Databáze Hot News 2015 January

Databáze Hot News 2015 January - 2015 January February March April May June July August September October November December

30.1.2015

Bugtraq

[SECURITY] [DSA 3144-1] openjdk-7 security update 2015-01-29
Moritz Muehlenhoff (jmm debian org)

NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability 2015-01-29
VMware Security Response Center (security vmware com)

Symantec Encryption Management Server < 3.2.0MP6 - Remote Command Injection 2015-01-30
Paul Craig (lists vantagepoint sg)

Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router 2015-01-29
kingkaustubh me com

Reflected XSS vulnarbility in Asus RT-N10 Plus Router 2015-01-29
kingkaustubh me com

Malware

Generic PUP.x!8374F57466E0
Generic-FAVX!A24B8AE45E91
Generic-FAVX!DE19A5500766
Generic PUP.x!A806BD18D12B
W32/Sality.gen!7FE793754AFE
RDN/Generic Dropper!35E117E1F43C
RDN/Generic.bfr!ic!81B42E6E7CB8
Generic.dx!A454231A1356
RDN/Generic.bfr!8E516E453FF2
Generic FakeAlert!278C1F35850E
Generic Downloader.x!81212EED0BCB
Generic Downloader.x!80BED2783AED
Generic.dx!FF8390A1355A
RDN/Spybot.bfr!4D639853D222
RDN/Generic PUP.x!ctk!7C6CCEF9BCB4
Generic.dx!CE6897C29CDB
Generic.dx!C23F1DCA3670
RDN/Generic PWS.y!bcp!81064F06FD54
Generic.dx!6AF956E1A8D5
Generic.dx!95FCED611F3F
RDN/Generic PWS.y!bcp!9FAD35347369
Generic.dx!044C180713DF
RDN/Spybot.bfr!6618EB719091
Generic.dx!74ED2809EC3E
Generic.dx!345504F7F52C
RDN/Generic PUP.x!ctk!43F36F5D5BEC
Generic.dx!613C0B8B2C5F
Generic.dx!B696CB117760
Generic.dx!5BB3A0AB2DA6
RDN/Generic BackDoor!bb3!7C2775BCD804

Phishing

no_reply@bt.com	30th January 2015
Account Verification
APPLE STORE	28th January 2015
Your Account Will Be Limited. Update Your Informations !
PayPal	28th January 2015
IMPORTANT: WE NOTICED UNUSUAL ACTIVITY IN YOUR PAYPAL ACCOUNT (REF #PP-004-621-793-329) !

Vulnerebility

Exploit

29.1.2015

Bugtraq

Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router 2015-01-29
kingkaustubh me com

Reflected XSS vulnarbility in Asus RT-N10 Plus Router 2015-01-29
kingkaustubh me com

ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities 2015-01-29
Security Alert (Security_Alert emc com)

Blubrry PowerPress Security Advisory - XSS Vulnerability - CVE-2015-1385 2015-01-29
Onur Yilmaz (onur netsparker com)

CVE-2014-8779: SSH Host keys on Pexip Infinity 2015-01-29
giles pexip com

[The ManageOwnage Series, part XII]: Multiple vulnerabilities in FailOverServlet (OpManager, AppManager, IT360) 2015-01-28
Pedro Ribeiro (pedrib gmail com)

Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability 2015-01-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

AST-2015-001: File descriptor leak when incompatible codecs are offered 2015-01-28
Asterisk Security Team (security asterisk org)

[slackware-security] glibc (SSA:2015-028-01) 2015-01-28
Slackware Security Team (security slackware com)

Malware

RDN/Generic.bfr!ic!F48887E6C433
Generic PUP.x!4EC1E43160A6
FakeAV-M.bfr!19767E06F6C9
Downloader.gen.a!F77B3D00A546
Generic Downloader.x!A9E6A583A055
Generic Downloader.x!E025396F5795
Generic Downloader.x!367DDA250565
RDN/Generic PUP.x!ctj!192EB76B0840
Generic Downloader.x!F613968F5E58
PWS-Banker!80CEE13734FF
RDN/Generic PUP.x!788F0BF173A9
Generic Downloader.x!4473D15FE542
Generic PUP.x!784547B53E5A
Generic Downloader.x!DF4DFBE34FFA
Generic Downloader.x!932270DC4E9D
Generic Downloader.x!F6DD6BB55D57
Generic Downloader.x!0C7A65F4354A
Generic Downloader.x!303D7D73675E
RDN/Generic.bfr!ic!27370E90C927
Generic.bfr!5935C84A5C88
FakeAV-M.bfr!2DA6310D9018
RDN/Generic BackDoor!bb3!857078AFFA14
RDN/Generic PUP.x!ctj!5BA5242D08F2
RDN/Generic PUP.x!ctj!E3D0CFD4B5A3
RDN/Sdbot.worm!cd!6452AE91839F
Generic PUP.x!DBB594CF0EF8
Generic Downloader.x!51CBA585457C
Generic PUP.x!77243266C757
Generic Downloader.x!ADC4EE9812E0
RDN/Generic Downloader.x!lq!1CF3F0305C9A

Phishing

Vulnerebility

Exploit

VSAT Sailor 900 - Remote Exploit

ClearSCADA - Remote Authentication Bypass Exploit

OS X < 10.10.x - Gatekeeper bypass Vulnerability

UniPDF 1.1 - Crash PoC (SEH overwritten)

Microsoft Windows Server 2003 SP2 - Privilege Escalation

ManageEngine Firewall Analyzer 8.0 - Directory Traversal/XSS Vulnerabilities

FreeBSD Kernel Multiple Vulnerabilities

28.1.2015

Bugtraq

[CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8 2015-01-28
sven bsddaemon org

[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8 2015-01-28
sven bsddaemon org

[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability 2015-01-28
Amplia Security Advisories (advisories ampliasecurity com)

NEW VMSA-2015-0001 - VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address resolve security issues 2015-01-27
VMware Security Response Center (security vmware com)

Multiple vulnerabilities in MantisBT 2015-01-28
High-Tech Bridge Security Research (advisory htbridge com)

Two XSS Vulnerabilities in SupportCenter Plus 2015-01-28
High-Tech Bridge Security Research (advisory htbridge com)

