Databáze Hot News 2013-  2020  2019  2018  2017  2016  2015  2014  2013 

Hot News  Alert  APT  Attacks  Bugtraq  CERT  Crime  Cryptocurrency  Exploit  Hacking  ICS  IDS/IPS  Incident  Malware  Operation  Phishing  Ransom  SANS  Vulnerebility


2013 January February March April May June July August September October November December  


12.12.2013

Bugtraq

CORE-2013-0807 - Divide Error in Windows Kernel 2013-12-11
CORE Advisories Team (advisories coresecurity com) (1 replies)

Re: CORE-2013-0807 - Divide Error in Windows Kernel 2013-12-11
CORE Advisories Team (advisories coresecurity com)

ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities 2013-12-11
Security Alert (Security_Alert emc com)

[SOJOBO-ADV-13-05] - Vtiger 5.4.0 Reflected Cross Site Scripting 2013-12-11
advisories enkomio com

FlashCanvas 1.5 proxy.php XSS Vulnerability 2013-12-11
code 7elements co uk

Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities 2013-12-11
Vulnerability Lab (research vulnerability-lab com)

SQL Injection in InstantCMS 2013-12-11
High-Tech Bridge Security Research (advisory htbridge com)

Android Fragment Injection vulnerability 2013-12-10
Roee Hay (roeeh il ibm com)

[security bulletin] HPSBPI02945 rev.1 - HP Officejet Pro 8500 (A909) All-in-One Printer, Cross-Site Scripting (XSS) 2013-12-10
security-alert hp com

CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability 2013-12-10
CORE Advisories Team (advisories coresecurity com)

[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com

[security bulletin] HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com

LiveZilla 5.1.1.0 Stored XSS in operator clients 2013-12-10
zoczus gmail com

Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities 2013-12-10
Vulnerability Lab (research vulnerability-lab com)

EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution 2013-12-10
nospam gmail it

[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application 2013-12-10
Daniel Wood (daniel wood owasp org)

Malware

RDN/Generic.dx!c2t!E2371BD49040

RDN/Generic PUP.x!b2u!5AB2B784E6DC

Generic PUP.x!0205CFA2B03C

RDN/Generic PWS.y!wl!FAB06F03AFDB

Generic PUP.x!A7D87D9348D1

Generic PUP.x!CD82FE51A89F

Generic PUP.x!7D71309AC99A

Generic PUP.x!DDC48EC3B486

RDN/Generic PUP.x!b2u!5AB1AC601775

Generic PUP.x!C4222555B389

RDN/Generic PUP.x!852F59E3739A

RDN/Generic PUP.x!b2u!5AA97EA698D8

Generic PUP.x!41F9F29C394D

Generic PUP.x!C38CE01E1665

RDN/Generic PUP.x!b2u!5AACF8923CAA

RDN/Generic PUP.x!3A01D25280B5

RDN/Generic PUP.x!b2u!FFC0454E738D

Generic PUP.x!663FC91CBA2B

Generic PUP.x!CD72784B0BEB

Generic PUP.x!5AB31AFBE7ED

RDN/Generic PUP.x!A102F55D197D

Generic PUP.x!B68A36CF29F6

Generic PUP.x!77A310C27A52

RDN/Generic.dx!c2t!34443CE7466B

RDN/Generic PUP.x!b2u!5AA8E8553C4C

Generic PUP.x!1FDA5EACFA3A

RDN/Generic.dx!c2t!7ECC6294E429

Generic PUP.x!1158BC940088

RDN/Generic PUP.x!458DFC8AD931

Generic PUP.x!F139F4F7E5FE

Phishing

DigitalBankingService

11th December 2013

Your RBS Card has been blocked

USAA

10th December 2013

Please Update your Usaa.com
Account

USAA

9th December 2013

Please Update your Usaa.com
Account

Bank of America

9th December 2013

your Bank of America Billing
Information records are out of
date.

Vulnerebility

TYPO3 Extbase 'errorAction' Method Cross Site Scripting Vulnerability
2013-12-12
http://www.securityfocus.com/bid/64239

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-5058 Local Denial of Service Vulnerability
2013-12-12
http://www.securityfocus.com/bid/64091

Adobe ColdFusion CVE-2013-0632 Authentication Bypass Vulnerability
2013-12-12
http://www.securityfocus.com/bid/57330

OpenSSH CVE-2010-5107 Denial of Service Vulnerability
2013-12-12
http://www.securityfocus.com/bid/58162

Linux Kernel TCP Sequence Number Generation Security Weakness
2013-12-12
http://www.securityfocus.com/bid/49289

Cisco DPR2320R2 Wireless Router Multiple Cross Site Request Forgery Vulnerabilities
2013-12-12
http://www.securityfocus.com/bid/64053

Xen CVE-2013-4368 Information Disclosure Vulnerability
2013-12-12
http://www.securityfocus.com/bid/62935

Xen Page Reference Counting CVE-2013-1432 Denial of Service Vulnerability
2013-12-12
http://www.securityfocus.com/bid/60799

Xen QEMU CVE-2013-4375 Denial of Service Vulnerability
2013-12-12
http://www.securityfocus.com/bid/62934

Xen OXenstored CVE-2013-4416 Denial of Service Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63404

Xen CVE-2013-4361 Information Disclosure Vulnerability
2013-12-12
http://www.securityfocus.com/bid/62710

Xen CVE-2013-4371 Use After Free Remote Denial of Service Vulnerability
2013-12-12
http://www.securityfocus.com/bid/62932

Xen CVE-2013-4369 NULL pointer Dereference Remote Denial of Service Vulnerability
2013-12-12
http://www.securityfocus.com/bid/62931

Xen 'xc_vcpu_getaffinity()' Function Heap Memory Corruption Vulnerability
2013-12-12
http://www.securityfocus.com/bid/62930

Xen CVE-2013-1442 Information Disclosure Vulnerability
2013-12-12
http://www.securityfocus.com/bid/62630

Xen CVE-2013-4355 Information Disclosure Vulnerability
2013-12-12
http://www.securityfocus.com/bid/62708

RETIRED: Avira Secure Backup CVE-2013-6356 Local Buffer Overflow Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63765

PHP 'ext/soap/php_xml.c' Multiple Arbitrary File Disclosure Vulnerabilities
2013-12-12
http://www.securityfocus.com/bid/58766

PHP '_php_stream_scandir()' Buffer Overflow Vulnerability
2013-12-12
http://www.securityfocus.com/bid/54638

PHP 'header()' HTTP Header Injection Vulnerability
2013-12-12
http://www.securityfocus.com/bid/55297

InstantCMS 'orderby' Parameter SQL Injection Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63842

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63148

Oracle Java SE CVE-2013-5819 Remote Security Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63141

Oracle Java SE CVE-2013-5824 Remote Security Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63139

Linux Kernel CVE-2013-4299 Information Disclosure Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63183

Oracle Java SE CVE-2013-5784 Remote Security Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63098

Oracle Java SE CVE-2013-5820 Remote Security Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63133

Linux Kernel CVE-2013-4470 Multiple Local Memory Corruption Vulnerabilities
2013-12-12
http://www.securityfocus.com/bid/63359

Oracle Java SE CVE-2013-5814 Remote Security Vulnerability
2013-12-12
http://www.securityfocus.com/bid/63143

Exploit

  Adobe ColdFusion 9 - Administrative Login Bypass

  HP LoadRunner EmulationAdmin - Web Service Directory Traversal

  EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet RCE

  vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection

  eFront v3.6.14 (build 18012) - Stored XSS in Multiple Parameters

  Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities

  IcoFX 2.5.0.0 (.ico) - Buffer Overflow Vulnerability

11.12.2013

Bugtraq

Android Fragment Injection vulnerability 2013-12-10
Roee Hay (roeeh il ibm com)

[security bulletin] HPSBPI02945 rev.1 - HP Officejet Pro 8500 (A909) All-in-One Printer, Cross-Site Scripting (XSS) 2013-12-10
security-alert hp com

CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability 2013-12-10
CORE Advisories Team (advisories coresecurity com)

[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com

[security bulletin] HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com

LiveZilla 5.1.1.0 Stored XSS in operator clients 2013-12-10
zoczus gmail com

Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities 2013-12-10
Vulnerability Lab (research vulnerability-lab com)

EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution 2013-12-10
nospam gmail it

[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application 2013-12-10
Daniel Wood (daniel wood owasp org)

[SECURITY] [DSA 2815-1] munin security update 2013-12-09
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2813-1] gimp security update 2013-12-09
Moritz Muehlenhoff (jmm debian org)

Vulnerabilities in Apache Solr < 4.6.0 2013-12-09
Nicolas Grégoire (nicolas gregoire agarri fr)

[SECURITY] [DSA 2814-1] varnish security update 2013-12-09
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2812-1] samba security update 2013-12-09
Moritz Muehlenhoff (jmm debian org)

Print n Share v5.5 iOS - Multiple Web Vulnerabilities 2013-12-09
Vulnerability Lab (research vulnerability-lab com)

LiveZilla 5.1.0.0 Reflected XSS in translations 2013-12-08
zoczus gmail com

[SECURITY] [DSA 2811-1] chromium-browser security update 2013-12-08
Michael Gilbert (mgilbert debian org)

Opencart Multiple Vulnerabilities 2013-12-06
trueend5 yahoo com

[slackware-security] hplip (SSA:2013-339-04) 2013-12-06
Slackware Security Team (security slackware com)

[slackware-security] seamonkey (SSA:2013-339-03) 2013-12-06
Slackware Security Team (security slackware com)

[slackware-security] mozilla-thunderbird (SSA:2013-339-02) 2013-12-06
Slackware Security Team (security slackware com)

[slackware-security] mozilla-nss (SSA:2013-339-01) 2013-12-06
Slackware Security Team (security slackware com)

ESA-2013-080: RSA Security Analytics Multiple Vulnerabilities 2013-12-04
Security Alert (Security_Alert emc com)

NEW VMSA-2013-0015 VMware ESX updates to third party libraries 2013-12-06
Edward Hawkins (security vmware com)

[KIS-2013-10] openSIS <= 5.2 (ajax.php) PHP Code Injection Vulnerability 2013-12-05
Egidio Romano (research karmainsecurity com)

Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities 2013-12-05
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic.dx!442299583D6B

Generic PUP.x!3C322D39C64C

Generic.bfr!92C5B9C6C25B

RDN/Generic Qhost!F4A2F4BBBB20

RDN/Generic PUP.x!EFA160727696

RDN/Generic PUP.x!AC3EFA3871FE

RDN/Generic PUP.x!3DF32A17E3FD

RDN/Generic PUP.x!16CA5C880283

RDN/Generic PUP.x!D44D7934EFAB

RDN/Generic PUP.x!027654543518

RDN/Generic PUP.x!312BA37A5ABF

RDN/Generic PUP.x!D636036C0CAA

RDN/Generic.bfr!D5DA1C173E31

RDN/Generic PUP.x!4C7AF4D6C9B9

RDN/Generic PUP.x!4F0D842DC946

RDN/Generic PUP.x!B4F0AE315444

RDN/Generic PUP.x!8B7641CD7491

RDN/Generic BackDoor!vq!36B44890EC5B

RDN/Generic PUP.x!9B7A3703448B

RDN/Generic PUP.x!990B93FF4B17

RDN/Generic PUP.x!F921EBB55ED8

RDN/Generic PUP.x!75DA465F1EB0

RDN/Generic PUP.x!7E97855A7E2B

RDN/Generic PUP.x!FE1E34652A7B

RDN/Generic PUP.x!A344DDD4102F

RDN/Generic PUP.x!29A333ECA5BC

RDN/Generic PUP.x!F20A281E943F

RDN/Generic PUP.x!AA99670A8CC1

RDN/Generic PUP.x!F919C6CDCCE8

RDN/Generic PUP.x!2E79D4355139

Phishing

th December 2013

your Bank of America Billing
Information records are out of
date.

Paypal UK

9th December 2013

ERRORS WERE DETECTED ON YOUR
ACCOUNT (FIX NOW)

Financial Services Authority

9th December 2013

New e-Document arrived

Wellsfargo

9th December 2013

YEAR END ONLINE BANKING UPDATE

APPLE

8th December 2013

Please confirm your apple
acocunt information Date: Sun,
8 Dec 2013 02:59:01 +0200
MIME-Version: 1.0

Virgin Media Profile Updat

7th December 2013

VIRGIN MEDIA UPDATE

MINT

7th December 2013

YOUR MINT CARD IMPORTANT
NOTIFICATION.

Vulnerebility

Ruby Floating Point Parsing Heap Buffer Overflow Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63873

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63676

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63802

libjpeg-turbo CVE-2013-6630 Memory Corruption Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63679

PHP '_php_stream_scandir()' Buffer Overflow Vulnerability
2013-12-11
http://www.securityfocus.com/bid/54638

PHP 'ext/soap/php_xml.c' Multiple Arbitrary File Disclosure Vulnerabilities
2013-12-11
http://www.securityfocus.com/bid/58766

Xen CVE-2013-4553 Remote Denial of Service Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63933

Linux Kernel CVE-2013-6405 Memory Leak Multiple Local Information Disclosure Vulnerabilities
2013-12-11
http://www.securityfocus.com/bid/63999

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2013-12-11
http://www.securityfocus.com/bid/58796

Mozilla Network Security Services CVE-2013-5606 Certificate Validation Security Bypass Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63737

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63736

Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63738

Ganglia Web 'get_context.php' Cross Site Scripting Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63921

Xen 'dma_pte_clear_one()' Function Local Privilege Escalation Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63830

Xen 'hvm_do_hypercall()' Function Local Privilege Escalation Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63931

Symfony Password Hash Denial Of Service Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63005

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
2013-12-11
http://www.securityfocus.com/bid/57702

IBM InfoSphere Information Server Web Console Interface Clickjacking Vulnerability
2013-12-11
http://www.securityfocus.com/bid/62767

IBM InfoSphere Information Server CVE-2013-4067 Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/62768

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-12-11
http://www.securityfocus.com/bid/57778

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-12-11
http://www.securityfocus.com/bid/61310

Oracle Java SE CVE-2013-5772 Remote Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63089

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5823 Remote Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63110

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
2013-12-11
http://www.securityfocus.com/bid/56071

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2013-12-11
http://www.securityfocus.com/bid/63151

Exploit

PlaySMS <= 0.9.9.2 - CSRF

6.12.2013

Bugtraq

[PT-2013-63] Hash Length Extension in HTMLPurifier 2013-12-04
noreply ptsecurity com

NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
\VMware Security Response Center\ (security vmware com)

bugs in IJG jpeg6b & libjpeg-turbo 2013-12-04
Michal Zalewski (lcamtuf coredump cx)

[SECURITY] [DSA 2808-1] openjpeg security update 2013-12-03
Raphael Geissert (geissert debian org)

Malware

Generic.bfr!82986EEBE29B

Generic PUP.x!818698869C9D

RDN/Generic PUP.x!9F809C867BEA

RDN/Generic PUP.x!b2k!5681B913AA62

RDN/Generic PUP.x!110B508EB457

RDN/Generic Qhost!l!EF760468CACA

RDN/Generic PUP.x!b2k!FAF0DDE0E8E6

Generic PUP.x!371B3943B509

Generic.bfr!9DFF50564D16

Generic PUP.x!FF8A23074BC1

Generic PUP.x!C1F348BA5A2D

Generic PUP.x!AB5BC0042135

RDN/Generic PUP.x!D670348685EE

Generic PUP.x!20EE3E18B4C0

RDN/Generic PUP.x!D6B94F936AD1

RDN/Generic PUP.x!b2k!A35CDC4F7FEF

PWS-Zbot!5EC47A18E323

RDN/Generic BackDoor!vn!235D35074387

RDN/Generic PUP.x!b2k!FA5F4183D6FE

RDN/Generic PUP.x!b2k!70F8C2B83DDE

RDN/Generic PUP.x!b2k!7A87BE14DF1B

RDN/Generic PUP.x!b2k!9579116DDD6B

Generic PUP.x!E5335783A4B4

Phishing

Š 2013 Aol Email Service

5th December 2013

ACCOUNT UPDATE (2013)

MBNA

5th December 2013

Urgent Update Required

eBay

5th December 2013

EBAY CUSTOMER SUPPORT MADE A
DECISION

LLOYDS BANK REWARD

4th December 2013

Lloyds Bank - 35% cashback
rewards you

Chase

4th December 2013

New Message From Chase Bank
Online (SM)

Tesco

4th December 2013

TESCO REWARDS YOU!

Vulnerebility

Twibright Labs links2 CVE-2013-6050 Integer Overflow Vulnerability
2013-12-06
http://www.securityfocus.com/bid/64056

OWASP ESAPI CVE-2013-5960 Authentication Bypass Vulnerability
2013-12-06
http://www.securityfocus.com/bid/62786

Multiple Vivotek IP Cameras CVE-2013-4985 Remote Authentication Bypass Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63541

OWASP ESAPI CBC Mode HMAC Authentication Bypass Vulnerability
2013-12-06
http://www.securityfocus.com/bid/62415

Kaseya 'SystemTab/UploadImage.asp' Arbitrary File Upload Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63782

Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63971

Cisco IOS XE Software MPLS Packet Handling Denial of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63979

Cisco ASA Software CVE-2013-6696 Denial of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/64037

Monitorix HTTP Server 'handle_request()' Session Fixation and Cross Site Scripting Vulnerabilities
2013-12-06
http://www.securityfocus.com/bid/63913

GIMP XWD File Handling Buffer Overflow Vulnerability
2013-12-06
http://www.securityfocus.com/bid/56647

Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2013-12-06
http://www.securityfocus.com/bid/64002

Ruby Gem Sprout 'unpack_zip()' Function Remote Command Injection Vulnerability
2013-12-06
http://www.securityfocus.com/bid/64047

phpThumb 'phpThumb.php' Arbitrary File Upload Vulnerability
2013-12-06
http://www.securityfocus.com/bid/64041

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63983

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63736

Mozilla Network Security Services CVE-2013-5606 Certificate Validation Security Bypass Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63737

Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63738

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63802

MIT Kerberos 5 KDC 'do_tgs_req.c' Remote Denial of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63832

MIT Kerberos 5 'setup_server_realm()' Function CVE-2013-1418 Remote Denial of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/63555

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-12-06
http://www.securityfocus.com/bid/57778

OpenSSL S/MIME Header Processing Null Pointer Dereference Denial Of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/52764

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
2013-12-06
http://www.securityfocus.com/bid/53158

OpenSSL CVE-2012-2686 Remote Denial of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/57755

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/60268

OpenSSL DTLS CVE-2012-2333 Remote Denial of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/53476

OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
2013-12-06
http://www.securityfocus.com/bid/52428

OpenSSL ASN.1 S/MIME Header Processing Null Pointer Dereference Denial Of Service Vulnerability
2013-12-06
http://www.securityfocus.com/bid/52181

OpenSSL ECDSA Timing Attack Local Information Disclosure Vulnerability
2013-12-06
http://www.securityfocus.com/bid/47888

Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
2013-12-06
http://www.securityfocus.com/bid/37368

Exploit

   Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities

  Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability (0Day)

  Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities

5.12.2013

Bugtraq

[PT-2013-63] Hash Length Extension in HTMLPurifier 2013-12-04
noreply ptsecurity com

NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
\VMware Security Response Center\ (security vmware com)

bugs in IJG jpeg6b & libjpeg-turbo 2013-12-04
Michal Zalewski (lcamtuf coredump cx)

Malware

Generic.bfr!986F4DFCD563

RDN/Generic BackDoor!vm!A51FC455C505

RDN/Generic BackDoor!vm!F41A36A6DE19

Generic Downloader.x!10893AD8A1D0

Generic.bfr!EC5D4B5B3BEE

Generic PUP.x!F59BA0FA8913

RDN/PWS-LegMir!23C59399493C

RDN/Generic.bfr!FA5C4A4322ED

RDN/Downloader.a!oe!EC3DD30700F4

Downloader.gen.a!118228DB7BB1

Generic.bfr!208231CB08DB

Generic PUP.x!E3696F986C4B

Generic PUP.x!9EBFA84AB184

Generic PUP.x!8A671F74198F

RDN/Generic BackDoor!vm!350F57023717

RDN/Generic.bfr!fj!D4DBEC5E56EB

Generic.bfr!F23BBF8575B7

Generic Downloader.x!F2B5F740AF1B

Generic.bfr!1F0FD432B89F

Generic PUP.x!F57EDBA5A34C

Generic Downloader.x!0645E0B152F2

Generic.bfr!516758D5A813

RDN/Generic Dropper!3CDF5CFB2593

Generic PUP.x!818F2868D546

Generic.bfr!76B622A52DAD

Generic.bfr!DB32E96327D0

RDN/Generic PUP.x!b2h!B71BE1E12821

Generic.bfr!17A8AEC73717

Generic.bfr!D663010FAA8B

Phishing

LLOYDS BANK REWARD

4th December 2013

Lloyds Bank - 35% cashback
rewards you

Chase

4th December 2013

New Message From Chase Bank
Online (SM)

Tesco

4th December 2013

TESCO REWARDS YOU!

NatWest Credit Cards Online

3rd December 2013

[SUSPICIOUS MESSAGE] Credit
Card Online Payment Confirmed
- NatWest

Vulnerebility

Twibright Labs links2 CVE-2013-6050 Integer Overflow Vulnerability
2013-12-05
http://www.securityfocus.com/bid/64056

OWASP ESAPI CVE-2013-5960 Authentication Bypass Vulnerability
2013-12-05
http://www.securityfocus.com/bid/62786

Multiple Vivotek IP Cameras CVE-2013-4985 Remote Authentication Bypass Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63541

OWASP ESAPI CBC Mode HMAC Authentication Bypass Vulnerability
2013-12-05
http://www.securityfocus.com/bid/62415

Kaseya 'SystemTab/UploadImage.asp' Arbitrary File Upload Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63782

Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63971

Cisco IOS XE Software MPLS Packet Handling Denial of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63979

Cisco ASA Software CVE-2013-6696 Denial of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/64037

Monitorix HTTP Server 'handle_request()' Session Fixation and Cross Site Scripting Vulnerabilities
2013-12-05
http://www.securityfocus.com/bid/63913

GIMP XWD File Handling Buffer Overflow Vulnerability
2013-12-05
http://www.securityfocus.com/bid/56647

Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2013-12-05
http://www.securityfocus.com/bid/64002

Ruby Gem Sprout 'unpack_zip()' Function Remote Command Injection Vulnerability
2013-12-05
http://www.securityfocus.com/bid/64047

phpThumb 'phpThumb.php' Arbitrary File Upload Vulnerability
2013-12-05
http://www.securityfocus.com/bid/64041

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63983

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63736

Mozilla Network Security Services CVE-2013-5606 Certificate Validation Security Bypass Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63737

Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63738

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63802

MIT Kerberos 5 KDC 'do_tgs_req.c' Remote Denial of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63832

MIT Kerberos 5 'setup_server_realm()' Function CVE-2013-1418 Remote Denial of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/63555

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-12-05
http://www.securityfocus.com/bid/57778

OpenSSL S/MIME Header Processing Null Pointer Dereference Denial Of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/52764

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
2013-12-05
http://www.securityfocus.com/bid/53158

OpenSSL CVE-2012-2686 Remote Denial of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/57755

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/60268

OpenSSL DTLS CVE-2012-2333 Remote Denial of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/53476

OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
2013-12-05
http://www.securityfocus.com/bid/52428

OpenSSL ASN.1 S/MIME Header Processing Null Pointer Dereference Denial Of Service Vulnerability
2013-12-05
http://www.securityfocus.com/bid/52181

OpenSSL ECDSA Timing Attack Local Information Disclosure Vulnerability
2013-12-05
http://www.securityfocus.com/bid/47888

Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
2013-12-05
http://www.securityfocus.com/bid/37368

Exploit

MySQL 5.0.x IF Query Handling Remote Denial Of Service Vulnerability

4.12.2013

Bugtraq

NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
\VMware Security Response Center\ (security vmware com)

bugs in IJG jpeg6b & libjpeg-turbo 2013-12-04
Michal Zalewski (lcamtuf coredump cx)

[SECURITY] [DSA 2808-1] openjpeg security update 2013-12-03
Raphael Geissert (geissert debian org)

Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). 2013-12-02
ScripT setInterval\(function\(\){for\( \){alert\('fixme'\)} } 10\) /scRIpt (tytusromekiatomek inbox com)

D-Link DIR-XXX remote root access exploit. 2013-12-02
ScripT setInterval\(function\(\){for\( \){alert\('fixme'\)} } 10\) /scRIpt (tytusromekiatomek inbox com)

Malware

Generic PUP.x!600892C29424

RDN/Generic Dropper!sm!2B4AF82E2FE5

RDN/Generic BackDoor!D1805079B1C0

Generic PUP.x!5A2827CFDCEE

Generic PUP.x!B7076522D78A

RDN/Generic PWS.y!wh!39939CB7CE15

RDN/PWS-Banker!cw!305D999FF37F

BackDoor-DKA!DDC2EE078D4F

BackDoor-DKA!79CB3EDEF020

BackDoor-DKA!090660944218

BackDoor-DKA!AB46739BE67C

RDN/Ransom!dw!D1ACC649466D

BackDoor-DKA!26A0C66123DC

RDN/Generic PUP.x!b2g!F42A5089BA48

RDN/Generic.dx!c2k!450A855AD379

RDN/Generic PUP.x!b2g!8DF86794356E

RDN/Generic PUP.x!b2g!8BABC1C33650

RDN/Generic PUP.x!b2g!F500D0CDF4C9

RDN/Generic PUP.x!b2g!D5918BB99456

RDN/Generic PUP.x!b2g!F4267472F832

RDN/Generic PUP.x!b2g!F42615C9F962

RDN/Qhost-Gen!bc!24C1C3F802F5

Generic Downloader.x!D63E4C93948F

RDN/Generic PUP.x!b2g!A4A2C9E31BB1

Generic PUP.x!7AFC710AFF02

RDN/PWS-Banker!cw!D49D89523D07

RDN/Generic.bfr!fe!520015E543EA

RDN/Generic PUP.x!b2g!F4267CE1A805

RDN/Generic PUP.x!b2g!949857832725

Phishing

NatWest Credit Cards Online

3rd December 2013

[SUSPICIOUS MESSAGE] Credit
Card Online Payment Confirmed
- NatWest

Yahoo! Mail

3rd December 2013

Validate Your Account

eBay

3rd December 2013

eBay Customer Support made a
decision

Vulnerebility

Kaseya 'SystemTab/UploadImage.asp' Arbitrary File Upload Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63782

Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63971

Twibright Labs links2 CVE-2013-6050 Integer Overflow Vulnerability
2013-12-04
http://www.securityfocus.com/bid/64056

Cisco IOS XE Software MPLS Packet Handling Denial of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63979

Cisco ASA Software CVE-2013-6696 Denial of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/64037

Monitorix HTTP Server 'handle_request()' Session Fixation and Cross Site Scripting Vulnerabilities
2013-12-04
http://www.securityfocus.com/bid/63913

GIMP XWD File Handling Buffer Overflow Vulnerability
2013-12-04
http://www.securityfocus.com/bid/56647

Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2013-12-04
http://www.securityfocus.com/bid/64002

Ruby Gem Sprout 'unpack_zip()' Function Remote Command Injection Vulnerability
2013-12-04
http://www.securityfocus.com/bid/64047

phpThumb 'phpThumb.php' Arbitrary File Upload Vulnerability
2013-12-04
http://www.securityfocus.com/bid/64041

AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63983

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63736

Mozilla Network Security Services CVE-2013-5606 Certificate Validation Security Bypass Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63737

Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63738

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63802

MIT Kerberos 5 KDC 'do_tgs_req.c' Remote Denial of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63832

MIT Kerberos 5 'setup_server_realm()' Function CVE-2013-1418 Remote Denial of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/63555

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-12-04
http://www.securityfocus.com/bid/57778

OpenSSL S/MIME Header Processing Null Pointer Dereference Denial Of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/52764

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
2013-12-04
http://www.securityfocus.com/bid/53158

OpenSSL CVE-2012-2686 Remote Denial of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/57755

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/60268

OpenSSL DTLS CVE-2012-2333 Remote Denial of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/53476

OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
2013-12-04
http://www.securityfocus.com/bid/52428

OpenSSL ASN.1 S/MIME Header Processing Null Pointer Dereference Denial Of Service Vulnerability
2013-12-04
http://www.securityfocus.com/bid/52181

OpenSSL ECDSA Timing Attack Local Information Disclosure Vulnerability
2013-12-04
http://www.securityfocus.com/bid/47888

Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
2013-12-04
http://www.securityfocus.com/bid/37368

NCompress Decompress Buffer Underflow Vulnerability
2013-12-04
http://www.securityfocus.com/bid/19455

BusyBox 'udhcpc' Shell Characters in Response Remote Code Execution Vulnerability
2013-12-04
http://www.securityfocus.com/bid/48879

BusyBox Symlink Attack Local Privilege Escalation Vulnerability
2013-12-04
http://www.securityfocus.com/bid/58249

Exploit

NDPROXY Local SYSTEM Privilege Escalation

3.12.2013

Bugtraq

Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities 2013-12-02
Vulnerability Lab (research vulnerability-lab com)

WorldCIST'14 - Submission deadline: December 7 2013-12-01
WorldCIST (marialemos72 gmail com)

[SECURITY] [DSA 2807-1] links2 security update 2013-11-30
Moritz Muehlenhoff (jmm debian org)

Malware

Generic.bfr!AB8CCD9B630F

RDN/Generic BackDoor!vk!5A397AAC1D8E

W32/Virut.gen!73A5FF3F5A84

RDN/Downloader.a!od!65BAC857068A

RDN/Generic BackDoor!vk!F4438E2B87BC

RDN/Generic Dropper!F8813F808D0A

Generic PUP.x!1942BC94FB6B

RDN/Generic PUP.x!b2f!7C1ADBC4CC38

RDN/Generic Dropper!83D66CBAF54D

Generic.bfr!043CF1444D40

RDN/Generic Dropper!sm!C568F291AFDD

RDN/Generic.bfr!fj!0A8EB5086E74

RDN/Generic.bfr!fj!300B87EE4757

RDN/Generic Dropper!sm!DEB9C4D62C39

RDN/Generic Dropper!CBC25DB774D9

Generic BackDoor!0BB5D7147099

RDN/Generic PUP.x!b2f!B6B2B5F9C8B6

RDN/Generic PUP.x!B515C3F11D11

RDN/Generic Dropper!sm!146ACC4D3A5D

Generic.bfr!387189DA6CE3

Generic.bfr!99FC65A63B1A

RDN/PWS-Banker!4A1B9B6ECF73

RDN/Generic PUP.x!0C5488DD43C6

Downloader-FKW!EE83F4A69265!EE83F4A69265

RDN/Generic PUP.x!b2f!843E87433B07

Generic.bfr!2CCEDA15A39C

RDN/Generic BackDoor!vk!870D2F9000BB

RDN/Generic PUP.x!b2f!E20DB1D49CBD

RDN/Generic PUP.x!b2f!BEE98C96B18A

Phishing

eBay

3rd December 2013

eBay Customer Support made a
decision

NatWest

2nd December 2013

NATWEST CARD ONLINE SERVICE
REVIEW

Santander Online Banking

2nd December 2013

New Security Features

Barclays Bank Plc

2nd December 2013

Additional Security Again
Fraud.

