC1F8A
Generic PUP.x!9AD45C8621AF
Generic PUP.x!2D511ADBE3A7
Generic PUP.x!2A60920B9AE9
Generic PUP.x!8643FE89FE8A
Generic PUP.x!784A9B4367CE
Generic PUP.x!03EBC2022A00
RDN/Downloader.gen.a!0BF17746FEC4
Generic PUP.x!93DA728580B8
RDN/Generic PUP.x!5A2432A0AE2E
Generic PUP.x!DFF89532622F
Generic PUP.x!E1D1D25FC3FB
Generic PUP.x!0764F739866A
Generic PUP.x!10474AA13D95
RDN/Generic.bfr!hk!F73C1F53C0C2
Generic PUP.x!90D575CF1172
Generic PUP.x!F0EF17DBDC8B
Generic PUP.x!767953505BF8
Generic PUP.x!C160230EF9BE
Generic PUP.x!00B64CA077D5

Phishing

HSBC BANK PLC	3rd July 2014
Your Hsbc Secure Key
National Westminster	3rd July 2014
Account Reveiw

Vulnerebility

Exploit

3.7.2014

Bugtraq

Malware

Generic PUP.x!F0187C3E63FB
Generic Downloader.x!C25E30DE3FB2
Generic Downloader.x!426A1111565C
Generic PUP.x!33AC7A4D0651
Generic PUP.x!A07B88A89289
Downloader.gen.a!F556D0891219
CryptInno!9C475B29BAD5
Generic PUP.x!62F71BBF3ADD
Generic PUP.x!5FEC3FD1E291
Generic PUP.x!C0EED7BDA1E3
Generic PUP.x!009096DFCC8D
Generic PUP.x!BC2161E2B2F4
Generic PUP.x!37D61EB2DDAC
Generic PUP.x!5ECF162914E9
Generic PUP.x!16CD3CB54511
Generic PUP.x!D38141F0D38F
Generic PUP.x!D4AF67C9E38B
Generic PUP.x!B899F5675D30
Generic PUP.x!A0901533DB51
Generic PUP.x!A253D0EC06CA
Generic PUP.x!C5759B3711C5
Generic PUP.x!980D422FB245
Generic PUP.x!A531D6D8CFEE
RDN/Generic.tfr!96EF6D358F59
Generic PUP.x!1F08D5C5454A
Generic PUP.x!C0A41452354F
Generic PUP.x!C2AF8CB9394C
Generic PUP.x!73239D5923CE
Generic PUP.x!4DF6FB7178C8
Generic PUP.x!AE3A15660462

Phishing

National Westminster	3rd July 2014
Account Reveiw
NatWest	2nd July 2014
We have temporarily suspended access to your Natwest Account.
BT	2nd July 2014
Confirm your BT.com email address

Vulnerebility

Exploit

Zurmo CRM - Persistent XSS Vulnerability

Kerio Control 8.3.1 - Blind SQL Injection

Baidu Spark Browser v26.5.9999.3511 - Remote Stack Overflow Vulnerability (DoS)

2.6.2014

Bugtraq

SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom 2014-07-01
SEC Consult Vulnerability Lab (research sec-consult com)

Kerio Control <= 8.3.1 Boolean-based blind SQL Injection 2014-06-30
info fereidani com

ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

Malware

CryptDomaIQ!C1C865E2ABEC
PUP-FIC!C15D0EF35311
RDN/Generic PUP.x!chs!69B20FB38F30
RDN/Generic PUP.x!23D5CB788D50
Generic PUP.x!B15BF848FAFA
CryptInno!23F5ADE1351B
PUP-FIC!23B7FF54164E
Cryptlore!23A0CFB9B183
RDN/Generic.tfr!ea!2A3BCEA98A4D
RDN/Generic PWS.y!b2f!E5C980EEC3BF
RDN/Generic.bfr!hk!1866E728F487
RDN/Generic PUP.x!chs!C35B400410F4
RDN/Generic PUP.x!chs!C160ADF132B8
RDN/Generic PUP.x!chs!C282686EA662
RDN/Generic PUP.x!chs!C85919F38ADD
CryptDomaIQ!C1CCC0244DB5
RDN/Generic PUP.x!chs!C33F573E897B
RDN/Generic PUP.x!chs!C6762FB5E9F7
Somoto-BetterInstaller!0A1869D78D13
Generic PUP.x!C286B329C9EC
PUP-FIC!C1AF3A80F6A2
CryptDomaIQ!C27CDF9582C5
RDN/Generic.dx!24147BE7390E
PowerPack!C17B4AB96AA2
CryptDomaIQ!C17293798158
PUP-FIC!C322AF1022D8
RDN/Generic PUP.x!chs!240837F6E615
CryptDomaIQ!23C20ED3E729
RDN/Generic PUP.x!chs!C27AAB1EF5AD
RDN/Generic PUP.x!chs!23CD3D826440

Phishing

Vulnerebility

Exploit

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass

IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities

Flussonic Media Server 4.1.25 - 4.3.3 - Aribtrary File Disclosure

1.7.2014

Bugtraq

ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

APPLE-SA-2014-06-30-4 Apple TV 6.1.2 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-06-30-3 iOS 7.1.2 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBST03000 rev.4 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information 2014-06-30
security-alert hp com

APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS 2014-06-30
SEC Consult Vulnerability Lab (research sec-consult com)

ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability 2014-06-30
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 2970-1] cacti security update 2014-06-29
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!93DB3237A4D1
Generic PUP.x!93E10B991CFA
Generic PUP.x!951E0B7659D1
Generic PUP.x!8B5C18C5E644
Generic PUP.x!D6930E4AFEBD
Generic PUP.x!9479C88D1A67
Generic PUP.x!94BD0030A0DB
Generic PUP.x!9512BE780657
Generic PUP.x!95E8625E8A02
Generic PUP.x!95D86D1D1336
VTFlooder!C5F06FED1331
RDN/Generic PUP.x!chq!C4B9B0C203AE
RDN/Generic.bfr!hk!F0BC4B9DCB30
CryptDomaIQ!C4BB069D06D2
Generic PUP.x!957C671F593C
Generic PUP.x!74BEF60535CB
RDN/Generic.dx!C066F1153E2A
Generic PUP.x!93A9E519B758
RDN/Generic PUP.x!chq!EE50B8ED8B7B
RDN/Generic PUP.x!chq!B198F82FFAA1
Generic PUP.x!8FC1ECEFE4F0
Generic PUP.x!C4AAC334568E
RDN/Generic PUP.x!chq!A086B86A9A1A
Generic PUP.x!A0B28B4F669C
RDN/Generic BackDoor!yx!71E31325F7C8
Generic PUP.x!955A7DE45E55
Generic PUP.x!6A55F77A7C51
Downloader.gen.a!D97BF6A09159
CryptInno!C4AA33CA967E
Generic.bfr!93B2DBA6AFA0

Phishing

NATWEST	1st July 2014
Verification of Account
Natwest	1st July 2014
NatWest YourPoints Online
Halifax	30th June 2014
DEAR HALIFAX MEMBER,
Amazon Security Team	30th June 2014
UPDATE MISSING INFORMATION
Apple	30th June 2014
NOTIFICATION OF EXPIRATION OF YOUR ACCOUNT.

Vulnerebility

Exploit

Gitlist <= 0.4.0 - Remote Code Execution