Malware

RDN/Generic.dx!6BA8862C2D15
Generic.dx!C455CCA446ED
Gamarue-FAX!93AC2ACD8527
RDN/Generic Downloader.x!7AC2B592E5CE
RDN/Generic PUP.x!cth!8D61C7D1310B
RDN/Generic.grp!hx!8D50D499C4B2
RDN/Generic PUP.x!cth!D97EFBD3CD55
Downloader.gen.a!C97F400CDB3E
RDN/Generic Downloader.x!mn!A67404616BC3
Downloader.gen.a!3AF555C2ACD0
RDN/Generic PUP.z!eq!74078ABEE3A8
RDN/Generic.dx!d2q!DC1755A1C7C4
RDN/Generic PUP.z!eq!EECC50E8A5AC
RDN/Generic BackDoor!bb3!AF654CB7F6EB
Generic BackDoor!D03D53F57ACB
RDN/Generic.bfr!3B3F38A66B70
Generic PUP.x!C7D377F7DC50
RDN/Generic.dx!d2q!A936D918C874
RDN/Generic.bfr!D91D3C5B29DD
RDN/Generic PUP.x!cth!508B498E4FBB
RDN/Generic BackDoor!bbn!506DB3C64D05
Generic PUP.x!502E097B4D3E
RDN/Generic.dx!922FD31003E0
RDN/Generic.bfr!ED5058F4EF49
Generic PUP.x!5527337F26B3
RDN/Generic PUP.x!9B8B6656AE9F
Generic.dx!C3D2802ED4C8
RDN/Spybot.bfr!29B960685EF6
RDN/Generic.dx!d2p!C7E6A437F069
W32/Nabucur!EC14F8BE5B86

Phishing

NETELLER	28th January 2015
Your NETELLER Account Has Been Disabled - 10/01/2015 09:34:03
Service .inc	28th January 2015
UPDATE YOUR ACCOUNT INFORMATION
PayPal	28th January 2015
account has been frozen
BT	28th January 2015
Update Your Details
PayPal	28th January 2015
WHY MY ACCOUNT IS LIMITED ?
PayPal	28th January 2015
CHECK YOUR RECENT ACTIVITY BY LOGGING IN [PAYPAL] âœ”
PayPal	28th January 2015
[Paypal]: You Need To Confirm Your Information ! 02/01/2015 05:27:45
Skype	28th January 2015
New Payment To Skype !
Citibank	28th January 2015
Customer Service Reference: ASO0Q5SL
PayPal	28th January 2015
Service.security@Paypal.cu
Apple	28th January 2015
Your recent download
PayPal	28th January 2015
Your PayPal account is limited until we hear from you.
Your Barclays Account	28th January 2015
Your Barclays Bank Support
Paypal Support	28th January 2015
âœ‰ [PAYPAI]: UPDATE YOUR INFORMATION ACCOUNT NUMBER 1544
Apple	28th January 2015
Account Info Change
HSBC Bank	28th January 2015
TONY.THELMA@NTLWORLD.COM, YOUR ACCOUNT SERVICE INFORMATION
NatWest	28th January 2015
Security Update
Microsoft	28th January 2015
Dear Email Account Owner,
PayPal Reminder	28th January 2015
âœ” ALERT ! YOUR PAYPAL ACCOUNT WILL BE LIMITED PP1366
PayPal Services	28th January 2015
YOUR ACCOUNT PAYPAL IS LIMITED YOU HAVE TO SOLVE THE PROBLEM IN 24 HOURS.
PayPal	28th January 2015
YOUR PAYPAL ACCOUNT HAS BEEN LIMITED !
PayPal Update	28th January 2015
UPDATE YOUR ACCOUNT INFORMATION !
PayPal Inc	28th January 2015
VERIFY YOUR INFORMATION TO ACTIVATE YOUR ACCOUNT !
HSBC Bank	28th January 2015
DARREN.M.BROWN@NTLWORLD.COM, YOUR ACCOUNT SERVICE INFORMATION

Vulnerebility

Exploit

ClearSCADA - Remote Authentication Bypass Exploit

27.1.2015

Bugtraq

[SECURITY] [DSA 3140-1] xen security update 2015-01-27
Moritz Muehlenhoff (jmm debian org)

[SYSS-2014-013] FancyFon FAMOC - Use of a One-Way Hash without a Salt 2015-01-27
matthias deeg syss de

[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting 2015-01-27
matthias deeg syss de

[SYSS-2014-012] FancyFon FAMOC - Session Fixation 2015-01-27
matthias deeg syss de

CVE-2015-0223: anonymous access to qpidd cannot be prevented 2015-01-26
Gordon Sim (gsim apache org)

CVE-2015-0224: qpidd can be crashed by unauthenticated user 2015-01-26
Gordon Sim (gsim apache org)

[CORE-2015-0002] - Android WiFi-Direct Denial of Service 2015-01-26
CORE Advisories Team (advisories coresecurity com)

WebKitGTK+ Security Advisory WSA-2015-0001 2015-01-26
Carlos Alberto Lopez Perez (clopez igalia com)

Malware

Generic Dropper!04F6E78DCFA7
RDN/T-UPA-AAQ!a!147A717AABD6
Generic.bfr!0EE37BAE7D60
GenericR-CUT!DE932FF7C7F4
RDN/Generic PUP.z!A81CBA4F3A6F
RDN/Downloader.gen.a!C58BAFAB8A83
RDN/Spybot.bfr!C5EBA520DD07
RDN/Spybot.bfr!A88216E1F80F
RDN/Generic PUP.x!F66759103E9D
Generic PUP.x!DC913B05B5D1
W32/Sdbot.worm!AF206A5A94B5
Ransom!DC407A859787
Generic.dx!CB74F89923D7
RDN/Generic.dx!CCD805F09122
W32/Expiro.gen.ra!0087645D3EEE
RDN/Generic BackDoor!bbn!D9FCD9AF9734
RDN/Generic PUP.x!ct3!0A4AAEB9CFB5
RDN/Generic.tfr!eh!D637D2F8F974
Generic PUP.x!D9B7B9A26F6D
RDN/Generic BackDoor!bbn!D8B272BF9464
RDN/Generic PWS.y!bc3!6DA0E3545ED2
Generic PUP.x!CB18F1FF6A54
RDN/Generic PUP.x!9DC23113DD3D
RDN/Generic PUP.x!ct3!9390F2C19DDB
Generic PUP.x!D5410A6DF20F
RDN/Generic Dropper!vz!D5526013BF00
Generic PUP.x!CE605667AB19
Generic PUP.x!C889E72BB100
RDN/Generic BackDoor!bbn!CAFA19ED9847
RDN/Generic PUP.x!ct3!C65ADBDCE885