INTERNATIONAL MONETARY FUND (I

2nd December 2013

INTERNATIONAL MONETARY FUND
(IMF)

Vulnerebility

Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
2013-12-03
http://www.securityfocus.com/bid/37368

NCompress Decompress Buffer Underflow Vulnerability
2013-12-03
http://www.securityfocus.com/bid/19455

BusyBox 'udhcpc' Shell Characters in Response Remote Code Execution Vulnerability
2013-12-03
http://www.securityfocus.com/bid/48879

BusyBox Symlink Attack Local Privilege Escalation Vulnerability
2013-12-03
http://www.securityfocus.com/bid/58249

GNU glibc 'nargs' Integer Overflow Security Bypass Vulnerability
2013-12-03
http://www.securityfocus.com/bid/52201

GNU glibc Dynamic Linker '$ORIGIN' Local Privilege Escalation Vulnerability
2013-12-03
http://www.securityfocus.com/bid/44154

'glibc' Library 'locale/programs/locale.c' Local Privilege Escalation Vulnerability
2013-12-03
http://www.securityfocus.com/bid/47370

GNU glibc Timezone Parsing Remote Integer Overflow Vulnerability
2013-12-03
http://www.securityfocus.com/bid/50898

GNU glibc 'fnmatch()' Function Stack Corruption Vulnerability
2013-12-03
http://www.securityfocus.com/bid/46563

GNU glibc 'addmntent()' Mount Helper Local Denial of Service Vulnerability
2013-12-03
http://www.securityfocus.com/bid/46740

Cisco Prime Data Center Network Manager Multiple Remote Command Execution Vulnerabilities
2013-12-03
http://www.securityfocus.com/bid/62484

ClientExec Multiple SQL Injection and Cross Site Scripting Vulnerabilities
2013-12-03
http://www.securityfocus.com/bid/64011

Samba ACL Check Security Bypass Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63646

librsvg XML External Entities CVE-2013-1881 Information Disclosure Vulnerability
2013-12-03
http://www.securityfocus.com/bid/62714

EMC Document Sciences xPression CVE-2013-6177 Unspecified Directory Traversal Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63809

EMC Document Sciences xPression CVE-2013-6175 Multiple HTML Injection Vulnerabilities
2013-12-03
http://www.securityfocus.com/bid/63808

EMC Document Sciences xPression CVE-2013-6174 Unspecified Open Redirection Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63810

EMC Document Sciences xPression CVE-2013-6176 Unspecified SQL Injection Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63806

EMC Document Sciences xPression CVE-2013-6173 Multiple Cross Site Request Forgery Vulnerabilities
2013-12-03
http://www.securityfocus.com/bid/63807

cURL/libcURL SSL Certificate Host Name Validation Security Bypass Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63776

Multiple Vendors 'alpha_auth_check()' Function Remote Authentication Bypass Vulnerability
2013-12-03
http://www.securityfocus.com/bid/62990

Multiple Vendors 'RuntimeDiagnosticPing()' Stack Buffer Overflow Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63234

HP Service Manager and ServiceCenter CVE-2013-4844 Unspecified Remote Code Execution Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63965

Drupal Core Overlay Module Open Redirection Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63843

Drupal Core Image Module HTML Injection Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63848

Drupal Core Color Module Cross Site Scripting Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63847

Drupal 'mt_rand()' Multiple Predictable Random Number Generator Weaknesses
2013-12-03
http://www.securityfocus.com/bid/63840

Drupal Core Multiple Cross Site Request Forgery Vulnerabilities
2013-12-03
http://www.securityfocus.com/bid/63837

Mediawiki CSS Tags CVE-2013-4567 HTML Injection Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63760

Mediawiki CSS Tags CVE-2013-4568 HTML Injection Vulnerability
2013-12-03
http://www.securityfocus.com/bid/63761

Exploit

  Cisco Prime Data Center Network Manager Arbitrary File Upload

  ABB MicroSCADA wserver.exe Remote Code Execution

  Notepad++ Plugin Notepad# 1.5 - Local Exploit

2.12.2013

Bugtraq

[SECURITY] [DSA 2806-1] nbd security update 2013-11-29
Thijs Kinkhorst (thijs debian org)

FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] 2013-11-29
FreeBSD Security Advisories (security-advisories freebsd org)

NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability 2013-11-28
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PWS.y!wg!6B42E9B43B00

RDN/Generic PUP.x!AF271DE8A2D3

Generic PUP.x!C679520E3C44

RDN/Generic PUP.x!2988EA1D6514

RDN/Generic Dropper!95629DD8B481

RDN/Generic PUP.x!b2e!1CCE15AD3CB5

RDN/Generic PUP.x!b2e!2757938A9965

RDN/Generic PUP.x!b2e!86D51585366C

RDN/Generic PUP.x!b2e!B90C846076A0

RDN/Generic PUP.x!b2e!D63B8817FDA7

RDN/Generic PUP.x!b2e!ACD8F11A543E

RDN/Generic Dropper!sl!2CC5005FB07E

Generic PUP.x!ADE558DAC967

RDN/Generic PUP.x!b2e!0E27214DD357

Generic.bfr!2BA872F6E359

Generic PUP.x!40AF2149D175

RDN/Generic PUP.x!b2e!082531D4602E

Generic Downloader.x!36B360DEE87E

Generic.bfr!1C36EF70440A

RDN/Generic PUP.x!b2e!7183E0F50BEB

RDN/Generic PUP.x!b2e!2AD89C6F8A5C

RDN/Generic PUP.x!b2e!47B8FC32B84E

RDN/Generic PUP.x!b2e!114C1CB3BBB9

RDN/Generic PUP.x!b2e!D470CC67F9DE

RDN/Generic Dropper!F85DD9CE100F

Generic PUP.x!8759E49BE198

Generic PUP.x!B8F4DE6CF93F

Generic PUP.x!B9013B047288

RDN/Generic.bfr!5B8472DF5A6C

Phishing

INTERNATIONAL MONETARY FUND (I

2nd December 2013

INTERNATIONAL MONETARY FUND
(IMF)

Joanne Nemia

1st December 2013

Fwd: Important Document

Vulnerebility

Light Alloy '.m3u' File Remote Buffer Overflow Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63895

Nagios XI 'tfPassword' Parameter SQL Injection Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63754

Testa OTMS Multiple SQL Injection Vulnerabilities
2013-12-02
http://www.securityfocus.com/bid/63773

Linux Kernel 'qeth_core_main.c' File Local Buffer Overflow Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63890

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63887

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63886

Jenkins Exclusion Plugin CVE-2013-6373 Unspecified Security Bypass Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63876

ManageEngine DesktopCentral 'AgentLogUploadServlet' Directory Traversal Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63784

Zavio IP Cameras CVE-2013-2570 Command Injection Vulnerability
2013-12-02
http://www.securityfocus.com/bid/60188

Linux Kernel CVE-2012-6545 Multiple Local Information Disclosure Vulnerabilities
2013-12-02
http://www.securityfocus.com/bid/58991

Linux Kernel 'kvm_main.c' Local Denial of Service Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63790

Linux Kernel CVE-2013-4387 Memory Corruption Vulnerability
2013-12-02
http://www.securityfocus.com/bid/62696

Linux Kernel 'mmc_ioctl_cdrom_read_data()' Function Local Information Disclosure Vulnerability
2013-12-02
http://www.securityfocus.com/bid/60375

Linux Kernel '__nfs4_get_acl_uncached()' Function Local Buffer Overflow Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63791

Linux Kernel CVE-2013-4345 Off-By-One Buffer Overflow Vulnerability
2013-12-02
http://www.securityfocus.com/bid/62740

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-12-02
http://www.securityfocus.com/bid/62043

Linux Kernel CVE-2013-3231 Local Information Disclosure Vulnerability
2013-12-02
http://www.securityfocus.com/bid/59390

Linux Kernel CVE-2013-2889 Heap Buffer Overflow Vulnerability
2013-12-02
http://www.securityfocus.com/bid/62042

Linux Kernel CVE-2013-2892 Heap Buffer Overflow Vulnerability
2013-12-02
http://www.securityfocus.com/bid/62049

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2013-12-02
http://www.securityfocus.com/bid/58795

Linux Kernel 'fs/compat_ioctl.c' Information Disclosure Vulnerability
2013-12-02
http://www.securityfocus.com/bid/58906

Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2013-12-02
http://www.securityfocus.com/bid/64002

OpenTTD 'MapSize()' Function Denial Of Service Vulnerability
2013-12-02
http://www.securityfocus.com/bid/64003

Debian adequate '-- user' Option Local Privilege Escalation Vulnerability
2013-12-02
http://www.securityfocus.com/bid/63994

Open Flash Chart 'get-data' Parameter Cross-Site Scripting Vulnerability
2013-12-02
http://www.securityfocus.com/bid/59928

Open Flash Chart 'ofc_upload_image.php' Remote PHP Code Execution Vulnerability
2013-12-02
http://www.securityfocus.com/bid/37314

chuggnutt.com HTML to Plain Text Conversion Remote Code Execution Vulnerability
2013-12-02
http://www.securityfocus.com/bid/32799

Smarty 'SmartyException' Class Cross Site Scripting Vulnerability
2013-12-02
http://www.securityfocus.com/bid/55506

Perl Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
2013-12-02
http://www.securityfocus.com/bid/47766

Google Chrome CVE-2013-6632 Multiple Unspecified Memory Corruption Vulnerabilities
2013-12-02
http://www.securityfocus.com/bid/63729

Exploit

  Wordpress Orange Themes CSRF File Upload Vulnerability

 

  TVT TD-2308SS-B DVR - Directory Traversal Vulnerability

 

  Wordpress Orange Themes CSRF File Upload Vulnerability
 

1.12.2013

Bugtraq

[SECURITY] [DSA 2806-1] nbd security update 2013-11-29
Thijs Kinkhorst (thijs debian org)

FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] 2013-11-29
FreeBSD Security Advisories (security-advisories freebsd org)

NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability 2013-11-28
Vulnerability Lab (research vulnerability-lab com)

RUCKUS ADVISORY ID 10282013 - User authentication bypass vulnerability in Ruckus Access Point's administrative web interface 2013-11-27
Ruckus Product Security Team (security ruckuswireless com)

[SECURITY] [DSA 2805-1] sup-mail security update 2013-11-27
Luciano Bello (luciano debian org)

[HITB-Announce] #HITB2014AMS Call for Papers Now Open 2013-11-27
Hafez Kamal (aphesz hackinthebox org)

SQL Injection in Chamilo LMS 2013-11-27
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in Dokeos 2013-11-27
High-Tech Bridge Security Research (advisory htbridge com)

[security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution 2013-11-26
security-alert hp com

[SECURITY] [DSA 2804-1] drupal7 security update 2013-11-26
Moritz Muehlenhoff (jmm debian org)

Multiple Cross-Site Scripting (XSS) in Claroline 2013-11-27
High-Tech Bridge Security Research (advisory htbridge com)

[ MDVSA-2013:287 ] drupal 2013-11-26
security mandriva com

Malware

RDN/Generic Downloader.x!iy!E2D861DBB6B9

RDN/Generic PUP.x!b2c!7953E09191C9

RDN/Autorun.worm!da!3E4953AC167F

RDN/Generic PUP.x!b2c!78F237CAA053

RDN/Generic PUP.x!b2c!78EFD1474B5C

RDN/Generic PUP.z!dn!1C429D8FA31E

Generic Dropper!107E86C655F3

Generic.bfr!6171ED25BBF3

RDN/Generic PUP.x!2831C5FF7986

RDN/Generic PUP.x!b2c!7915C2755B5B

Generic PUP.x!0C9264ECB366

Generic.bfr!A6A512BCB577

Generic.bfr!1042B955515E

Generic.bfr!A36092F1CC5B

Generic.bfr!4A73B5209687

RDN/Generic PUP.x!b2c!7924ADE455DF

Generic.bfr!27ACAAD4670C

Generic.bfr!6CAF938D077D

Generic.bfr!1F3EB7DF546F

Generic PUP.x!4418621244B5

Generic.bfr!4D1C67414FC7

RDN/Generic PUP.x!b2c!78F7E5BC00B5

Generic.bfr!B4182611C85C

Generic.bfr!E0B8E29B3172

Generic.bfr!032DB266006F

Generic.bfr!5D51370B4E11

FakeAV-Y.bfr!CD4AD0620DC0

RDN/Generic PUP.x!b2c!791F3ED6A729

RDN/Generic.bfr!D5B7E6C91BB3

Phishing

Joanne Nemia

1st December 2013

Fwd: Important Document

Virgin Media Profile Updat

30th November 2013

virgin media Update

PAYPAL

30th November 2013

Your Account Has Been Limited

Natwest Credit Card Online Ser

28th November 2013

You Have 1 New Message

Vulnerebility

Light Alloy '.m3u' File Remote Buffer Overflow Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63895

Nagios XI 'tfPassword' Parameter SQL Injection Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63754

Testa OTMS Multiple SQL Injection Vulnerabilities
2013-12-01
http://www.securityfocus.com/bid/63773

Linux Kernel 'qeth_core_main.c' File Local Buffer Overflow Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63890

Linux Kernel '/drivers/scsi/aacraid/commctrl.c' Pointer Dereference Denial of Service Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63887

Linux Kernel CVE-2013-6378 Local Denial of Service Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63886

Jenkins Exclusion Plugin CVE-2013-6373 Unspecified Security Bypass Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63876

ManageEngine DesktopCentral 'AgentLogUploadServlet' Directory Traversal Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63784

Zavio IP Cameras CVE-2013-2570 Command Injection Vulnerability
2013-12-01
http://www.securityfocus.com/bid/60188

Linux Kernel CVE-2012-6545 Multiple Local Information Disclosure Vulnerabilities
2013-12-01
http://www.securityfocus.com/bid/58991

Linux Kernel 'kvm_main.c' Local Denial of Service Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63790

Linux Kernel CVE-2013-4387 Memory Corruption Vulnerability
2013-12-01
http://www.securityfocus.com/bid/62696

Linux Kernel 'mmc_ioctl_cdrom_read_data()' Function Local Information Disclosure Vulnerability
2013-12-01
http://www.securityfocus.com/bid/60375

Linux Kernel '__nfs4_get_acl_uncached()' Function Local Buffer Overflow Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63791

Linux Kernel CVE-2013-4345 Off-By-One Buffer Overflow Vulnerability
2013-12-01
http://www.securityfocus.com/bid/62740

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-12-01
http://www.securityfocus.com/bid/62043

Linux Kernel CVE-2013-3231 Local Information Disclosure Vulnerability
2013-12-01
http://www.securityfocus.com/bid/59390

Linux Kernel CVE-2013-2889 Heap Buffer Overflow Vulnerability
2013-12-01
http://www.securityfocus.com/bid/62042

Linux Kernel CVE-2013-2892 Heap Buffer Overflow Vulnerability
2013-12-01
http://www.securityfocus.com/bid/62049

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2013-12-01
http://www.securityfocus.com/bid/58795

Linux Kernel 'fs/compat_ioctl.c' Information Disclosure Vulnerability
2013-12-01
http://www.securityfocus.com/bid/58906

Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2013-12-01
http://www.securityfocus.com/bid/64002

OpenTTD 'MapSize()' Function Denial Of Service Vulnerability
2013-12-01
http://www.securityfocus.com/bid/64003

Debian adequate '-- user' Option Local Privilege Escalation Vulnerability
2013-12-01
http://www.securityfocus.com/bid/63994

Open Flash Chart 'get-data' Parameter Cross-Site Scripting Vulnerability
2013-12-01
http://www.securityfocus.com/bid/59928

Open Flash Chart 'ofc_upload_image.php' Remote PHP Code Execution Vulnerability
2013-12-01
http://www.securityfocus.com/bid/37314

chuggnutt.com HTML to Plain Text Conversion Remote Code Execution Vulnerability
2013-12-01
http://www.securityfocus.com/bid/32799

Smarty 'SmartyException' Class Cross Site Scripting Vulnerability
2013-12-01
http://www.securityfocus.com/bid/55506

Perl Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
2013-12-01
http://www.securityfocus.com/bid/47766

Google Chrome CVE-2013-6632 Multiple Unspecified Memory Corruption Vulnerabilities
2013-12-01
http://www.securityfocus.com/bid/63729

Exploit

  TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS

23.11.2013

Bugtraq

Unauthorized console access on Satechi travel router v1.5 2013-11-22
Luc Dore (ldore mailc net)

CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater 2013-11-22
andrew cloudpassage com

[SECURITY] [DSA 2802-1] nginx security update 2013-11-21
Thijs Kinkhorst (thijs debian org)

ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities 2013-11-21
Security Alert (Security_Alert emc com)

DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 2013-11-21
Tony Naggs (tonynaggs gmail com)

[SECURITY] [DSA 2801-1] libhttp-body-perl security update 2013-11-21
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2013:278 ] samba 2013-11-21
security mandriva com

Malware

Adware-Eorezo

Generic.bfr!ECE3F818F159

Generic.bfr!25E1AF4F6913

Generic.dx!607F416EAB2E

Generic.bfr!B712F0B23E0E

Generic PUP.x!13B566957C15

RDN/Generic PUP.x!bn3!25742E9A43E3

Generic PUP.x!D6839E70F8D4

Generic.bfr!1AB02BAFD1C9

Generic.bfr!B8004B19784C

Generic.bfr!140930F7D6C7

Generic PUP.x!701E9F147B5B

Generic PUP.x!19A66E0CD9B0

RDN/Generic Dropper!D03A15184E27

Generic Downloader.x!ED1FD98F6914

Generic PUP.x!186E4446983F

RDN/Generic PUP.x!bn3!509A3EB77BF4

Generic PUP.x!18D5524D2ED3

Generic.bfr!B6DB707F7AC7

RDN/Generic PUP.x!bn3!A6995656A3D6

RDN/Generic PUP.x!bn3!14233794B8FB

RDN/Generic PUP.x!bn3!3CB0929500E4

Generic Downloader.x!B8C57FB46C65

Generic PUP.x!19BC8E91CCEE

Generic PUP.x!1684CD6DBA78

Generic.bfr!17597A39BFD4

RDN/Generic PUP.x!bn3!6F2A7AB13B74

RDN/Generic PUP.x!bn3!3DA4F5FDDAB6

Generic Downloader.x!8EF1A50C6990

RDN/Generic PUP.x!bn3!67C4B5426512

Phishing

Amazon

23rd November 2013

Important - Action Required to
Amazon Account Update

PayPal

22nd November 2013

Your account has been limited
until we hear from you
PP-503-472-F29

YAHOO! ASIA DRAW

22nd November 2013

Yahoo! Asia Winner!

Vulnerebility

Drupal 'mt_rand()' Multiple Predictable Random Number Generator Weaknesses
2013-11-23
http://www.securityfocus.com/bid/63840

Drupal Core Overlay Module Open Redirection Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63843

Drupal Core Color Module Cross Site Scripting Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63847

Drupal Core Multiple Cross Site Request Forgery Vulnerabilities
2013-11-23
http://www.securityfocus.com/bid/63837

Drupal Core Image Module HTML Injection Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63848

memcached Remote Denial of Service Vulnerability
2013-11-23
http://www.securityfocus.com/bid/59567

Oracle Java SE CVE-2013-5850 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63153

Oracle Java SE CVE-2013-5838 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63131

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63148

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63149

Wireshark NBAP Dissector CVE-2013-6337 Denial of Service Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63504

Wireshark SIP Dissector CVE-2013-6338 Denial of Service Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63502

Wireshark ActiveMQ OpenWire Dissector CVE-2013-6339 Denial of Service Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63501

Wireshark IEEE 802.15.4 Dissector CVE-2013-6336 Denial of Service Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63503

Wireshark TCP Dissector CVE-2013-6340 Denial of Service Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63500

Oracle Java SE CVE-2013-5849 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63106

Oracle Java SE CVE-2013-5848 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63124

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63151

Oracle Java SE CVE-2013-5851 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63142

Oracle Java SE CVE-2013-5832 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63158

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2013-5829 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63137

Oracle Java SE CVE-2013-5842 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63150

Oracle Java SE CVE-2013-5831 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63129

Oracle Java SE CVE-2013-5820 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63133

Oracle Java SE CVE-2013-5823 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63110

Oracle Java SE CVE-2013-5819 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63141

Oracle Java SE CVE-2013-5824 Remote Security Vulnerability
2013-11-23
http://www.securityfocus.com/bid/63139

Exploit

Light Alloy 4.7.3 (.m3u) - SEH Buffer Overflow (Unicode)

22.11.2013

Bugtraq

[SECURITY] [DSA 2802-1] nginx security update 2013-11-21
Thijs Kinkhorst (thijs debian org)

ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities 2013-11-21
Security Alert (Security_Alert emc com)

DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 2013-11-21
Tony Naggs (tonynaggs gmail com)

[SECURITY] [DSA 2801-1] libhttp-body-perl security update 2013-11-21
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2013:278 ] samba 2013-11-21
security mandriva com

[ MDVSA-2013:274 ] libjpeg 2013-11-21
security mandriva com

[ MDVSA-2013:276 ] curl 2013-11-21
security mandriva com

Instagram Photo Upload and Flattr Money Redirection Vulnerability 2013-11-21
pfohl rt-solutions de

Facebook Vulnerability Discloses Friends Lists Defined as Private 2013-11-21
qsrc Quotium (qsrc quotium com)

[ MDVSA-2013:277 ] lighttpd 2013-11-21
security mandriva com

[ MDVSA-2013:275 ] krb5 2013-11-21
security mandriva com

[ MDVSA-2013:272 ] poppler 2013-11-21
security mandriva com

[ MDVSA-2013:271 ] pmake 2013-11-21
security mandriva com

[ MDVSA-2013:273 ] libjpeg 2013-11-21
security mandriva com

Malware

Adware-Eorezo

RDN/Downloader.gen.a!F0F25991E6C8

RDN/Generic BackDoor!va!941A38F79F7D

RDN/Spybot.bfr!h!A0AAED80C1DA

Generic PUP.x!E0164F6178D2

Generic PUP.x!08F5CCAF1F94

Generic.bfr!C60C6A0D987D

RDN/Generic BackDoor!va!6200C664C58A

RDN/PWS-Banker!D6D41B88CD6E

Downloader-FWD

Generic Downloader.x!EB6D354F3D36

RDN/Generic BackDoor!uf!7741AA9FB399

Generic PUP.x!4457C187A244

Generic PUP.x!C1DAF2798171

ZeroAccess!288A3AFDA0EB

Generic PUP.x!E230347BCC16

Generic.bfr!543958ACD986

Generic PUP.x!26A045312A42

Generic Downloader.x!E66FAC67E0E6

Generic Downloader.x!FD0E500C22FC

Generic PUP.x!0147D4829C1C

Generic PUP.x!0BEF1D43D4E0

Generic PUP.x!EA64484540FF

Generic PUP.x!185239D49DB5

Generic PUP.x!FA3034423555

FakeAV-M.bfr!B42CC8EC08BC

Generic PUP.x!76819794D569

Generic PUP.x!FE0267C2DBA7

Generic PUP.x!5443C717B9B8

RDN/Generic.bfr!fi!6102209FCEF6

Phishing

Barclays Bank PLC

21st November 2013

YOU HAVE ONE UNREAD MESSAGE

Natwest

20th November 2013

Important NatWest Notice

Earthlink

20th November 2013

ACTION REQUIRED: EarthLink
Account Update

Vulnerebility

Cisco IOS MLDP CVE-2013-6693 Remote Denial of Service Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63860

JBoss Enterprise Application Platform CVE-2011-2487 Information Disclosure Vulnerability
2013-11-22
http://www.securityfocus.com/bid/57549

Google Chrome CVE-2013-6632 Multiple Unspecified Memory Corruption Vulnerabilities
2013-11-22
http://www.securityfocus.com/bid/63729

Linux Kernel CVE-2013-4299 Information Disclosure Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63183

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/58795

Linux Kernel CVE-2013-4345 Off-By-One Buffer Overflow Vulnerability
2013-11-22
http://www.securityfocus.com/bid/62740

Xen CVE-2013-4368 Information Disclosure Vulnerability
2013-11-22
http://www.securityfocus.com/bid/62935

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63102

Oracle Java SE CVE-2013-5817 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63146

Oracle Java SE CVE-2013-5851 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63142

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63103

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63154

MIT Kerberos 5 'setup_server_realm()' Function CVE-2013-1418 Remote Denial of Service Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63555

Perl CGI.pm 'Set-Cookie' and 'P3P' Headers HTTP Header Injection Vulnerability
2013-11-22
http://www.securityfocus.com/bid/56562

Perl CVE-2013-1667 Input Rehashing Denial of Service Vulnerability
2013-11-22
http://www.securityfocus.com/bid/58311

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63802

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2013-11-22
http://www.securityfocus.com/bid/58796

Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63738

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63736

Oracle Java SE CVE-2013-5838 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63131

Oracle Java SE CVE-2013-5800 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63111

Samba ACL Check Security Bypass Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63646

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-11-22
http://www.securityfocus.com/bid/61310

Oracle Java SE CVE-2013-5849 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63106

Oracle Java SE CVE-2013-5842 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63150

Oracle Java SE CVE-2013-5850 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63153

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63148

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2013-11-22
http://www.securityfocus.com/bid/63121

Exploit

 

21.11.2013

Bugtraq

[SECURITY] [DSA 2798-2] curl security update 2013-11-20
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2013:270 ] nss 2013-11-20
security mandriva com

[ MDVSA-2013:269 ] firefox 2013-11-20
security mandriva com

Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities 2013-11-20
Vulnerability Lab (research vulnerability-lab com)

Mybb Ajaxfs Plugin Sql Injection vulnerability 2013-11-20
iedb team gmail com

Malware

Adware-Eorezo

RDN/Generic PUP.x!bm3!F521E00DFBFA

RDN/Generic.grp!gj!18B349E8C823

RDN/Generic BackDoor!uz!D17178E6E98E

Generic PUP.x!20B76EDFFD8D

Generic PUP.x!2030374CC4B6

Generic PUP.x!1E9B34ED5348

RDN/Generic BackDoor!D57F0D2C84C5

Generic PUP.x!1CF7BF9DDD9A

RDN/Generic.dx!D48D880F75C0

Generic PUP.x!1C170BB12F73

RDN/Generic PUP.x!bm3!1A9C54F85E28

Generic PUP.x!1A36D4944B31

Generic PWS.y!D0A66CA64774

RDN/Generic BackDoor!uz!1D11231E8CBC

Generic PUP.x!1E31DF58629D

RDN/Generic PUP.x!bm3!1C4E5C1721BE

RDN/Generic BackDoor!uz!ED8509FE8E19

Generic PUP.x!19BFB3AB6AB3

Generic PUP.x!1B1954767052

Generic PUP.x!1A8F730DE23A

RDN/Generic PUP.x!bm3!168E6401D25D

Generic PUP.x!6C5938C5CCE3

Generic PUP.x!1A457B0FF6AA

RDN/Qhost-Gen!bb!1A1ADB10E612

Generic PUP.x!18CE5CB13915

Generic PUP.x!197A4749108E

Generic PUP.x!1CE41085BCF3

Generic PUP.x!1D170C5114DE

Generic PUP.x!178AC3B23A3C

Phishing

Natwest

20th November 2013

Important NatWest Notice

Earthlink

20th November 2013

ACTION REQUIRED: EarthLink
Account Update

Yahoo! Services

20th November 2013

Yahoo! Account Update

Natwest Credit Card Online Ser

20th November 2013

YOU HAVE 1 NEW MESSAGE

ANZ

20th November 2013

ANZ Account Transactions

Vulnerebility

BIP SSL Handshake Remote Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/63639

X.Org X11 CVE-2013-1940 Local Information Disclosure Vulnerability
2013-11-21
http://www.securityfocus.com/bid/59282

Wireshark MQ Dissector CVE-2013-5721 Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/62320

Wireshark Multiple Denial of Service Vulnerabilities
2013-11-21
http://www.securityfocus.com/bid/61471

Wireshark CVE-2013-4933 Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/62868

Wireshark CVE-2013-4081 Stack Buffer Overflow Vulnerability
2013-11-21
http://www.securityfocus.com/bid/60505

Wireshark DCP ETSI Dissector 'dissect_pft_fec_detailed()' Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/59995

Wireshark Websocket Dissector 'packet-websocket.c' Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/59996

Wireshark MySQL Dissector Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/60001

Wireshark ASN.1 BER Dissector CVE-2013-3557 Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/60021

Wireshark CVE-2013-4083 Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/60504

Wireshark ETCH Dissector Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/60002

Wireshark Versions Prior to 1.8.2 Multiple Security Vulnerabilities
2013-11-21
http://www.securityfocus.com/bid/55035

Wireshark Information Disclosure and Denial of Service Vulnerabilities
2013-11-21
http://www.securityfocus.com/bid/56729

Wireshark Multiple Dissector Denial of Service Vulnerabilities
2013-11-21
http://www.securityfocus.com/bid/53651

Pacemaker CVE-2013-0281 Remote Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/57965

OpenSSH CVE-2010-5107 Denial of Service Vulnerability
2013-11-21
http://www.securityfocus.com/bid/58162

GNU Coreutils 'sort' Text Utility Buffer Overflow Vulnerability
2013-11-21
http://www.securityfocus.com/bid/57492

GNU Coreutils 'uniq' Text Utility Buffer Overflow Vulnerability
2013-11-21
http://www.securityfocus.com/bid/57517

GNU Coreutils 'join' Text Utility Buffer Overflow Vulnerability
2013-11-21
http://www.securityfocus.com/bid/57516

Python SSL Module CVE-2013-4238 Security Bypass Vulnerability
2013-11-21
http://www.securityfocus.com/bid/61738

Drupal Context Module Arbitrary PHP Code Execution Vulnerability
2013-11-21
http://www.securityfocus.com/bid/63171

Drupal Context Module CVE-2013-4445 Module Access Bypass Vulnerability
2013-11-21
http://www.securityfocus.com/bid/63231

Xen 'dma_pte_clear_one()' Function Local Privilege Escalation Vulnerability
2013-11-21
http://www.securityfocus.com/bid/63830

PHP 'soap.wsdl_cache_dir' Validation Arbitrary File Write Vulnerability
2013-11-21
http://www.securityfocus.com/bid/58224

PHP NULL Character Security Bypass Vulnerability
2013-11-21
http://www.securityfocus.com/bid/44951

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2013-11-21
http://www.securityfocus.com/bid/61776

libguestfs CVE-2013-4419 Insecure Temporary Directory Creation Privilege Escalation Vulnerability
2013-11-21
http://www.securityfocus.com/bid/63226

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-11-21
http://www.securityfocus.com/bid/62043

QEMU CVE-2013-4344 Remote Buffer Overflow Vulnerability
2013-11-21
http://www.securityfocus.com/bid/62773

Exploit

 

20.11.2013

Bugtraq

Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities 2013-11-20
Vulnerability Lab (research vulnerability-lab com)

Mybb Ajaxfs Plugin Sql Injection vulnerability 2013-11-20
iedb team gmail com

Paypal Bug Bounty #14 - Persistent Payment Mail Encoding Vulnerability 2013-11-20
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2013:268 ] torque 2013-11-19
security mandriva com

Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install) 2013-11-19
bruk0ut sec gmail com

XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow 2013-11-19
geinblues gmail com

XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption 2013-11-19
geinblues gmail com

XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow 2013-11-19
geinblues gmail com

pineapp mailsecure remote no authenticated privilege escalation & remote execution code 2013-11-19
rubengarrote gmail com

ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities 2013-11-19
Security Alert (Security_Alert emc com)

[ MDVSA-2013:267 ] java-1.7.0-openjdk 2013-11-19
security mandriva com

[ MDVSA-2013:266 ] java-1.6.0-openjdk 2013-11-19
security mandriva com

16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India) 2013-11-19
Gregory Panakkal (gregory_panakkal fastmail fm)

FreeBSD Security Advisory FreeBSD-SA-13:14.openssh 2013-11-19
FreeBSD Security Advisories (security-advisories freebsd org)

SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution 2013-11-19
Dennis Kelly (dennis kelly gmail com)

Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] seamonkey (SSA:2013-322-04) 2013-11-19
Slackware Security Team (security slackware com)

PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] samba (SSA:2013-322-03) 2013-11-19
Slackware Security Team (security slackware com)

[slackware-security] openssh (SSA:2013-322-02) 2013-11-19
Slackware Security Team (security slackware com)

[slackware-security] mozilla-firefox (SSA:2013-322-01) 2013-11-19
Slackware Security Team (security slackware com)

Malware

Generic FakeAlert!FDDB8ECBABC6

Generic PUP.x!792F635505E6

RDN/Generic Dropper!sh!C51C24B84683

Generic PUP.x!B23D6AEEAFF1

Generic.dx!8BE96C170761

Generic PUP.x!F7A8AA16C49A

Downloader-FLN!181C2FF53647!181C2FF53647

Downloader-FLN!D01A7E94A30B!D01A7E94A30B

Generic.bfr!D2DA276EC91D

RDN/Generic PUP.x!bmv!CEAAEDD6240D

Generic StartPage!DF4D9A853865

RDN/Generic PUP.x!6453DC723515

RDN/Generic PUP.x!bmv!91F294458C94

RDN/BackDoor-AWQ!2465084E350F

Generic Downloader.x!C6F7CD2976A0

RDN/Generic BackDoor!uz!C20CA45EAD0C

RDN/Generic BackDoor!uz!D7819D0B02FB

RDN/Generic PUP.x!43439DF81A87

Generic PUP.x!794A61131ACE

RDN/Generic PUP.x!bmv!D75ED91895BB

RDN/Generic PUP.x!bmv!25721ACADE01

RDN/Generic.dx!ctr!CE28277A897B

W32/Sality.gen!8C4444BC9B86

Generic Downloader.x!7F5566C5E924

Generic PWS.y!43E08AFF881E

RDN/Generic PUP.x!bmv!2CECC82A6ADF

RDN/Generic PUP.x!bmv!EC8C6CD163B2

Generic PUP.x!E3070FDF06D4

RDN/Generic PUP.x!bmv!2EDB7054965E

Generic PUP.x!672D79478DAD

Phishing

Barclays

19th November 2013

Important Information From
Barclays

Halifax

19th November 2013

Irregular activity on your
halifax online Account

Lloyds

19th November 2013

YOU HAVE 1 NEW MESSAGES
AVAILABILITY

Littlewoods

19th November 2013

YOU HAVE 1 NEW MESSAGE

Vulnerebility

Oracle Java SE CVE-2013-5812 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63126

SSL/TLS RC4 CVE-2013-2566 Information Disclosure Weakness
2013-11-20
http://www.securityfocus.com/bid/58796

Mozilla Network Security Services CVE-2013-1741 Integer Overflow Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63736

Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63738

Oracle Java SE CVE-2013-5850 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63153

Oracle Java SE CVE-2013-5851 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63142

Oracle Java SE CVE-2013-5849 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63106

Oracle Java SE CVE-2013-5848 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63124

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63151

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63148

Oracle Java SE CVE-2013-5842 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63150

Oracle Java SE CVE-2013-5838 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63131

Oracle Java SE CVE-2013-5832 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63158

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2013-5831 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63129

Mozilla Netscape Portable Runtime CVE-2013-5607 Integer Overflow Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63802

Google Chrome CVE-2013-2928 Multiple Unspecified Security Vulnerabilities
2013-11-20
http://www.securityfocus.com/bid/63024

Mozilla Network Security Services CVE-2013-5606 Certificate Validation Security Bypass Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63737

Google Chrome CVE-2013-2927 Use After Free Remote Code Execution Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63025

Oracle Java SE CVE-2013-5829 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63137

Google Chrome CVE-2013-2925 Use After Free Remote Code Execution Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63026

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5814 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63143

Oracle Java SE CVE-2013-5819 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63141

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63103

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5801 Remote Security Vulnerability
2013-11-20
http://www.securityfocus.com/bid/63147

Exploit

  Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass

  DeepOfix SMTP Server 3.3 - Authentication Bypass

  JPEGView 1.0.29 - Crash PoC

19.11.2013

Bugtraq

Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] seamonkey (SSA:2013-322-04) 2013-11-19
Slackware Security Team (security slackware com)

PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] samba (SSA:2013-322-03) 2013-11-19
Slackware Security Team (security slackware com)

[slackware-security] openssh (SSA:2013-322-02) 2013-11-19
Slackware Security Team (security slackware com)

[slackware-security] mozilla-firefox (SSA:2013-322-01) 2013-11-19
Slackware Security Team (security slackware com)

[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities 2013-11-18
advisories enkomio com

Re: Fwd: vulnerability issue for DB2 express 2013-11-18
shatter appsecinc com

[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass 2013-11-15
Tim Brown (timb openvas org)

Information Security Forecast 2014 2013-11-17
Jeimy Cano (jjcano yahoo com)

[SECURITY] [DSA 2798-1] curl security update 2013-11-17
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2797-1] chromium-browser security update 2013-11-17
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2795-2] lighttpd regression update 2013-11-17
Michael Gilbert (mgilbert debian org)

XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs 2013-11-16
geinblues gmail com

XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug 2013-11-16
geinblues gmail com

[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability 2013-11-16
Julien Ahrens (info rcesecurity com)

Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin 2013-11-15
High-Tech Bridge Security Research (advisory htbridge com)

NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability 2013-11-15
\VMware Security Response Center\ (security vmware com)

Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-14
Kevin Cernekee (cernekee gmail com)

APPLE-SA-2013-11-14-1 iOS 7.0.4 2013-11-14
Apple Product Security (product-security-noreply lists apple com)

Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-11-14
Rodzbry27 yahoo com

Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
Rodzbry27 yahoo com

Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
Rodzbry27 yahoo com

Re: DS3 Authentication Server - Multiple Issues 2013-11-13
support ds3global com

Dahua DVR Authentication Bypass - CVE-2013-6117 2013-11-13
Jake Reynolds (Jake depthsecurity com)

[SECURITY] [DSA 2797-1] icedove security update 2013-11-13
Moritz Muehlenhoff (jmm debian org)

Android Superuser shell character escape vulnerability 2013-11-13
Kevin Cernekee (cernekee gmail com)

Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-13
Kevin Cernekee (cernekee gmail com) (1 replies)

Malware

Generic Dropper!A65DFFFA94E2

Generic.bfr!F4F4FC4E3F10

Generic PUP.z!09F87F62B341

Generic Flooder!3F561BFAA5B2

Generic Downloader.x!5D6883464307

RDN/Generic.bfr!fi!F87C2405733B

W32/Sality.gen!9A273DCD874F

RDN/Generic PUP.x!bms!A7764F29DD2A

Generic Dropper!3285F012406F

RDN/Generic PUP.x!bms!D92C9496B9AC

RDN/Autorun.worm!cz!4F877FDF574D

Generic.bfr!C9E0B9F09327

Generic.bfr!B68B2EED282E

RDN/Generic BackDoor!B8F41659FFEC

Generic Downloader.x!1B22A2F64829

Generic StartPage!41151BF4172E

Downloader.gen.a!854BEF265929

Generic FakeAlert!46CAFBEA3831

RDN/Generic FakeAlert!49507F1C8DBA

Generic StartPage!02DC990C95BB

Generic PUP.x!3FD2B7E5AA3C

RDN/BackDoor-AWQ!D8E3687B1E03

Generic PUP.x!977A5D300DB3

RDN/Generic PUP.x!bms!FB3F684A7668

RDN/Generic PUP.x!bms!F4CD10FA097C

RDN/Spybot.bfr!h!58FD7364D301

RDN/Generic PUP.x!bms!90557AC8A306

RDN/PWS-Lineage!bb!28569F0D1EFF

RDN/Generic BackDoor!uy!BAEFF604AAC3

RDN/Generic Dropper!28BF9469D254

Phishing

Lloyds

19th November 2013

YOU HAVE 1 NEW MESSAGES
AVAILABILITY

Littlewoods

19th November 2013

YOU HAVE 1 NEW MESSAGE

Littlewoods

18th November 2013

YOU HAVE 1 NEW MESSAGE

Lloyds

17th November 2013

YOU HAVE 1 NEW MESSAGES
AVAILABILITY

Vulnerebility

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63102

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5842 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63150

Cisco Services Portal CVE-2013-3406 Arbitrary File Download Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63735

Cisco Server Provisioner Software CVE-2013-3407 Access Bypass Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63730

Cisco Nexus 1000V CVE-2013-5556 Local Arbitrary Command Execution Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63732

GraphicsMagick 'ExportAlphaQuantumType()' Function Denial Of Service Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63002

IBM Java CVE-2013-4041 Unspecified Security Bypass Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63619

IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63224

IBM Java CVE-2013-5375 Unspecified Security Bypass Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63621

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5774 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63128

Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63134

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63103

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5797 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63095

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63148

Oracle Java SE CVE-2013-5801 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63147

Oracle Java SE CVE-2013-5817 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63146

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63151

Oracle Java SE CVE-2013-5814 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63143

Oracle Java SE CVE-2013-5849 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63106

Oracle Java SE CVE-2013-5829 Remote Security Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63137

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5597 Use After Free Memory Corruption Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63422

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2013-11-19
http://www.securityfocus.com/bid/63423

Exploit

 

18.11.2013

Bugtraq

[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass 2013-11-15
Tim Brown (timb openvas org)

Information Security Forecast 2014 2013-11-17
Jeimy Cano (jjcano yahoo com)

[SECURITY] [DSA 2798-1] curl security update 2013-11-17
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2797-1] chromium-browser security update 2013-11-17
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2795-2] lighttpd regression update 2013-11-17
Michael Gilbert (mgilbert debian org)

XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs 2013-11-16
geinblues gmail com

XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug 2013-11-16
geinblues gmail com

Malware

RDN/Generic Dropper!sf!329682E7DEFF

RDN/Generic Dropper!sf!9868A5DC2A85

RDN/Generic Dropper!sf!3B7BDF550EE7

RDN/Generic Dropper!sf!770A8F3380AE

RDN/Generic Dropper!sf!9D1AE0579116

RDN/Generic Dropper!sf!6492110A768B

RDN/Generic Dropper!sf!244BC9C64EE1

RDN/Generic Dropper!sf!95B0F6DF318C

RDN/Generic Dropper!sf!251314C41409

RDN/Generic Dropper!sf!9EF184DD93BD

RDN/Generic Dropper!sf!95BF9A222FD9

RDN/Generic Dropper!sf!04278BDF5F30

RDN/Generic Dropper!sf!26D85522E115

RDN/Generic Dropper!sf!2CF608D43A99

RDN/Generic Dropper!sf!451B300DE980

RDN/Generic Dropper!sf!9D33A106D863

RDN/Generic Dropper!sf!0963E79F1BB6

RDN/Generic Dropper!sf!8916548D0F12

RDN/Generic Dropper!sf!26AD05643784

RDN/Generic Dropper!sf!3B9B29389872

RDN/Generic Dropper!sf!2D0DCB953762

RDN/Generic Dropper!sf!24F6727A7A6E

RDN/Generic Dropper!sf!79E758C5260D

RDN/Generic Dropper!sf!45C9F6E50F1C

RDN/Generic Dropper!sf!2454492E36F0

RDN/Generic Dropper!sf!462146729751

RDN/Generic Dropper!sf!1DDF8285BEBE

RDN/Generic Dropper!sf!26F127A658BD

RDN/Generic Dropper!sf!3BB2835DA26E

RDN/Generic Dropper!sf!45414B7AE885

Phishing

Lloyds

17th November 2013

YOU HAVE 1 NEW MESSAGES
AVAILABILITY

National Westminster

15th November 2013

ACCOUNT REVEIW

Lloyds Bank

14th November 2013

ACCESS TO ONLINE BANKING
SERVICE

Vulnerebility

Oracle Java SE CVE-2013-5842 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63150

Cisco Services Portal CVE-2013-3406 Arbitrary File Download Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63735

Cisco Server Provisioner Software CVE-2013-3407 Access Bypass Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63730

Cisco Nexus 1000V CVE-2013-5556 Local Arbitrary Command Execution Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63732

GraphicsMagick 'ExportAlphaQuantumType()' Function Denial Of Service Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63002

IBM Java CVE-2013-4041 Unspecified Security Bypass Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63619

IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63224

IBM Java CVE-2013-5375 Unspecified Security Bypass Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63621

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5774 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63128

Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63134

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63103

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5797 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63095

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63148

Oracle Java SE CVE-2013-5801 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63147

Oracle Java SE CVE-2013-5817 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63146

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63151

Oracle Java SE CVE-2013-5814 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63143

Oracle Java SE CVE-2013-5849 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63106

Oracle Java SE CVE-2013-5829 Remote Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63137

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5597 Use After Free Memory Corruption Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63422

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63423

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5601 Remote Memory Corruption Vulnerability
2013-11-18
http://www.securityfocus.com/bid/63428

Network Security Services Uninitialized Data Read Security Vulnerability
2013-11-18
http://www.securityfocus.com/bid/62966

Mozilla Firefox/Thunderbird/SeaMonkey JavaScript Engine Multiple Buffer Overflow Vulnerabilities
2013-11-18
http://www.securityfocus.com/bid/63421

Exploit

  Avira Secure Backup 1.0.0.1 Build 3616 (.reg) - Buffer Overflow

  Supermicro Onboard IPMI close_window.cgi Buffer Overflow

  Wordpress Euclid Theme - CSRF Vulnerability

  Wordpress Dimension Theme - CSRF Vulnerability

  Wordpress Amplus Theme - CSRF Vulnerability

  Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability

  LiveZilla version 5.0.1.4 - Remote Code Execution

  Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass

  ManageEngine DesktopCentral 8.0.0 build 80293 - Arbitrary File Upload Vulnerability

  Kaseya 6.3.0.2 - Arbitrary File Upload Vulnerability

15.11.2013

 

Bugtraq

NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability 2013-11-15
\VMware Security Response Center\ (security vmware com)

Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-14
Kevin Cernekee (cernekee gmail com)

APPLE-SA-2013-11-14-1 iOS 7.0.4 2013-11-14
Apple Product Security (product-security-noreply lists apple com)

Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-11-14
Rodzbry27 yahoo com

Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
Rodzbry27 yahoo com

Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
Rodzbry27 yahoo com

Malware

Generic Dropper!33DF8776AEA2

RDN/Generic.dx!ctk!199146A8D660

RDN/Generic.dx!ctk!28934CD9D34A

Generic.dx!0B5495E394D2

RDN/Generic PWS.y!vu!97202FBAAD50

Generic Dropper!65BFF61A1BC0

Generic FakeAlert!0A8FB147CCD8

RDN/Generic PUP.x!7212B3F2B299

RDN/Downloader.a!nv!F10FD6947918

BackDoor-AWQ.b!9F45DAC9CE74

RDN/Generic StartPage!br!C06CFF574094

Cutwail-FCTP!AE860EC124A5!AE860EC124A5

RDN/Generic.tfr!dt!DB339E59E61E

RDN/Autorun.worm.gen!7B366EB58733

Generic PUP.z!188006D91F53

Generic Dropper!B36E97415CE9

Generic Downloader.x!3D8C5C4FE7A4

BackDoor-AWQ!1BCD28ACE8D6

RDN/Generic.dx!ctk!DC9CF62095F2

Downloader.gen.a!C89AA1401F1D

PWS-Mmorpg.gen!BD69200E41A0

RDN/Generic Dropper!99EDCD9DB3B8

RDN/Generic.dx!365401D1A743

Downloader.gen.a!4FD024842184

BackDoor-AWQ.b!5D095E112BA6

RDN/Generic BackDoor!B7C4745AFCB7

Downloader-BIA!C22909325B13

PWS-Mmorpg.gen!9AD8D21FDC81

BackDoor-CEP!A0A508064E2C

Generic.bfr!AE26FC5F1E9C

Phishing

Lloyds Bank

14th November 2013

ACCESS TO ONLINE BANKING
SERVICE

National Westminster Bank

14th November 2013

*** *** Account Reveiw

Vulnerebility

Microsoft Windows #GP Trap Handler Local Privilege Escalation Vulnerability
2013-11-15
http://www.securityfocus.com/bid/37864

Oracle Java SE CVE-2013-5842 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63150

Oracle Java SE CVE-2013-5843 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63151

Oracle Java SE CVE-2013-5848 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63124

Oracle Java SE CVE-2013-5849 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63106

Oracle Java SE CVE-2013-5850 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63153

Oracle Java SE CVE-2013-5851 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63142

RETIRED: Google Chrome Unspecified Remote Sandbox Security Bypass Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63727

RETIRED: Google Chrome Unspecified Integer Overflow Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63725

yaSSL CVE-2013-1492 Unspecified Buffer Overflow Vulnerability
2013-11-15
http://www.securityfocus.com/bid/58595

Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/57388

yaSSL CVE-2012-0553 Unspecified Buffer Overflow Vulnerability
2013-11-15
http://www.securityfocus.com/bid/58594

Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/61269

Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/56022

Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/56036

Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/57412

Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
2013-11-15
http://www.securityfocus.com/bid/51493

Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/51514

Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
2013-11-15
http://www.securityfocus.com/bid/56017

MySQL 'yaSSL' Remote Code Execution Vulnerability
2013-11-15
http://www.securityfocus.com/bid/51925

Cisco Unified Communications Manager CVE-2013-3472 Cross Site Request Forgery Vulnerability
2013-11-15
http://www.securityfocus.com/bid/62032

Cisco Wireless LAN Controller CVE-2013-6684 Multiple Remote Denial of Service Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63684

Cisco IOS SSL VPN Interface CVE-2013-6686 Remote Denial of Service Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63699

Cisco Prime Data Center Network Manager CVE-2013-5487 Information Disclosure Vulnerability
2013-11-15
http://www.securityfocus.com/bid/62483

Cisco Prime Data Center Network Manager Multiple Remote Command Execution Vulnerabilities
2013-11-15
http://www.securityfocus.com/bid/62484

Multiple EMC Documentum Products CVE-2013-3281 Cross Site Scripting Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63526

Linux Kernel CVE-2013-6763 Integer Overflow Vulnerability
2013-11-15
http://www.securityfocus.com/bid/63707

DS3 Authentication Server 'ServerAdmin/ErrorViewer.jsp' Security Bypass Vulnerability
2013-11-15
http://www.securityfocus.com/bid/60936

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2013-11-15
http://www.securityfocus.com/bid/60107

IBM WebSphere Application Server CVE-2013-4005 Cross Site Scripting Vulnerability
2013-11-15
http://www.securityfocus.com/bid/61901

Exploit

Watermark Master v2.2.23 .wstyle - Buffer Overflow (SEH)

14.11.2013

Bugtraq

Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-11-14
Rodzbry27 yahoo com

Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
Rodzbry27 yahoo com

Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
Rodzbry27 yahoo com

Re: DS3 Authentication Server - Multiple Issues 2013-11-13
support ds3global com

Dahua DVR Authentication Bypass - CVE-2013-6117 2013-11-13
Jake Reynolds (Jake depthsecurity com)

[SECURITY] [DSA 2797-1] icedove security update 2013-11-13
Moritz Muehlenhoff (jmm debian org)

Android Superuser shell character escape vulnerability 2013-11-13
Kevin Cernekee (cernekee gmail com)

Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-13
Kevin Cernekee (cernekee gmail com)

Superuser "su --daemon" vulnerability on Android >= 4.3 2013-11-13
Kevin Cernekee (cernekee gmail com)

Malware

RDN/Qhost-Gen!bb!79CD780AAF28

RDN/Generic Dropper!8CC41A715404

RDN/Generic.bfr!F1EADB7AF0EA

RDN/Generic PUP.x!bmj!FBD068B62B4C

RDN/Generic.bfr!2FCC1F088249

RDN/Generic BackDoor!uu!80D4045AFFAB

RDN/Generic PUP.x!1FD82489DB0D

Generic PUP.x!648AFC14924E

BackDoor-DVB.e!9E25F9BFB203

RDN/Generic PUP.x!bmj!E8F598F1F26D

Generic.dx!0AD9598992C5

RDN/Generic BackDoor!571F21312E86

Ransom-FEB!2E3B1705298D!2E3B1705298D

RDN/Generic PWS.y!vt!C0D75D1B84F2

RDN/Generic.grp!gh!60C40A6FF21A

FakeSecTool-FCH!41DED40502B7!41DED40502B7

RDN/Generic PUP.x!0126EAE1647E

RDN/Generic.tfr!dt!C517D74749AE

RDN/Generic.grp!gh!F1A9C784C173

PUP-FEI!A7F1A6864F80!A7F1A6864F80

RDN/Generic.dx!C6C9898C523B

RDN/Generic PUP.x!bmj!6CA28902EA6F

RDN/Generic BackDoor!uu!8A9575639F40

RDN/Spybot.bfr!h!B24A856DD66E

RDN/Generic PUP.x!bmj!6673C6ECEF6B

FakeSecTool-FCH!BFEADED9C7B8!BFEADED9C7B8

RDN/Generic.bfr!fh!993E777BB43C

FakeSecTool-FCH!A57A613519DA!A57A613519DA

RDN/Generic PUP.x!bmj!273FAC1847DD

RDN/Generic PUP.x!bmj!272770A46156

Phishing

National Westminster Bank

14th November 2013

*** *** Account Reveiw

Customer Service Apple

13th November 2013

Confirm that you are the
account holder

AOL

13th November 2013

Suspension Message From AOL

Email Team

13th November 2013

Account Update
(2013)*******************Last
Warning

Vulnerebility

Multiple EMC Documentum Products CVE-2013-3281 Cross Site Scripting Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63526

Linux Kernel CVE-2013-6763 Integer Overflow Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63707

DS3 Authentication Server 'ServerAdmin/ErrorViewer.jsp' Security Bypass Vulnerability
2013-11-14
http://www.securityfocus.com/bid/60936

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2013-11-14
http://www.securityfocus.com/bid/60107

IBM WebSphere Application Server CVE-2013-4005 Cross Site Scripting Vulnerability
2013-11-14
http://www.securityfocus.com/bid/61901

IBM WebSphere Application Server CVE-2013-3029 Cross-Site Request Forgery Vulnerability
2013-11-14
http://www.securityfocus.com/bid/61937

IBM WebSphere Application Server CVE-2013-4004 Cross Site Scripting Vulnerability
2013-11-14
http://www.securityfocus.com/bid/61935

IBM WebSphere Application Server CVE-2013-4052 Cross Site Scripting Vulnerability
2013-11-14
http://www.securityfocus.com/bid/62336

IBM WebSphere Virtual Enterprise CVE-2013-5425 Cross Site Scripting Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63700

IBM Eclipse Help System CVE-2013-0467 Information Disclosure Vulnerability
2013-11-14
http://www.securityfocus.com/bid/58000

Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
2013-11-14
http://www.securityfocus.com/bid/59826

Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
2013-11-14
http://www.securityfocus.com/bid/61129

IBM Eclipse Help System CVE-2013-0464 Cross Site Scripting Vulnerability
2013-11-14
http://www.securityfocus.com/bid/60246

Apache Commons Compress and Apache Ant CVE-2012-2098 Denial Of Service Vulnerability
2013-11-14
http://www.securityfocus.com/bid/53676

IBM WebSphere Application Server CVE-2013-4053 Remote Privilege Escalation Vulnerability
2013-11-14
http://www.securityfocus.com/bid/62338

DS3 Authentication Server 'TestTelnetConnection.jsp' Remote Command Execution Vulnerability
2013-11-14
http://www.securityfocus.com/bid/60287

Oracle Solaris CVE-2013-5862 Local Security Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63072

Oracle Solaris CVE-2013-5864 Local Security Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63073

GitLab 'Code Search' Feature CVE-2013-4489 Remote Code Execution Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63505

Apache Tomcat CVE-2012-5568 Denial of Service Vulnerability
2013-11-14
http://www.securityfocus.com/bid/56686

Apache Tomcat DIGEST Authentication Multiple Security Weaknesses
2013-11-14
http://www.securityfocus.com/bid/56403

Oracle Sun Products Suite CVE-2013-5781 Local SPARC Enterprise T4 Servers Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63051

Apache Tomcat Parameter Handling Denial of Service Vulnerability
2013-11-14
http://www.securityfocus.com/bid/51447

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5601 Remote Memory Corruption Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63428

Mozilla Firefox CVE-2013-5590 Remote Memory Corruption Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63415

Linux Kernel 'skbuff.c' Local Denial of Service Vulnerability
2013-11-14
http://www.securityfocus.com/bid/61411

Samba ACL Check Security Bypass Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63646

IBM WebSphere Application Server CVE-2013-0460 Cross-Site Request Forgery Vulnerability
2013-11-14
http://www.securityfocus.com/bid/57510

Oracle Solaris CVE-2013-5839 Remote Security Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63078

IBus CVE-2013-4509 Local Password Information Disclosure Vulnerability
2013-11-14
http://www.securityfocus.com/bid/63516

Exploit

  TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF Vulnerability

13.11.2013

Bugtraq

[security bulletin] HPSBHF02939 rev.1 - HP Integrated Lights-Out 4 (iLO4), Remote Cross Site Scripting (XSS), Unauthorized Disclosure of Information 2013-11-12
security-alert hp com

Fwd: RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers 2013-11-12
Ruckus Product Security Team (security ruckuswireless com)

Fwd: vulnerability issue for DB2 express 2013-11-12
Jonathan Yu (jonathan i yu gmail com)

WebSurgery v1.1 released (Web application security testing suite) 2013-11-11
John Stamatakis (john stamatakis sunrisetech gr)

WebSurgery v1.1 released (Web application security testing suite) 2013-11-11
John Stamatakis (srgn ml googlemail com)

XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3 2013-11-11
info andreabodei com

RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface 2013-11-12
Ruckus Product Security Team (security ruckuswireless com)

vulnerability issue for DB2 express 2013-11-11
bhavyasethi atcs gmail com

Malware

RDN/Generic PUP.x!bmf!A6D3E737689E

RDN/Generic PUP.x!bmf!E800BD75A601

Generic.bfr!E1E0699CB67C

RDN/Generic PUP.x!919F51CCF226

Generic PUP.x!32CEFB9DC2BF

RDN/Generic PUP.x!bmf!ADD25FC93420

Generic.dx!0D97971F16FE

Generic PUP.x!66C3D25F73F7

Generic PUP.x!0F6DA34115FA

RDN/Generic PUP.x!bmf!92ACA44F1EFA

RDN/Generic PUP.x!bmf!5927EF53E00A

RDN/Generic Dropper!C8A4C3D5600A

RDN/Generic Dropper!6EEF16DD438E

RDN/Generic.bfr!fh!506AB1AB80EE

RDN/Generic Dropper!A1D00398CE5C

RDN/Generic PUP.x!bmf!8C8EC3FF8F9B

RDN/Downloader.gen.a!C7D1BE3A5F69

RDN/Generic.dx!cth!51B26EEDF477

RDN/Generic PUP.x!bmf!32689CB7AF1B

Generic BackDoor!B9085DF4B130

RDN/Generic Dropper!3DE521C68343

RDN/Vundo!dn!69B7C38A0992

RDN/Generic Dropper!DF8D8A511DCA

RDN/Generic PUP.x!bmf!39A958BD2113

Generic PWS.y!D406AAE60600

RDN/Generic PUP.x!bmf!E5BBA3221B9A

RDN/Generic BackDoor!ut!C2258A33D47F

RDN/Generic PUP.x!bmf!1020FF15E0D0

RDN/Generic PUP.x!bmf!01788F73333D

Generic.bfr!2E3AB0CDF029

Phishing

Email Team

13th November 2013

Account Update
(2013)*******************Last
Warning

NatWest Bank Online

12th November 2013

IMPORTANT NATWEST CREDIT CARD
NOTIFICATION!

Adobe Customer Care

12th November 2013

Important Password Reset
Information

Vulnerebility

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62043

Linux Kernel CVE-2013-4387 Memory Corruption Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62696

Linux Kernel 'sctp_v6_xmit()' Function CVE-2013-4350 Information Disclosure Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62405

Linux Kernel CVE-2013-2897 Heap Buffer Overflow Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62044

Linux Kernel CVE-2013-2893 Heap Buffer Overflow Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62050

Linux Kernel CVE-2013-2896 NULL Pointer Dereference Denial of Service Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62048

Linux Kernel CVE-2013-2899 NULL Pointer Dereference Denial of Service Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62046

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2013-11-13
http://www.securityfocus.com/bid/58795

Linux Kernel CVE-2013-2889 Heap Buffer Overflow Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62042

Linux Kernel CVE-2013-2895 NULL Pointer Dereference Denial of Service Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62045

Linux Kernel CVE-2013-2892 Heap Buffer Overflow Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62049

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2013-11-13
http://www.securityfocus.com/bid/60280

WordPress Curvo Theme Cross Site Request Forgery Vulnerability
2013-11-13
http://www.securityfocus.com/bid/63410

WordPress Kernel Theme 'upload-handler.php' Arbitrary File Upload Vulnerability
2013-11-13
http://www.securityfocus.com/bid/63623

Oracle Java SE CVE-2013-1557 Remote Java Runtime Environment Vulnerability
2013-11-13
http://www.securityfocus.com/bid/59170

Oracle Java SE CVE-2013-1478 Remote Java Runtime Environment Vulnerability
2013-11-13
http://www.securityfocus.com/bid/57686

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-11-13
http://www.securityfocus.com/bid/60634

IBM Cognos Business Intelligence CVE-2013-2978 Access Bypass Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62006

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-11-13
http://www.securityfocus.com/bid/60627

IBM Cognos Business Intelligence CVE-2013-0586 Unspecified Cross Site Scripting Vulnerability
2013-11-13
http://www.securityfocus.com/bid/61998

IBM Cognos Business Intelligence CVE-2013-2988 Access Bypass Vulnerability
2013-11-13
http://www.securityfocus.com/bid/62003

Microsoft Windows 'icardie.dll' ActiveX Control CVE-2013-3918 Remote Code Execution Vulnerability
2013-11-13
http://www.securityfocus.com/bid/63631

Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
2013-11-13
http://www.securityfocus.com/bid/60846

ISC BIND 'localnets' ACL Security Bypass Vulnerability
2013-11-13
http://www.securityfocus.com/bid/63610

VideoSpirit Pro and Lite '.visprj' File Multiple Buffer Overflow Vulnerabilities
2013-11-13
http://www.securityfocus.com/bid/45741

strongSwan CVE-2013-6075 Authorization Security Bypass and Denial of Service Vulnerability
2013-11-13
http://www.securityfocus.com/bid/63489

strongSwan NULL Pointer Dereference Denial of Service Vulnerability
2013-11-13
http://www.securityfocus.com/bid/63540

Xen CVE-2013-4494 Denial of Service Vulnerability
2013-11-13
http://www.securityfocus.com/bid/63494

libvirt 'virt-login-shell' Local Privilege Escalation Vulnerability
2013-11-13
http://www.securityfocus.com/bid/63324

Review Board CVE-2013-4519 Multiple HTML Injection Vulnerabilities
2013-11-13
http://www.securityfocus.com/bid/63601

Exploit

  Symantec Altiris DS SQL Injection

ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow (SEH/Unicode)

FortiAnalyzer 5.0.4 - CSRF Vulnerability

12.11.2013

Bugtraq

WebSurgery v1.1 released (Web application security testing suite) 2013-11-11
John Stamatakis (john stamatakis sunrisetech gr)

WebSurgery v1.1 released (Web application security testing suite) 2013-11-11
John Stamatakis (srgn ml googlemail com)

XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3 2013-11-11
info andreabodei com

RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface 2013-11-12
Ruckus Product Security Team (security ruckuswireless com)

vulnerability issue for DB2 express 2013-11-11
bhavyasethi atcs gmail com

Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 2013-11-08
jsibley1 gmail com

Malware

RDN/Generic PUP.x!bmb!79ADE1E87322

RDN/Generic PUP.x!bmb!07815DE1DDA9

RDN/Generic PUP.x!bmb!0EBF6CA1905F

RDN/Generic PUP.x!bmb!C2D3E01E5E45

RDN/Generic PUP.x!bmb!88EAF43F806B

Generic PUP.x!32C8836E7A52

RDN/Generic PUP.x!A7DB920A42BE

RDN/Generic.bfr!fh!95F976C5B201

RDN/Generic.dx!ctf!3F430D5F5DD0

RDN/Generic.dx!ctf!6822E7DF7F3E

RDN/Generic.bfr!fh!A506EECD9CEB

Generic.bfr!6F08553420E3

RDN/Generic PUP.x!bmb!25F106EAD9B1

RDN/Generic PUP.x!CBCEBE45A2A9

Generic.bfr!E3F250386080

Obfuscated-FBU!hb!1A94B6B95CE3

RDN/Ransom!du!705BB28F8359

RDN/Generic PWS.y!vr!000E4CCA24D2

Generic PUP.x!C23450078B1A

RDN/Generic BackDoor!us!E9D4703CDBA4

RDN/Generic StartPage!br!56A007D2995E

RDN/Generic BackDoor!us!F336DF996C50

RDN/Generic PUP.x!bmb!BA120F31F719

RDN/Generic PUP.x!DB3DD5E513D6

Generic PUP.x!C6BB72E2CED6

RDN/Generic.tfr!ds!56E2DE56FC5A

RDN/Generic PUP.x!bmb!CBD61B732967

RDN/Generic PUP.x!bmb!F62CED90CCBA

RDN/Generic PUP.x!bmb!B1AC206D0DA2

Obfuscated-FBU!hb!88D7BA383411

Phishing

Adobe Customer Care

12th November 2013

Important Password Reset
Information

National Westminster Bank

11th November 2013

Account Reveiw

NatWest Card Services

11th November 2013

YOUR NATWEST CREDIT CARD
NOTIFICATION.

Facebook

11th November 2013

Your 2 unread messages will be
deleted soon

Vulnerebility

SaltStack Salt Security Bypass Vulnerability
2013-11-12
http://www.securityfocus.com/bid/62995

SaltStack Salt CVE-2013-4438 Multiple Remote Code Execution Vulnerabilities
2013-11-12
http://www.securityfocus.com/bid/63243

SaltStack Salt CVE-2013-4436 Man in the Middle Spoofing Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63239

SaltStack Salt CVE-2013-4437 Insecure Temporary File Handling Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63242

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63423

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5602 Remote Memory Corruption Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63424

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5600 Remote Memory Corruption Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63427

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5603 Remote Code Execution Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63416

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5601 Remote Memory Corruption Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63428

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5593 Address Bar URI Spoofing Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63429

Mozilla Firefox/Thunderbird/SeaMonkey JavaScript Engine Multiple Buffer Overflow Vulnerabilities
2013-11-12
http://www.securityfocus.com/bid/63421

Mozilla Firefox CVE-2013-5592 Remote Memory Corruption Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63418

Mozilla Firefox CVE-2013-5590 Remote Memory Corruption Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63415

Mozilla Firefox/Thunderbird/SeaMonkey XSLT Processing Denial of Service Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63430

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5596 Remote Code Execution Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63420

Microsoft Internet Explorer Unspecfied Remote Code Execution Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63631

Multiple Microsoft Products CVE-2013-3906 Remote Code Execution Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63530

Bugzilla 'attachment.cgi' Cross Site Request Forgery Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63199

pyOpenSSL SSL Client Certificate Validation Security Bypass Vulnerability
2013-11-12
http://www.securityfocus.com/bid/62258

Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2013-11-12
http://www.securityfocus.com/bid/59877

Bugzilla CVE-2013-1743 Cross Site Scripting Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63205

Bugzilla 'editflagtypes.cgi' Multiple Cross Site Scripting Vulnerabilities
2013-11-12
http://www.securityfocus.com/bid/63204

Xen CVE-2013-4494 Local Denial of Service Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63494

Xen OXenstored CVE-2013-4416 Denial of Service Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63404

RoundCube Webmail '_session' Parameter Remote Security Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63300

Cisco Adaptive Security Appliance Auto-Update Remote Denial of Service Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63628

Cisco Adaptive Security Appliance Phone Proxy Database Security Bypass Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63624

Wireshark SIP Dissector CVE-2013-6338 Denial of Service Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63502

Wireshark ActiveMQ OpenWire Dissector CVE-2013-6339 Denial of Service Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63501

Wireshark NBAP Dissector CVE-2013-6337 Denial of Service Vulnerability
2013-11-12
http://www.securityfocus.com/bid/63504

Exploit

  VideoSpirit Pro 1.90 - (SEH) Buffer Overflow

  VideoSpirit Lite 1.77 - (SEH) Buffer Overflow

  Hanso Converter 2.4.0 - 'ogg' Buffer Overflow(DoS)

  Provj 5.1.5.8 - 'm3u' Buffer Overflow (PoC)

11.11.2013

Bugtraq

Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 2013-11-08
jsibley1 gmail com

[SECURITY] [DSA 2794-1] spip security update 2013-11-10
Salvatore Bonaccorso (carnil debian org)

Vulnerability in Pydio/AjaXplorer <= 5.0.3 2013-11-10
advisories redfsec com

Vulnerability in Pydio/AjaXplorer < = 5.0.3 2013-11-10
advisories redfsec com

[ MDVSA-2013:265 ] kernel 2013-11-10
security mandriva com

XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow 2013-11-09
geinblues gmail com

[SECURITY] [DSA 2793-1] libav security update 2013-11-09
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic PWS.y!vr!B9FEAC1C45A5

Generic PUP.x!287F1366EAB8

Generic.bfr!5463AD42CC33

Generic.bfr!CF90D1FA803A

RDN/Generic PUP.x!blz!5F47376B1BDE

RDN/Generic PUP.x!blz!7F44DBAFA6F6

RDN/Generic PUP.x!blz!AB059426C51B

RDN/Generic PUP.x!blz!4409BD79104F

RDN/Generic PUP.x!blz!E14920F23BFE

Generic.bfr!9609AF325ED0

RDN/Generic Downloader.x!E39C43D85796

RDN/Downloader.a!nq!7AF76AA101F2

RDN/Generic Dropper!75D2892A5FC8

RDN/Generic PUP.x!05ED11722764

Generic PUP.x!278C5D1D57B0

Generic.bfr!DA15394365E7

Adware-FOO!3FB603E06D1B!3FB603E06D1B

Generic PUP.x!EAAE8C06DBBA

RDN/Generic PUP.x!8834131B6F9B

RDN/Generic Dropper!FD6EEE7348AD

Generic.bfr!726E6ABBD255

RDN/Generic PUP.x!DAAC2EE130A0

RDN/Generic PUP.x!blz!0ED9047047DD

RDN/Generic PUP.x!F90DED8021BB

Generic PUP.x!B9A9D6B9BB7D

Generic PUP.x!9C8DBDCD5F69

RDN/Generic BackDoor!D2122A4BA67B

RDN/Generic PUP.x!blz!3345073C7D93

RDN/Generic PUP.x!blz!515CED712DD1

RDN/Generic Dropper!sd!A8BBA9E7182F

Phishing

Facebook

11th November 2013

Your 2 unread messages will be
deleted soon

Barclays Bank PLC

10th November 2013

YOUR BARCLAYS ACCOUNT ALERT

Vulnerebility

Oracle Java SE CVE-2013-3829 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63120

Oracle Java SE CVE-2013-5774 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63128

Oracle Java SE CVE-2013-5817 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63146

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63148

IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63224

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5823 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63110

Oracle Java SE CVE-2013-5829 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63137

Oracle Java SE CVE-2013-5848 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63124

Oracle Java SE CVE-2013-5849 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63106

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-11-11
http://www.securityfocus.com/bid/61310

drupalauth Module For SimpleSAMLphp Security Bypass Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63537

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5800 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63111

Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63134

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63103

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63102

Oracle Java SE CVE-2013-5784 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63098

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5772 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63089

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5797 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63095

Oracle Java SE CVE-2013-5789 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63156

Oracle Java SE CVE-2013-5832 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63158

Oracle Java SE CVE-2013-5818 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63157

Oracle Java SE CVE-2013-5787 Remote Security Vulnerability
2013-11-11
http://www.securityfocus.com/bid/63155

Exploit

 

9.11.2013

Bugtraq

Word 2003 SP2 .doc fork bomb on WinXP SP3 2013-11-08
jsibley1 gmail com

RE: FP BugCON 2014 - Mexico City 2013-11-07
Tamara Vera (tverac satelcorp net)

Malware

RDN/Generic.bfr!4028C2B22E82

Generic.bfr!271FB545E0D7

Generic Downloader.x!B72489D1CC9D

RDN/Ransom!du!1A7CB371F000

Generic FakeAlert!A439AE631F2A

RDN/Generic.bfr!0816476A0116

Generic PUP.x!15BC625DD9A3

Generic PUP.x!B0639657C1A0

RDN/Generic PUP.x!bl3!0F389721C3F6

Generic.bfr!11E23424F33C

Generic Downloader.x!B498DEE38DC7

Generic.bfr!0D1852E25781

RDN/Generic PUP.x!2E37D3FB1A43

Generic Dropper!E2EA61F430BD

RDN/Generic PUP.x!E4BD595BAC0E

RDN/Downloader.gen.a!194899EB5AC8

RDN/Generic PUP.x!bl3!0FCA63F253BF

RDN/Generic.dx!ctc!C069ABC3A083

Generic Downloader.x!3CA0BA550419

Generic PUP.x!9CFDEC389CA6

W32/Virut.gen!CCA93DA58959

RDN/Generic BackDoor!ur!10F8BE6B7545

Generic.bfr!0FE67A0EB5A7

RDN/Generic.bfr!fh!0F13C2FF51C9

Generic.bfr!0A47903226A3

Generic PUP.x!C3BDC536EC4A

Generic PUP.x!79AA6A9FCAD9

Generic Downloader.x!0C1225DD3DCD

Generic.bfr!6229D606F73C

Generic Dropper!1ED9D1A3EB08

Phishing

Nationwide.co.uk

8th November 2013

Nationwide Internet Banking

Lloyds Bank

8th November 2013

ACCESS TO ONLINE BANKING
SERVICE

NatWest

8th November 2013

NATWEST BANK NOTICE

Vulnerebility

VICIDIAL 'manager_send.php' CVE-2013-4468 Command Injection Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63288

VICIDIAL 'manager_send.php' CVE-2013-4467 SQL Injection Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63340

Linux Kernel CVE-2013-2892 Heap Buffer Overflow Vulnerability
2013-11-09
http://www.securityfocus.com/bid/62049

Linux Kernel CVE-2013-2895 NULL Pointer Dereference Denial of Service Vulnerability
2013-11-09
http://www.securityfocus.com/bid/62045

Linux Kernel CVE-2013-4299 Information Disclosure Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63183

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2013-11-09
http://www.securityfocus.com/bid/60280

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/62043

Linux Kernel CVE-2013-2893 Heap Buffer Overflow Vulnerability
2013-11-09
http://www.securityfocus.com/bid/62050

Linux Kernel ext4 Local Denial of Service Vulnerability
2013-11-09
http://www.securityfocus.com/bid/59512

Linux Kernel CVE-2013-2896 NULL Pointer Dereference Denial of Service Vulnerability
2013-11-09
http://www.securityfocus.com/bid/62048

Linux Kernel CVE-2013-2889 Heap Buffer Overflow Vulnerability
2013-11-09
http://www.securityfocus.com/bid/62042

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2013-11-09
http://www.securityfocus.com/bid/58795

Mozilla Firefox/Thunderbird/SeaMonkey JavaScript Engine Multiple Buffer Overflow Vulnerabilities
2013-11-09
http://www.securityfocus.com/bid/63421

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5602 Remote Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63424

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1718 Remote Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/62463

Zikula Application Framework Unspecified Cross Site Scripting Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63186

VideoCharge Studio '.vsc' File Remote Buffer Overflow Vulnerability
2013-11-09
http://www.securityfocus.com/bid/45183

RETIRED: VideoCharge Studio '.vsc' File Handling Remote Buffer Overflow Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63364

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5603 Remote Code Execution Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63416

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5601 Remote Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63428

Mozilla Firefox/Thunderbird/SeaMonkey XSLT Processing Denial of Service Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63430

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5597 Use After Free Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63422

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63423

Mozilla Firefox 'PDF.js' Javascript Security Bypass Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63419

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5600 Remote Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63427

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5596 Remote Code Execution Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63420

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5593 Address Bar URI Spoofing Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63429

Mozilla Firefox CVE-2013-5591 Remote Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63417

Mozilla Firefox CVE-2013-5592 Remote Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/63418

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1736 Remote Memory Corruption Vulnerability
2013-11-09
http://www.securityfocus.com/bid/62478

Exploit

 

8.11.2013

Bugtraq

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability 2013-11-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)

CFP BugCON 2014 - Mexico City 2013-11-07
Carlos A. Lozano (vendetta bugcon org)

Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability 2013-11-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)

CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) 2013-11-06
Dirk-Willem van Gulik (dirkx webweaving org)

Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability 2013-11-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)

CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass 2013-11-05
CORE Advisories Team (advisories coresecurity com)