Phishing

Paypal	27th January 2015
[IMPORTANT] : UPDATE YOUR ACCOUNT INFORMATION !
National	27th January 2015
She has no taboos and restrictions
Apple Inc.	27th January 2015
PLEASE UPDATE YOUR ACCOUNT
PayPal	27th January 2015
Your PayPal account is limited until we hear from you.
ebilling@bt.com	27th January 2015
Verify your account
Natwest	27th January 2015
\|Natwest Bank\| Case Reference #: 458839348482
onlinebankinservice@tescobank.	27th January 2015
TESCO BANK - NEW ESTATEMENT AND EADVICE
_-Vydox_-_Plus_-	27th January 2015
~NEW~YEAR,~NEW~YOU:~30~DAY~FRE E~TRIAL~FOR~A~BULL~PERFORMANCE ~IN~BED~
MS MARY ARINZE	27th January 2015
Re: Very Urgent Response!!!
JANET NAPOLITANO	27th January 2015
HOMELAND SECURITY ALERT!!!
PayPal Services	27th January 2015
YOUR ACCOUNT PAYPAL IS LIMITED YOU HAVE TO SOLVE THE PROBLEM IN 24 HOURS.
PayPal	27th January 2015
[PAYPAL] :UPDATE YOUR ACCOUNT INFORMATION
Apple Service	27th January 2015
YOUR APPLE ACCOUNT IS TEMPORARILY SUSPENDED !
Ysande	27th January 2015
WHEN WAS VIAGRA INVENTED
PayPal	27th January 2015
YOU'VE SENT A PAYMENT
PayPal	27th January 2015
PLEASE UPDATE YOUR PAYPAL ACCOUNT
Barclays	27th January 2015
IMPORTANT - ONLINE BANKING UPDATE
Bank of America Alert	27th January 2015
Bank Of America Alert: Online Access Suspension Message®
Apple	27th January 2015
Account Info Change
Apple	27th January 2015
Account Suspended
PayPal INC.	27th January 2015
YOUR ACCOUNT WILL BE LIMITED. PLEASE UPDATE YOUR ACCOUNT INFORMATION !
NatWest Online Banking	27th January 2015
IMPORTANT NOTICE REGARDING YOUR NATWEST ONLINE ACCOUNT.
head office	27th January 2015
FEDERAL BUREAU OF INVESTIGATION(WWW.FBI.GOV)
Navy Federal Online	27th January 2015
Important notice regarding your Navy Federal Online account.

Vulnerebility

Exploit

D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit

VLC Player 2.1.5 - DEP Access Violation Vulnerability

VLC Player 2.1.5 - Write Access Violation Vulnerability

Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP

Mangallam CMS - SQL Injection Web Vulnerability

Barracuda Networks Cloud Series - Filter Bypass Vulnerability

ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management Vulnerability

PHP Webquest 2.6 - SQL Injection

Android WiFi-Direct Denial of Service

26.1.2015

Bugtraq

Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)

REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)

REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)

[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days 2015-01-22
Hafez Kamal (aphesz hackinthebox org)

PhotoSync 1.1.3 Android - Command Inject Vulnerability 2015-01-22
Vulnerability Lab (research vulnerability-lab com)

Program-O v2.4.6 - Multiple Web Vulnerabilities 2015-01-22
Vulnerability Lab (research vulnerability-lab com)

CVE-2015-1180-xss-eventsentry 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

CVE-2015-1179-xss-mango-automation-scada 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

Malware

Generic.bfr!8A3B913C0CB2
FakeAV-M.bfr!ED4D5F7A7DE1
RDN/Generic.dx!77C0AF9BC1F5
RDN/Generic Dropper!vz!208DA38CD99C
Generic.bfr!A6BBE611A563
RDN/Spybot.bfr!1204314BD74C
Generic PUP.x!48BEA33D9F9B
Generic.bfr!6BF9CA39794A
Generic.bfr!D1B231D2719A
W32/Expiro!886E724B2CE6
RDN/Generic.bfr!ED1009DC35CE
Generic.bfr!5C0AF6FC056F
RDN/Generic PUP.x!cs3!AACE94796ECE
W32/PdfCrypt.b!BA14824E7F23
Generic.bfr!721DC78264EB
RDN/Generic PUP.x!cs3!201FDD65FB44
Generic BackDoor!1BC129D7FCF2
RDN/Generic PUP.x!cs3!B04724526543
Generic PUP.x!FAB21799D89E
RDN/Generic PUP.x!cs3!38D531E8176B
W32/PdfCrypt.b!92FAE8BA7B4F
Generic.dx!D389E6D2A064
RDN/Generic PUP.x!cs3!3548AD3FE731
Generic PUP.x!8EEDADE1FCF7
RDN/Generic PUP.x!cs3!4B96A469E3D5
RDN/Generic PUP.x!cs3!09E806628D0B
RDN/Generic PUP.x!cs3!6E0D30D8403A
Generic PUP.x!1489244252B6
GenericR-CVC!D987642100A9
RDN/Generic.bfr!ib!63F951F778E6

Phishing

Vulnerebility

Exploit

23.1.2015

Bugtraq

Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)

REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)

REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)

[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days 2015-01-22
Hafez Kamal (aphesz hackinthebox org)

PhotoSync 1.1.3 Android - Command Inject Vulnerability 2015-01-22
Vulnerability Lab (research vulnerability-lab com)

Program-O v2.4.6 - Multiple Web Vulnerabilities 2015-01-22
Vulnerability Lab (research vulnerability-lab com)

CVE-2015-1180-xss-eventsentry 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

CVE-2015-1179-xss-mango-automation-scada 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

Malware

Generic.dx!067B470A053D
Generic.bfr!D7FEB35BB2A1
RDN/Generic.bfr!B29C6360E83E
Generic.bfr!D888CB6FA6AF
RDN/Generic PUP.z!F4442F9F8418
RDN/Vundo!dw!ADD711C4860B
Generic PUP.x!9B80E9F86A26
RDN/Generic PUP.x!csw!BE2F5C90BC0B
W32/Expiro!D8AD51FA9426
RDN/Generic Dropper!vz!75AFBB90E21A
Generic.bfr!D7DB922CE718
Generic.bfr!D967F0170BBE
Generic.bfr!D913158B5084
Generic.bfr!D8F64F9DA566
RDN/Spybot.bfr!0E70274958CB
Generic PUP.x!7A1D7A67616C
Generic.bfr!D929D5267784
RDN/Generic.bfr!A0DD7B3DDFE9
RDN/Generic PUP.x!0395D14646D2
Generic.dx!D8EC94FCFD13
Generic.bfr!D8CE6E5DF2F6
Generic.bfr!D9A1D3ED9F4B
Generic.bfr!D95B486B6A10
Generic PUP.x!CA967E90D614
Generic.bfr!D9508A6F10BB
BackDoor-FCKD!37F36C0A897F
Generic PUP.x!7FB5F408BEC7
Generic PUP.x!6D5A0586C9B8
Generic PUP.x!937DEB1D76C3
RDN/Generic.bfr!ib!387FE14AE78F

Phishing

Vulnerebility

Exploit

22.1.2015

Bugtraq

PhotoSync 1.1.3 Android - Command Inject Vulnerability 2015-01-22
Vulnerability Lab (research vulnerability-lab com)

Program-O v2.4.6 - Multiple Web Vulnerabilities 2015-01-22
Vulnerability Lab (research vulnerability-lab com)

CVE-2015-1180-xss-eventsentry 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

CVE-2015-1179-xss-mango-automation-scada 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

CVE-2015-1177-xss-exponent 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP 2015-01-22
SEC Consult Vulnerability Lab (research sec-consult com)

CVE-2015-1176-xss-osticket 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)

[slackware-security] samba (SSA:2015-020-01) 2015-01-21
Slackware Security Team (security slackware com)

Remote Desktop v0.9.4 Android - Multiple Vulnerabilities 2015-01-21
Vulnerability Lab (research vulnerability-lab com)

iExplorer 3.6.3 - DLL Hijacking Exploit itunesmobiledevice.dll 2015-01-21
Vulnerability Lab (research vulnerability-lab com)

[RT-SA-2014-010] AVM FRITZ!Box Firmware Signature Bypass 2015-01-21
RedTeam Pentesting GmbH (release redteam-pentesting de)

PhotoSync v1.1.3 Android - Command Inject Vulnerability 2015-01-21
Vulnerability Lab (research vulnerability-lab com)

[oCERT-2015-001] JasPer input sanitization errors 2015-01-21
Andrea Barisani (lcars ocert org)

[security bulletin] HPSBUX03235 SSRT101750 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-01-20
security-alert hp com

[SECURITY] [DSA 3134-1] sympa security update 2015-01-20
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3133-1] privoxy security update 2015-01-20
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!CE70394F8239
Generic Downloader.x!13FC6901B52B
RDN/Generic.bfr!hr!55CE2FF9438E
Generic PUP.x!C9CBBCCBC8E0
Generic Downloader.x!B4668C5C9C61
RDN/Generic PUP.x!A3ADCA0ADAE0
Downloader-FAMV!F1034F5D5113
RDN/Generic.bfr!D6F0A2E6278E
Generic Downloader.x!C30E01943939
RDN/Generic PWS.y!bcn!C94BDFAF3418
RDN/Generic PUP.z!9E66C1048F7A
RDN/Generic BackDoor!142A9CBD2619
Downloader-FAMV!43D08191F217
Downloader-FAMV!D15017BE80CE
Generic PUP.x!902C2764627C
Downloader-FAMV!C312342EC3BC
Downloader-FAMV!EE6EC0C1A19D
RDN/Generic PUP.x!cs3!0758D179BE2B
FakeAV-M.bfr!2F960BDC6C64
Downloader.gen.a!C08C55404726
RDN/Generic Downloader.x!lq!A728C66D4ED3
RDN/Generic PUP.x!F6B06C2C7184
RDN/Generic BackDoor!bbm!292F12911B1C
Generic Downloader.x!14A97544DD9B
Generic Downloader.x!338AFDEC37DC
RDN/Generic PWS.y!bcn!56D9162976F4
Generic Downloader.x!A4255BE12904
RDN/Generic PUP.x!FFF625D03DE7
RDN/Generic.bfr!ib!D583C3A8187D
FakeAV-M.bfr!327E59689596

Phishing

Vulnerebility

Exploit

Exif Pilot 4.7.2 - SEH Based Buffer Overflow

19.1.2015

Bugtraq

CVE-2015-1032 Kiwix Cross-Site Scripting Vulnerability 2015-01-18
Riley Baird (BM-2cVqnDuYbAU5do2DfJTrN7ZbAJ246S4Xix bitmessage ch)

[slackware-security] seamonkey (SSA:2015-016-04) 2015-01-17
Slackware Security Team (security slackware com)

[slackware-security] mozilla-firefox (SSA:2015-016-02) 2015-01-17
Slackware Security Team (security slackware com)

[slackware-security] freetype (SSA:2015-016-01) 2015-01-17
Slackware Security Team (security slackware com)

[slackware-security] mozilla-thunderbird (SSA:2015-016-03) 2015-01-17
Slackware Security Team (security slackware com)

[ MDVSA-2015:027 ] kernel 2015-01-16
security mandriva com

Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability 2015-01-16
admin@evolution-sec.com (admin evolution-sec com)

WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

VeryPhoto v3.0 iOS - Command Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

CatBot v0.4.2 (PHP) - SQL Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3129-1] rpm security update 2015-01-15
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!2784A9A43253
Generic PUP.x!5C147FA73DA8
RDN/Generic Downloader.x!01A1FC9794A9
RDN/Generic PUP.x!00628B0E0AEA
RDN/PWS-Banker!7DA2C4265BFA
RDN/Generic Downloader.x!00BF20E1D1F7
RDN/Generic Downloader.x!01AD5A920DD1
RDN/Generic.tfr!3417066DEE20
RDN/Generic PUP.x!csm!F8BD291AC448
Generic.dx!171101C2764C
RDN/Generic Downloader.x!006D0AC356F4
Generic Downloader.x!6E7914EED837
RDN/Generic PUP.x!511647C2A0EA
RDN/Generic Downloader.x!00B8BB0C619E
Generic PUP.x!01733A5D11A6
RDN/Generic.grp!E614E42DBD43
RDN/Generic Downloader.x!lq!510E0FF39E0E
Generic PUP.x!F67D77899793
Generic PUP.x!09567F67D2F8
RDN/Generic.bfr!hr!345918FCBE69
RDN/Generic BackDoor!83024D35B795
Generic PUP.x!294A682EC2DB
Generic PUP.x!7961FA202561
RDN/Downloader.gen.a!41E940093654
RDN/Generic Downloader.x!01AE9B1881BF
RDN/Generic PUP.x!csm!A6AB6EDB03D1
RDN/Generic PUP.x!csm!A203B1439669
RDN/Generic PUP.x!6E05CE615DC5
Generic.bfr!10C053F007C3
Generic PUP.x!A3CC151715CB

Phishing

Vulnerebility

Exploit

17.1.2015

Bugtraq

[ MDVSA-2015:027 ] kernel 2015-01-16
security mandriva com

Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability 2015-01-16
admin@evolution-sec.com (admin evolution-sec com)

WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

VeryPhoto v3.0 iOS - Command Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