Malware

Ransom!A224FC8A0954

ADWARE-BORAN!B8431FAE3A41

RDN/Generic Downloader.x!is!808404FB4230

Generic PUP.x!DCFEE38E85E2

Generic.bfr!C6868F583BC1

RDN/Generic.tfr!ds!AF0365236BF5

Qhost-Gen!F9818CB4D1BE

W32/Sality.gen!167F868177EC

Generic PUP.x!E3B3901952E4

RDN/Generic Dropper!A89C24021796

RDN/Generic.tfr!ds!8241B48C0908

RDN/Generic.tfr!ds!6EB26EF860EE

RDN/Generic BackDoor!uq!33CBAFE4D156

RDN/Generic PUP.x!blq!9CCFF5145076

RDN/Generic BackDoor!365FD5955954

RDN/Generic PUP.x!blq!57F893B66294

RDN/Generic.bfr!fg!6F191FF09A88

Generic PUP.x!D05AB6D63977

Generic PUP.x!8B005D04D995

PUP-FED!27033546DE95!27033546DE95

Generic Dropper!4E693CEBB601

RDN/Generic.dx!ctb!8DBCE3DB3CAC

Generic.bfr!2A7EA51FBA0E

RDN/Generic.dx!ctb!F8687D760E48

Generic PUP.x!035E65B587A8

RDN/Generic BackDoor!uq!828F797CB3ED

RDN/Generic Downloader.x!is!E12CC2E8F15F

RDN/Qhost-Gen!bb!26003B44F81C

Generic PWS.y!4BE5B6584D4B

Generic.dx!CFAC81C3CC2B

Phishing

PayPal

7th November 2013

Your account has been limited
until we hear from you

Vulnerebility

Mozilla Firefox CVE-2013-5591 Remote Memory Corruption Vulnerability
2013-11-08
http://www.securityfocus.com/bid/63417

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1732 Buffer Overflow Vulnerability
2013-11-08
http://www.securityfocus.com/bid/62469

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2013-11-08
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2013-11-08
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2013-5823 Remote Security Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63110

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5597 Use After Free Memory Corruption Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63422

Mozilla Firefox/Thunderbird/SeaMonkey JavaScript Engine Multiple Buffer Overflow Vulnerabilities
2013-11-07
http://www.securityfocus.com/bid/63421

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5603 Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63416

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5596 Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63420

Mozilla Firefox 'PDF.js' Javascript Security Bypass Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63419

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63423

Mozilla Firefox CVE-2013-5592 Remote Memory Corruption Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63418

Mozilla Firefox CVE-2013-5590 Remote Memory Corruption Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63415

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5601 Remote Memory Corruption Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63428

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5600 Remote Memory Corruption Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63427

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5602 Remote Memory Corruption Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63424

Mozilla Firefox/Thunderbird/SeaMonkey XSLT Processing Denial of Service Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63430

Google Chrome CVE-2013-2926 Use After Free Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63028

Google Chrome CVE-2013-2925 Use After Free Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63026

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5593 Address Bar URI Spoofing Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63429

Google Chrome CVE-2013-2927 Use After Free Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63025

Google Chrome CVE-2013-2928 Multiple Unspecified Security Vulnerabilities
2013-11-07
http://www.securityfocus.com/bid/63024

International Components for Unicode Use After Free Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62968

Google Chrome Prior to 30.0.1599.66 Multiple Security Vulnerabilities
2013-11-07
http://www.securityfocus.com/bid/62752

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1724 Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62464

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1738 Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62466

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1730 Remote Code Execution Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62473

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62468

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1735 Remote Memory Corruption Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62479

Mozilla Firefox CVE-2013-1729 Information Disclosure Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62474

Exploit

  VICIdial Manager Send OS Command Injection

  WordPress Theme Kernel - Remote File Upload Vulnerability

  RASPcalendar 1.01 - [ASP] Admin Login Vlunerabilities

  Vanilla Forums 2.0 - 2.0.18.5 (class.utilitycontroller.php) - PHP Object Injection Vulnerability

  appRain 3.0.2 - Blind SQL Injection Vulnerability

  Flatpress 1.0 - Remote Code Execution

  Vivotek IP Cameras - RTSP Authentication Bypass

  Project'Or RIA 3.4.0 (objectDetail.php, objectId param) - SQL Injection

  Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities

  Horde Groupware Web Mail Edition 5.1.2 - CSRF Vulnerability

  Microweber 0.905 - Error Based SQL Injection

7.11.2013

Bugtraq

CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass 2013-11-05
CORE Advisories Team (advisories coresecurity com)

SQL Injection in appRain 2013-11-06
High-Tech Bridge Security Research (advisory htbridge com)

[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting 2013-11-05
advisories enkomio com

[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability 2013-11-05
ISecAuditors Security Advisories (advisories isecauditors com)

Open-Xchange Security Advisory 2013-11-06 2013-11-06
Martin Braun (martin braun open-xchange com)

wordpress jigoshop Plugin path disclosure vulnerabilities 2013-11-05
iedb team gmail com

[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" 2013-11-05
ISecAuditors Security Advisories (advisories isecauditors com)

[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system 2013-11-05
ISecAuditors Security Advisories (advisories isecauditors com)

ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. 2013-11-05
Security Alert (Security_Alert emc com)

ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. 2013-11-05
Security Alert (Security_Alert emc com)

Malware

RDN/Generic PUP.x!bl3!70CD0411C162

PUP-FED!258BC51F42A1!258BC51F42A1

PUP-FED!1FD302E01D85!1FD302E01D85

PUP-FED!9DB5FEE9BFCB!9DB5FEE9BFCB

Generic PUP.x!E5CCA641B388

PUP-FED!D65A571004C4!D65A571004C4

RDN/Generic PUP.x!bl3!F2B7A19AE6BE

RDN/Generic PUP.x!bl3!BB2D6863F84F

RDN/Generic PUP.x!bl3!F37D6D06F3DB

PUP-FED!945C4D798BD9!945C4D798BD9

PUP-FED!099AC4B806C6!099AC4B806C6

PUP-FED!6BDA3DBF408E!6BDA3DBF408E

RDN/Generic.bfr!fg!326B870981FA

PUP-FED!99298DA458CD!99298DA458CD

PUP-FED!32D8058A2DFC!32D8058A2DFC

PUP-FED!53B62D4589E8!53B62D4589E8

PUP-FED!292359D2AF4A!292359D2AF4A

RDN/Generic PUP.x!bl3!CE0BF408D659

Generic PUP.x!046F803AB1BA

PUP-FED!3B5537C79B20!3B5537C79B20

PUP-FED!72ADF9603C91!72ADF9603C91

PUP-FED!748E0CE0430A!748E0CE0430A

RDN/Qhost-Gen!bb!8BF0E4FC7336

RDN/Generic PUP.x!bl3!5362BEF6788E

Downloader.gen.a!0214E9B92BD6

PUP-FED!645E81828242!645E81828242

PUP-FED!1FC88EA06CAC!1FC88EA06CAC

RDN/Generic.tfr!ds!5B3CA8AD7259

Generic.bfr!686708FAEADA

PUP-FED!91747F392BA0!91747F392BA0

Phishing

NatWest Card Services

6th November 2013

*Email Alert* Resolve Your
Account

Natwest

6th November 2013

NatWest - NatWest Secure
Password Reset Confirmation

Vulnerebility

Google Android Signature Verification Security Bypass Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63547

GNOME Vino VNC Server CVE-2013-5745 Denial of Service Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62443

appRain CVE-2013-6058 SQL Injection Vulnerability
2013-11-07
http://www.securityfocus.com/bid/62937

Tryton 'main.py' CVE-2013-4510 Arbitrary File Write Vulnerability
2013-11-07
http://www.securityfocus.com/bid/63531

IBM Lotus Quickr for Domino ActiveX Control CVE-2013-3026 Buffer Overflow Vulnerability
2013-11-07
http://www.securityfocus.com/bid/60442

Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2013-11-07
http://www.securityfocus.com/bid/59877

Oracle Java SE CVE-2013-3829 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63120

Oracle Java SE CVE-2013-5772 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63089

Oracle Java SE CVE-2013-5780 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63115

Oracle Java SE CVE-2013-5823 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63110

Oracle Java SE CVE-2013-5825 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63101

Oracle Java SE CVE-2013-5803 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63082

Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63148

Mednafen Remote Code Execution Vulnerability
2013-11-06
http://www.securityfocus.com/bid/43125

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-11-06
http://www.securityfocus.com/bid/61310

Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
2013-11-06
http://www.securityfocus.com/bid/56071

Oracle Java SE CVE-2013-5804 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63149

Oracle Java SE CVE-2013-5809 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63118

Oracle Java SE CVE-2013-5783 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63154

Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63134

Oracle Java SE CVE-2013-5774 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63128

Oracle Java SE CVE-2013-5782 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63103

Oracle Java SE CVE-2013-5790 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63102

Oracle Java SE CVE-2013-5784 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63098

Oracle Java SE CVE-2013-5802 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63135

Oracle Java SE CVE-2013-5830 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63121

Oracle Java SE CVE-2013-5817 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63146

Oracle Java SE CVE-2013-5797 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63095

Oracle Java SE CVE-2013-5814 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63143

Oracle Java SE CVE-2013-5850 Remote Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63153

Exploit

  Microweber 0.905 - Error Based SQL Injection

6.11.2013

Bugtraq

ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. 2013-11-05
Security Alert (Security_Alert emc com)

ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. 2013-11-05
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 2792-1] wireshark security update 2013-11-04
Salvatore Bonaccorso (carnil debian org)

Malware

Generic.bfr!B462945E291E

Generic PUP.x!1C12B4E0AD6F

RDN/Generic Dropper!sb!B17F6FAC8B53

Generic PUP.x!728FEAC7E391

RDN/Generic Dropper!6FFF1DFE7689

RDN/Generic PUP.x!12750D45E39E

RDN/Generic PUP.x!blj!BDE0E2037B5F

Adware-DomaIQ!A512F9C43A7E

Generic.bfr!D90E1EFD51A0

Generic.grp!F1293C9A6903

Generic.bfr!9F75D8A058DC

RDN/Generic BackDoor!up!9B23743D50C6

RDN/Generic PUP.x!blj!424CF6AC6C98

Generic.bfr!A1948E282C95

RDN/Generic PUP.x!blj!93DAC9889833

Generic PUP.x!588441AB83F9

RDN/Downloader.a!ns!FA2CDF5AB8F4

RDN/Generic PUP.x!blj!36CF1D48160C

Generic PUP.x!DB7970219D70

Generic.bfr!8106A60D5826

RDN/Generic PUP.x!blj!A9C1EBF790B6

RDN/Generic PUP.x!blj!1A233016BE04

RDN/Generic Dropper!09162DE05662

Generic.bfr!8EB24FF02BE2

RDN/Generic PUP.x!blj!480D915FC8E5

RDN/Generic PUP.x!blj!65D40DCBEAD1

RDN/Generic PUP.x!blj!62D4BAB61885

RDN/Generic BackDoor!63EA6E71E092

RDN/Generic PUP.x!blj!1AE3A1B57ED9

Adware-DomaIQ!F8615E0D683F

Phishing

Lloyds Bank

5th November 2013

LLOYDS BANK - YOUR ESTATEMENT
IS NOW READY

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey XSLT Processing Denial of Service Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63430

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/60627

Cisco ASA CX Remote Safe Search Policy Security Bypass Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63492

Cisco Prime Central for Hosted Collaboration Solution CVE-2013-5564 Denial of Service Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63490

Mozilla Firefox CVE-2013-5590 Remote Memory Corruption Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63415

X.Org X Server 'dixfonts.c' Use-After-Free Remote Memory Corruption Vulnerability
2013-11-06
http://www.securityfocus.com/bid/62892

GNU glibc Multiple Integer Overflow Vulnerabilities
2013-11-06
http://www.securityfocus.com/bid/62324

Xinetd CVE-2013-4342 Remote Code Execution Vulnerability
2013-11-06
http://www.securityfocus.com/bid/62871

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5601 Remote Memory Corruption Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63428

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5597 Use After Free Memory Corruption Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63422

Mozilla Firefox/Thunderbird/SeaMonkey JavaScript Engine Multiple Buffer Overflow Vulnerabilities
2013-11-06
http://www.securityfocus.com/bid/63421

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5600 Remote Memory Corruption Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63427

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63423

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5602 Remote Memory Corruption Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63424

Network Security Services Uninitialized Data Read Security Vulnerability
2013-11-06
http://www.securityfocus.com/bid/62966

GitLab 'Code Search' Feature CVE-2013-4489 Remote Code Execution Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63505

Xinetd CVE-2012-0862 Security Bypass Vulnerability
2013-11-06
http://www.securityfocus.com/bid/53720

Google Chrome Prior to 16.0.912.75 Multiple Security Vulnerabilities
2013-11-06
http://www.securityfocus.com/bid/51300

Libxml2 Entities Expansion CVE-2013-0338 Denial of Service Vulnerability
2013-11-06
http://www.securityfocus.com/bid/58180

libxml2 Hash Collision Denial Of Service Vulnerability
2013-11-06
http://www.securityfocus.com/bid/52107

Libxml2 Entities Expansion CVE-2013-0339 Denial of Service Vulnerability
2013-11-06
http://www.securityfocus.com/bid/59000

Google Chrome CVE-2013-2877 Out of Bounds Denial of Service Vulnerability
2013-11-06
http://www.securityfocus.com/bid/61050

Google Chrome Prior to 19 Multiple Security Vulnerabilities
2013-11-06
http://www.securityfocus.com/bid/53540

Google Chrome Prior to 23.0.1271.91 Multiple Security Vulnerabilities
2013-11-06
http://www.securityfocus.com/bid/56684

libxml2 CVE-2012-2807 Multiple Integer Overflow Vulnerabilities
2013-11-06
http://www.securityfocus.com/bid/54718

libguestfs CVE-2013-4419 Insecure Temporary Directory Creation Privilege Escalation Vulnerability
2013-11-06
http://www.securityfocus.com/bid/63226

HP Service Manager Multiple Security Vulnerabilities
2013-11-06
http://www.securityfocus.com/bid/63038

phpMyAdmin CVE-2013-5001 Cross Site Scripting Vulnerability
2013-11-06
http://www.securityfocus.com/bid/61919

phpMyAdmin CVE-2013-4996 Multiple Cross Site Scripting Vulnerabilities
2013-11-06
http://www.securityfocus.com/bid/61921

phpMyAdmin CVE-2013-5029 Clickjacking Vulnerability
2013-11-06
http://www.securityfocus.com/bid/61804

Exploit

 

5.11.2013

Bugtraq

[SECURITY] [DSA 2791-1] tryton-client security update 2013-11-04
Florian Weimer (fw deneb enyo de)

XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability 2013-11-04
geinblues gmail com

CSRF Horde Groupware Web mail Edition 2013-11-03
m benetrix e-secure com au

Malware

RDN/Generic PUP.x!bl3!FC0832E73EC3

Generic.dx!98741BBA3062

Generic.dx!DD2BB62DA562

Generic.dx!8545B872D965

RDN/Generic.tfr!ds!D42C0A158CE0

Generic.dx!B88693BFEEC8

RDN/FakeAlert-HDD!c!F760708086D8

Generic.dx!F4AA23688822

RDN/Generic.dx!csz!45628EF46A8B

RDN/Generic.dx!D0088CC5AFA2

RDN/Generic BackDoor!E3C50309E113

RDN/Generic.bfr!fe!8101642C6616

ZeroAccess-FEP!3F35AA99EECF!3F35AA99EECF

RDN/Generic.dx!8EB1A294FF84

RDN/Generic PUP.x!bl3!CC9873B79FEE

RDN/Generic PUP.x!bl3!5B369E55C7EB

Generic.dx!8E5F6735196B

RDN/Generic PUP.x!bl3!1C07F8FC4712

RDN/Generic PUP.x!bl3!4F40D80CD4DB

Generic.dx!73FE6348A690

Generic.dx!6ACDE02F0BCC

Generic.dx!8CB6A60CB626

RDN/Generic Dropper!sb!67E44B5B7152

RDN/Generic BackDoor!un!20E13E1A60C7

RDN/Generic BackDoor!5DF6DC1B23AB

Generic PUP.x!F342F86D37FE

RDN/Generic.bfr!fe!85A894A4F7D6

RDN/Generic.dx!csz!7CFD3C30EFB7

RDN/Generic PUP.x!bl3!F1403E27014F

RDN/Generic PUP.x!bl3!70BB24D83A27

Phishing

Barclays Online Banking

4th November 2013

IMPORTANT ACCOUNT UPDATE

Vulnerebility

phpMyAdmin CVE-2013-5001 Cross Site Scripting Vulnerability
2013-11-05
http://www.securityfocus.com/bid/61919

phpMyAdmin CVE-2013-4996 Multiple Cross Site Scripting Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/61921

phpMyAdmin CVE-2013-5029 Clickjacking Vulnerability
2013-11-05
http://www.securityfocus.com/bid/61804

phpMyAdmin CVE-2013-5003 Multiple SQL Injection Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/61923

phpMyAdmin CVE-2013-5002 Cross Site Scripting Vulnerability
2013-11-05
http://www.securityfocus.com/bid/61516

phpMyAdmin CVE-2013-5000 Multiple Unspecified Full Path Information Disclosure Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/61515

phpMyAdmin 'tbl_gis_visualization.php' Multiple Cross Site Scripting Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/58962

phpMyAdmin CVE-2013-4995 Cross Site Scripting Vulnerability
2013-11-05
http://www.securityfocus.com/bid/61510

phpMyAdmin Multiple Unspecified Cross Site Scripting Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/61511

phpMyAdmin CVE-2013-3238 Multiple Arbitrary PHP Code Execution Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/59460

phpMyAdmin CVE-2013-4999 Multiple Unspecified Full Path Information Disclosure Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/61512

phpMyAdmin 'filename_template' Remote Code Execution Vulnerability
2013-11-05
http://www.securityfocus.com/bid/59465

phpMyAdmin CVE-2013-4998 Multiple Unspecified Full Path Information Disclosure Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/61513

Wireshark NBAP Dissector CVE-2013-6337 Denial of Service Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63504

Wireshark TCP Dissector CVE-2013-6340 Denial of Service Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63500

Wireshark SIP Dissector CVE-2013-6338 Denial of Service Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63502

Wireshark IEEE 802.15.4 Dissector CVE-2013-6336 Denial of Service Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63503

Boehm GC malloc()' and 'calloc()' Multiple Buffer Overflow Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/54227

Linux Kernel AACRAID Driver Local Security Bypass Vulnerability
2013-11-05
http://www.securityfocus.com/bid/25216

Drupal Bean Module Cross Site Scripting Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63307

Drupal Spaces Module Access Bypass Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63305

Drupal FileField Sources Module Access Bypass Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63446

Drupal Feed Element Mapper Module Cross Site Scripting Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63447

Drupal Monster Menus Module Access Bypass Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63450

WordPress AREA53 Theme 'php.php' Arbitrary File Upload Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63306

Apache Struts Multiple Cross Site Scripting Vulnerabilities
2013-11-05
http://www.securityfocus.com/bid/63403

GraphicsMagick 'ExportAlphaQuantumType()' Function Denial Of Service Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63002

Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63105

Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63109

Mozilla Firefox CVE-2013-5591 Remote Memory Corruption Vulnerability
2013-11-05
http://www.securityfocus.com/bid/63417

Exploit

 

4.11.2013

Bugtraq

[SECURITY] [DSA 2791-1] tryton-client security update 2013-11-04
Florian Weimer (fw deneb enyo de)

XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability 2013-11-04
geinblues gmail com

CSRF Horde Groupware Web mail Edition 2013-11-03
m benetrix e-secure com au

XSS and CSRF Horde Groupware Web mail Edition 2013-11-03
m benetrix e-secure com au

[slackware-security] mozilla-thunderbird (SSA:2013-307-01) 2013-11-03
Slackware Security Team (security slackware com)

[SECURITY] [DSA 2790-1] nss security update 2013-11-02
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) 2013-11-01
security-alert hp com

pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities 2013-11-01
Vulnerability Lab (research vulnerability-lab com)

[security bulletin] HPSBMU02934 rev.1 - HP Application LifeCycle Management, GossipService SOAP Request, Remote Code Execution 2013-10-31
security-alert hp com

[security bulletin] HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generator, Remote Code Execution 2013-10-31
security-alert hp com

[security bulletin] HPSBMU02932 rev.1 - HP Application LifeCycle Management, ALM client component, Remote Execution of Arbitrary Code 2013-10-31
security-alert hp com

[security bulletin] HPSBMU02872 SSRT101185 rev.3 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) 2013-10-31
security-alert hp com

[security bulletin] HPSBMU02874 SSRT101184 rev.2 - HP Service Manager, Java Runtime Environment (JRE) Security Update 2013-10-31
security-alert hp com

[SECURITY] [DSA 2789-1] strongswan security update 2013-11-01
Yves-Alexis Perez (corsac debian org)

[security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution 2013-10-31
security-alert hp com

[ MDVSA-2013:264 ] firefox 2013-10-31
security mandriva com

[SECURITY] [DSA 2788-1] iceweasel security update 2013-10-31
Raphael Geissert (geissert debian org)

nullcon Goa V First Speaker list and CFP closes soon 2013-10-30
nullcon (nullcon nullcon net)

[CVE-2013-4484] DoS vulnerability in Varnish HTTP cache 2013-10-30
Poul-Henning Kamp (phk critter freebsd dk)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers 2013-10-30
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Unicorn Router WB-3300NR CSRF (Factory Reset/DNS Change) 2013-10-30
jsibley1 gmail com

ESA-2013-074: EMC Unisphere for VMAX Information Disclosure Vulnerability 2013-10-29
Security Alert (Security_Alert emc com)

Apache PHP Remote Exploit - apache-magika.c 2013-10-29
king cope (isowarez isowarez isowarez googlemail com)

[ MDVSA-2013:263 ] roundcubemail 2013-10-29
security mandriva com

Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability 2013-10-29
Vulnerability Lab (research vulnerability-lab com)

GTX CMS 2013 Optima - Multiple Web Vulnerabilities 2013-10-29
Vulnerability Lab (research vulnerability-lab com)

ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability 2013-10-29
Security Alert (Security_Alert emc com)

CVE-2013-5694 Blind SQL Injection in Ops View 2013-10-28
J. Oquendo (sil e-fensive net)

[PSA-2013-1022-1] Microsoft Silverlight Invalid Typecast / MemoryDisclosure 2013-10-28
bugtraq packetstormsecurity org

[ MDVSA-2013:262 ] python-pycrypto 2013-10-28
security mandriva com

Malware

RDN/Generic PUP.x!blb!1EAE0215A9B5

RDN/Generic PUP.x!blb!9BEE69EEAA04

RDN/Generic PUP.x!blb!6E834D32306F

RDN/Generic PUP.x!blb!E3F639630ACF

RDN/Generic PUP.x!blb!B63D9B0007C6

RDN/Generic PUP.x!blb!2CF527613B15

RDN/Generic PUP.x!blb!7EAAE09DE0FD

RDN/Generic PUP.x!blb!80689356CB71

RDN/Generic PUP.x!blb!3C477439E60E

Obfuscated-FBU!hb!998033B580F3

RDN/Downloader.a!ns!067FF7CE287B

RDN/Generic PUP.x!blb!CA421ED18155

RDN/Generic PUP.x!blb!3300290DBC9D

Generic PUP.x!2B943C89E842

RDN/Ransom!dt!734B7D5F16C5

Obfuscated-FBU!hb!E5E8FD27DF0F

Generic PUP.x!EC65561604F1

Generic PUP.x!4A6DA042F23C

Generic PUP.x!08C7F8DDBD07

RDN/Generic PUP.x!blb!4814D2CE8B2C

RDN/Generic PUP.x!blb!4DD4C644829F

RDN/Generic PUP.x!B3710883954F

RDN/Generic PUP.x!blb!24A43FFC641E

Generic PUP.x!CA9C280CDD3B

RDN/Generic PUP.x!blb!18073AE75664

RDN/Generic PUP.x!blb!F17737F85DD0

RDN/Generic PUP.x!blb!63261801573C

RDN/Generic PUP.x!blb!17FD0E427645

RDN/Generic PUP.x!blb!B53F4A54DA72

RDN/Generic PUP.x!blb!E872649AFA79

Phishing

Barclays Bank PLC

1st November 2013

BARCLAYS: We are unable to
process your new statement.

Lloyds PLC

1st November 2013

Important information: Your
account maintenance

Vulnerebility

Network Security Services Uninitialized Data Read Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/62966

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5597 Use After Free Memory Corruption Vulnerability
2013-11-04
http://www.securityfocus.com/bid/63422

Mozilla Firefox/Thunderbird/SeaMonkey JavaScript Engine Multiple Buffer Overflow Vulnerabilities
2013-11-04
http://www.securityfocus.com/bid/63421

Mozilla Firefox CVE-2013-5592 Remote Memory Corruption Vulnerability
2013-11-04
http://www.securityfocus.com/bid/63418

Mozilla Firefox CVE-2013-5590 Remote Memory Corruption Vulnerability
2013-11-04
http://www.securityfocus.com/bid/63415

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5600 Remote Memory Corruption Vulnerability
2013-11-04
http://www.securityfocus.com/bid/63427

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2013-11-04
http://www.securityfocus.com/bid/63423

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5601 Remote Memory Corruption Vulnerability
2013-11-04
http://www.securityfocus.com/bid/63428

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5602 Remote Memory Corruption Vulnerability
2013-11-04
http://www.securityfocus.com/bid/63424

Mozilla Firefox/Thunderbird/SeaMonkey XSLT Processing Denial of Service Vulnerability
2013-11-04
http://www.securityfocus.com/bid/63430

Oracle Java SE CVE-2012-4301 JavaFX Remote Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57684

Oracle Java SE CVE-2013-1474 JavaFX Remote Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57690

Oracle Java SE CVE-2013-0448 Remote Java Runtime Environment Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57723

Oracle Java SE CVE-2013-0426 Remote Java Runtime Environment Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57711

Oracle Java SE CVE-2013-0419 Java Runtime Environment Remote Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57714

HP Service Manager CVE-2013-2321 Unspecified Cross Site Scripting Vulnerability
2013-11-04
http://www.securityfocus.com/bid/59586

HP Service Manager CVE-2012-5222 Unspecified Information Disclosure Vulnerability
2013-11-04
http://www.securityfocus.com/bid/59587

Apache Struts CVE-2013-4316 Remote Code Execution Vulnerability
2013-11-04
http://www.securityfocus.com/bid/62587

Oracle Java SE CVE-2013-0439 Remote JavaFX Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57725

Oracle Java SE CVE-2013-0429 Remote Java Runtime Environment Remote Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57710

Oracle Java SE CVE-2013-1489 Unsigned Java Code Security Bypass Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57707

Oracle Java SE CVE-2013-1479 Remote Code Execution Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57706

Oracle Java SE CVE-2013-0449 Java Runtime Environment Remote Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57704

Oracle Java SE CVE-2013-1472 JavaFX Remote Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57683

Oracle Java SE CVE-2013-1482 JavaFX Remote Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57688

Oracle Java SE CVE-2013-1475 Remote Java Runtime Environment Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57694

Oracle Java SE CVE-2013-1485 Security Bypass Vulnerability
2013-11-04
http://www.securityfocus.com/bid/58028

Oracle Java SE CVE-2013-1484 Remote Java Runtime Environment Vulnerability
2013-11-04
http://www.securityfocus.com/bid/58027

Oracle Java SE CVE-2013-1477 JavaFX Remote Security Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57685

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
2013-11-04
http://www.securityfocus.com/bid/57702

Exploit

 

16.10.2013

Bugtraq

[security bulletin] HPSBMU02931 rev.1 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) 2013-10-15
security-alert hp com

ZAPms v1.42 CMS - Client Side Cross Site Scripting Web Vulnerability 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] 2013-10-15
xys3c team (security xysec com)

DornCMS Application v1.4 - Multiple Web Vulnerabilities 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #105 MOS - Multiple Persistent Print Layout Vulnerabilities 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20131015-0 :: Multiple vulnerabilities in SpamTitan 2013-10-15
SEC Consult Vulnerability Lab (research sec-consult com)

OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability 2013-10-15
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] gnupg2 (SSA:2013-287-02) 2013-10-15
Slackware Security Team (security slackware com)

Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] 2013-10-15
xys3c team (security xysec com)

Critical vulnerabilities discovered in Gazelle and TBDEV.net 2013-10-15
Bogdan Calin (bogdan acunetix com)

[slackware-security] xorg-server (SSA:2013-287-05) 2013-10-15
Slackware Security Team (security slackware com)

[slackware-security] gnupg (SSA:2013-287-01) 2013-10-15
Slackware Security Team (security slackware com)

[slackware-security] gnutls (SSA:2013-287-03) 2013-10-15
Slackware Security Team (security slackware com)

Malware

Generic.bfr!72544520E3D7

RDN/Generic.bfr!3FAF57D97032

RDN/Generic PUP.x!bjp!1D202392AE64

Generic.bfr!767A2E3CAE2E

Generic PUP.x!48D5CC57BEBA

RDN/tdss!g!653022E052EF

RDN/Downloader.a!no!64CC6241697A

Generic PUP.x!3CBA5EF3100E

Generic PUP.x!C798364E6977

Generic PUP.x!F64278513094

Generic PUP.x!5AE196DFC552

RDN/Generic.bfr!ff!10CD9BB7910C

Generic PUP.x!7D8467B9C633

Generic PUP.x!773B01FB2288

Generic Downloader.x!6A636C479E5C

Generic Dropper!3C0AB53B40C0

RDN/Vundo!dn!739427798F28

Generic Downloader.x!7618C9BF742E

Generic PUP.x!3A8379A97EF4

Generic Downloader.x!5C49B60103AD

Generic Downloader.x!5F5D670046C9

Generic PUP.x!1FA321E8BAC6

Generic.bfr!A2ACFBE325EB

RDN/Generic PUP.x!CDDC97B36F57

Generic.bfr!8B8B3F5CB6C9

Generic.bfr!9520EA4BD054

RDN/Generic PUP.x!507B00718F88

RDN/Generic Dropper!361700950512

Generic PUP.x!5E54A9EEECA7

Generic.bfr!3C173F325D6C

Phishing

Barclays Bank Plc

16th October 2013

ACCOUNT SUSPENDED !

Chase Online

14th October 2013

1 NEW CHASE BANK UPDATE

Barclays Online Banking

14th October 2013

YOUR ACCOUNT HAS BEEN
SUSPENDED

Vulnerebility

Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
2013-10-16
http://www.securityfocus.com/bid/61189

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-10-16
http://www.securityfocus.com/bid/57778

Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
2013-10-16
http://www.securityfocus.com/bid/60846

Baramundi Management Suite CVE-2013-3624 Information Disclosure Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62756

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-10-16
http://www.securityfocus.com/bid/61310

Multiple Cisco Products CVE-2013-0149 Remote Security Bypass Vulnerability
2013-10-16
http://www.securityfocus.com/bid/61566

Oracle VM VirtualBox 'tracepath' Local Denial of Service Vulnerability
2013-10-16
http://www.securityfocus.com/bid/60794

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
2013-10-16
http://www.securityfocus.com/bid/49778

QEMU CVE-2013-4344 Remote Buffer Overflow Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62773

QEMU CVE-2013-4377 Denial of Service Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62682

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62857

SafeNet Privilege 'PrivAgent.ocx' ActiveX Controls Multiple Buffer Overflow Vulnerabilities
2013-10-16
http://www.securityfocus.com/bid/56297

GnuTLS TLS And DTLS Information Disclosure Vulnerability
2013-10-16
http://www.securityfocus.com/bid/57736

GnuTLS CVE-2013-2116 Out of Bounds Denial of Service Vulnerability
2013-10-16
http://www.securityfocus.com/bid/60215

GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
2013-10-16
http://www.securityfocus.com/bid/50609

GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
2013-10-16
http://www.securityfocus.com/bid/52667

GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
2013-10-16
http://www.securityfocus.com/bid/52668

Little CMS Multiple Remote Buffer Overflow Vulnerabilities
2013-10-16
http://www.securityfocus.com/bid/61607

ShoreTel ShoreWare Director Remote Security Bypass Vulnerability
2013-10-16
http://www.securityfocus.com/bid/63019

jQuery 'location.hash' Cross Site Scripting Vulnerability
2013-10-16
http://www.securityfocus.com/bid/58458

X.Org X Server 'dixfonts.c' Use-After-Free Remote Memory Corruption Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62892

Microsoft Internet Explorer CVE-2013-3897 Memory Corruption Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62811

ZABBIX API and Frontend CVE-2013-5743 Multiple SQL Injection Vulnerabilities
2013-10-16
http://www.securityfocus.com/bid/62794

Cisco Unified Computing System CVE-2012-4107 Local Arbitrary Command Execution Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62983

HP Data Protector CVE-2013-2333 Remote Code Execution Vulnerability
2013-10-16
http://www.securityfocus.com/bid/60309

Cisco Unified Computing System CVE-2012-4105 Local Denial of Service Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62980

Cisco Unified Computing System CVE-2012-4106 Local Privilege Escalation Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62981

osCommerce 'products_id' Parameter HTML Injection Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62997

Bilboplanet 'index.php' Multiple Cross-Site Scripting Vulnerabilities
2013-10-16
http://www.securityfocus.com/bid/62988

BilboPlanet 'auth.php' SQL Injection Vulnerability
2013-10-16
http://www.securityfocus.com/bid/62989

Exploit

  Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability

  Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)

  Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection

  Zabbix 2.0.8 SQL Injection and Remote Code Execution

  My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities

  OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability

  UbiDisk File Manager v2.0 iOS - Multiple Web Vulnerabilities

15.10.2013

Bugtraq

[SECURITY] [DSA 2779-1] libxml2 security update 2013-10-13
Michael Gilbert (mgilbert debian org)

[CISTI'2014]: Call for Workshops 2013-10-13
Maria Lemos (marialemos72 gmail com)

CFP: Passwords^13 Bergen (Norway), December 2-3 2013 2013-10-13
Per Thorsheim (per thorsheim net)

Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities 2013-10-12
jsibley1 gmail com

[SECURITY] [DSA 2778-1] libapache2-mod-fcgid security update 2013-10-11
Salvatore Bonaccorso (carnil debian org)

Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities 2013-10-11
jsibley1 gmail com

[SECURITY] [DSA 2777-1] systemd security update 2013-10-11
Moritz Muehlenhoff (jmm debian org)

Malware

W32/Expiro!48202E3E1D54

RDN/Generic PUP.x!27C24D2D0DF5

RDN/Generic PUP.x!C777401E264F

RDN/Generic PUP.x!9B4E9DCB3310

RDN/Generic BackDoor!tz!717B19B55E87

Generic PUP.x!9023B4F21A95

W32/Expiro!446BD8C94E08

W32/Expiro!37DD3809CAE3

Generic PUP.x!88F036BF1B5E

RDN/Generic PUP.x!13ACB0DCE451

W32/Expiro!39D135ACF0B9

W32/Expiro!019889A3221B

W32/Expiro!3CE238F0DAA4

RDN/PWS-Mmorpg!kf!49885B30AA52

RDN/Autorun.bfr!d!82A40A023BAC

Generic Dropper!3BAE8EF5259C

Generic.bfr!69664B6FC0E1

RDN/Generic.dx!crz!C7B20C943319

Generic.bfr!A5E3A676D6B7

RDN/Generic.dx!crz!472FE3D51BF4

Generic PUP.x!E0414047AD3B

RDN/Generic Downloader.x!iq!3A082B0C1285

W32/Expiro!358AC84DE951

RDN/PWS-Mmorpg!kf!455F46F1068B

RDN/Generic PUP.x!bj3!9F23F98C7D4C

RDN/Generic PUP.x!bj3!BE676240A5AB

W32/Expiro!2F99581EF072

RDN/Generic PUP.x!bj3!B922A101D3B0

RDN/Generic.bfr!fd!62B1A86DC617

RDN/Generic PUP.x!bj3!AD3BE9B3FC72

Phishing

Chase Online

14th October 2013

1 NEW CHASE BANK UPDATE

Barclays Online Banking

14th October 2013

YOUR ACCOUNT HAS BEEN
SUSPENDED

NatWest - Management Team

13th October 2013

Your are locked out of NatWest
Online Banking

National

13th October 2013

Service Information

Barclays Online Banking

13th October 2013

Your account has been
suspended

Vulnerebility

jQuery 'location.hash' Cross Site Scripting Vulnerability
2013-10-15
http://www.securityfocus.com/bid/58458

X.Org X Server 'dixfonts.c' Use-After-Free Remote Memory Corruption Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62892

Microsoft Internet Explorer CVE-2013-3897 Memory Corruption Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62811

ZABBIX API and Frontend CVE-2013-5743 Multiple SQL Injection Vulnerabilities
2013-10-15
http://www.securityfocus.com/bid/62794

Cisco Unified Computing System CVE-2012-4107 Local Arbitrary Command Execution Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62983

HP Data Protector CVE-2013-2333 Remote Code Execution Vulnerability
2013-10-15
http://www.securityfocus.com/bid/60309

Cisco Unified Computing System CVE-2012-4105 Local Denial of Service Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62980

Cisco Unified Computing System CVE-2012-4106 Local Privilege Escalation Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62981

osCommerce 'products_id' Parameter HTML Injection Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62997

Bilboplanet 'index.php' Multiple Cross-Site Scripting Vulnerabilities
2013-10-15
http://www.securityfocus.com/bid/62988

BilboPlanet 'auth.php' SQL Injection Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62989

Linux Kernel CVE-2013-4387 Memory Corruption Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62696

Cisco Unified Computing System CVE-2012-4108 Local Command Injection Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62979

Network Security Services Uninitialized Data Read Security Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62966

Apache 'mod_fcgid' Module CVE-2013-4365 Heap Buffer Overflow Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62939

PolarSSL RSA Private Key Recovery Security Bypass Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62771

Zabbix 'cURL' API Security Bypass Vulnerability
2013-10-15
http://www.securityfocus.com/bid/57103

QEMU CVE-2013-4344 Remote Buffer Overflow Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62773

Xen CVE-2013-4361 Information Disclosure Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62710

Xen CVE-2013-4355 Information Disclosure Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62708

Xen CVE-2013-4356 Local Memory Access Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62709

GLPI Multiple PHP Code Execution and SQL Injection Vulnerabilities
2013-10-15
http://www.securityfocus.com/bid/62515

libvirt 'virFileNBDDeviceAssociate()' Remote Denial of Service Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62576

libvirt CVE-2013-4311 Local Security Bypass Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62508

libvirt 'remoteDispatchDomainMemoryStats()' Denial of Service Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62510

Ubuntu 'rtkit' Package CVE-2013-4326 Local Security Bypass Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62505

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62857

International Components for Unicode Use After Free Remote Code Execution Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62968

Xinetd CVE-2013-4342 Remote Code Execution Vulnerability
2013-10-15
http://www.securityfocus.com/bid/62871

Google Chrome CVE-2013-2877 Out of Bounds Denial of Service Vulnerability
2013-10-15
http://www.securityfocus.com/bid/61050

Exploit

  Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow

  HP Data Protector Cell Request Service Buffer Overflow

  MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free

  Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow

  Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)

  Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection

  Zabbix 2.0.8 SQL Injection and Remote Code Execution

14.10.2013

Bugtraq

Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities 2013-10-11
jsibley1 gmail com

[SECURITY] [DSA 2777-1] systemd security update 2013-10-11
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2776-1] drupal6 security update 2013-10-11
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2773-1] gnupg security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information 2013-10-10
security-alert hp com

[SECURITY] [DSA 2774-1] gnupg security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[ MDVSA-2013:249 ] libraw 2013-10-10
security mandriva com

[ MDVSA-2013:247 ] gnupg 2013-10-10
security mandriva com

[SECURITY] [DSA 2772-1] typo3-src security update 2013-10-10
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic PUP.x!bjm!4DFDCD71965A

RDN/Generic.dx!32EC7F8233A3

Generic PUP.x!88E3BD680FCB

RDN/Ransom!ds!8A873860FF9A

RDN/Generic PUP.x!bjm!4E43D774C052

RDN/Generic PUP.x!bjm!4FCAF4110CCB

Generic PUP.x!8D883982307C

Generic.bfr!4FB8FFDCEE2F

RDN/FakeAV-Z.bfr!d!59EB2F8AC970

Generic PUP.x!0940D347A235

RDN/Generic PUP.x!bjm!4F0F4FE6435E

Generic PUP.x!B693C393C8BB

Generic PUP.x!806A31EEE3C4

Generic PUP.x!4DE8E53966E6

RDN/Generic PUP.x!bjm!4FA9C3BCA370

RDN/Generic.bfr!fd!1C215DE11F77

RDN/Generic PWS.y!vc!916C0EF0726E

Generic.tfr!747E7F02977A

Generic PUP.x!F83C8B240183

HideWindow!DFE11A8627BA

Generic PUP.x!585689460B5E

Generic PUP.x!078773D1C0FA

Generic PUP.x!6F3292E5A3AD

Generic PUP.x!790DFEC30CB1

RDN/Generic PUP.x!bjm!4D61BCB3C72D

Generic.bfr!4DAEDFE94732

Generic PUP.x!4E9D5A2A38FF

RDN/Generic.bfr!fd!653B026E2866

RDN/Generic.tfr!DF465FA18205

Generic PUP.x!EF3CB60F07BE

Phishing

NatWest - Management Team

13th October 2013

Your are locked out of NatWest
Online Banking

National

13th October 2013

Service Information

Barclays Online Banking

13th October 2013

Your account has been
suspended

NatWest - Online Banking

13th October 2013

ONLINE BANKING : VIEW BALANCES
charset=iso-8859-1">

BT Yahoo!

12th October 2013

E-mail Update

J.P. Morgan Chase & Co.

12th October 2013

November Order

PayPal

11th October 2013

Notification of Limited
Account Access

Vulnerebility

Cisco Unified Communications Manager CVE-2013-5528 Directory Traversal Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62960

Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62944

Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62943

GNU libc glob(3) 'GLOB_LIMIT' Remote Denial of Service Vulnerability
2013-10-14
http://www.securityfocus.com/bid/43819

Microsoft Windows OpenType Font Parsing CVE-2013-3128 Remote Code Execution Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62819

Ubuntu 'systemd' Package CVE-2013-4327 Local Security Bypass Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62503

systemd X Keyboard Extension Processing Local Privilege Escalation Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62744

systemd 'journald-native.c' Remote Integer Overflow Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62739

Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities
2013-10-14
http://www.securityfocus.com/bid/56993

Drupal Core Multiple Access Bypass and Cross Site Scripting Vulnerabilities
2013-10-14
http://www.securityfocus.com/bid/57437

Drupal Core Multiple Security Vulnerabilities
2013-10-14
http://www.securityfocus.com/bid/51822

Django 'is_safe_url()' Function Cross Site Scripting Vulnerability
2013-10-14
http://www.securityfocus.com/bid/61777

Google Chrome Cookie Verification Denial of Service Vulnerability
2013-10-14
http://www.securityfocus.com/bid/58857

Google Chrome Prior to 30.0.1599.66 Multiple Security Vulnerabilities
2013-10-14
http://www.securityfocus.com/bid/62752

Citrix NetScaler Application Delivery Controller Denial of Service Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62788

Symantec Backup Exec CVE-2013-4677 Local Insecure File Permissions Vulnerability
2013-10-14
http://www.securityfocus.com/bid/61487

Symantec Backup Exec CVE-2013-4678 Information Disclosure Vulnerability
2013-10-14
http://www.securityfocus.com/bid/61488

Symantec Backup Exec CVE-2013-4676 Multiple Cross Site Scripting Vulnerabilities
2013-10-14
http://www.securityfocus.com/bid/61486

Microsoft Internet Explorer CVE-2013-3897 Memory Corruption Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62811

Symantec Backup Exec CVE-2013-4575 Remote Heap Buffer Overflow Vulnerability
2013-10-14
http://www.securityfocus.com/bid/61485

Microsoft Internet Explorer CVE-2013-3893 Memory Corruption Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62453

FOSCAM IP-Cameras CVE-2013-2574 Unauthorized Access Vulnerabilities
2013-10-14
http://www.securityfocus.com/bid/61415

Foscam Prior to 11.37.2.49 Directory Traversal Vulnerability
2013-10-14
http://www.securityfocus.com/bid/58290

GnuPG Key Flags Subpacket Security Bypass Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62921

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62857

Qt PostgreSQL Driver SQL Injection Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62923

libtar 'th_read()' Function Multiple Heap Buffer Overflow Vulnerabilities
2013-10-14
http://www.securityfocus.com/bid/62922

XHProf 'run' Parameter Cross Site Scripting Vulnerability
2013-10-14
http://www.securityfocus.com/bid/62928

Quagga CVE-2013-2236 Stack Buffer Overflow Vulnerability
2013-10-14
http://www.securityfocus.com/bid/60955

Quagga Multiple Remote Security Vulnerabilities
2013-10-14
http://www.securityfocus.com/bid/52531

Exploit

VMware Hyperic HQ Groovy Script-Console Java Execution  

Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities

  Android Zygote Socket Vulnerability Fork bomb Attack

  Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH

11.10.2013

Bugtraq

[SECURITY] [DSA 2773-1] gnupg security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information 2013-10-10
security-alert hp com

[SECURITY] [DSA 2774-1] gnupg security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[ MDVSA-2013:249 ] libraw 2013-10-10
security mandriva com

[ MDVSA-2013:247 ] gnupg 2013-10-10
security mandriva com

[SECURITY] [DSA 2772-1] typo3-src security update 2013-10-10
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2013:248 ] xinetd 2013-10-10
security mandriva com

[SECURITY] [DSA 2775-1] ejabberd security update 2013-10-10
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 2771-1] nas security update 2013-10-09
Moritz Muehlenhoff (jmm debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software 2013-10-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2013-10-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 2770-1] torque security update 2013-10-09
Salvatore Bonaccorso (carnil debian org)

Malware

Generic.dx!5BF53B3ED33F

RDN/PWS-Banker!9894A2B76863

Generic.dx!96223CE65980

RDN/Generic.bfr!fd!174D03480E28

RDN/Generic Downloader.x!ip!8831F696BEDD

RDN/Generic PUP.x!bjg!0DEB4D9F1D70

RDN/Generic PUP.x!bjg!79CF8C2ECFDD

RDN/Generic PUP.x!bjg!9DA2C6FDFECE

RDN/Generic.dx!835A41FD5785

RDN/Generic PUP.x!bjg!48D2CAD65FFC

Generic.dx!F984E3D66E0A

RDN/Generic PUP.x!bjg!7128DAD0D8B6

RDN/Generic PUP.x!CCF2F6590762

Generic Dropper!C649EC4298EA

Generic.dx!D31D80FBC52C

RDN/Generic PUP.x!AEB416905491

RDN/Generic PUP.x!042964BCB075

RDN/Generic PUP.x!11F7C19BC42D

RDN/Generic PUP.x!087B4775B296

RDN/Generic.grp!gb!0EE92F3E8DBF

RDN/Generic Dropper!rt!61BEDA547910

Generic.dx!173F764C8B23

RDN/FakeAV-N.bfr!417F99DD689D

Generic.dx!BE230D5A3B5F

Generic.dx!1C3270A96EEA

Generic.dx!0B4F96644D0F

Generic.dx!CACC25AD190F

Generic.dx!3DF1CDD58B3F

Generic.dx!D683F17C660A

Generic.dx!1D46C2DB00BF

Phishing

Natwest

10th October 2013

Your NatWest Card Important
Notification

Barclays Bank Plc

10th October 2013

ACCOUNT SUSPENDED !

PayPal

10th October 2013

Your PayPal account is limited
- take action now

Chase Online

10th October 2013

1 NEW CHASE BANK UPDATE

PayPal

9th October 2013

Update your account
information

Barclays Bank PLC

9th October 2013

New Security Notice On Your
Barclays Account

Vulnerebility

libtar 'th_read()' Function Multiple Heap Buffer Overflow Vulnerabilities
2013-10-11
http://www.securityfocus.com/bid/62922

XHProf 'run' Parameter Cross Site Scripting Vulnerability
2013-10-11
http://www.securityfocus.com/bid/62928

Quagga CVE-2013-2236 Stack Buffer Overflow Vulnerability
2013-10-11
http://www.securityfocus.com/bid/60955

Quagga Multiple Remote Security Vulnerabilities
2013-10-11
http://www.securityfocus.com/bid/52531

PolarSSL RSA Private Key Recovery Security Bypass Vulnerability
2013-10-11
http://www.securityfocus.com/bid/62771

Quagga bgpd 'bgp_capability_orf()' BGP OPEN Message Remote Denial Of Service Vulnerability
2013-10-11
http://www.securityfocus.com/bid/53775

OpenJPEG Heap Based Buffer Overflow Vulnerability
2013-10-11
http://www.securityfocus.com/bid/54373

OpenJPEG Heap Based Buffer Overflow Vulnerability
2013-10-11
http://www.securityfocus.com/bid/55214

OpenJPEG Gray16 TIFF Image File Memory Corruption Vulnerability
2013-10-11
http://www.securityfocus.com/bid/53012

Python 'setuptools' Man in The Middle Vulnerability
2013-10-11
http://www.securityfocus.com/bid/61827

WordPress Audio Player Plugin 'playerID' Parameter Cross Site Scripting Vulnerability
2013-10-11
http://www.securityfocus.com/bid/57848

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
2013-10-11
http://www.securityfocus.com/bid/60659

Oracle Java SE CVE-2013-3743 Remote Security Vulnerability
2013-10-11
http://www.securityfocus.com/bid/60626

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60646

Oracle Java SE CVE-2013-2455 Remote Code Execution Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60619

Oracle Java SE CVE-2013-2437 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60636

Oracle Java SE CVE-2013-2449 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60622

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60655

SolarWinds Server and Application Monitor 'Pepco32c.ocx' ActiveX Overflow Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62585

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2468 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60637

Oracle Java SE CVE-2013-2466 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60624

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60647

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60631

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60657

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2454 Remote Security Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60650

Exploit

  Indusoft Thin Client 7.1 ActiveX - Buffer Overflow

  Linksys WRT110 Remote Command Execution

  Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection

  ONO Hitron CDE-30364 Router - Denial Of Service

  ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow PoC

10.10.2013

Bugtraq

[SECURITY] [DSA 2771-1] nas security update 2013-10-09
Moritz Muehlenhoff (jmm debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software 2013-10-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2013-10-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[SECURITY] [DSA 2770-1] torque security update 2013-10-09
Salvatore Bonaccorso (carnil debian org)

[ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in BoltWire <= v3.5 2013-10-09
ISecAuditors Security Advisories (advisories isecauditors com)

[ISecAuditors Security Advisories] Multiple Vulnerabilities in Uebimiau <= 2.7.11 2013-10-09
ISecAuditors Security Advisories (advisories isecauditors com)

Cross-Site Scripting (XSS) in Feng Office 2013-10-09
High-Tech Bridge Security Research (advisory htbridge com)

[security bulletin] HPSBGN02930 rev.1 - HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module, Remote Authentication Bypass, Disclosure of Information, Unauthorized Access, SQL Injection 2013-10-08
security-alert hp com

[security bulletin] HPSBGN02929 rev.1 - HP Intelligent Management Center (iMC), HP IMC Branch Intelligent Management System Software Module (BIMS), and Comware Based Switches and Routers, Remote Code Execution, Disclosure of Information 2013-10-08
security-alert hp com

Malware

Generic.bfr!E2BEC9BA4925

RDN/Generic Downloader.x!ip!BB21298A0C3D

Generic.bfr!984720583207

RDN/Generic PUP.x!bj3!A7BB265A9AB0

RDN/Generic.dx!crt!00888DF918E7

Generic.bfr!239FA089C74E

Generic.bfr!0B39CF050437

Generic.bfr!47D1B9933C02

RDN/Generic PUP.z!25DBD5068BF6

Generic.bfr!1E484E50C9EC

Generic.bfr!9DD17993B503

RDN/Generic PUP.x!bj3!2C53A1BF580E

RDN/Generic PUP.x!bj3!626BA04C5D45

RDN/Generic PUP.x!bj3!91B05A5AE681

Downloader.gen.a!320453D0153B

Downloader.gen.a!0BB0F0355148

RDN/Generic PUP.x!bj3!B6E0947D9B3B

Generic PUP.x!59AF78C79249

RDN/Generic PUP.x!bj3!B5187901387F

RDN/Generic PUP.x!bj3!336B290AB3AD

RDN/Generic PUP.x!bj3!C743E7FFA27E

RDN/Generic PUP.x!bj3!FA1C73815784

RDN/Generic PUP.x!bj3!9383B06B5940

RDN/Generic PWS.y!va!73CA2C3EA510

RDN/Generic PUP.x!bj3!582D5376FC3C

Generic.bfr!0E519D55CA27

Generic.bfr!44762CD4A5AD

RDN/Generic.grp!6441CC82087E

RDN/Generic.bfr!292971527B03

RDN/Generic PUP.x!9AA2AD8F1667

Phishing

Chase Online

10th October 2013

1 NEW CHASE BANK UPDATE

PayPal

9th October 2013

Update your account
information

Barclays Bank PLC

9th October 2013

New Security Notice On Your
Barclays Account

Chase

8th October 2013

1 NEW CHASE BANK ACCOUNT ALERT

Vulnerebility

Cisco IOS CVE-2013-5499 Remote Denial of Service Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62866

Cisco NX-OS CVE-2012-4077 Local Arbitrary Command Execution Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62849

Cisco Identity Services Engine CVE-2013-5524 Cross Site Scripting Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62870

Cisco Identity Services Engine CVE-2013-5525 SQL Injection Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62799

Cisco Identity Services Engine CVE-2013-5523 Cross Frame Scripting Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62869

Cisco Unified Computing System CVE-2012-4084 Cross Site Request Forgery Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62851

systemd 'journald-native.c' Remote Integer Overflow Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62739

systemd X Keyboard Extension Processing Local Privilege Escalation Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62744

systemd Race Condition Local Privilege Escalation Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62738

systemd 'journald' Functionality Local Denial of Service Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62742

Cisco NX-OS 'file name' Parameter Arbitrary File Write Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62839

Cisco NX-OS CVE-2012-4121 Arbitrary File Access Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62846

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62857

Cyrus SASL Library CVE-2013-4122 NULL Pointer Dereference Denial of Service Vulnerability
2013-10-10
http://www.securityfocus.com/bid/61164

Xen CVE-2013-1442 Information Disclosure Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62630

HP Linux Imaging and Printing System polkit Local Security Bypass Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62499

RubyGems Wicked Arbitrary File Access Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62891

SLiM NULL Pointer Dereference Denial of Service Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62906

Network Audio System CVE-2013-4258 Format String Vulnerability
2013-10-10
http://www.securityfocus.com/bid/61852

Network Audio System CVE-2013-4257 Heap Buffer Overflow Vulnerability
2013-10-10
http://www.securityfocus.com/bid/61843

Network Audio System CVE-2013-4256 Multiple Buffer Overflow Vulnerabilities
2013-10-10
http://www.securityfocus.com/bid/61848

Telaen CVE-2013-2623 Cross Site Scripting Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60288

Telaen CVE-2013-2621 Open Redirection Vulnerability
2013-10-10
http://www.securityfocus.com/bid/60290

Torque CVE-2013-4319 Remote Arbitrary Code Execution Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62273

GNU glibc Multiple Integer Overflow Vulnerabilities
2013-10-10
http://www.securityfocus.com/bid/62324

Feng Office 'index.php' Cross Site Scripting Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62591

Microsoft Internet Explorer CVE-2013-3874 Memory Corruption Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62805

Microsoft Internet Explorer CVE-2013-3873 Memory Corruption Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62804

Microsoft Internet Explorer CVE-2013-3872 Memory Corruption Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62803

Microsoft Windows TrueType Font CMAP Table CVE-2013-3894 Remote Code Execution Vulnerability
2013-10-10
http://www.securityfocus.com/bid/62821

Exploit

 

9.10.2013

Bugtraq

[security bulletin] HPSBGN02930 rev.1 - HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module, Remote Authentication Bypass, Disclosure of Information, Unauthorized Access, SQL Injection 2013-10-08
security-alert hp com

[security bulletin] HPSBGN02929 rev.1 - HP Intelligent Management Center (iMC), HP IMC Branch Intelligent Management System Software Module (BIMS), and Comware Based Switches and Routers, Remote Code Execution, Disclosure of Information 2013-10-08
security-alert hp com

[SECURITY] [DSA-2769-1] kfreebsd-9 security update 2013-10-08
Salvatore Bonaccorso (carnil debian org)

NotSoSecure CTF (in partnership with Appsec USA) 2013-10-08
sid (sid notsosecure com)

[ MDVSA-2013:246 ] openjpa 2013-10-07
security mandriva com

Apple Motion Integer Overflow Vulnerability 2013-10-07
pereira secbiz de

Malware

RDN/Generic PUP.x!bjb!62BEF729ACE4

RDN/Generic PUP.x!bjb!F039608031DE

Generic.bfr!1C6B97C04F08

Generic.bfr!3180A09D7EAD

Generic.bfr!69529F617A76

RDN/Generic.dx!F195A3B70BAF

RDN/Generic.bfr!61AAFB2F4FED

Generic.dx!8CABCE74159F

Generic.dx!DD201A5B943C

Generic PUP.x!376A097B57EF

Generic.bfr!9BC6FF7BFB3C

Generic.dx!0E387946C309

Generic.dx!AA536396042F

Generic.dx!DC274A41F4B2

Generic.dx!39EB59264B96

Generic.dx!C12BCF2D8D40

Generic.dx!2CF49DBFD511

Generic.dx!89C5C02E99B2

Generic.dx!BD21EAB0B686

Generic.dx!79419B97948F

RDN/Generic PUP.x!bjb!139D411C993E

Generic.dx!E83444E5B4F2

Generic.dx!0E111140B930

Generic.dx!A31ADA6C646A

Generic.dx!B1363FCD8ED2

Generic.dx!FD7FCEC8979F

Generic.dx!8743510656C1

Generic.dx!FA5772A64B9E

Generic.dx!D31FCEA0DCCA

RDN/Generic PUP.x!bjb!9DFCF6B48783

Phishing

PayPal

9th October 2013

Update your account
information

Barclays Bank PLC

9th October 2013

New Security Notice On Your
Barclays Account

Chase

8th October 2013

1 NEW CHASE BANK ACCOUNT ALERT

Barclays Bank PLC

8th October 2013

New Security Notice On Your
Barclays Account

Vulnerebility

Microsoft Internet Explorer CVE-2013-3874 Memory Corruption Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62805

Microsoft Internet Explorer CVE-2013-3873 Memory Corruption Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62804

Microsoft Internet Explorer CVE-2013-3872 Memory Corruption Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62803

Microsoft Windows TrueType Font CMAP Table CVE-2013-3894 Remote Code Execution Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62821

Microsoft Internet Explorer CVE-2013-3897 Memory Corruption Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62811

Microsoft Internet Explorer CVE-2013-3871 Memory Corruption Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62802

RETIRED: Microsoft October 2013 Advance Notification Multiple Vulnerabilities
2013-10-09
http://www.securityfocus.com/bid/62797

RETIRED: Adobe Reader and Acrobat APSB13-25 Prenotification Multiple Vulnerabilities
2013-10-09
http://www.securityfocus.com/bid/62777

GNU glibc Multiple Integer Overflow Vulnerabilities
2013-10-09
http://www.securityfocus.com/bid/62324

SSSD Multiple Denial of Service Vulnerabilities
2013-10-09
http://www.securityfocus.com/bid/57539

Samba CVE-2013-4124 Local Denial of Service Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61597

Samba SWAT Cross Site Request Forgery and Clickjacking Vulnerabilities
2013-10-09
http://www.securityfocus.com/bid/57631

Microsoft Internet Explorer CVE-2013-3893 Memory Corruption Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62453

Microsoft Windows Kernel 'dxgkrnl.sys' CVE-2013-3888 Local Privilege Escalation Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62831

GnuPG CVE-2013-4402 Denial of Service Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62857

FreeBSD CVE-2013-5691 Local Privilege Escalation Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62302

FreeBSD CVE-2013-5710 Local Security Bypass Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62303

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-10-09
http://www.securityfocus.com/bid/60634

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61310

Xinetd CVE-2013-4342 Remote Code Execution Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62871

DavFS2 'system()' Function Local Privilege Escalation Vulnerability
2013-10-09
http://www.securityfocus.com/bid/62445

Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61227

Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61244

Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61238

MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
2013-10-09
http://www.securityfocus.com/bid/58511

Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61256

Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61272

Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61252

Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61269

Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
2013-10-09
http://www.securityfocus.com/bid/61214

Exploit

 

8.10.2013

Bugtraq

[ MDVSA-2013:246 ] openjpa 2013-10-07
security mandriva com

Apple Motion Integer Overflow Vulnerability 2013-10-07
pereira secbiz de

[KIS-2013-09] Vanilla Forums <= 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability 2013-10-07
Egidio Romano (research karmainsecurity com)

Malware

RDN/Generic PUP.x!bj3!8D6710A9BBE3

ZeroAccess-FBJ!64932E143FC5!64932E143FC5

Generic Downloader.x!8AE2C95CB61B

RDN/Generic PUP.x!bj3!5D8670BF5B02

RDN/Generic PUP.x!bj3!704C5CBF03CB

Generic PUP.x!EC5833409666

RDN/Generic PUP.x!bj3!86ACDE5CA6BC

RDN/Generic PUP.x!bj3!523BAC233AA9

Generic.bfr!5A29EC685E11

Generic Downloader.x!816DEE37270E

RDN/Generic StartPage!bp!5D632E2D43BC

Generic Downloader.x!5C0C3017934B

RDN/BackDoor-CEP!bv!697A8016A317

RDN/Generic.tfr!dq!7E9F82ACB825

RDN/Generic PUP.x!bj3!589B9D7A206E

RDN/Generic PUP.x!bj3!8287AF11099B

RDN/Generic PUP.x!bj3!4E9B5C74AA39

RDN/Generic PUP.x!bj3!52A61F582FB5

RDN/Generic PUP.x!bj3!4DD57763B457

RDN/Generic PUP.x!bj3!50DA2044B6F5

RDN/Generic PUP.x!bj3!554BA5711D53

RDN/Generic PUP.x!bj3!60B21B40603C

RDN/Generic PUP.x!bj3!63E93D41126C

RDN/Generic PUP.x!bj3!58ECFE93310C

RDN/Generic PUP.x!bj3!65E8D5ADE079

Generic PUP.x!BBB14720D4CE

RDN/Generic PUP.x!bj3!5095CFA6BE45

Generic Downloader.x!5F155BBA7A31

RDN/Generic PUP.x!bj3!444D8EADA8BD

RDN/Generic.dx!crs!5D9BE5B66BB6

Phishing

ClipBucket 'ofc_upload_image.php' Arbitrary PHP Code Execution Vulnerability
2013-10-08
http://www.securityfocus.com/bid/62776

HP LoadRunner CVE-2013-4800 Remote Code Execution Vulnerability
2013-10-08
http://www.securityfocus.com/bid/61446

FlashChat 'upload.php' Arbitrary File Upload Vulnerability
2013-10-08
http://www.securityfocus.com/bid/62852

Xinetd CVE-2013-4342 Remote Code Execution Vulnerability
2013-10-08
http://www.securityfocus.com/bid/62871

Restlet Framework Object Deserialization Remote Code Execution Vulnerability
2013-10-08
http://www.securityfocus.com/bid/62000

Apache Camel CVE-2013-4330 Information Disclosure Vulnerability
2013-10-08
http://www.securityfocus.com/bid/62706

Restlet Framework XML Deserialization Remote Code Execution Vulnerability
2013-10-08
http://www.securityfocus.com/bid/61694

Oracle Solaris CVE-2013-3757 Remote Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/61263

Oracle Sun Products Suite CVE-2012-0570 Local Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/59241

Cisco NX-OS CVE-2012-4091 Remote Denial of Service Vulnerability
2013-10-08
http://www.securityfocus.com/bid/62838

Oracle Sun Products Suite CVE-2013-1530 Local Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/59221

Cisco Nexus 7000 Series Switches NX-OS CVE-2012-4090 Remote Information Disclosure Vulnerability
2013-10-08
http://www.securityfocus.com/bid/62841

Wireshark Multiple Denial of Service Vulnerabilities
2013-10-08
http://www.securityfocus.com/bid/61471

Oracle Sun Products Suite CVE-2012-3128 Local SPARC T-Series Servers Vulnerability
2013-10-08
http://www.securityfocus.com/bid/54564

ISC DHCP Multiple Denial of Service Vulnerabilities
2013-10-08
http://www.securityfocus.com/bid/54665

Oracle Solaris CVE-2013-3813 Remote Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/61230

Oracle Sun Products Suite CVE-2013-0411 Local Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/59174

Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
2013-10-08
http://www.securityfocus.com/bid/60534

Oracle Sun Products Suite CVE-2013-0404 Local Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/59230

Oracle Solaris CVE-2013-3786 Local Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/61266

Oracle Solaris CVE-2013-3787 Remote Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/61248

ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
2013-10-08
http://www.securityfocus.com/bid/55522

Linux Kernel 'i915_gem_execbuffer.c' Multiple Integer Overflow Vulnerabilities
2013-10-08
http://www.securityfocus.com/bid/53971

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2013-10-08
http://www.securityfocus.com/bid/46616

Linux Kernel IPv6 'nf_ct_frag6_reasm()' Remote Denial of Service Vulnerability
2013-10-08
http://www.securityfocus.com/bid/54367

Red Hat JBoss Application Server Multiple Servlets Remote Code Execution Vulnerabilities
2013-10-08
http://www.securityfocus.com/bid/62854

Oracle Sun Products Suite CVE-2013-0408 Local Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/59204

PolicyKit CVE-2013-4288 Local Privilege Escalation Vulnerability
2013-10-08
http://www.securityfocus.com/bid/62511

Oracle Sun Products Suite CVE-2013-0413 Local Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/59214

Oracle Solaris CVE-2013-3745 Local Security Vulnerability
2013-10-08
http://www.securityfocus.com/bid/61261

Vulnerebility

  HP LoadRunner magentproc.exe Overflow

  GestioIP Remote Command Execution

  davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit

  WHMCS 5.2.7 - SQL Injection Vulnerability

  Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS

  Apple Motion 5.0.7 Integer Overflow Vulnerability

Exploit

Understanding C Integer Boundaries (Overflows & Underflow)

Linux Classic Return-to-libc & Return-to-libc Chaining Tutorial

Linux Stack Based Buffer Overflows

Linux Format String Exploitation

Linux Integer Overflow and Underflow

Linux Off By One Vulnerabilities

Return Oriented Programming (ROP FTW)

7.10.2013

Bugtraq

SEC Consult SA-20131004-0 :: SQL injection vulnerability in Zabbix 2013-10-04
SEC Consult Vulnerability Lab (research sec-consult com)

APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update 2013-10-03
Apple Product Security (product-security-noreply lists apple com)

Malware

RDN/Generic.grp!60496E72EED3

Generic PUP.x!A81623B834E6

W32/Generic.worm!p2p!47D7A4B36905

RDN/Generic PUP.x!b2x!E14B4394695D

Generic PUP.x!46288039A82A

RDN/Generic PUP.x!147304FB748B

RDN/Generic.grp!67FD53CC7165

W32/Generic.worm!p2p!406845CFAA52

RDN/Qhost-Gen!ba!C115435497E7

RDN/Generic.dx!5676417FF349

W32/Generic.worm!p2p!2ABBEEDA0137

RDN/Generic Exploit!69DEF9DB82C7

W32/Generic.worm!p2p!0875AB03199D

W32/Generic.worm!p2p!7B95394F29E4

W32/Generic.worm!p2p!DD6CBD959076

W32/Generic.worm!p2p!10E0FEBEB3E9

W32/Autorun.worm.gen!84C876E6F9EE

W32/Autorun.worm.gen!8CDF01FC8153

W32/Autorun.worm.gen!8AE92D086305

W32/Generic.worm!p2p!3DBECFC1FBFA

W32/Autorun.worm.gen!90F837FA475F

W32/Generic.worm!p2p!470D23A421A7

W32/Autorun.worm.gen!316FB83A3AC1

W32/Autorun.worm.gen!CE39913AC411

W32/Generic.worm!p2p!B7CD4E98162F

W32/Generic.worm!p2p!9F9FFF3E71C3

W32/Generic.worm!p2p!9AEA4E32E833

W32/Autorun.worm.gen!F2B213C06F5E

W32/Autorun.worm.gen!E5E90861C0F5

W32/Autorun.worm.gen!B51D1F2C0786

Phishing

Halifax Bank PLC

6th October 2013

Halifax Bank: Unconfirmed
Payment Notification

PayPal

5th October 2013

Your PayPal Account
Re-Confirmation Alert

Natwest Credit Cards

4th October 2013

YOUR NATWEST CREDIT CARD
SECURITY & PRIVACY

paypal

4th October 2013

Important: We noticed unusual
activity in your PayPal
account

Vulnerebility

IcedTea-Web CVE-2013-4349 Heap Based Buffer Overflow Vulnerability
2013-10-07
http://www.securityfocus.com/bid/62426

Multiple HP LaserJet Printers CVE-2013-4828 PDF Encryption Weakness
2013-10-07
http://www.securityfocus.com/bid/62814

Multiple HP LaserJet Printers CVE-2013-4829 Unspecified Local Information Disclosure Vulnerability
2013-10-07
http://www.securityfocus.com/bid/62813

Open Flash Chart 'ofc_upload_image.php' Remote PHP Code Execution Vulnerability
2013-10-07
http://www.securityfocus.com/bid/37314

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2472 Buffer Overflow Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60656

Oracle Java SE CVE-2013-2451 Local Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60625

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60659

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2466 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60624

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2468 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60637

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60631

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60655

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60657

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60647

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2467 Local Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60649

Oracle Java SE CVE-2013-2436 Security Bypass Vulnerability
2013-10-07
http://www.securityfocus.com/bid/59213

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-3744 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60654

Oracle Java SE CVE-2013-2453 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60644

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2013-2462 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60630

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2473 Buffer Overflow Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60623

Oracle Java SE CVE-2013-3743 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60626

Oracle Java SE CVE-2013-2400 Remote Security Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60621

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-10-07
http://www.securityfocus.com/bid/61310

Oracle Java SE CVE-2013-2460 Remote Java Runtime Environment Vulnerability
2013-10-07
http://www.securityfocus.com/bid/60635

Exploit

 

5.10.2013

Bugtraq

APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update 2013-10-03
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBPI02892 rev.1 - Certain HP FutureSmart MFP, Weak PDF Encryption, Local Disclosure of Information 2013-10-03
security-alert hp com

ESA-2013-062: EMC Atmos Unauthenticated Database Access Vulnerability 2013-10-03
Security Alert (Security_Alert emc com)

[SOJOBO-ADV-13-01] - Zenphoto 1.4.5.2 multiple vulnerabilities 2013-10-03
advisories enkomio com

[ MDVSA-2013:245 ] proftpd 2013-10-03
security mandriva com

SEC Consult SA-20131003-0 :: Denial of service vulnerability in Citrix NetScaler 2013-10-03
SEC Consult Vulnerability Lab (research sec-consult com)

Apple iOS 7 iPad2 Face-Time 1.0.2 - Privacy Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

WebAssist PowerCMS PHP - Multiple Web Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

elproLOG MONITOR WebAccess 2.1 - Multiple Web Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

SilverStripe Framework CMS 3.0.5 - Multiple Web Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability 2013-10-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic PUP.x!4D3706503DDE

RDN/Generic PUP.x!914774D15B79

RDN/Generic PUP.x!b2s!22F2F957486E

RDN/Vundo!dn!419A4CBEDA4D

RDN/Generic Dropper!2024AE1CD52E

RDN/Generic BackDoor!tv!BE97D4150207

Generic PUP.x!D83337C1AF07

RDN/Generic.bfr!fc!751A9AAB20B2

Generic PWS.y!F87575EA00EA

RDN/Generic PUP.x!A1360C61D4FD

RDN/Generic PUP.x!6CC0FECD2148

Generic PUP.x!AF6A9883E803

Generic BackDoor!0040A76FCEED

RDN/Generic PUP.x!F50DE5773951

Generic PUP.x!2DFF6552C3D4

W32/Spybot.bfr!989E79655A78

Generic.bfr!9FA4697080E0

RDN/Autorun.worm.gen!4F18D43878DA

RDN/Generic BackDoor!tv!B1BB354ED024

RDN/Generic BackDoor!tv!74758E0C204B

RDN/Generic.bfr!es!E026191C9F8C

RDN/Generic PUP.x!b2s!61B3649F99E6

RDN/Generic PUP.x!b2s!A2FE7FD855FE

RDN/Downloader.gen.a!9079E592E1AA

Generic PUP.x!4C206AD434C9

Generic BackDoor!880415C853F2

Generic BackDoor!A6C14B74D80C

RDN/Generic.bfr!E7BC4293F243

Generic PUP.x!96C75B8009B5

Downloader.gen.a!839AF5A444E8

Phishing

Lloyds Banking Online

3rd October 2013

ONLINE BANKING - ONLINE
SECURITY - STAYING SAFE ONLINE

auto-confirm1117@amazon.co.uk

3rd October 2013

YOUR AMAZON.CO.UK ORDER
#NRR-6147155-1778100

auto-confirm1318@amazon.co.uk

2nd October 2013

YOUR AMAZON.CO.UK ORDER
#7N:-0644934-8103229

auto-confirm1116@amazon.co.uk

2nd October 2013

YOUR AMAZON.CO.UK ORDER
#NAD-8519638-3736711

Vulnerebility

Wireshark NBAP Dissector Multiple Denial of Service Vulnerabilities
2013-10-04
http://www.securityfocus.com/bid/60502