CatBot v0.4.2 (PHP) - SQL Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3129-1] rpm security update 2015-01-15
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!F8210A91CE1F
Generic PUP.x!164541277E79
DNSChanger.bfr!97396B26AE8C
Generic PUP.x!969519608272
Generic PUP.x!B55BFEC042CB
Generic PUP.x!F2D6BE48D661
Generic PUP.x!A5D5EEE7E377
Generic PUP.x!E3863A98ED2A
Downloader.gen.a!AAA6668D140B
RDN/DNSChanger.bfr!f!97F27C51B64E
Generic PUP.x!28559171E86B
Generic PUP.x!3507C6BF9E81
RDN/Generic PUP.x!csh!EFEFF51032F2
Generic PUP.x!93689A4A5DA8
Generic PUP.x!1F8F5137BA31
Generic PUP.x!3658EFFAD7A4
RDN/Generic PWS.y!bcm!E898209E7127
Generic PWS.y!6431FA1BD1D1
RDN/Generic.bfr!ib!856FE2142B49
Generic PUP.x!AF0273D472F8
Generic PUP.x!0830EE8E6572
RDN/Generic PUP.x!csh!1482AF5D012D
RDN/YahLover.worm!6422F1BC75B0
RDN/YahLover.worm!6C8143A75964
RDN/BackDoor-FBSA!a!956F51A85607
Generic PWS.y!950DFA9A26E2
RDN/Generic.bfr!ib!AD64C0D9A0A2
Generic PWS.y!60F012781288
Generic PUP.x!20B8704BB552
Generic PUP.x!D127F03C61A7

Phishing

Vulnerebility

Exploit

16.1.2015

Bugtraq

Alienvault OSSIM/USM Command Execution Vulnerability 2015-01-15
Peter Lapp (lappsec gmail com)

[ MDVSA-2015:025 ] mpfr 2015-01-15
security mandriva com

[ MDVSA-2015:024 ] libsndfile 2015-01-15
security mandriva com

[ MDVSA-2015:026 ] untrf 2015-01-15
security mandriva com

[ MDVSA-2015:023 ] libvirt 2015-01-15
security mandriva com

[SECURITY] [DSA 3128-1] linux security update 2015-01-15
Salvatore Bonaccorso (carnil debian org)

FreeBSD Security Advisory FreeBSD-SA-15:01.openssl 2015-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3127-1] iceweasel security update 2015-01-14
Moritz Muehlenhoff (jmm debian org)

Two XSS vulnerabilities in Simple Security WordPress Plugin 2015-01-14
High-Tech Bridge Security Research (advisory htbridge com)

MS14-080 CVE-2014-6365 Code 2015-01-14
DiÃ©yÇ? (dieyu dieyu org)

AusCERT2015 Call for Papers: closes 18th January 2015-01-14
AusCERT (auscert auscert org au)

Malware

RDN/Generic PUP.x!cnq!6872CDFCD62D
Generic BackDoor!AC12DACEE9B9
Generic PUP.x!D16A9892306B
RDN/Generic.grp!C5124A18052D
Generic PUP.x!CE2FB5664C1D
Generic.bfr!CC0D7E913192
Generic PUP.x!EDE24D0DC2A3
Generic PUP.x!98277CE56227
Generic PUP.x!1D45105CEE55
RDN/Generic.bfr!hr!3569E1EDD37F
RDN/Generic Downloader.x!lq!21AD6CE4B465
Generic.bfr!C57410C9D064
RDN/Downloader.a!uj!0A8FC56066EA
Generic PUP.x!2742F93BD348
Generic.bfr!C5EF09163249
RDN/Generic PUP.x!3A4D4E2FF8D0
RDN/Generic PUP.x!csf!283742066D48
Generic PUP.x!CDDD17698E0E
Generic PUP.x!43F4A79F9531
Generic PUP.x!F918B586CC51
RDN/Spybot.bfr!2AA32316D8AF
Generic PUP.x!280EC5F5D376
RDN/Generic PUP.x!698E6F967F17
RDN/Generic PUP.x!D6BFDEF7769D
RDN/Generic PUP.x!csf!669417C96549
RDN/Generic PUP.x!48C95F3C71FD
RDN/Downloader.a!uj!5AFB36330EF1
RDN/Generic PWS.y!bcl!CA55CD724B01
Generic PUP.x!5E5C440D9996
RDN/Generic Downloader.x!ml!D2D1FF7729AC

Phishing

Vulnerebility

Exploit

15.1.2015

Bugtraq

[SECURITY] [DSA 3127-1] iceweasel security update 2015-01-14
Moritz Muehlenhoff (jmm debian org)

Two XSS vulnerabilities in Simple Security WordPress Plugin 2015-01-14
High-Tech Bridge Security Research (advisory htbridge com)

MS14-080 CVE-2014-6365 Code 2015-01-14
DiÃ©yÇ? (dieyu dieyu org)

AusCERT2015 Call for Papers: closes 18th January 2015-01-14
AusCERT (auscert auscert org au)

[security bulletin] HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information 2015-01-13
security-alert hp com

[SECURITY] [DSA 3123-2] binutils-mingw-w64 security update 2015-01-13
Thijs Kinkhorst (thijs debian org)

Sitefinity Enterprise v7.2.53 - Persistent Vulnerability 2015-01-13
Vulnerability Lab (research vulnerability-lab com)

Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities 2015-01-13
Vulnerability Lab (research vulnerability-lab com)

[security bulletin] HPSBMU03230 rev.1 - HP Insight Control server deployment Remote Disclosure of Information 2015-01-13
security-alert hp com

SEC Consult SA-20150113-2 :: Cross-Site Request Forgery in XBMC / Kodi 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)

CVE-2015-0203: Apache Qpid's qpidd can be crashed by authenticated user 2015-01-13
Gordon Sim (gsim apache org)

Malware

RDN/Spybot.bfr!F08225F09441
RDN/Generic.bfr!ib!FA44DE457E08
RDN/Generic.grp!311DA383E661
RDN/Generic PWS.y!bcl!D64172F03935
GenericR-CTB!1AFA3748F402
RDN/Generic.tfr!eh!421C15032D2C
RDN/Generic PUP.x!cs3!837958BA9E1F
Generic.dx!FE30DF21A4EB
RDN/Generic PUP.x!cs3!AD08D95AF5C9
RDN/Spybot.bfr!o!C02E40ECCBB7
RDN/Generic.hra!AF18CD376414
Generic.bfr!0860D291AEE8
RDN/Downloader.gen.a!2FE9084EDDC6
RDN/Generic PWS.y!bck!331E5B7F9E84
RDN/Generic PUP.x!2814302C5BD0
RDN/Generic.bfr!C153E9B64B8B
Generic BackDoor!B891325D4943
RDN/Generic BackDoor!bbk!EA6193E3C38D
RDN/Generic Downloader.x!mk!CDD5682DD30F
W32/PdfCrypt.a!7434B09DB96D
RDN/Generic PWS.y!bcl!1F6F4C449485
RDN/Downloader.gen.a!79C8C2AAAD0C
RDN/Generic.bfr!A6F199B074B2
Generic PUP.x!5ADECE38D036
Generic PUP.x!0600BDE7888C
RDN/Generic PUP.x!1242212DF90F
RDN/Downloader.gen.a!2DCC925310BF
Generic PUP.x!5B695ED1096D
RDN/Generic.hra!732B1E836EF9
DNSChanger.bfr!5B1488BB70A2