Wireshark CVE-2013-4074 Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60500

Wireshark CVE-2013-4082 Heap Buffer Overflow Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60506

Wireshark Websocket Dissector Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/59998

Wireshark GSM CBCH Dissector Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60498

Wireshark PPP Dissector CVE-2013-4076 Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60499

Wireshark CVE-2013-4080 Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60503

Wireshark CVE-2013-4075 Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60501

Wireshark MPEG DSM-CC Dissector 'packet-mpeg-dsmcc.c' Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/59999

Wireshark RDP Dissector Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60495

Wireshark Multiple Denial of Service Vulnerabilities
2013-10-04
http://www.securityfocus.com/bid/61471

Wireshark CVE-2013-4081 Stack Buffer Overflow Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60505

Wireshark ASN.1 BER Dissector CVE-2013-3557 Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60021

Wireshark GTPv2 Dissector Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/59992

Wireshark CVE-2013-4083 Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60504

Wireshark PPP CCP Dissector Denial of Service Vulnerability
2013-10-04
http://www.securityfocus.com/bid/59994

Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability
2013-10-04
http://www.securityfocus.com/bid/53815

Spring Security 'RunAsManager' Local Privilege Escalation Vulnerability
2013-10-04
http://www.securityfocus.com/bid/49538

Spring Framework Expression Language JSP Attributes Handling Information Disclosure Vulnerability
2013-10-04
http://www.securityfocus.com/bid/49543

Cisco Unified Computing System CVE-2012-4109 Local Command Injection Vulnerability
2013-10-04
http://www.securityfocus.com/bid/62735

Cisco Unified Computing System CVE-2012-4111 Local Command Injection Vulnerability
2013-10-04
http://www.securityfocus.com/bid/62734

Cisco Unified Computing System CVE-2012-4103 Local Command Injection Vulnerability
2013-10-04
http://www.securityfocus.com/bid/62731

Cisco Wireless LAN Controller CVE-2013-5519 Cross Site Scripting Vulnerability
2013-10-04
http://www.securityfocus.com/bid/62787

Cisco Unified Computing System CVE-2012-4102 Local Arbitrary Command Execution Vulnerability
2013-10-04
http://www.securityfocus.com/bid/62728

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60107

IBM Eclipse Help System CVE-2013-0467 Information Disclosure Vulnerability
2013-10-04
http://www.securityfocus.com/bid/58000

IBM Eclipse Help System CVE-2013-0464 Cross Site Scripting Vulnerability
2013-10-04
http://www.securityfocus.com/bid/60246

Cisco Unified Computing System CVE-2012-4110 Local Command Injection Vulnerability
2013-10-04
http://www.securityfocus.com/bid/62737

RETIRED: Adtran Netvanta 7100 and 7060 CVE-2013-5210 Multiple Security Vulnerabilities
2013-10-04
http://www.securityfocus.com/bid/62754

Adtran Netvanta 7100 and 7060 CVE-2013-5210 Multiple Security Vulnerabilities
2013-10-04
http://www.securityfocus.com/bid/62498

Exploit

  Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE

  SIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution

  elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities

  CMS Formulasi 2.07 - Multiple Vulnerabilities

  Aanval 7.1 build 70151 - Multiple Vulnerabilities

4.10.2013

Bugtraq

Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Vulnerability 2013-10-03
Vulnerability Lab (research vulnerability-lab com)

Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability 2013-10-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

RootedCON 2014 - Call For Papers 2013-10-02
Javier Olascoaga (deese spezialk net)

All in One SEO Pack Plugin for WordPress 1.3.6.4 - 2.0.3 XSS 2013-10-02
Charlie Briggs (charlie cysha co uk)

Malware

Generic PUP.x!5BBC9C6446ED

Generic PUP.x!5B5539E2F021

Generic PUP.x!5BC176680D15

Generic.bfr!F0A140351141

Generic.bfr!C7BE047B5C36

RDN/Generic.bfr!5956071BC2AC

Generic PUP.x!5A44C623C821

Generic PUP.x!A8CAF1926700

Generic PUP.x!5BBBF2FFCA12

RDN/Generic PUP.x!b2o!5A80AB6F310F

Generic PUP.x!0E91FDDEF7B6

RDN/Downloader.a!nm!5A7723E3919F

RDN/Generic BackDoor!tv!5AB3F746043E

RDN/Generic PUP.x!b2o!59DF1E0E3D7E

Generic.bfr!834F7569DF65

Generic PUP.x!5B8EAF718DE3

Generic PUP.x!5A42A5B8F604

RDN/Generic PUP.x!b2o!1C2B53886D4B

Generic PUP.x!599D31258941

Generic PUP.x!586DE51B28E4

RDN/Generic.dx!58B6D010617D

Generic.bfr!A62FFF85F562

RDN/Generic BackDoor!tv!84AFEEAE28F4

Generic.bfr!6F7CAF43B2AB

Generic.bfr!1A3D5328812D

Generic PUP.x!0C7195A55BEF

Generic BackDoor!599C8B519651

Generic PUP.x!590D8A370CE0

Generic PUP.x!59327149969A

Generic PUP.x!5B054DC3EC75

 

Phishing

 

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62468

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1719 Remote Memory Corruption Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62462

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1724 Remote Code Execution Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62464

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1722 Remote Code Execution Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62460

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1723 Denial of Service Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62472

Mozilla Firefox/SeaMonkey CVE-2013-1721 Integer Overflow Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62470

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1738 Remote Code Execution Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62466

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62475

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1720 Heap Buffer Overflow Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62465

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1730 Remote Code Execution Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62473

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1735 Remote Memory Corruption Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62479

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1736 Remote Memory Corruption Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62478

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1725 Remote Memory Corruption Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62467

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1718 Remote Memory Corruption Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62463

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1732 Buffer Overflow Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62469

GNU glibc 'regexec.c' Buffer Overflow Vulnerability
2013-10-03
http://www.securityfocus.com/bid/57638

GNU glibc 'getaddrinfo()' Stack Buffer Overflow Vulnerability
2013-10-03
http://www.securityfocus.com/bid/58839

GNU glibc 'pt_chown()' Function CVE-2013-2207 Local Security Bypass Vulnerability
2013-10-03
http://www.securityfocus.com/bid/61960

GNU glibc 'strcoll()' Routine Integer Overflow Vulnerability
2013-10-03
http://www.securityfocus.com/bid/55462

GNU glibc Multiple Integer Overflow Vulnerabilities
2013-10-03
http://www.securityfocus.com/bid/62324

GNU glibc CVE-2013-4237 Remote Buffer Overflow Vulnerability
2013-10-03
http://www.securityfocus.com/bid/61729

WordPress Simple Dropbox Upload 'multi.php' Arbitrary File Upload Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62437

WordPress Complete Gallery Manager Plugin 'upload-images.php' Arbitrary File Upload Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62496

Cisco Identity Services Engine CVE-2013-5505 Cross Site Scripting Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62693

WordPress Lazy SEO Plugin 'lazyseo.php' Arbitrary File Upload Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62589

Review Board Access Bypass Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62702

RETIRED: libvirt CVE-2013-5651 Remote Denial Of Service Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62509

libvirt 'remoteDispatchDomainMemoryStats()' Denial of Service Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62510

libvirt CVE-2013-4291 Local Security Bypass Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62743

libvirt CVE-2013-4311 Local Security Bypass Vulnerability
2013-10-03
http://www.securityfocus.com/bid/62508

Exploit

  Evince PDF Reader - 2.32.0.145 (Windows) and 3.4.0 (Linux) - Denial Of Service

3.10.2013

Bugtraq

Multiple Vulnerabilities in Gnew 2013-10-02
High-Tech Bridge Security Research (advisory htbridge com)

Remote Code Execution in GLPI 2013-10-02
High-Tech Bridge Security Research (advisory htbridge com)

Defense in depth -- the Microsoft way (part 11): privilege escalation for dummies 2013-10-01
Stefan Kanthak (stefan kanthak nexgo de)

CORE-2013-0828 - PDFCool Studio Buffer Overflow Vulnerability 2013-10-01
CORE Advisories Team (advisories coresecurity com)

CORE-2013-0904 - PinApp Mail-SeCure Access Control Failure 2013-10-01
CORE Advisories Team (advisories coresecurity com)

iOS: List of available trusted root certificates 2013-09-30
Jeffrey Walton (noloader gmail com) (1 replies)

Re: iOS: List of available trusted root certificates 2013-10-01
Jason Hellenthal (jhellenthal dataix net)

Malware

RDN/Generic PUP.x!b2m!741AFA6B8DE6

RDN/Generic PUP.x!b2m!8780E1673DED

Generic PUP.x!8A6C6A73BC8E

Generic.bfr!89E5C4CCCF60

Generic PUP.x!2E11A5394F12

RDN/PWS-Mmorpg.gen!3546150F0CCD

RDN/Generic Dropper!rq!EDAD6524B95F

Generic PUP.x!8F6BF4FE17D1

RDN/Generic PUP.x!b2m!8723DA1F37F5

RDN/Generic PUP.x!b2m!28C7BC127096

Generic PUP.x!8C7CB4C50C81

Generic PUP.x!8F3FBA16D494

Generic.bfr!8AD904D6E326

RDN/Generic.tfr!dq!8BAC33843F3A

RDN/Generic PUP.x!b2m!8A2A1BB07CCF

Generic PUP.x!8809F08CABA5

Generic PUP.x!8B6075C29645

RDN/Generic PUP.x!b2m!888E0C1B04B0

Generic PUP.x!7D7A804B8D08

RDN/Generic PUP.x!897BB88A4DEF

Generic PUP.x!890F2777DC92

Generic PUP.x!8FA7ECEBFE5A

Generic PUP.x!799F5D00FB0E

RDN/Generic PUP.x!b2m!88CA739EA139

RDN/Generic PUP.x!b2m!88A2A4CBC5AE

RDN/Generic BackDoor!tu!8E56445B6667

Generic.bfr!897915142129

Generic.bfr!876EA47F2891

Generic PUP.x!771B4D70F579

RDN/Generic.bfr!fc!858B14602831

Phishing

auto-confirm1116@amazon.co.uk

2nd October 2013

YOUR AMAZON.CO.UK ORDER
#NAD-8519638-3736711

Apple

1st October 2013

Update your apple Account

Amazon

1st October 2013

[!! ] Please Confirm Your
Account Information
 

Ralph Fabiano

1st October 2013

RE: Get prescriptions to
increase energy levels at
discounts

Lindsay Schrupp

1st October 2013

=?utf-8?B?WW91IGNhbiBhY2hpZXZl
IHRoZSB3aG9sZSB3b3JsZCB3aXRoIH
lvdXIgc2Vj?=
=?utf-8?B?cmV0IHBvd2VyIOqzmQ==
?=

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1724 Remote Code Execution Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62464

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1722 Remote Code Execution Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62460

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1723 Denial of Service Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62472

Mozilla Firefox/SeaMonkey CVE-2013-1721 Integer Overflow Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62470

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1738 Remote Code Execution Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62466

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62475

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1720 Heap Buffer Overflow Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62465

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1730 Remote Code Execution Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62473

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1735 Remote Memory Corruption Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62479

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1736 Remote Memory Corruption Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62478

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1725 Remote Memory Corruption Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62467

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1718 Remote Memory Corruption Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62463

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1732 Buffer Overflow Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62469

GNU glibc 'regexec.c' Buffer Overflow Vulnerability
2013-10-02
http://www.securityfocus.com/bid/57638

GNU glibc 'getaddrinfo()' Stack Buffer Overflow Vulnerability
2013-10-02
http://www.securityfocus.com/bid/58839

GNU glibc 'pt_chown()' Function CVE-2013-2207 Local Security Bypass Vulnerability
2013-10-02
http://www.securityfocus.com/bid/61960

GNU glibc 'strcoll()' Routine Integer Overflow Vulnerability
2013-10-02
http://www.securityfocus.com/bid/55462

GNU glibc Multiple Integer Overflow Vulnerabilities
2013-10-02
http://www.securityfocus.com/bid/62324

GNU glibc CVE-2013-4237 Remote Buffer Overflow Vulnerability
2013-10-02
http://www.securityfocus.com/bid/61729

WordPress Simple Dropbox Upload 'multi.php' Arbitrary File Upload Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62437

WordPress Complete Gallery Manager Plugin 'upload-images.php' Arbitrary File Upload Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62496

Cisco Identity Services Engine CVE-2013-5505 Cross Site Scripting Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62693

WordPress Lazy SEO Plugin 'lazyseo.php' Arbitrary File Upload Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62589

Review Board Access Bypass Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62702

RETIRED: libvirt CVE-2013-5651 Remote Denial Of Service Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62509

libvirt 'remoteDispatchDomainMemoryStats()' Denial of Service Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62510

libvirt CVE-2013-4291 Local Security Bypass Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62743

libvirt CVE-2013-4311 Local Security Bypass Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62508

libvirt 'virBitmapParse()' Function Denial of Service Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62070

Linux Kernel CVE-2013-4345 Off-By-One Buffer Overflow Vulnerability
2013-10-02
http://www.securityfocus.com/bid/62740

Exploit

  freeFTPd PASS Command Buffer Overflow

  Micorosft Internet Explorer SetMouseCapture Use-After-Free

  PinApp Mail-SeCure 3.70 - Access Control Failure

  Gnew 2013.1 - Multiple Vulnerabilities

  GLPI 0.84.1 - Multiple Vulnerabilities

  HylaFAX+ 5.2.4 - 5.5.3 - Buffer Overflow

2.10.2013

Bugtraq

iOS: List of available trusted root certificates 2013-09-30
Jeffrey Walton (noloader gmail com) (1 replies)

Re: iOS: List of available trusted root certificates 2013-10-01
Jason Hellenthal (jhellenthal dataix net)

CFP: WorldCIST'14 - World Conference on IST, at Madeira Island 2013-09-30
Maria Lemos (marialemos72 gmail com)

CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic. 2013-09-30
Dennis Jenkins (dennis jenkins 75 gmail com)

[ MDVSA-2013:244 ] davfs2 2013-09-30
security mandriva com

Open-Xchange Security Advisory 2013-09-30 2013-09-30
Martin Braun (martin braun open-xchange com)

Malware

RDN/Generic PUP.x!b2j!8D6F8B441699

RDN/Generic PUP.x!b2j!9F13DD07772B

Generic PUP.x!DDF2F4314652

Generic PUP.x!833EEC2B8751

RDN/Generic PUP.x!b2j!03E29093483B

RDN/Generic PUP.x!b2j!D296D13B5718

RDN/Generic PUP.x!b2j!A5D3302C85B7

RDN/Generic PUP.x!b2j!24E53EED9483

RDN/Generic PUP.x!b2j!904B63766A10

Generic PUP.x!003072D2B841

Generic PUP.x!71356F473A11

Generic.bfr!12253864BF00

Generic PUP.x!112D40BF5E70

Generic PUP.x!C5387ADB0798

Generic PUP.x!947ADF7FA3FD

RDN/Generic PUP.x!b2j!A54D1D155DE2

Generic PUP.x!383952726C0B

Generic PUP.x!DA66BD74EF82

RDN/Generic PUP.x!b2j!98DD307564AD

Generic PUP.x!3EDBAAFA6E10

Generic.bfr!B2FCA710438A

RDN/Generic PUP.x!b2j!3CDB5E72BB0B

RDN/Generic PUP.x!b2j!969628201460

RDN/Generic PUP.x!1C903C5F6E5E

Generic PUP.x!2E365C1F5A73

RDN/Generic BackDoor!tu!A11C742DC94D

RDN/Generic PUP.x!b2j!1CE8549E8E16

Generic PUP.x!4964B80A8EDB

RDN/Generic PUP.x!b2j!7EFC9A5CD12A

RDN/Generic PUP.x!b2j!8CC1FF790B9A

Phishing

BT Yahoo! Mail Policy

30th September 2013

An Update would be made!

auto-confirm1218@amazon.co.uk

30th September 2013

YOUR AMAZON.CO.UK ORDER
#NND-4727068-9691852

Vulnerebility

CCID Card Serial Number Integer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/45806

Icy Phoenix CMS Cross Site Scripting Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62722

VMware ESX and ESXi CVE-2013-3658 Directory Traversal Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62323

Microsoft Internet Explorer CVE-2013-3893 Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62453

Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
2013-10-01
http://www.securityfocus.com/bid/60846

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2013-10-01
http://www.securityfocus.com/bid/58795

Linux Kernel CVE-2013-2892 Heap Buffer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62049

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62043

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/61128

Linux Kernel CVE-2013-2094 Local Privilege Escalation Vulnerability
2013-10-01
http://www.securityfocus.com/bid/59846

Mozilla Firefox/SeaMonkey CVE-2013-1721 Integer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62470

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1738 Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62466

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1723 Denial of Service Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62472

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1720 Heap Buffer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62465

Mozilla Firefox CVE-2013-1727 Same Origin Policy Security Bypass Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62480

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1719 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62462

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1724 Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62464

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62468

HP Linux Imaging and Printing Insecure Temporary File Creation Vulnerability
2013-10-01
http://www.securityfocus.com/bid/48892

HP Linux Imaging and Printing CVE-2013-0200 Insecure Temporary File Creation Vulnerability
2013-10-01
http://www.securityfocus.com/bid/58079

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1722 Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62460

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1718 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62463

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1732 Buffer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62469

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62475

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1725 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62467

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1730 Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62473

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1735 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62479

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1736 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62478

Mozilla Firefox/SeaMonkey CVE-2013-1705 Use-After-Free Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/61871

GNOME Vino VNC Server CVE-2013-5745 Denial of Service Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62443

Exploit

  KMPlayer 3.7.0.109 (.wav) - Crash PoC

1.10.2013

Bugtraq

iOS: List of available trusted root certificates 2013-09-30
Jeffrey Walton (noloader gmail com) (1 replies)

Re: iOS: List of available trusted root certificates 2013-10-01
Jason Hellenthal (jhellenthal dataix net)

CFP: WorldCIST'14 - World Conference on IST, at Madeira Island 2013-09-30
Maria Lemos (marialemos72 gmail com)

CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic. 2013-09-30
Dennis Jenkins (dennis jenkins 75 gmail com)

[ MDVSA-2013:244 ] davfs2 2013-09-30
security mandriva com

Open-Xchange Security Advisory 2013-09-30 2013-09-30
Martin Braun (martin braun open-xchange com)

Malware

RDN/Generic PUP.x!b2j!8D6F8B441699

RDN/Generic PUP.x!b2j!9F13DD07772B

Generic PUP.x!DDF2F4314652

Generic PUP.x!833EEC2B8751

RDN/Generic PUP.x!b2j!03E29093483B

RDN/Generic PUP.x!b2j!D296D13B5718

RDN/Generic PUP.x!b2j!A5D3302C85B7

RDN/Generic PUP.x!b2j!24E53EED9483

RDN/Generic PUP.x!b2j!904B63766A10

Generic PUP.x!003072D2B841

Generic PUP.x!71356F473A11

Generic.bfr!12253864BF00

Generic PUP.x!112D40BF5E70

Generic PUP.x!C5387ADB0798

Generic PUP.x!947ADF7FA3FD

RDN/Generic PUP.x!b2j!A54D1D155DE2

Generic PUP.x!383952726C0B

Generic PUP.x!DA66BD74EF82

RDN/Generic PUP.x!b2j!98DD307564AD

Generic PUP.x!3EDBAAFA6E10

Generic.bfr!B2FCA710438A

RDN/Generic PUP.x!b2j!3CDB5E72BB0B

RDN/Generic PUP.x!b2j!969628201460

RDN/Generic PUP.x!1C903C5F6E5E

Generic PUP.x!2E365C1F5A73

RDN/Generic BackDoor!tu!A11C742DC94D

RDN/Generic PUP.x!b2j!1CE8549E8E16

Generic PUP.x!4964B80A8EDB

RDN/Generic PUP.x!b2j!7EFC9A5CD12A

RDN/Generic PUP.x!b2j!8CC1FF790B9A

Phishing

BT Yahoo! Mail Policy

30th September 2013

An Update would be made!

auto-confirm1218@amazon.co.uk

30th September 2013

YOUR AMAZON.CO.UK ORDER
#NND-4727068-9691852

Vulnerebility

CCID Card Serial Number Integer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/45806

Icy Phoenix CMS Cross Site Scripting Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62722

VMware ESX and ESXi CVE-2013-3658 Directory Traversal Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62323

Microsoft Internet Explorer CVE-2013-3893 Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62453

Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
2013-10-01
http://www.securityfocus.com/bid/60846

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2013-10-01
http://www.securityfocus.com/bid/58795

Linux Kernel CVE-2013-2892 Heap Buffer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62049

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62043

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/61128

Linux Kernel CVE-2013-2094 Local Privilege Escalation Vulnerability
2013-10-01
http://www.securityfocus.com/bid/59846

Mozilla Firefox/SeaMonkey CVE-2013-1721 Integer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62470

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1738 Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62466

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1723 Denial of Service Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62472

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1720 Heap Buffer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62465

Mozilla Firefox CVE-2013-1727 Same Origin Policy Security Bypass Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62480

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1719 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62462

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1724 Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62464

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62468

HP Linux Imaging and Printing Insecure Temporary File Creation Vulnerability
2013-10-01
http://www.securityfocus.com/bid/48892

HP Linux Imaging and Printing CVE-2013-0200 Insecure Temporary File Creation Vulnerability
2013-10-01
http://www.securityfocus.com/bid/58079

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1722 Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62460

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1718 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62463

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1732 Buffer Overflow Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62469

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62475

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1725 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62467

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1730 Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62473

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1735 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62479

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1736 Remote Memory Corruption Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62478

Mozilla Firefox/SeaMonkey CVE-2013-1705 Use-After-Free Remote Code Execution Vulnerability
2013-10-01
http://www.securityfocus.com/bid/61871

GNOME Vino VNC Server CVE-2013-5745 Denial of Service Vulnerability
2013-10-01
http://www.securityfocus.com/bid/62443

Exploit

  KMPlayer 3.7.0.109 (.wav) - Crash PoC

30.9.2013

Bugtraq

[SECURITY] [DSA 2766-1] linux-2.6 security update 2013-09-27
dann frazier (dannf debian org)

[SECURITY] [DSA 2765-1] davfs2 security update 2013-09-26
Luciano Bello (luciano debian org)

Malware

Downloader-FLN!BA7BC135830A!BA7BC135830A

Downloader-FLN!3EC0E5AD2A00!3EC0E5AD2A00

Downloader-FLN!6A09884E3A9C!6A09884E3A9C

Downloader-FLN!35E62DE3FE3D!35E62DE3FE3D

RDN/Generic PUP.x!AC3A45FFC0B1

Downloader-FLN!27589605DC63!27589605DC63

RDN/Generic.bfr!fc!66FD9BFE93E7

RDN/Qhost-Gen!ba!C74B68E641DE

Downloader-FLN!9CAE65A75614!9CAE65A75614

Generic PUP.x!A8CD2CC81576

Downloader-FLN!DAEE5B2BAD01!DAEE5B2BAD01

RDN/Generic PUP.x!b2i!E9CC027C3AA2

RDN/Generic PUP.x!3703888DD3F8

RDN/Generic.bfr!B5A990E2C206

Generic.bfr!FB3E3819E71E

Adware-FOO!40638FCD5A30!40638FCD5A30

Adware-FOO!78EC6369BFC5!78EC6369BFC5

Downloader-FLN!2BF23240A8C5!2BF23240A8C5

Downloader-FLN!F4D612841210!F4D612841210

Adware-FOO!19CB9AB51AF1!19CB9AB51AF1

RDN/Generic PUP.x!b2i!BE92D8D16892

Generic PUP.x!17846F31FF44

RDN/Generic PUP.x!410941E682B7

RDN/Generic PUP.x!278899E24B6E

RDN/Generic PUP.x!4135259D1C7C

RDN/Generic PUP.x!A7694143E4E4

Generic PUP.x!A5FA50FAAEDA

RDN/Generic Dropper!rq!767B96D50619

RDN/Generic PUP.x!85C7DD19E80E

Generic PUP.x!9FA58DD4F530

Phishing

Lloyds Bank Online

29th September 2013

Internet Banking : View
Balances & Account Activity

Vodafone

29th September 2013

NEW MESSAGE RECEIVED

Natwest Bank

29th September 2013

NatWest: Your account security
is due!

Paypal

29th September 2013

your paypal account have been
limited

Virgin Money plc Online

28th September 2013

Account Limitations Notice.

auto-confirm1218@amazon.co.uk

28th September 2013

YOUR AMAZON.CO.UK ORDER
#RND-7199393-8735453

auto-confirm1216@amazon.co.uk

28th September 2013

YOUR AMAZON.CO.UK ORDER
#N:R-1517783-3092809

auto-confirm1318@amazon.co.uk

28th September 2013

YOUR AMAZON.CO.UK ORDER
#N:A-2408737-4859504

VIRGIN CREDIT CARD

28th September 2013

RE: MBNA CREDIT CARD

Halifax Bank

28th September 2013

Halifax- Online Security Check

Lloyds Banking Group

28th September 2013

ONLINE BANKING : VIEW BALANCES
charset=iso-8859-1">

Amazon

28th September 2013

Your Amazon account is locked!

Barclays Bank

28th September 2013

Re-instate Your Account

Lloyds Bank.

28th September 2013

LLOYDS BANK - EXISTING
CUSTOMER NOTIFICATION

Nationwide Building Society

28th September 2013

NATIONWIDE NEW SEUCITY UPDATE

Tesco Personal Finance

28th September 2013

REDEEM YOUR FREE TESCO VOUCHER

Vulnerebility

Oracle Java SE CVE-2013-0439 Remote JavaFX Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57725

Oracle Java SE CVE-2013-0436 Remote JavaFX Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57721

Oracle Java SE CVE-2013-0430 Java Runtime Environment Remote Security Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57722

Oracle Java SE CVE-2012-1543 Remote Code Execution Vulnerabilities
2013-09-30
http://www.securityfocus.com/bid/57705

Oracle Java SE CVE-2012-1721 Remote Code Execution Vulnerability
2013-09-30
http://www.securityfocus.com/bid/53959

Oracle Java SE CVE-2012-1722 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/53953

Oracle Java SE CVE-2012-1719 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/53950

Oracle Java SE CVE-2012-1720 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/53956

Oracle Java SE CVE-2012-1718 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/53951

Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/53952

Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
2013-09-30
http://www.securityfocus.com/bid/53946

Oracle Java SE CVE-2013-0438 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57708

Oracle Java SE CVE-2012-1716 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/53947

Oracle Java SE CVE-2013-0434 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57730

Oracle Java SE CVE-2013-0427 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57724

Oracle Java SE CVE-2013-0423 Java Runtime Environment Remote Security Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57716

Oracle Java SE CVE-2013-0431 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57726

Oracle Java SE CVE-2013-0428 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57713

Oracle Java SE CVE-2013-0426 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57711

Oracle Java SE CVE-2013-0433 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57719

Oracle Java SE CVE-2013-0429 Remote Java Runtime Environment Remote Security Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57710

Oracle Java SE CVE-2013-0425 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57709

Oracle Java SE CVE-2013-0424 Remote Java Runtime Environment Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57715

Oracle Java SE CVE-2013-0419 Java Runtime Environment Remote Security Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57714

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-09-30
http://www.securityfocus.com/bid/61310

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57778

ProFTPD 'mod_sftp_pam' Remote Denial of Service Vulnerability
2013-09-30
http://www.securityfocus.com/bid/62328

Apache Tomcat Hash Collision Denial Of Service Vulnerability
2013-09-30
http://www.securityfocus.com/bid/51200

OpenSSL CVE-2012-2686 Remote Denial of Service Vulnerability
2013-09-30
http://www.securityfocus.com/bid/57755

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-09-30
http://www.securityfocus.com/bid/60268

Exploit

  Nodejs js-yaml load() Code Exec

  glibc and eglibc 2.5, 2.7, 2.13 - Buffer Overflow Vulnerability

  Tenda W309R Router 5.07.46 - Configuration Disclosure

  Asus RT-N66U 3.0.0.4.374_720 - CSRF Vulnerability

  mod_accounting Module 0.5 - Blind SQL Injection

  XAMPP 1.8.1 (lang.php, WriteIntoLocalDisk method) - Local Write Access Vulnerability

  SimpleRisk 20130915-01 - Multiple Vulnerabilities

27.9.2013

Bugtraq

[SECURITY] [DSA 2765-1] davfs2 security update 2013-09-26
Luciano Bello (luciano debian org)

Re:joomla com_zimbcomment Components Local File Include vulnerability 2013-09-26
Sergio Tam (tam sergio gmail com)

APPLE-SA-2013-09-26-1 iOS 7.0.2 2013-09-26
Apple Product Security (product-security-noreply lists apple com)

ESA-2013-060: EMC VPLEX Information Disclosure Vulnerability 2013-09-26
Security Alert (Security_Alert emc com)

[ISecAuditors Security Advisories] Multiple Reflected Cross-Site Scripting vulnerabilities 2013-09-26
ISecAuditors Security Advisories (advisories isecauditors com)

XAMPP 1.8.1 Local Write Access Vulnerability 2013-09-26
ISecAuditors Security Advisories (advisories isecauditors com)

[ MDVSA-2013:242 ] kernel 2013-09-26
security mandriva com

[SECURITY] [DSA 2764-1] libvirt security update 2013-09-25
Moritz Muehlenhoff (jmm debian org)

joomla com_zimbcomment Components Local File Include vulnerability 2013-09-25
iedb team gmail com

Malware

Generic.bfr!0CFD07BA93F7

RDN/Generic PUP.x!b2c!84A57AFE08BC

Generic PUP.x!DEF5B1C43756

Generic PUP.x!ACD78F8FDFDA

Generic PUP.x!355F813BEA90

Generic PUP.x!F7F20D5DB184

Generic PUP.x!1409DAAC7370

Generic PUP.x!D5249B6C56BB

Generic Dropper!D4A63040F80A

Generic PUP.x!D7E72923F999

RDN/Generic.bfr!4239BC469190

Generic PUP.x!A07D43EAC97E

Generic PUP.x!843C8F6EBE92

RDN/Generic PWS.y!3D1227BA4C2F

Generic PUP.x!EE6CE3F5DBD9

RDN/Generic.bfr!fc!719479F358FA

Generic PUP.x!CC4B97DB1CED

Generic.bfr!1218451110FF

RDN/Generic PUP.x!b2c!446704B88578

RDN/Generic PUP.x!ED4C8070E471

Generic PUP.x!35F04F1864C8

Generic PUP.x!9036A30CD307

Generic.bfr!C373026E7D49

Generic PUP.x!B8B7480617D6

Generic PUP.x!6F9E819E1869

RDN/Generic BackDoor!tr!464EF2E6D472

Generic.bfr!65070875D1D9

Generic PUP.x!1D4DD762FB49

Generic.bfr!10FFC18F31B2

Generic.bfr!E2FC46C68609

Phishing

HSBC Bank plc

27th September 2013

Your Security is Important :
Please Read !

JPMorgan Chase & Co

27th September 2013

You have one Message Alert

Apple

27th September 2013

Your account is temporarily
Iimeted

PayPal

27th September 2013

Your account is limited - take
action now

PayPal

27th September 2013

Your PayPal account is limited
- take action now

Barclays Bank

27th September 2013

YOUR BARCLAYS DEBIT CARD HAS
BEEN BLOCKED

=====DISCOVER HOW YOUR $12 BEC

27th September 2013

Assurant Mobile Job Search

USAA

27th September 2013

Important Message From Usaa

Lloyds TSB

27th September 2013

Improved Banking System

Google

27th September 2013

Important document

Vulnerebility

GnuTLS TLS And DTLS Information Disclosure Vulnerability
2013-09-27
http://www.securityfocus.com/bid/57736

Linux Kernel 'skbuff.c' Local Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/61411

Linux Kernel 'madvise_remove()' Function Local Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/55151

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2013-09-27
http://www.securityfocus.com/bid/60254

OpenStack Keystone Token Revocation Failure Security Bypass Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62331

WordPress WP Ultimate Email Marketer Plugin Cross Site Scripting and Security Bypass Vulnerabilities
2013-09-27
http://www.securityfocus.com/bid/62621

IBM AIX CVE-2013-4011 Multiple Local Privilege Escalation Vulnerabilities
2013-09-27
http://www.securityfocus.com/bid/61287

Puppet CVE-2013-4761 Arbitrary Code Execution Vulnerability
2013-09-27
http://www.securityfocus.com/bid/61806

Puppet CVE-2013-3567 Remote Code Execution Vulnerability
2013-09-27
http://www.securityfocus.com/bid/60664

Puppet CVE-2013-4956 Security Bypass Vulnerability
2013-09-27
http://www.securityfocus.com/bid/61805

Cisco Unified Computing System Identity Validation CVE-2012-4092 Security Bypass Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62653

Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
2013-09-27
http://www.securityfocus.com/bid/52161

Linux Kernel CVE-2013-2897 Heap Buffer Overflow Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62044

Linux Kernel CVE-2013-2893 Heap Buffer Overflow Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62050

Linux Kernel 'perf_event.c' Local Privilege Escalation Vulnerability
2013-09-27
http://www.securityfocus.com/bid/61793

Linux Kernel CVE-2013-4163 Local Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/61412

Linux Kernel CVE-2013-2892 Heap Buffer Overflow Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62049

Linux Kernel CVE-2013-2889 Heap Buffer Overflow Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62042

Linux Kernel CVE-2013-2899 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62046

Linux Kernel CVE-2013-2895 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62045

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62043

Linux Kernel CVE-2013-2896 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62048

Nano-10 PLC Modbus Packet Handling Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/61024

Django CVE-2013-1443 Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62409

Django CVE-2013-4315 Directory Traversal Vulnerability
2013-09-27
http://www.securityfocus.com/bid/62332

Monkey HTTP Daemon NULL Byte Denial of Service Vulnerability
2013-09-27
http://www.securityfocus.com/bid/60210

Monkey HTTP Daemon Multiple Denial of Service Vulnerabilities
2013-09-27
http://www.securityfocus.com/bid/60425

Monkey HTTP Daemon 'memcpy()' Function Buffer Overflow Vulnerability
2013-09-27
http://www.securityfocus.com/bid/60333

Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
2013-09-27
http://www.securityfocus.com/bid/53946

Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
2013-09-27
http://www.securityfocus.com/bid/52013

Exploit

 

26.9.2013

Bugtraq

[security bulletin] HPSBMU02872 SSRT101185 rev.2 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) 2013-09-25
security-alert hp com

[ MDVSA-2013:241 ] perl-Crypt-DSA 2013-09-25
security mandriva com

[ MDVSA-2013:240 ] glpi 2013-09-25
security mandriva com

Multiple Vulnerabilities in X2CRM 2013-09-25
High-Tech Bridge Security Research (advisory htbridge com)

GreHack 2013 - 15 Nov. Grenoble, France - Conf. Registration OPEN 2013-09-25
Fab Duchene (f duchene grehack org)

[SECURITY] [DSA 2763-1] pyopenssl security update 2013-09-24
Salvatore Bonaccorso (carnil debian org)

CVE-2013-5118 - XSS Good for Enterprise iOS 2013-09-24
mario roblest com

Malware

RDN/Generic PUP.x!b2b!D6E5475A8B8C

Qhost-Gen!6DB53DD00EAD

RDN/PWS-Banker!cs!B118DEA678CE

RDN/Generic.dx!160844D3AAC7

RDN/Generic Dropper!677C4A01377F

RDN/Generic PUP.x!b2b!31D645572C3A

Generic.dx!64D71B59AD34

RDN/Generic BackDoor!936C3FF5F6EB

Generic PWS.y!339A52AFFE49

Generic.dx!6BB1B1F50FBA

Generic StartPage!D17363B1BCE1

FakeSecTool-FAZ!3777CC95F5D3!3777CC95F5D3

RDN/Ransom!357F8CB73B69

Generic PUP.x!D22CB2FA7206

Generic PUP.x!1103D8AFFA0B

RDN/Qhost-Gen!ba!A6B3EA447A07

RDN/Downloader.gen.a!B4093FB913E5

RDN/Qhost-Gen!B96F549400FD

Generic BackDoor!D7F58024911B

RDN/Qhost-Gen!B3596A7A896C

Generic PUP.x!A7196F7715EE

Generic PUP.x!F2D040F04EA3

Generic PUP.x!7684DCB5B636

RDN/Generic PUP.x!b2b!8FEECED06828

FakeSecTool-FAZ!9C989F30846D!9C989F30846D

RDN/Downloader.a!nl!3B2F9824D5FB

RDN/Qhost-Gen!388745EC9FFD

RDN/Qhost-Gen!ba!4818D519AA91

RDN/Generic.tfr!dp!9C8B0A5156BC

RDN/Generic BackDoor!tq!52096EB53EDD

Phishing

Barclays Uk

26th September 2013

NEW MESSAGE

Lloyds TSB PLC

26th September 2013

IMPORTANT INFORMATION
REGARDING INTERNET BANKING

Nationwide Internet Bank

26th September 2013

Nationwide Building Society
customer helpdesk

Nationwide Building Society

26th September 2013

Urgent Notification (Protect
Your online Banking)

Paypal UK

26th September 2013

Online Access Has been
Suspended

PayPal

25th September 2013

PayPal

Lloydstsb

25th September 2013

YOUR ATTENTION IS NEEDED FROM
LLOYDSTSB BANK

Amazon Service

25th September 2013

AMAZON VERIFICATION ON YOUR
ACCOUNT

Lloyds

25th September 2013

ACCOUNT REVIEW NOTIFICATION!