Phishing

Vulnerebility

Exploit

13.1.2015

Bugtraq

MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" 2015-01-13
DiÃ©yÇ? (dieyu dieyu org)

[security bulletin] HPSBOV03228 rev.1 - HP OpenVMS running Bash Shell, Remote Code Execution 2015-01-12
security-alert hp com

[Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-13
Peter Lapp (lappsec gmail com)

Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-12
Peter Lapp (lappsec gmail com)

[SECURITY] [DSA 3126-1] php5 security update 2015-01-12
Thijs Kinkhorst (thijs debian org)

Corel Software DLL Hijacking 2015-01-12
CORE Advisories Team (advisories coresecurity com)

CVE-2014-8870: Arbitrary Redirect in Tapatalk Plugin for WoltLab Burning Board 4.0 2015-01-12
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-015] Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0 2015-01-12
RedTeam Pentesting GmbH (release redteam-pentesting de)

[ MDVSA-2015:022 ] wireshark 2015-01-12
security mandriva com

[ MDVSA-2015:021 ] curl 2015-01-12
security mandriva com

[ MDVSA-2015:020 ] libssh 2015-01-12
security mandriva com

ZTE Datacard PCW(Telecom MF180) - Multiple Software Vulnerabilities 2015-01-12
Vulnerability Lab (research vulnerability-lab com)

Heroku API Bug Bounty #1 - Persistent Invitation Vulnerability 2015-01-12
Vulnerability Lab (research vulnerability-lab com)

Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability 2015-01-12
Vulnerability Lab (research vulnerability-lab com)

Blitz CMS Community - SQL Injection Web Vulnerability 2015-01-12
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3125-1] openssl security update 2015-01-11
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3124-1] otrs2 security update 2015-01-10
Salvatore Bonaccorso (carnil debian org)

Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities 2015-01-10
Pietro Oliva (pietroliva gmail com)

[security bulletin] HPSBOV03227 rev.1 - HP SSL for OpenVMS, Remote Disclosure of Information, Denial of Service (DoS) and Other Vulnerabilities 2015-01-10
security-alert hp com

Malware

RDN/Generic PUP.x!crw!D1D32BA67B91
RDN/Generic.bfr!16EA0C625C7E
RDN/Generic PUP.x!D7CFB3230CC8
Generic PUP.x!0438CF026B14
RDN/Generic PUP.x!B47021383155
BrowseFox-FTQ!6F8BAEED194F
RDN/Generic PUP.x!crw!A0D2FBD32F9D
RDN/Generic PUP.x!2B12BBB098DF
RDN/Downloader.gen.a!7C31636FEA7D
RDN/Generic.bfr!2F4136418923
RDN/Generic.bfr!5A88407FBD2A
RDN/Generic.bfr!FEAC61A55E4D
RDN/Generic.bfr!E353F9A01588
Generic.bfr!3066D2040BEB
RDN/Generic.bfr!F2BF05E09080
RDN/Generic.bfr!532B0598C1B8
Generic PUP.x!C68F3453E9E8
RDN/Generic PUP.x!crw!2D7F7519B290
BrowseFox-FTQ!CA98CD3D9758
RDN/Generic PUP.x!crw!D3F00DE77667
RDN/Generic.bfr!ib!322C7F4465EA
RDN/Generic.bfr!11348799E37D
W32/Sdbot.worm!BF50C50AAA04
Generic PUP.x!A46C19BE4DF6
RDN/Downloader.gen.a!73B1D7C909F7
Generic PUP.x!F4E1E6685D86
Generic PUP.x!EAA85004BA5F
Generic.bfr!83B266E98CFA
Generic.bfr!4D5BE97E90A4
Generic.bfr!3135A5B0ED16

Phishing

Vulnerebility

Exploit

9.1.2015

Bugtraq

Recon 2015 Call For Papers - June 19 - 21, 2015 - Montreal, Canada 2015-01-08
root recon cx (root)

[ MDVSA-2015:018 ] asterisk 2015-01-08
security mandriva com

[ MDVSA-2015:017 ] libevent 2015-01-08
security mandriva com

[SECURITY] [DSA 3121-1] file security update 2015-01-08
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2015:016 ] unzip 2015-01-08
security mandriva com

[ MDVSA-2015:015 ] sox 2015-01-08
security mandriva com

[ MDVSA-2015:014 ] libjpeg 2015-01-08
security mandriva com

[ MDVSA-2015:013 ] znc 2015-01-08
security mandriva com

[ MDVSA-2015:012 ] jasper 2015-01-08
security mandriva com

[ MDVSA-2015:011 ] nail 2015-01-08
security mandriva com

[ MDVSA-2015:010 ] file 2015-01-08
security mandriva com

[ MDVSA-2015:009 ] krb5 2015-01-08
security mandriva com

[ MDVSA-2015:008 ] pwgen 2015-01-08
security mandriva com

[ MDVSA-2015:007 ] unrtf 2015-01-08
security mandriva com

[ MDVSA-2015:006 ] mediawiki 2015-01-08
security mandriva com

[security bulletin] HPSBMU03118 rev.3 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2015-01-06
security-alert hp com

[SECURITY] [DSA 3120-1] mantis security update 2015-01-06
Moritz Muehlenhoff (jmm debian org)

Brother MFC Administration Reflected Cross-Site Scripting 2015-01-07
vulns dionach com

Self-XSS in Microsoft Dynamics CRM 2013 SP1 2015-01-07
High-Tech Bridge Security Research (advisory htbridge com)