Vulnerebility

HP ArcSight Enterprise Security Manager Management Web Interface Cross Site Scripting Vulnerability
2013-09-26
http://www.securityfocus.com/bid/62540

Perl CGI.pm 'Set-Cookie' and 'P3P' Headers HTTP Header Injection Vulnerability
2013-09-26
http://www.securityfocus.com/bid/56562

ProFTPD Race Condition Local Privilege Escalation Vulnerability
2013-09-26
http://www.securityfocus.com/bid/57172

X.Org libXp CVE-2013-2062 Multiple Remote Code Execution Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60131

X.Org libXt CVE-2013-2005 Multiple Memory Corruption Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60133

X.Org libX11 CVE-2013-2004 Multiple Denial of Service Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60146

X.Org libXi CVE-2013-1998 Multiple Remote Code Execution Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60127

X.Org libFS 'FSOpenServer()' Memory Corruption Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60130

X.Org libX11 CVE-2013-1997 Multiple Remote Code Execution Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60122

X.Org libXi 'XListInputDevices()' Memory Corruption Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60124

X.Org libXinerama 'XineramaQueryScreens()' Function Remote Code Execution Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60128

X.Org libXt '_XtResourceConfigurationEH()' Function Remote Code Execution Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60137

X.Org libXext CVE-2013-1982 Multiple Remote Code Execution Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60126

X.Org libXi CVE-2013-1984 Multiple Remote Code Execution Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60123

X.Org libX11 CVE-2013-1981 Multiple Remote Code Execution Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60120

GnuTLS CVE-2013-2116 Out of Bounds Denial of Service Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60215

Perl CVE-2012-5195 Heap-Based Memory Corruption Vulnerability
2013-09-26
http://www.securityfocus.com/bid/56287

LibTIFF 'DOTRANGE' Tags Handling Remote Buffer Overflow Vulnerability
2013-09-26
http://www.securityfocus.com/bid/56715

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
2013-09-26
http://www.securityfocus.com/bid/57702

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
2013-09-26
http://www.securityfocus.com/bid/57712

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-09-26
http://www.securityfocus.com/bid/57778

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60627

Cisco IOS And IOS XE CVE-2013-5475 Remote Denial of Service Vulnerability
2013-09-26
http://www.securityfocus.com/bid/62644

X.Org libXfixes 'XFixesGetCursorImage()' Function Remote Code Execution Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60125

X.Org libXrandr CVE-2013-1986 Multiple Remote Code Execution Vulnerabilities
2013-09-26
http://www.securityfocus.com/bid/60129

X.Org libXv 'XvQueryPortAttributes()' Function Remote Code Execution Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60143

X.Org libXxf86vm 'XF86VidModeGetGammaRamp()' Function Remote Code Execution Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60145

X.Org libXcursor '_XcursorFileHeaderCreate()' Function Remote Code Execution Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60121

X.Org libXtst CVE-2013-2063 Remote Code Execution Vulnerability
2013-09-26
http://www.securityfocus.com/bid/60141

Exploit

 

25.9.2013

Bugtraq

[SECURITY] [DSA 2763-1] pyopenssl security update 2013-09-24
Salvatore Bonaccorso (carnil debian org)

CVE-2013-5118 - XSS Good for Enterprise iOS 2013-09-24
mario roblest com

Re: DC4420 - London DEFCON - September meet - Tuesday 24th September 2013 2013-09-23
Tony Naggs (tonynaggs gmail com)

[IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin 2013-09-23
Alexandro Silva (alexos ibliss com br)

[SECURITY] [DSA 2762-1] icedove security update 2013-09-23
Moritz Muehlenhoff (jmm debian org)

Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-22
iedb team gmail com

Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-21
iedb team gmail com

Malware

RDN/Generic.tfr!EC5F608D53DA

RDN/Qhost-Gen!C72E83C1222D

Generic PUP.x!24E5B097931F

Generic PUP.x!3324B295FA98

RDN/Generic PUP.x!bhz!74E244EADA19

RDN/Generic PUP.x!bhz!9B025A013937

RDN/Generic PUP.x!3BA7D2FCB0DC

RDN/Generic PUP.x!DD096D4CE8EB

RDN/Generic PUP.x!CCF288B868C7

RDN/Generic PUP.x!E2940CBC06D4

RDN/Generic PUP.x!ADAC8F65F2FA

RDN/Downloader.gen.a!89B7C606D71B

RDN/Generic PUP.x!D5ED60BEC296

RDN/Generic PUP.x!4C3E050A91E4

RDN/Generic.dx!crc!9B4066E34CBA

RDN/Generic PUP.x!C44979C64EB6

RDN/Generic PUP.x!2C2DC8D2F232

RDN/Generic PUP.x!E544D4D1587C

RDN/Generic PUP.x!bhz!B5F7892AD7B5

Generic PUP.x!BF8A46173369

Generic PUP.x!6F8AE7F4B060

Generic PUP.x!2705EF2FD7A0

RDN/Generic PUP.x!6ADE270EC864

RDN/Generic PUP.x!E91F6080EAFF

RDN/Generic PUP.x!F5EE354688A5

RDN/Generic PWS.y!FFEAD3FD509E

Generic PUP.x!AF3D1B23F6F6

RDN/Generic BackDoor.bfr!9BC39D7CBC9B

Generic PUP.x!A23B3770FA51

RDN/Generic.dx!D8BC0CA6EC8C

Phishing

 

Vulnerebility

ZeroShell 'cgi-bin/kerbynet' Local File Disclosure Vulnerability
2013-09-25
http://www.securityfocus.com/bid/61771

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
2013-09-25
http://www.securityfocus.com/bid/36935

ProFTPD Prior To 1.3.3g Use-After-Free Remote Code Execution Vulnerability
2013-09-25
http://www.securityfocus.com/bid/50631

ProFTPD 'mod_sql' Remote Heap Based Buffer Overflow Vulnerability
2013-09-25
http://www.securityfocus.com/bid/44933

ProFTPD Multiple Remote Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/44562

ProFTPD 'mod_sftp_pam' Remote Denial of Service Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62328

ProFTPD 'mod_sftp' Module Integer Overflow Vulnerability
2013-09-25
http://www.securityfocus.com/bid/46183

Ubuntu 'rtkit' Package CVE-2013-4326 Local Security Bypass Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62505

MoinMoin CVE-2012-6495 Multiple Directory Traversal Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/57147

MoinMoin CVE-2012-6082 Cross-Site Scripting Vulnerability
2013-09-25
http://www.securityfocus.com/bid/57089

MoinMoin wiki CVE-2012-6080 Directory Traversal Vulnerability
2013-09-25
http://www.securityfocus.com/bid/57076

MoinMoin CVE-2012-6081 Multiple Arbitrary Code Execution Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/57082

GNU ZRTP CVE-2013-2223 Information Disclosure Vulnerability
2013-09-25
http://www.securityfocus.com/bid/60871

GNU ZRTP CVE-2013-2222 Multiple Stack Buffer Overflow Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/60873

GNU ZRTP 'ZRtp::storeMsgTemp()' Function Heap Buffer Overflow Vulnerability
2013-09-25
http://www.securityfocus.com/bid/60872

Django CVE-2013-4315 Directory Traversal Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62332

Django CVE-2013-1443 Denial of Service Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62409

Cisco Unified Computing System CVE-2012-4089 Local Command Injection Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62619

Samba CVE-2013-4124 Local Denial of Service Vulnerability
2013-09-25
http://www.securityfocus.com/bid/61597

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-09-25
http://www.securityfocus.com/bid/57778

pyOpenSSL SSL Client Certificate Validation Security Bypass Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62258

libupnp Multiple Buffer Overflow Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/57602

Cisco MediaSense CVE-2013-5502 Information Disclosure Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62601

IBM AIX CVE-2013-4011 Multiple Local Privilege Escalation Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/61287

LibRaw CVE-2013-1439 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/62057

LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/62060

Sophos UTM WebAdmin Unspecified Security Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62417

Multiple IBM Products CVE-2013-4025 Local Information Disclosure Vulnerability
2013-09-25
http://www.securityfocus.com/bid/62604

Apache Subversion CVE-2013-2112 Remote Denial of Service Vulnerability
2013-09-25
http://www.securityfocus.com/bid/60264

RaidSonic IB-NAS5220 and IB-NAS4220-B Multiple Security Vulnerabilities
2013-09-25
http://www.securityfocus.com/bid/57958

Exploit

  Good for Enterprise 2.2.2.1611 - XSS Vulnerability

  X2CRM 3.4.1 - Multiple Vulnerabilities

  ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure Vulnerability

24.9.2013

Bugtraq

[IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin 2013-09-23
Alexandro Silva (alexos ibliss com br)

[SECURITY] [DSA 2762-1] icedove security update 2013-09-23
Moritz Muehlenhoff (jmm debian org)

Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-22
iedb team gmail com

Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-21
iedb team gmail com

[ANN] Struts 2.3.15.2 GA release available - security fix 2013-09-21
Lukasz Lenart (lukaszlenart apache org) (1 replies)

Re: [ANN] Struts 2.3.15.2 GA release available - security fix 2013-09-23
Emi Lu (emilu encs concordia ca)

Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-21
iedb team gmail com

Malware

PWS-Zbot-FCZA!2612B4BB0ED5!2612B4BB0ED5

Generic PUP.x!29DC5D1A11FE

Generic PUP.x!0EF227C77D03

PWS-Zbot-FCZA!265F8EE18091!265F8EE18091

Generic.bfr!61772CDB4418

PWS-Zbot-FBFW!9F1868332CBF!9F1868332CBF

RDN/Generic.tfr!dp!B256A32071E0

PWS-Zbot-FCZA!9E3D1380F6A2!9E3D1380F6A2

Generic PUP.x!61153EF8605D

Generic.bfr!7428BA323EE6

Generic.bfr!F93E7A874BF5

Generic.bfr!0BB2AF4B1E53

RDN/Generic Dropper!ro!A6B79A6D486B

PWS-Zbot-FCZA!2E4A3AE1B9C9!2E4A3AE1B9C9

Generic PUP.x!4464A63183B6

Generic.bfr!88B73D6F99FC

Generic.bfr!8A772A9E7671

Generic PUP.x!B7D704C35DEF

PWS-Zbot-FBFW!2E5CB008E0C2!2E5CB008E0C2

PWS-Zbot-FCZA!30E27C7BE8E9!30E27C7BE8E9

Generic PWS.y!4089EBDB404E

PWS-Zbot-FCZA!6FBEA9DF85B5!6FBEA9DF85B5

PWS-Zbot-FBFW!6EE759D1E3A4!6EE759D1E3A4

Generic PUP.x!0E26B8D95185

Generic PUP.x!66A1A1F1ADAD

PWS-Zbot-FCZA!6A121AA961A7!6A121AA961A7

PWS-Zbot-FCZA!6D04E45044B5!6D04E45044B5

PWS-Zbot-FCZA!6CD21282E4F5!6CD21282E4F5

PWS-Zbot-FBFW!6B793558CA73!6B793558CA73

PWS-Zbot-FCZA!6C205E87073C!6C205E87073C

Phishing

 

Vulnerebility

RaidSonic IB-NAS5220 and IB-NAS4220-B Multiple Security Vulnerabilities
2013-09-24
http://www.securityfocus.com/bid/57958

TLS Protocol CVE-2012-4929 Information Disclosure Vulnerability
2013-09-24
http://www.securityfocus.com/bid/55704

Apache And Microsoft IIS Range Denial of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/21865

Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/61129

Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
2013-09-24
http://www.securityfocus.com/bid/59826

Apache Subversion CVE-2013-2088 Command Injection Vulnerability
2013-09-24
http://www.securityfocus.com/bid/60265

Apache Subversion CVE-2013-1884 Remote Denial of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/58898

Apache Subversion 'mod_dav_svn/lock.c' Remote Denial of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/58897

Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/46734

Apache Subversion 'mod_dav_svn' Remote Denial of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/58895

Apache Subversion CVE-2013-1968 Remote Denial of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/60267

Subversion 'mod_dav_svn' CVE-2013-1845 Denial of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/58896

Apache Subversion 'svn_fs_file_length()' Remote Denial of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/58323

Subversion 'mod_dav_svn' Multiple Denial of Service and Information Disclosure Vulnerabilities
2013-09-24
http://www.securityfocus.com/bid/48091

Apache Subversion CVE-2013-4131 Denial Of Service Vulnerability
2013-09-24
http://www.securityfocus.com/bid/61454

Apache Subversion CVE-2013-4277 Insecure Temporary File Creation Vulnerability
2013-09-24
http://www.securityfocus.com/bid/62266

Apache Subversion Server Component Multiple Remote Denial Of Service Vulnerabilities
2013-09-24
http://www.securityfocus.com/bid/45655

Schneider Electric Quantum Ethernet Module Hardcoded Credentials Authentication Bypass Vulnerability
2013-09-24
http://www.securityfocus.com/bid/51046

SPICE CVE-2013-4130 Multiple Denial of Service Vulnerabilities
2013-09-24
http://www.securityfocus.com/bid/61192

Moodle CVE-2013-4313 SQL Injection Vulnerability
2013-09-24
http://www.securityfocus.com/bid/62410

Moodle 'external.php' CVE-2013-5674 PHP Object Injection Vulnerability
2013-09-24
http://www.securityfocus.com/bid/62412

Moodle CVE-2013-4341 Multiple Cross Site Scripting Vulnerabilities
2013-09-24
http://www.securityfocus.com/bid/62411

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-09-24
http://www.securityfocus.com/bid/60640

PolicyKit CVE-2013-4288 Local Privilege Escalation Vulnerability
2013-09-24
http://www.securityfocus.com/bid/62511

Tinyproxy 'conf.c' Integer Overflow Security Bypass Vulnerability
2013-09-24
http://www.securityfocus.com/bid/47715

Tinyproxy ACL Security Bypass Vulnerability
2013-09-24
http://www.securityfocus.com/bid/47276

Oracle Java SE CVE-2013-2473 Buffer Overflow Vulnerability
2013-09-24
http://www.securityfocus.com/bid/60623

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-09-24
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-3744 Remote Security Vulnerability
2013-09-24
http://www.securityfocus.com/bid/60654

Oracle Java SE CVE-2013-2458 Remote Security Vulnerability
2013-09-24
http://www.securityfocus.com/bid/60652

Exploit

  Raidsonic NAS Devices Unauthenticated Remote Command Execution

  Raidsonic NAS Devices Unauthenticated Remote Command Execution

23.9.2013

Bugtraq

[security bulletin] HPSBST02919 rev.1 - HP XP P9000 Command View Advanced Edition Suite Software, Remote Cross Site Scripting (XSS) 2013-09-20
security-alert hp com

APPLE-SA-2013-09-20-1 Apple TV 6.0 2013-09-20
Apple Product Security (product-security-noreply lists apple com)

Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability 2013-09-20
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PWS.y!01846A98D527

RDN/Generic Dropper!ro!B19335B6BA5A

RDN/Generic Downloader.x!in!A81E1F940FD1

Generic PUP.x!D4BAF1E039F5

RDN/Spybot.bfr!h!34C680E1207E

RDN/Generic.grp!FA9B8BA7E5B2

RDN/Generic.grp!1814744D798E

RDN/Generic.dx!cr3!D7ABD818EEFD

RDN/Generic PUP.x!bh3!F1C0695E35C1

RDN/Autorun.worm!cw!5FCB3234EEE3

Generic.bfr!CDA977F32F4F

Generic PUP.x!5F075706FF32

Generic PUP.x!316CFC7F5F76

RDN/Generic BackDoor!tp!7B1699BEDF42

RDN/Generic PUP.x!bh3!4C00D421C302

Generic PUP.x!C8C8D070FA66

RDN/Generic Dropper!840F6DB99AA2

RDN/Generic Dropper!ro!C4B47DE355AA

RDN/FakeAlert-HDD!1814744D798E

RDN/Generic PUP.x!bh3!F46DA3AB7B30

Generic PUP.x!A8103FCC9BAD

Generic PUP.x!022C0F327F3D

RDN/Generic.bfr!fb!DBB9D65FDAE7

RDN/Generic.grp!fy!16768E91C177

RDN/Generic PUP.x!bh3!306397254CA2

RDN/Generic PUP.x!bh3!E78CB2026ECC

Generic PUP.x!ECD7A013BB47

RDN/Generic PUP.x!bh3!CF2671DB9C0C

RDN/Generic PUP.x!bh3!4F8AAC9CE90F

Generic PUP.x!BC6E346E5FB3

Phishing

 

Vulnerebility

Google Chrome Prior to 21.0.1180.89 Multiple Security Vulnerabilities
2013-09-23
http://www.securityfocus.com/bid/55331

WebKit CVE-2013-0993 Unspecified Memory Corruption Vulnerability
2013-09-23
http://www.securityfocus.com/bid/59954

Apple iPhone/iPad/iPod touch Prior to iOS 7 CVE-2013-5142 Information Disclosure Vulnerabilities
2013-09-23
http://www.securityfocus.com/bid/62522

Google Chrome Prior to 19 Multiple Security Vulnerabilities
2013-09-23
http://www.securityfocus.com/bid/53540

WebKit CVE-2013-1038 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62565

Google Chrome and Mozilla Firefox Browser Cookie Verification Security Weakness
2013-09-21
http://www.securityfocus.com/bid/58857

WebKit CVE-2013-1011 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59974

WebKit CVE-2013-5126 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62567

WebKit CVE-2013-5125 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62560

WebKit CVE-2013-1047 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62563

WebKit CVE-2013-5127 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62568

WebKit CVE-2013-1046 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62559

Google Chrome Prior to 27.0.1453.93 CVE-2013-2842 Use-After-Free Remote Code Execution Vulnerability
2013-09-21
http://www.securityfocus.com/bid/60067

WebKit CVE-2013-1037 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62551

WebKit CVE-2013-1045 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62558

WebKit CVE-2013-1010 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59976

WebKit CVE-2013-1008 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59977

WebKit CVE-2013-1041 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62556

WebKit CVE-2013-1040 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62554

WebKit CVE-2013-1039 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62553

WebKit CVE-2013-1042 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62557

WebKit CVE-2013-1044 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62571

RETIRED: Microsoft .NET Framework 'SaveAs()' Function Security Bypass Vulnerability
2013-09-21
http://www.securityfocus.com/bid/50110

WebKit CVE-2013-1043 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/62570

WebKit CVE-2013-1007 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59970

WebKit CVE-2013-1006 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59973

WebKit CVE-2013-1004 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59971

WebKit CVE-2013-1005 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59972

WebKit CVE-2013-0996 Unspecified Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59957

WebKit CVE-2013-0998 Memory Corruption Vulnerability
2013-09-21
http://www.securityfocus.com/bid/59959

Exploit

    CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow

  MS13-069 Microsoft Internet Explorer CCaret Use-After-Free

  MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution

  GLPI install.php Remote Command Execution

  Linksys WRT110 Remote Command Execution

  Wordpress NOSpamPTI Plugin - Blind SQL Injection

  Linux/x86 Multi-Egghunter

Wordpress Lazy SEO plugin Shell Upload Vulnerability

  SolarWinds Server and Application Monitor ActiveX (Pepco32c) Buffer Overflow

  Share KM 1.0.19 - Remote Denial Of Service

20.9.2013

Bugtraq

Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Web Vulnerability 2013-09-20
Vulnerability Lab (research vulnerability-lab com)

[security bulletin] HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities 2013-09-20
security-alert hp com

[SECURITY] [DSA 2761-1] puppet security update 2013-09-19
Raphael Geissert (geissert debian org)

[security bulletin] HPSBGN02923 rev.1 - HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting (XSS) 2013-09-19
security-alert hp com

[ MDVSA-2013:239 ] wordpress 2013-09-19
security mandriva com

[ MDVSA-2013:238 ] wireshark 2013-09-19
security mandriva com

[PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager 2013-09-19
noreply ptsecurity ru

An Analysis of the (In)Security State of the GameHouse Game Installation Mechanism 2013-09-19
RBS Research (research riskbasedsecurity com)

[slackware-security] glibc (SSA:2013-260-01) 2013-09-18
Slackware Security Team (security slackware com)

[security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities 2013-09-18
security-alert hp com

Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability 2013-09-18
Vulnerability Lab (research vulnerability-lab com)

CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS 2013-09-18
J. Oquendo (joquendo e-fensive net)

Malware

RDN/Generic BackDoor!tn!AD961C618680

Generic PUP.x!00BD8DA3A86B

Generic PUP.x!D8D9909CCF83

Generic PUP.x!591FAF5A9B51

RDN/Generic BackDoor!tn!486ACA604DBD

RDN/Generic PUP.x!7BC6E2A1F756

RDN/Generic PUP.x!bh3!92D4D1C7D2D8

Generic PUP.x!F5A74D7986A6

RDN/Generic Dropper!EBD505748D5F

Generic Downloader.x!AAC5065B6D1A

Generic PUP.x!3FE0074BED98

RDN/Generic Dropper!94940E843381

RDN/Generic.bfr!fb!05796A513B47

Generic PUP.x!79E3EC606444

RDN/Generic Dropper!FEA9462F8163

RDN/Generic PUP.x!bh3!AC858FD0100D

RDN/Generic PUP.x!7A49424ADC24

Generic Downloader.x!BB09BB12165B

Generic PUP.x!10BAB0591DAE

RDN/Generic PUP.z!dh!39E08945B3DD

RDN/Generic PUP.x!C42DF0AF39B2

Generic.bfr!D5CF0102303C

Generic.bfr!6952135F6B87

RDN/Generic Dropper!1A94CDD90874

RDN/Generic PUP.x!bh3!3037326670ED

Generic PUP.x!D5BFE7D8E7D3

Generic Downloader.x!738E451C9DD5

RDN/Generic PUP.x!bh3!F88E6A028C37

Generic PUP.x!F558FDC33777

RDN/Downloader.a!nk!B37E4FE07510

Phishing

 

Vulnerebility

Puppet CVE-2013-4761 Arbitrary Code Execution Vulnerability
2013-09-20
http://www.securityfocus.com/bid/61806

Puppet CVE-2013-4956 Security Bypass Vulnerability
2013-09-20
http://www.securityfocus.com/bid/61805

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1732 Buffer Overflow Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62469

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1736 Remote Memory Corruption Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62478

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62475

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62468

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1722 Remote Code Execution Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62460

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1719 Remote Memory Corruption Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62462

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1720 Heap Buffer Overflow Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62465

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1725 Remote Memory Corruption Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62467

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1738 Remote Code Execution Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62466

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1735 Remote Memory Corruption Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62479

Mozilla Firefox CVE-2013-1729 Information Disclosure Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62474

Mozilla Firefox/SeaMonkey CVE-2013-1721 Integer Overflow Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62470

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1726 Security Bypass Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62482

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1724 Remote Code Execution Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62464

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1718 Remote Memory Corruption Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62463

HP Linux Imaging and Printing System polkit Local Security Bypass Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62499

PolicyKit CVE-2013-4288 Local Privilege Escalation Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62511

libvirt 'remoteDispatchDomainMemoryStats()' Denial of Service Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62510

libvirt CVE-2013-4311 Local Security Bypass Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62508

Microsoft Access CVE-2013-3155 Memory Corruption Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62229

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1730 Remote Code Execution Vulnerability
2013-09-20
http://www.securityfocus.com/bid/62473

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-09-20
http://www.securityfocus.com/bid/57778

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
2013-09-20
http://www.securityfocus.com/bid/57712

IBM SPSS Data Collection CVE-2013-0464 Cross Site Scripting Vulnerability
2013-09-20
http://www.securityfocus.com/bid/60246

IBM Data Studio CVE-2013-0467 Information Disclosure Vulnerability
2013-09-20
http://www.securityfocus.com/bid/58000

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2013-09-20
http://www.securityfocus.com/bid/60107

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
2013-09-20
http://www.securityfocus.com/bid/57702

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-09-20
http://www.securityfocus.com/bid/60634

Exploit

  Western Digital Arkeia Remote Code Execution

  OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution

19.9.2013

Bugtraq

[ MDVSA-2013:239 ] wordpress 2013-09-19
security mandriva com

[ MDVSA-2013:238 ] wireshark 2013-09-19
security mandriva com

[PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager 2013-09-19
noreply ptsecurity ru

An Analysis of the (In)Security State of the GameHouse Game Installation Mechanism 2013-09-19
RBS Research (research riskbasedsecurity com)

[slackware-security] glibc (SSA:2013-260-01) 2013-09-18
Slackware Security Team (security slackware com)

[security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities 2013-09-18
security-alert hp com

Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability 2013-09-18
Vulnerability Lab (research vulnerability-lab com)

CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS 2013-09-18
J. Oquendo (joquendo e-fensive net)

APPLE-SA-2013-09-18-3 Xcode 5.0 2013-09-18
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBUX02927 SSRT101288 rev.1 - HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2013-09-18
security-alert hp com

APPLE-SA-2013-09-18-2 iOS 7 2013-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2013-09-18-1 iTunes 11.1 2013-09-18
Apple Product Security (product-security-noreply lists apple com)

Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability 2013-09-18
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-09-18
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[security bulletin] HPSBMU02917 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Remote Command Execution and Privilege Escalation 2013-09-18
security-alert hp com

[SECURITY] [DSA 2760-1] chrony security update 2013-09-18
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2759-1] iceweasel security update 2013-09-18
Moritz Muehlenhoff (jmm debian org)

SQL Injection in vtiger CRM 2013-09-18
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!651375EC31D7

Generic PUP.x!736D95B8BB9D

Generic PUP.x!A1829EBC845B

Generic PUP.x!21F2915B9148

Generic PUP.x!EF70E6FA3A19

Generic PUP.x!A771266A4003

Generic PUP.x!38EC1DF44486

Generic PUP.x!CAB0D8E05703

Generic PUP.x!2CE58D6C818A

Generic PUP.x!56433D88A9CB

Generic PUP.x!39A76665D029

Generic PUP.x!39BEBE841060

Generic PUP.x!FDE34437E727

Generic PUP.x!1A201788B021

Generic PUP.x!59024E278147

Generic PUP.x!4F492214DBE0

Generic PUP.x!8538A5329153

Generic PUP.x!2D1342638378

Generic PUP.x!266A79E6CEBF

Generic PUP.x!280349E6BFA8

Generic PUP.x!98522B2BD5CD

Generic PUP.x!D9C5568D3F1A

Generic PUP.x!939587B6A9C3

Generic PUP.x!5471779683CC

Generic PUP.x!7EB9ABE7AAB9

Generic PUP.x!2BABD978624C

Generic PUP.x!1F99CF207411

Generic PUP.x!7042A6864523

Generic PUP.x!1D6E79D822A3

Generic PUP.x!FEB10603CD9F

Phishing

 

Vulnerebility

Oracle Java SE CVE-2013-1557 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59170

Microsoft ATL/MFC Trace Tool 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
2013-09-19
http://www.securityfocus.com/bid/42811

Ubuntu 'Jockey' Package CVE-2013-1065 Local Security Bypass Vulnerability
2013-09-19
http://www.securityfocus.com/bid/62507

Ubuntu 'systemd' Package CVE-2013-4327 Local Security Bypass Vulnerability
2013-09-19
http://www.securityfocus.com/bid/62503

Cisco Unified Computing System CVE-2012-4081 Local Denial of Service Vulnerability
2013-09-19
http://www.securityfocus.com/bid/62488

Oracle Java SE CVE-2013-1558 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59219

Oracle Java SE CVE-2013-2429 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59184

Oracle Java SE CVE-2013-2417 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59187

Oracle Java SE CVE-2013-2438 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59185

Oracle Java SE CVE-2013-2426 Multiple Remote Code Execution Vulnerabilities
2013-09-19
http://www.securityfocus.com/bid/59206

Oracle Java SE CVE-2013-1518 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59141

Oracle Java SE CVE-2013-2418 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59145

Oracle Java SE CVE-2013-2433 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59220

Oracle Java SE CVE-2013-2430 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59243

Oracle Java SE CVE-2013-2436 Security Bypass Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59213

Oracle Java SE CVE-2013-1537 Remote Code Execution Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59194

Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59165

Oracle Java SE CVE-2013-2440 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59124

Oracle Java SE CVE-2013-1569 Stack Buffer Overflow Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59166

Oracle Java SE CVE-2013-2432 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59154

Oracle Java SE CVE-2013-2435 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59089

Oracle Java SE CVE-2013-2383 Remote Code Execution Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59190

Oracle Java SE CVE-2013-2384 Remote Code Execution Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59179

Oracle Java SE CVE-2013-2434 Remote Code Execution Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59137

Oracle Java SE CVE-2013-1563 Remote Java Runtime Environment Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59208

Ubuntu 'software-properties' Package Local Security Bypass Vulnerability
2013-09-19
http://www.securityfocus.com/bid/62504

Ubuntu 'rtkit' Package CVE-2013-4326 Local Security Bypass Vulnerability
2013-09-19
http://www.securityfocus.com/bid/62505

Ubuntu 'language-selector' Package Local Security Bypass Vulnerability
2013-09-19
http://www.securityfocus.com/bid/62500

Oracle Java SE CVE-2013-1491 Remote Code Execution Vulnerability
2013-09-19
http://www.securityfocus.com/bid/58493

Oracle Java SE CVE-2013-2419 Remote Code Execution Vulnerability
2013-09-19
http://www.securityfocus.com/bid/59131

Exploit

  Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability

  TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability

18.9.2013

Bugtraq

[SECURITY] [DSA 2758-1] python-django security update 2013-09-17
Salvatore Bonaccorso (carnil debian org)

APPLE-SA-2013-09-17-1 OS X Server v2.2.2 2013-09-17
Apple Product Security (product-security-noreply lists apple com)

[ MDVSA-2013:236 ] subversion 2013-09-17
security mandriva com

EarthVPN certificate configuration vulnerabilities 2013-09-17
y6whynrzab snkmail com

Malware

RDN/Generic.dx!cq3!9BF887847DC9

Generic PUP.x!477339F2DD31

RDN/Generic Dropper!rn!58159C567EF3

RDN/Generic.dx!D13EC446DF78

Generic PUP.x!5F455B94CE97

RDN/Generic Downloader.x!im!746D46DDACCE

RDN/Generic PUP.x!bhs!1D7F12A14059

Generic PUP.x!1B2B4CCB4D18

Generic PUP.x!2267D7011062

Generic Downloader.x!141EE2DBE68A

Generic.bfr!1D55207E9023

Generic PUP.x!18932F89DA8A

Generic PUP.x!0FEDBA26ED0C

Generic Downloader.x!FC7EA6A2B7A4

Generic PUP.x!E4476355580D

RDN/Generic.dx!cq3!CE79790F156F

Generic PUP.x!B7AE64EAD556

RDN/Generic Downloader.x!im!9B94B698DFC2

Generic PUP.x!9820C86CA83E

RDN/Generic PWS.y!ut!7CB5267EA3C1

RDN/Generic.dx!4563DABD66C0

RDN/Generic PWS.y!ut!7400C34ED0F4

Generic PUP.x!0C955922DBD9

Generic PUP.x!015248D62336

Generic PUP.x!C302FA697C22

Generic PUP.x!B3F8ACBFA74F

Generic PUP.x!B03CD8BBBA22

Ransom-FAC!B0A011D9E203!B0A011D9E203

RDN/Generic BackDoor!tm!A36B706C2D87

RDN/Generic.dx!172115ABCB34

Phishing

 

Vulnerebility

Red Hat JBoss Enterprise Application Platform CVE-2013-2185 Arbitrary File Upload Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62156

PostgreSQL CVE-2013-1901 Security Bypass Vulnerability
2013-09-18
http://www.securityfocus.com/bid/58878

Linux Kernel CVE-2013-2891 Heap Buffer Overflow Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62047

Linux Kernel CVE-2013-2894 Heap Buffer Overflow Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62052

ClamAV CVE-2013-2021 Remote Code Execution Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60118

ClamAV Remote Code Execution And Denial of Service Vulnerabilities
2013-09-18
http://www.securityfocus.com/bid/59434

Django CVE-2013-1443 Denial of Service Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62409

PostgreSQL 'contrib/pgcrypto' Functions Information Disclosure Weakness
2013-09-18
http://www.securityfocus.com/bid/58879

PostgreSQL CVE-2013-1899 Denial of Service Vulnerability
2013-09-18
http://www.securityfocus.com/bid/58876

Adobe Flash Player and AIR CVE-2013-3362 Remote Memory Corruption Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62294

Multiple Asterisk Products Invalid SDP Denial of Service Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62022

Multiple Asterisk Products SIP ACK With SDP Denial of Service Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62021

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60638

Linux Kernel CVE-2013-2892 Heap Buffer Overflow Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62049

pyrad Password Hash Information Disclosure Vulnerability and Packet Spoofing Vulnerability
2013-09-18
http://www.securityfocus.com/bid/57984

Oracle Java SE CVE-2013-2454 Remote Security Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60650

Linux Kernel CVE-2013-2893 Heap Buffer Overflow Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62050

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60647

Linux Kernel CVE-2013-2896 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62048

Linux Kernel CVE-2013-2899 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62046

Linux Kernel CONFIG_HID Local Memory Corruption Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62043

Linux Kernel CVE-2013-2897 Heap Buffer Overflow Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62044

Linux Kernel CVE-2013-2895 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62045

Linux Kernel CVE-2013-2889 Heap Buffer Overflow Vulnerability
2013-09-18
http://www.securityfocus.com/bid/62042

Oracle Java SE CVE-2013-2467 Local Security Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60649

Oracle Java SE CVE-2013-2461 Remote Security Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60645

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2445 Remote Security Vulnerability
2013-09-18
http://www.securityfocus.com/bid/60639

Wireshark Multiple Denial of Service Vulnerabilities
2013-09-18
http://www.securityfocus.com/bid/61471

Exploit

 

17.9.2013

Bugtraq

[ MDVSA-2013:235 ] mediawiki 2013-09-16
security mandriva com

Botconf 2013 - Pre-programme pubished & registration open (Nantes, France, 5-6/12/2013) 2013-09-15
Eric Freyssinet (eric freyssinet gmail com)

OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption 2013-09-15
Kevin W. Wall (kevin w wall gmail com)