Malware

RDN/Generic PUP.x!17D2625B5AC9
Generic PUP.x!5DC4C957B4F0
Generic Downloader.x!42568B493955
Generic PWS.y!687897E3628E
RDN/Generic PWS.y!bc3!13B9317EE3B1
RDN/Generic PUP.x!EA1BB16EA7DF
RDN/Generic.dx!AE90AFF297D3
RDN/Generic Dropper!0222A58692AC
RDN/Generic BackDoor!547C3BE22FF8
RDN/Generic BackDoor!9BDC6DB5FD3E
Generic PUP.x!77840BC0306D
RDN/Generic.bfr!BFC7A0ED9261
Generic.dx!0E7E442074D5
Generic Downloader.x!8AB7FF6A57F6
Generic PUP.x!FB1FD12B66BE
RDN/Generic.bfr!E0068AD24025
RDN/Generic.bfr!hr!3841BDE1178B
Generic Downloader.x!2E77F00244A5
Generic Downloader.x!BDFC9B684D13
RDN/Generic.dx!d2d!0C6194C031A7
RDN/Generic.hra!61CA40317EBF
RDN/Downloader.gen.a!4840140778F6
RDN/Spybot.bfr!0C118F5EDA3A
RDN/Generic BackDoor!bbh!EEA496B99D52
RDN/Generic PUP.x!9E23632CABA5
RDN/Spybot.bfr!382FCE40E0B1
BackDoor-ABF.gen!597EC24410C2
Generic.tfr!03CF3F19B465
RDN/Generic PUP.x!cr3!0C4D5F6A69B7
RDN/Generic PUP.x!62B033472136

Phishing

Vulnerebility

Exploit

Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability

Ntpdc 4.2.6p3 - Local Buffer Overflow

WordPress Shopping Cart 3.0.4 - Unrestricted File Upload

8.1.2015

Bugtraq

[security bulletin] HPSBMU03118 rev.3 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2015-01-06
security-alert hp com

[SECURITY] [DSA 3120-1] mantis security update 2015-01-06
Moritz Muehlenhoff (jmm debian org)

Brother MFC Administration Reflected Cross-Site Scripting 2015-01-07
vulns dionach com

Self-XSS in Microsoft Dynamics CRM 2013 SP1 2015-01-07
High-Tech Bridge Security Research (advisory htbridge com)

ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities 2015-01-06
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2015:005 ] subversion 2015-01-05
security mandriva com

ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities 2015-01-05
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3119-1] libevent security update 2015-01-06
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Generic BackDoor!bbg!D09BD1F3E83D
Generic PUP.x!1522E089F754
Generic PUP.x!DA05B6D461A9
RDN/Downloader.gen.a!64B8E39F167F
RDN/Generic Downloader.x!18D20A383307
Generic PUP.x!0A568899692E
RDN/Generic BackDoor!529268AB92F8
Generic PUP.x!B5326A7E51E1
RDN/Downloader.gen.a!6EC8558146C9
RDN/Generic.dx!E7D426DED48A
RDN/Keylog-Ardamax.dll!EF4A639EEC9F
Generic PUP.x!184DB2FFD21B
Generic PUP.x!58B98EA5B0B7
Generic PUP.x!5239F8B0E4B4
RDN/Generic PUP.x!12AA08B0CF68
RDN/Generic.tfr!DFAAFE04A9AC
RDN/Generic.bfr!44C21E68E1C8
RDN/Generic PUP.x!8FF0AF54F200
Generic PUP.x!76922D5DA973
RDN/Generic PUP.x!626D44FC35CF
RDN/Generic.bfr!ia!11B9380CC0D1
RDN/Generic.bfr!ia!190026AB351F
RDN/Generic PUP.x!crl!069A8AE9DF5F
RDN/Generic.bfr!ia!CD889C85D076
RDN/Generic PUP.x!crl!2776CD400351
Generic PUP.x!E2B8921A8D5F
Generic PUP.x!17FC4B83544C
Generic PUP.x!17C7DB055988
RDN/Generic PUP.x!crl!31A175C81E63
RDN/Generic.dx!B1F0BEB067C7

Phishing

Vulnerebility

Exploit

Microweber CMS 0.95 - SQL Injection

Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure

Sefrengo CMS 1.6.0 - SQL Injection

7.1.2015

Bugtraq

ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities 2015-01-06
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2015:005 ] subversion 2015-01-05
security mandriva com

ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities 2015-01-05
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3119-1] libevent security update 2015-01-06
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2015:001 ] c-icap 2015-01-05
security mandriva com

[ MDVSA-2015:002 ] pcre 2015-01-05
security mandriva com

Open-Xchange Security Advisory 2015-01-05 2015-01-05
Martin Heiland (martin heiland open-xchange com)

Malware

Generic.tfr!29B45B717F15
Generic PUP.x!E7EFC36A5ACA
RDN/Generic BackDoor!bbg!93379282503B
RDN/Generic.bfr!C43A6E2081AB
Trojan-FFMU!202AF72C5E12
Generic PUP.x!5B8C3E2B98B3
Downloader.gen.a!34D4B358FD45
PWS-Lineage!CB3B57D4E7EC
RDN/Generic.dx!D3918BC69E28
Generic PUP.x!2EBF4CE6C1F3
Generic Downloader.x!6A9803D84A70
Generic Downloader.x!22EE967D51DC
Generic Downloader.x!35FD70C36E7B
RDN/Generic BackDoor!bbg!CDDFD11504BF
Generic PUP.x!970D5BD4293E
RDN/Generic Downloader.x!mk!BFC6E4F3252A
Generic PUP.x!DF749FCED5BF
Downloader.gen.a!3EE749F9413A
Generic Downloader.x!5E9C0612C96B
Generic PUP.x!E3D7343EE85C
RDN/Generic Dropper!vw!03ACA684CCB7
RDN/Generic BackDoor!bbg!FE7E192BE55A
RDN/Generic PUP.x!crj!AEB9B09A4619
Generic Downloader.x!290670BB7D61
Generic PUP.x!7A1A1056D789
RDN/Generic PUP.x!C09FB752FDBA
Generic PUP.x!D5634BC0D629
Generic PUP.x!C4883784D04D
RDN/Generic.bfr!B8CC653FD572
Generic Downloader.x!7529A6376647

Phishing

Vulnerebility

Exploit

BulletProof FTP Client BPS Buffer Overflow

AdaptCMS 3.0.3 - Multiple Vulnerabilities

6.1.2015

Bugtraq

ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities 2015-01-05
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3119-1] libevent security update 2015-01-06
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2015:001 ] c-icap 2015-01-05
security mandriva com

[ MDVSA-2015:002 ] pcre 2015-01-05
security mandriva com

Open-Xchange Security Advisory 2015-01-05 2015-01-05
Martin Heiland (martin heiland open-xchange com)

[SECURITY] [DSA 3118-1] strongswan security update 2015-01-05
Yves-Alexis Perez (corsac debian org)

[ MDVSA-2015:003 ] ntp 2015-01-05
security mandriva com

[ MDVSA-2015:004 ] php 2015-01-05
security mandriva com

[The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360 2015-01-04
Pedro Ribeiro (pedrib gmail com)

Malware

Generic PUP.x!F73CB638C4D7
RDN/Generic PUP.x!341801A5C8CE
RDN/Generic.bfr!ia!1F531FD030B8
RDN/Generic PUP.x!cr3!FCCBBFAFC98A
RDN/Ransom!em!54B8C2A2D5D3
RDN/Generic.dx!D6435B228C10
RDN/Generic.dx!D9F905DB6998
Generic PUP.x!B9DC026F222A
RDN/Generic.dx!D784971DD5C1
Generic PUP.x!140EEC1C8D22
Generic PUP.x!8F81BBC0A115
RDN/Generic.dx!D80A7BB7E79F
RDN/Generic.dx!D68AA99BF804
RDN/Generic.dx!D6B7E184CC33
RDN/Generic.dx!D66746DAA259
RDN/Generic PUP.x!248A9E3FE16F
Generic PUP.x!4D82DA8C0EC5
RDN/Generic.bfr!09505DCB5D95
RDN/Generic PUP.x!BD7F2390C539
Generic PUP.x!744C50FC5BCA
Generic PUP.x!7ED93CB79E61
RDN/Ransom!EC09200FF69A
Generic PUP.x!CFE86D81D255
RDN/Generic.dx!D705D2DC049F
RDN/Generic.dx!d2b!DDD1661565DB
Generic PWS.y!8E3F5A209C29
Generic PUP.x!B22D9AB29222
RDN/Generic PUP.x!6AAC829DC6BE
RDN/Generic PUP.x!cr3!27B254B279FB
RDN/Generic.dx!D5FFE883A70F

Phishing

Vulnerebility

Exploit

5.1.2015

Bugtraq

[The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360 2015-01-04
Pedro Ribeiro (pedrib gmail com)

[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

[KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

Malware

Generic Downloader.x!76806064621B
RDN/Generic PUP.x!cr3!05B92CEA4205
Downloader.gen.a!D723DD899F75
Generic PUP.x!944099CE2FEC
Generic PUP.x!5006BDA2B0BE
Generic Dropper!94FE4D1D206F
Generic PUP.x!ADB7AE3A2C57
Generic PUP.x!2DFF5A78BD88
Downloader.gen.a!53A3F1280877
Downloader.gen.a!5C45964EB7CD
Downloader.gen.a!71C8E867E4BC
Downloader.gen.a!EB99741C5542
Generic PUP.x!4DF2CE548554
Generic PUP.x!1CB8ABBB9754
Generic PUP.x!BB1AB2FC292C
Generic PUP.x!5B9519D6D561
Downloader.gen.a!77601E8EFFB9
RDN/Generic PUP.x!cr3!C0C5DF53C17C
RDN/Generic PUP.x!cr3!B983D74C660E
RDN/Generic.dx!E02D2763244E
RDN/Generic.dx!950DB26E5BE3
PWSZbot-FIA!09ACFA7175AC
Generic PUP.x!5B69539A1C14
RDN/Generic.dx!6EC5E3A9D546
Generic PUP.x!1B96E44DE802
RDN/Ransom!em!CB2058251928
RDN/Generic PUP.x!cr3!F622E82D5BA5
Generic PUP.x!C7EF0C4E032A
RDN/Generic PUP.x!3FCE706FC5BF
RDN/Generic PUP.x!cr3!7CE94C3A5457

Phishing

Vulnerebility

Exploit

ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution

Crea8Social 2.0 - XSS Change Interface

1.1.2015

Bugtraq

[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

[KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

[KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)

[SECURITY] [DSA 3117-1] php5 security update 2014-12-31
Salvatore Bonaccorso (carnil debian org)

[The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central 2014-12-31
Pedro Ribeiro (pedrib gmail com)

Defense in depth -- the Microsoft way (part 26): "Set Program Access and Computer Defaults" hides applications like Outlook 2014-12-30
Stefan Kanthak (stefan kanthak nexgo de)

ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability 2014-12-30
Security Alert (Security_Alert emc com)

ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability 2014-12-30
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3116-1] polarssl security update 2014-12-30
Moritz Muehlenhoff (jmm debian org)

Remote Code Execution via Unauthorised File upload in Cforms 14.7 2014-12-29
z fedotkin infosec ru

[SECURITY] [DSA 3115-1] pyyaml security update 2014-12-29
Moritz Muehlenhoff (jmm debian org)

Malware

W32/Spybot.bfr!B1E0B757538E
RDN/Generic.bfr!ia!C45120DA9266
Generic PUP.x!13EC92963563
Generic PUP.x!F5A6F138B821
RDN/Generic PUP.x!crd!3E49CC68D48B
RDN/Generic.tfr!35E33D0284D7
RDN/Generic PUP.x!crd!D90AC34126B0
RDN/Generic PUP.x!crd!3D9EF3B646E0
RDN/Generic PUP.x!5ED8AF97D018
Downloader.gen.a!CFEF6FC0D0BD
Generic PUP.x!09672B48778B
RDN/Generic.bfr!ia!DF91B75339B1
RDN/Generic PUP.x!crd!9AEF5D6D3DD5
RDN/Generic.bfr!ia!966D59C28531
Generic PUP.x!96A5F0D2D146
RDN/Generic PUP.x!B35F6240EA7C
RDN/Generic PUP.x!crd!6A79D8F9709B
RDN/Generic PUP.x!crd!BF5271733B9D
DNSChanger.bfr!0860CD8ED7DB
RDN/Generic PUP.x!crd!CB37D6BF141A
RDN/Generic PUP.x!crd!D8E1CB9C10CA
Generic PUP.x!973DCBA02BB2
Generic PUP.z!6230E73B081B
RDN/Generic PUP.x!crd!7FE47033E13A
RDN/Generic PUP.x!crd!66B5719587DD
RDN/Generic PUP.x!crd!08561B026E49
RDN/Generic Downloader.x!mg!1A84B52259DD
RDN/Generic.bfr!ia!21A783BB5E55
RDN/Generic.dx!dh3!69DD833D040B
RDN/Generic.bfr!ia!243FE2C3905A

Phishing

Vulnerebility

Exploit

Windows 8.1 (32/64 bit) - Privilege Escalation (ahcache.sys/NtApphelpCacheControl)

ProjectSend Arbitrary File Upload

Social Microblogging PRO 1.5 Stored XSS Vulnerability