Malware

RDN/Generic.bfr!fb!34F6ACD618A9

RDN/Generic PUP.x!12C57800867E

W32/Spybot.bfr!E9A5C8E12495

Generic.dx!C13EAD70B298

RDN/Generic.bfr!fb!5382482ABE5F

RDN/Generic.bfr!fb!D13D07854B4C

RDN/Generic.bfr!fb!4C8DF84D4E52

RDN/Generic.bfr!fb!584909CED393

RDN/Generic.bfr!54D15A2F4779

Ransom-FAC!9DE9BBC6678F!9DE9BBC6678F

RDN/Generic BackDoor!tm!7506F0A8687F

RDN/Generic.bfr!fb!10FCA9FBA83C

Generic.bfr!5921C2E2F7F4

RDN/Generic Dropper!rn!D890F6612F3B

RDN/Generic PUP.x!bhs!FF72DD6C20EC

RDN/Generic.dx!cqs!F4DAE4801E17

RDN/Generic PUP.x!bhs!4825E938AA09

RDN/Generic PUP.x!bhs!EE9065F3D07A

W32/Spybot.bfr!E272892D2966

RDN/Generic BackDoor!tm!27183A48B62A

RDN/Generic PUP.x!bhs!E84FC2EC34BD

RDN/Autorun.bfr!d!9258B87E17A2

W32/Spybot.bfr!B77843F50D32

W32/Spybot.bfr!4E451B5756DB

RDN/Generic.bfg!c!AFB6AF529304

RDN/Generic PUP.x!bhs!245005701ADE

RDN/Generic.dx!cqs!76D2BEB6C9E2

Generic PUP.x!F7CD1851A06B

RDN/Generic PUP.x!bhs!1DA387A198BD

RDN/Generic.bfr!fb!FC0BB9E53953

Phishing

 

Vulnerebility

Moodle 'external.php' CVE-2013-5674 PHP Object Injection Vulnerability
2013-09-17
http://www.securityfocus.com/bid/62412

RETIRED: Adobe Reader and Acrobat APSB13-22 Prenotification Multiple Vulnerabilities
2013-09-17
http://www.securityfocus.com/bid/62234

RETIRED: Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities
2013-09-17
http://www.securityfocus.com/bid/62293

Adobe Flash Player and AIR CVE-2013-1380 Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/58949

Xen Page Reference Counting CVE-2013-1432 Denial of Service Vulnerability
2013-09-17
http://www.securityfocus.com/bid/60799

Adobe Flash Player CVE-2013-3347 Integer Overflow Vulnerability
2013-09-17
http://www.securityfocus.com/bid/61048

Adobe Flash Player CVE-2013-3345 Unspecified Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/61045

Adobe Flash Player and AIR CVE-2013-3363 Remote Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/62295

Adobe Flash Player and AIR CVE-2013-3361 Remote Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/62290

Adobe Flash Player and AIR CVE-2013-2728 Remote Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/59889

Adobe Flash Player and AIR CVE-2013-5324 Remote Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/62296

Adobe Flash Player and AIR CVE-2013-3343 Remote Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/60478

Adobe Flash Player CVE-2013-3344 Unspecified Heap Buffer Overflow Vulnerability
2013-09-17
http://www.securityfocus.com/bid/61043

Adobe Flash Player and AIR CVE-2013-3362 Remote Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/62294

Adobe Flash Player and AIR CVE-2013-2555 Remote Integer Overflow Vulnerability
2013-09-17
http://www.securityfocus.com/bid/58396

Adobe Flash Player and AIR CVE-2013-1375 Remote Heap Based Buffer Overflow Vulnerability
2013-09-17
http://www.securityfocus.com/bid/58439

Adobe Flash Player and AIR CVE-2013-1372 Buffer Overflow Vulnerability
2013-09-17
http://www.securityfocus.com/bid/57912

Adobe Flash Player and AIR CVE-2013-1373 Buffer Overflow Vulnerability
2013-09-17
http://www.securityfocus.com/bid/57917

Adobe Flash Player and AIR CVE-2013-1374 Use After Free Remote Code Execution Vulnerability
2013-09-17
http://www.securityfocus.com/bid/57932

Adobe Flash Player and AIR CVE-2013-1378 Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/58947

Adobe Flash Player and AIR CVE-2013-1371 Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/58438

Adobe Flash Player and AIR CVE-2013-1379 Memory Corruption Vulnerability
2013-09-17
http://www.securityfocus.com/bid/58951

Mediawiki CVE-2013-4302 Multiple Cross Site Request Forgery Vulnerabilities
2013-09-17
http://www.securityfocus.com/bid/62215

Django CVE-2013-4315 Directory Traversal Vulnerability
2013-09-17
http://www.securityfocus.com/bid/62332

Mediawiki CVE-2013-4303 Cross Site Scripting Vulnerability
2013-09-17
http://www.securityfocus.com/bid/62194

pyOpenSSL SSL Client Certificate Validation Security Bypass Vulnerability
2013-09-17
http://www.securityfocus.com/bid/62258

libmodplug CVE-2013-4234 Multiple Heap Buffer Overflow Vulnerabilities
2013-09-17
http://www.securityfocus.com/bid/61714

libmodplug CVE-2013-4233 Integer Overflow Vulnerability
2013-09-17
http://www.securityfocus.com/bid/61713

Oracle Java SE CVE-2013-2462 Remote Security Vulnerability
2013-09-17
http://www.securityfocus.com/bid/60630

IBM Java CVE-2013-3006 Unspecified Arbitrary Code Execution Vulnerability
2013-09-17
http://www.securityfocus.com/bid/61302

Exploit

  PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF)

  Oracle Java ShortComponentRaster.verify() Memory Corruption

  D-Link Devices UPnP SOAP Telnetd Command Execution

  Sophos Web Protection Appliance sblistpack Arbitrary Command Execution

  HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload

  HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload

  Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation

  Agnitum Outpost Internet Security Local Privilege Escalation

  OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities

  Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities

  Vino VNC Server 3.7.3 - Persistent Denial of Service

16.9.2013

Bugtraq

[ MDVSA-2013:234 ] python-django 2013-09-13
security mandriva com

[ MDVSA-2013:232 ] libmodplug 2013-09-13
security mandriva com

Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability 2013-09-13
brianwarehime gmail com

[SECURITY] [DSA 2756-1] wireshark security update 2013-09-13
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2013:233 ] python-OpenSSL 2013-09-13
security mandriva com

[SECURITY] [DSA 2753-1] mediawiki security update 2013-09-13
Thijs Kinkhorst (thijs debian org)

OpenSSL,OpenSSH ecdsa authentication code inconsistent return values.. no vulnerability? 2013-09-13
king cope (isowarez isowarez isowarez googlemail com)

APPLE-SA-2013-09-12-2 Safari 5.1.10 2013-09-12
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 2013-09-12
Apple Product Security (product-security-noreply lists apple com)

WordPress Fixes Multiple Vulnerabilities With 3.6.1 Release 2013-09-13
danielthomson72 gmail com

[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin 2013-09-12
Alexandro Silva (alexos ibliss com br)

[ MDVSA-2013:231 ] openswan 2013-09-12
security mandriva com

[ MDVSA-2013:230 ] gdm 2013-09-11
security mandriva com

Malware

RDN/Generic BackDoor!tm!7A9283CE46E8

ZeroAccess-FBE!AEBA617D955D!AEBA617D955D

RDN/Generic Dropper!rn!ED77EB0E35EC

RDN/Generic BackDoor!tm!FF960366DD8F

RDN/Downloader.a!nk!52EA1F59F837

RDN/Generic.dx!67E7242C1625

RDN/Generic Dropper!rn!49FAE358E4A2

RDN/Generic BackDoor!tm!DE1325C5FD52

W32/Virut.gen!157FCCF394F5

ZeroAccess-FBE!E28B7800030D!E28B7800030D

RDN/Generic BackDoor!tm!8FD96BDB688D

RDN/Generic BackDoor!tm!A5DD6087AD59

RDN/Generic BackDoor!tm!5AB94CCD9785

RDN/Generic.bfr!fb!CD9B2EA54F89

Generic PUP.x!7AACDE9C7442

ZeroAccess-FBE!4907050028C3!4907050028C3

Generic Dropper!6C7935C162CD

RDN/Generic.dx!cqs!03508E608CF6

RDN/Generic.bfr!fb!77F0E5BE4105

RDN/Generic BackDoor!tm!DD1F4410C32F

RDN/Generic Dropper!rn!2BE5CE1AED7D

Generic PUP.x!CD3230879C58

Generic PUP.x!038DE3361C3C

Generic PUP.x!46B2CD0EE3AA

RDN/Generic BackDoor!E2BAB51A6C74

RDN/Generic Dropper!rn!A25568221FAB

RDN/Generic.bfr!789A25996AA6

RDN/Generic PUP.x!bhr!AF5AB4B3E0C5

Generic PUP.x!22C362A1C0F0

RDN/Generic PUP.x!bhr!2BBD9D0B3715

Phishing

 

Vulnerebility

Squid 'idnsALookup()' Function Remote Buffer Overflow Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61111

Squid 'cachemgr.cgi' Incomplete Fix Remote Denial of Service Vulnerability
2013-09-16
http://www.securityfocus.com/bid/57646

Squid 'cachemgr.cgi' Remote Denial of Service Vulnerability
2013-09-16
http://www.securityfocus.com/bid/56957

FFmpeg Prior to 1.1.2 Multiple Remote Security Vulnerabilities
2013-09-16
http://www.securityfocus.com/bid/57868

Mozilla Firefox/Thunderbird/Seamonkey CVE-2013-1701 Multiple Memory Corruption Vulnerabilities
2013-09-16
http://www.securityfocus.com/bid/61874

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2013-09-16
http://www.securityfocus.com/bid/60107

Cisco Unified MeetingPlace CVE-2013-5495 Cross Site Scripting Vulnerability
2013-09-16
http://www.securityfocus.com/bid/62389

Python SSL Module CVE-2013-4238 Security Bypass Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61738

Cisco Unified Communications Manager CVE-2013-3472 Cross Site Request Forgery Vulnerability
2013-09-16
http://www.securityfocus.com/bid/62032

Google Chrome CVE-2013-2903 Use After Free Remote Code Execution Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61888

Google Chrome CVE-2013-2904 Use After Free Remote Code Execution Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61889

Google Chrome CVE-2013-2905 Information Disclosure Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61890

Google Chrome CVE-2013-2887 Multiple Unspecified Security Vulnerabilities
2013-09-16
http://www.securityfocus.com/bid/61885

Google Chrome CVE-2013-2900 Unspecified Security Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61887

Google Chrome CVE-2013-2901 Integer Overflow Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61891

Google Chrome CVE-2013-2902 Use After Free Remote Code Execution Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61886

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2013-1717 Information Disclosure Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61896

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1713 Same Origin Policy Security Bypass Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61876

Mozilla Firefox/SeaMonkey CVE-2013-1711 Cross Site Scripting Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61872

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1714 Same Origin Policy Security Bypass Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61882

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1710 Arbitrary Code Execution Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61900

Mozilla Firefox/SeaMonkey CVE-2013-1705 Use-After-Free Remote Code Execution Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61871

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1707 Local Stack Buffer Overflow Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61873

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1709 Cross Site Scripting Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61867

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1706 Local Stack Buffer Overflow Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61869

Mozilla Firefox/SeaMonkey CVE-2013-1704 Use-After-Free Memory Corruption Vulnerability
2013-09-16
http://www.securityfocus.com/bid/61864

Mozilla Firefox/Thunderbird/Seamonkey CVE-2013-1702 Multiple Memory Corruption Vulnerabilities
2013-09-16
http://www.securityfocus.com/bid/61875

IBM SPSS Data Collection CVE-2013-0464 Cross Site Scripting Vulnerability
2013-09-16
http://www.securityfocus.com/bid/60246

Cisco SocialMiner 'administration.jsp' CVE-2013-5492 Information Disclosure Vulnerability
2013-09-16
http://www.securityfocus.com/bid/62334

WordPress Design Approval System Plugin 'step' Parameter Cross Site Scripting Vulnerability
2013-09-16
http://www.securityfocus.com/bid/62271

Exploit

  Mitsubishi MC-WorkX 8.02 ActiveX Control (IcoLaunch) File Execution

  Router ONO Hitron CDE-30364 - CSRF Vulnerability

13.9.2013

Bugtraq

OpenSSL,OpenSSH ecdsa authentication code inconsistent return values.. no vulnerability? 2013-09-13
king cope (isowarez isowarez isowarez googlemail com)

APPLE-SA-2013-09-12-2 Safari 5.1.10 2013-09-12
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 2013-09-12
Apple Product Security (product-security-noreply lists apple com)

WordPress Fixes Multiple Vulnerabilities With 3.6.1 Release 2013-09-13
danielthomson72 gmail com

[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin 2013-09-12
Alexandro Silva (alexos ibliss com br)

[ MDVSA-2013:231 ] openswan 2013-09-12
security mandriva com

Malware

Generic.bfr!EE12488F6ED7

RDN/Generic PUP.x!bhp!4BDA1FE200DD

Generic.bfr!F94C01BBBB94

RDN/Generic BackDoor!tk!2C70E9A7E010

RDN/Generic BackDoor!tk!E9341AEB3143

RDN/Generic PWS.y!us!FEAC52C9CD85

Generic PUP.x!CA7A0F0CD260

Generic Downloader.x!AAD0CBB0B6F2

RDN/Generic Qhost!j!C11A92141A4E

RDN/Generic.bfr!fa!C1A9D6917FF4

Generic Downloader.x!2D3BCACB2C31

Generic.bfr!F0AFEB664817

Generic PUP.x!5D841266AAC4

Generic.bfr!111ECA46D7F4

RDN/Generic PUP.x!bhp!0AF9064BAB8E

RDN/Generic.bfr!fa!6954A59CEAFA

Generic PUP.x!DFDD2FCECBE3

Generic.bfr!5DA1FCC7A671

Generic.dx!367BABA4AD65

RDN/Vundo!0044383E5DF9

RDN/Generic PUP.x!bhp!23F0ADAE1FCB

RDN/Generic PUP.x!bhp!EBED3BB85942

RDN/Generic PUP.x!bhp!DFA31FA1A207

RDN/Generic.tfr!A213A571745B

Generic BackDoor!8CDD81436F3B

Generic.tfr!B98A22FF5B2B

Generic.bfr!DE65672636C2

RDN/Generic PUP.x!bhp!EC2262C35C7A

RDN/Generic PUP.x!82ECEDE81D07

Generic.tfr!EDCCE71EEC2C

Phishing

 

Vulnerebility

Linux Kernel CVE-2013-2206 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-13
http://www.securityfocus.com/bid/60715

RETIRED: Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities
2013-09-13
http://www.securityfocus.com/bid/62301

Linux Kernel 'key_notify_policy_flush()' Function Local Information Disclosure Vulnerability
2013-09-13
http://www.securityfocus.com/bid/60953

Linux Kernel CVE-2012-6544 Multiple Local Information Disclosure Vulnerabilities
2013-09-13
http://www.securityfocus.com/bid/58990

Linux Kernel 'perf' Multiple Denial of Service and Information Disclosure Vulnerabilities
2013-09-13
http://www.securityfocus.com/bid/60324

Linux Kernel 'inet->opt ip_options' Local Denial of Service Vulnerability
2013-09-13
http://www.securityfocus.com/bid/55359

Microsoft Internet Explorer CVE-2013-3845 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62214

Microsoft Internet Explorer CVE-2013-3202 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62204

Microsoft Internet Explorer CVE-2013-3203 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62206

Microsoft Internet Explorer CVE-2013-3201 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62187

Microsoft Internet Explorer CVE-2013-3207 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62211

Microsoft Internet Explorer CVE-2013-3209 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62213

Microsoft Internet Explorer CVE-2013-3205 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62208

Microsoft Internet Explorer CVE-2013-3204 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62207

Microsoft Internet Explorer CVE-2013-3208 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62212

Microsoft Internet Explorer CVE-2013-3206 Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62209

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3866 Local Privilege Escalation Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62199

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3865 Local Privilege Escalation Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62198

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1342 Local Privilege Escalation Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62193

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1343 Local Privilege Escalation Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62195

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1341 Local Privilege Escalation Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62180

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3864 Local Privilege Escalation Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62197

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1344 Local Privilege Escalation Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62196

Multiple Cisco Products ActiveMQ CVE-2013-5488 Denial of Service Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62333

Cisco Digital Media Manager CVE-2013-3446 Open Redirection Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62337

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-09-13
http://www.securityfocus.com/bid/57778

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-09-13
http://www.securityfocus.com/bid/60268

OpenSSL CVE-2012-2686 Remote Denial of Service Vulnerability
2013-09-13
http://www.securityfocus.com/bid/57755

OpenSSL CVE-2012-2131 Encoded ASN.1 Data Incomplete Fix Memory Corruption Vulnerability
2013-09-13
http://www.securityfocus.com/bid/53212

LightDM 'xauthority.c' File Insecure File Permissions Vulnerability
2013-09-13
http://www.securityfocus.com/bid/62329

Exploit

  Zimplit CMS 3.0 - Multiple Vulnerabilities

  Vestel TV 42pf9322 - Denial of Service

12.9.2013

Bugtraq

[ MDVSA-2013:230 ] gdm 2013-09-11
security mandriva com

OWASP Zed Attack Proxy 2.2.0 2013-09-11
psiinon (psiinon gmail com)

[security bulletin] HPSBUX02928 SSRT101274 rev.1 - HP-UX running perl, Remote Denial of Service (DoS) 2013-09-11
security-alert hp com

[SECURITY] [DSA 2755-1] python-django security update 2013-09-11
Salvatore Bonaccorso (carnil debian org)

ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation in kbdint authentication 2013-09-11
king cope (isowarez isowarez isowarez googlemail com)

Cross-Site Scripting (XSS) in WikkaWiki 2013-09-11
High-Tech Bridge Security Research (advisory htbridge com)

Insecure CHIASMUS encryption in GSTOOL 2013-09-11
Jan Schejbal (jan mailinglisten googlemail com)

Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability 2013-09-11
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2754-1] exactimage security update 2013-09-10
Raphael Geissert (geissert debian org)

Malware

RDN/Generic Dropper!rm!C9D1EA617273

RDN/Generic BackDoor!tj!1F8D8A14F415

Generic.dx!0F0FE4F79B71

RDN/Generic.tfr!952CFD96878E

RDN/Generic PUP.z!df!0463FA823C97

Generic.dx!95226EF37D70

RDN/Generic.tfr!dp!1766622B0C74

W32/Virus.gen!085288DB0C40

RDN/Generic PUP.x!C350B8993451

RDN/Generic BackDoor!tj!C08EEAE73CB0

Generic.dx!0DE4091CFA04

RDN/Generic BackDoor!tj!0E98A55CBF49

RDN/Generic.dx!cqn!1DF57CFCD063

RDN/Generic Downloader.x!im!143D5C0CB829

RDN/Generic BackDoor!tj!CEB27161FA60

RDN/Generic.bfr!fa!51D0BD923E68

Generic.bfr!6BB7B6AC2AF4

W32/Autorun.bfr!A0EC55888F2E

Generic StartPage!A2798BEC102F

RDN/Generic.bfr!6DC0B95EA6EA

RDN/Generic BackDoor!tj!34635E347C35

Generic.bfr!5989EC468F70

Generic Dropper!5B7BD00E9164

Generic PUP.x!6634CF5543B8

Generic PUP.x!A039001F81B6

RDN/Generic PUP.x!E3ABE1D5A6A0

Generic.dx!73F1ABF1395D

Generic PUP.x!CF69E499B8EF

Generic BackDoor!C8A52DC46AC3

RDN/Generic PUP.x!79BE52ED89D9

Phishing

 

Vulnerebility

Oracle Java SE CVE-2013-2451 Local Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60625

Oracle Java SE CVE-2013-2434 Remote Code Execution Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59137

Oracle Java SE CVE-2013-2433 Remote Java Runtime Environment Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59220

Oracle Java SE CVE-2013-1484 Remote Java Runtime Environment Vulnerability
2013-09-12
http://www.securityfocus.com/bid/58027

IBM Lotus Notes Unspecified Remote Buffer Overflow Vulnerability
2013-09-12
http://www.securityfocus.com/bid/38300

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2449 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60622

Oracle Java SE CVE-2013-2453 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60644

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60646

Oracle Java SE CVE-2013-2446 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60620

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2447 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60629

Oracle Java SE CVE-2013-2440 Remote Java Runtime Environment Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59124

Oracle Java SE CVE-2013-2438 Remote Java Runtime Environment Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59185

Oracle Java SE CVE-2013-2435 Remote Java Runtime Environment Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59089

Oracle Java SE CVE-2013-2436 Security Bypass Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59213

Oracle Java SE CVE-2013-2419 Remote Code Execution Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59131

Oracle Java Runtime Environment CVE-2013-2423 Security Bypass Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59162

Oracle Java SE CVE-2013-2418 Remote Java Runtime Environment Vulnerability
2013-09-12
http://www.securityfocus.com/bid/59145

Oracle Java SE CVE-2013-2437 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60636

Oracle Java SE CVE-2013-1485 Security Bypass Vulnerability
2013-09-12
http://www.securityfocus.com/bid/58028

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2442 Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/60643

Oracle Java SE CVE-2013-1486 Remote Java Runtime Environment Vulnerability
2013-09-12
http://www.securityfocus.com/bid/58029

Oracle Java SE CVE-2013-1480 Remote Code Execution Vulnerability
2013-09-12
http://www.securityfocus.com/bid/57691

Oracle Java SE CVE-2013-1481 Remote Code Execution Vulnerability
2013-09-12
http://www.securityfocus.com/bid/57718

Oracle Java SE CVE-2013-1473 Java Runtime Environment Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/57731

Oracle Java SE CVE-2013-0444 Java Runtime Environment Remote Security Vulnerability
2013-09-12
http://www.securityfocus.com/bid/57701

Exploit

  Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities

  Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Vulnerability MS13-067

  D-Link DSL-2740B - Multiple CSRF Vulnerabilities

  Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

11.9.2013

Bugtraq

[security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse 2013-09-10
security-alert hp com

[ MDVSA-2013:229 ] bzr 2013-09-10
security mandriva com

FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast [REVISED] 2013-09-10
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile 2013-09-10
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-13:10.sctp [REVISED] 2013-09-10
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs 2013-09-10
FreeBSD Security Advisories (security-advisories freebsd org)

[ MDVSA-2013:228 ] cacti 2013-09-10
security mandriva com

FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl 2013-09-10
FreeBSD Security Advisories (security-advisories freebsd org)

Open-Xchange Security Advisory 2013-09-10 2013-09-10
Martin Braun (martin braun open-xchange com)

Multiple vulnerabilities on D-Link Dir-505 devices 2013-09-09
alessandro dipinto artificialstudios org

[ MDVSA-2013:227 ] python-setuptools 2013-09-09
security mandriva com

Malware

RDN/Generic.bfr!fa!0F965C4684FF

RDN/Generic Dropper!rl!003C6588491B

RDN/Generic PUP.x!bhn!6ADA0B770BC2

Generic PUP.x!616DE9AE3B73

Generic PUP.x!970AB25FBCD7

RDN/Generic.grp!fw!ED1165E94312

RDN/Generic.bfg!c!17DD3D00282F

RDN/Generic BackDoor!tj!68523B38437E

RDN/Generic.bfr!5A9C417B82EF

RDN/Generic.tfr!D9F7DC826636

RDN/Generic.bfr!74C63FAAB1BF

RDN/Generic.tfr!B2379838E0D7

RDN/Generic.dx!A3D8C25BA32B

RDN/Generic Dropper!rl!D3193E806BCF

Generic.bfr!1D47CBA3E8FF

RDN/Generic PUP.x!bhn!D70968990E3A

RDN/Generic PUP.x!05EDF221A2F6

RDN/Generic PUP.z!df!0B8C34DFF202

RDN/Generic.grp!fw!38155B6821FD

Generic PUP.x!100CE46646F6

Generic Dropper!AF30F8DB7D46

RDN/Generic Downloader.x!A6F892E58C77

RDN/Generic.bfr!29128AE5FDE1

RDN/Generic PUP.x!bhn!EA2DA4A682E5

Generic PUP.x!C2800831127F

RDN/Generic PUP.x!bhn!7B96AB5917B1

RDN/Generic PUP.x!bhn!1B9C72FDFB44

Generic PUP.x!C8CE55A8A74C

RDN/Generic.bfr!fa!42FBFF23FB79

RDN/Generic PUP.x!838598397530

Phishing

 

Vulnerebility

Multiple HP Products Multiple Unspecified Remote Security Vulnerabilities
2013-09-11
http://www.securityfocus.com/bid/62301

Imagemagick 'gif.c' Memory Corruption Vulnerability
2013-09-11
http://www.securityfocus.com/bid/62080

Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2013-09-11
http://www.securityfocus.com/bid/59877

Sophos Web Appliance CVE-2013-4983 Remote Command Injection Vulnerability
2013-09-11
http://www.securityfocus.com/bid/62263

OpenPNE 3 XML External Entity Injection Vulnerability
2013-09-11
http://www.securityfocus.com/bid/62285

Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
2013-09-11
http://www.securityfocus.com/bid/51706

PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities
2013-09-11
http://www.securityfocus.com/bid/41991

Cacti Cross Site Scripting and HTML Injection Vulnerabilities
2013-09-11
http://www.securityfocus.com/bid/62001

Cacti 'id' Parameter SQL Injection Vulnerability
2013-09-11
http://www.securityfocus.com/bid/62005

LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2013-09-11
http://www.securityfocus.com/bid/62060

LibRaw CVE-2013-1439 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2013-09-11
http://www.securityfocus.com/bid/62057

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60657

freeFTPd 'PASS' Command Buffer Overflow Vulnerability
2013-09-11
http://www.securityfocus.com/bid/61905

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2447 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60629

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60647

Oracle Java SE CVE-2013-2454 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60650

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60631

Oracle Java SE CVE-2013-2466 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60624

Oracle Java SE CVE-2013-2456 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60641

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2013-2451 Local Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60625

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60655

Oracle Java SE CVE-2013-2453 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60644

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2455 Remote Code Execution Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60619

Oracle Java SE CVE-2013-2437 Remote Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60636

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-09-11
http://www.securityfocus.com/bid/60627

Exploit

 

10.9.2013

Bugtraq

[slackware-security] subversion (SSA:2013-251-01) 2013-09-09
Slackware Security Team (security slackware com)

[SECURITY] [DSA 2752-1] phpbb3 security update 2013-09-07
Thijs Kinkhorst (thijs debian org)

Event Easy Calendar 1.0.0 WP plugin 2013-09-07
roguecoder hush com

Malware

RDN/Generic BackDoor!ti!A2CB8DBCBFE0

RDN/Generic Qhost!j!2F99A460ACA5

Generic.bfr!303D33C5BE79

RDN/Generic Dropper!85C987283BA6

RDN/Generic.bfr!fa!2F4F14E4A009

RDN/Generic BackDoor!ti!3074EFB60E76

RDN/Generic.bfr!fa!2E52CDE3A45E

Generic PUP.x!2C348A6DC122

Generic.bfr!2F02D7802CD4

RDN/Generic PUP.x!bhn!9C9DD4ABFFB8

Generic.bfr!3031968A744F

RDN/Generic.bfr!2FB6D8AF5825

Generic PUP.x!2DBE76A081C2

Generic.bfr!2DF0AC17F6A4

Generic.bfr!2CD222C8DE20

Generic PUP.x!2D34BCD721C9

Generic.bfr!2F08A3ED853D

Generic.bfr!2CFE594C0DEC

RDN/Generic.bfr!fa!4C2FE553E2BA

RDN/Generic PUP.x!2DABA5C9E4E0

RDN/Generic PUP.x!2C94DF4BC5B1

Generic Downloader.x!2D96479A1FCD

Generic.bfr!2EDF901200FB

Generic BackDoor!8389D577AE5D

RDN/Generic.grp!2C84B701DBF8

Generic PUP.x!2B6BD8AF4612

Generic.bfr!2B24F2472685

Generic PUP.x!2C0663628429

RDN/Generic PUP.x!bhn!2CE1DD8EE432

Generic.bfr!2940A488EF2D

Phishing

 

Vulnerebility

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/60646

Oracle MySQL Server CVE-2013-3806 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61235

Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61238

Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61272

Cisco Adaptive Security Appliance (ASA) Software Denial of Service Vulnerability
2013-09-10
http://www.securityfocus.com/bid/62251

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
2013-09-10
http://www.securityfocus.com/bid/53158

Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61227

Cisco SocialMiner CVE-2013-5483 Cross Site Scripting Vulnerability
2013-09-10
http://www.securityfocus.com/bid/62252

Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61252

Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61256

Oracle MySQL Server CVE-2013-3812 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61249

Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61214

Oracle MySQL Server CVE-2013-3804 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61260

Oracle MySQL Server CVE-2013-3796 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61233

Oracle MySQL Server CVE-2013-3794 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61222

Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61210

Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61244

Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61269

Oracle MySQL Server CVE-2013-3798 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61274

Oracle MySQL Server CVE-2013-3795 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61241

MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
2013-09-10
http://www.securityfocus.com/bid/58511

Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61264

Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
2013-09-10
http://www.securityfocus.com/bid/56769

pyOpenSSL SSL Client Certificate Validation Security Bypass Vulnerability
2013-09-10
http://www.securityfocus.com/bid/62258

LibTIFF CVE-2013-4244 Out of Bounds Memory Corruption Vulnerability
2013-09-10
http://www.securityfocus.com/bid/62019

Linux Kernel 'skbuff.c' Local Denial of Service Vulnerability
2013-09-10
http://www.securityfocus.com/bid/61411

Linux Kernel Btrfs CRC32C feature Infinite Loop Local Denial of Service Vulnerability
2013-09-10
http://www.securityfocus.com/bid/56939

Linux Kernel Btrfs CRC32C feature CVE-2012-5375 Security Bypass Vulnerability
2013-09-10
http://www.securityfocus.com/bid/56940

Exploit

  HP SiteScope Remote Code Execution

  MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free

  eM Client e-mail client v5.0.18025.0 Stored XSS vulnerability

  AjaXplorer 1.0 - Multiple Vulnerabilities

  glFusion 1.3.0 (search.php, cat_id param) - SQL Injection

  D-Link DIR-505 1.06 - Multiple Vulnerabilities

9.9.2013

Bugtraq

[CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities 2013-09-06
CORE Advisories Team (advisories coresecurity com)

APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 2013-09-06
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 2013-09-06
Mihaela Popescu-Stanesti (maru apple com)

CFP: WorldCIST'14 - World Conference on IST; Best papers published in ISI Journals 2013-09-06
Maria Lemos (marialemos72 gmail com)

[ MDVSA-2013:226 ] roundcubemail 2013-09-05
security mandriva com

Malware

Generic PUP.x!3B932F15D278

Generic PUP.x!61293D15A0DA

Generic Dropper!4DFC1F09BB76

Generic PUP.x!7AB1D19791FE

Generic PUP.x!C62B8102FD48

RDN/Generic Dropper!28821439A17A

Generic PUP.x!16847CFA68C4

Generic PUP.x!451D1AD020C8

Generic PUP.x!62875A9D5077

RDN/Generic PUP.x!bhk!27D43BD3D34E

RDN/Generic PUP.x!3084F1D36B1F

Generic StartPage!4F3EDF4487BC

Generic PUP.x!EACE1ED831AA

Generic PUP.x!9359A31018D3

Generic PUP.x!574384B3CD23

RDN/Generic.dx!cqk!098CB5B63690

Generic PUP.x!DF36118278FC

RDN/Generic.bfr!fa!F6BBD632BF5A

RDN/Generic Dropper!38A7F7787CA4

ZeroAccess-FBR!73AFFA1B161B!73AFFA1B161B

Generic Downloader.x!104D2BD63456

Generic PUP.x!7BADA0BABA7E

RDN/Autorun.worm!cw!F3FA81F8245F

RDN/Generic BackDoor!ti!DE10CF07F9AD

Generic PUP.x!6ED63884182F

RDN/Downloader.a!nj!FD88E8DDDD66

RDN/Generic Downloader.x!im!E5FBD5DFB587

RDN/Generic Downloader.x!im!E3014F290C36

RDN/Generic Dropper!rl!D4D86D546A08

RDN/Generic StartPage!bo!C4E93B9A0205

Phishing

 

Vulnerebility

Microsoft Internet Explorer CVE-2013-3184 Memory Corruption Vulnerability
2013-09-09
http://www.securityfocus.com/bid/61668

Graphite 'renderLocalView()' Function Remote Code Execution Vulnerability
2013-09-09
http://www.securityfocus.com/bid/61894

Linux Kernel Btrfs CRC32C feature Infinite Loop Local Denial of Service Vulnerability
2013-09-09
http://www.securityfocus.com/bid/56939

Linux Kernel Btrfs CRC32C feature CVE-2012-5375 Security Bypass Vulnerability
2013-09-09
http://www.securityfocus.com/bid/56940

Linux Kernel CVE-2013-2206 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-09
http://www.securityfocus.com/bid/60715

Linux Kernel 'kvm_set_memory_region()' Function Local Privilege Escalation Vulnerability
2013-09-09
http://www.securityfocus.com/bid/60466

Linux Kernel CVE-2013-4163 Local Denial of Service Vulnerability
2013-09-09
http://www.securityfocus.com/bid/61412

Linux Kernel Ceph CVE-2013-1059 Remote Denial of Service Vulnerability
2013-09-09
http://www.securityfocus.com/bid/60922

Linux Kernel CVE-2013-2851 Memory Corruption Vulnerability
2013-09-09
http://www.securityfocus.com/bid/60409

Linux Kernel 'mmc_ioctl_cdrom_read_data()' Function Local Information Disclosure Vulnerability
2013-09-09
http://www.securityfocus.com/bid/60375

TYPO3 File Handling Security Bypass Vulnerability
2013-09-09
http://www.securityfocus.com/bid/62255

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-09-09
http://www.securityfocus.com/bid/57778

Zend Server CVE-2012-5382 Insecure File Permissions Vulnerability
2013-09-09
http://www.securityfocus.com/bid/55941

PHP CVE-2012-5381 Insecure File Permissions Vulnerability
2013-09-09
http://www.securityfocus.com/bid/55940

RubyInstaller CVE-2012-5380 Insecure File Permissions Vulnerability
2013-09-09
http://www.securityfocus.com/bid/55885

ActivePython CVE-2012-5379 Insecure File Permissions Vulnerability
2013-09-09
http://www.securityfocus.com/bid/55884

ActiveTcl CVE-2012-5378 Insecure File Permissions Vulnerability
2013-09-09
http://www.securityfocus.com/bid/55886

ActivePerl CVE-2012-5377 Insecure File Permissions Vulnerability
2013-09-09
http://www.securityfocus.com/bid/55881

Apache Santuario XML Security for JAVA XML Signature CVE-2013-2172 Security Bypass Vulnerability
2013-09-09
http://www.securityfocus.com/bid/60846

JGroups 'DiagnosticsHandler::run()' Method Security Bypass Vulnerability
2013-09-09
http://www.securityfocus.com/bid/61179

Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
2013-09-09
http://www.securityfocus.com/bid/59826

Apache HTTP Server Multiple Cross Site Scripting Vulnerabilities
2013-09-09
http://www.securityfocus.com/bid/58165

Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
2013-09-09
http://www.securityfocus.com/bid/61129

Cacti Cross Site Scripting and HTML Injection Vulnerabilities
2013-09-09
http://www.securityfocus.com/bid/62001

Cacti 'id' Parameter SQL Injection Vulnerability
2013-09-09
http://www.securityfocus.com/bid/62005

Citrix CloudPortal Services Manager CVE-2013-2936 Unspecified Security Vulnerability
2013-09-09
http://www.securityfocus.com/bid/62235

Citrix CloudPortal Services Manager CVE-2013-2933 Unspecified Security Vulnerability
2013-09-09
http://www.securityfocus.com/bid/62233

Citrix CloudPortal Services Manager CVE-2013-2939 Unspecified Security Vulnerability
2013-09-09
http://www.securityfocus.com/bid/62236

Linux Kernel 'dispatch_discard_io()' Function Security Bypass Vulnerability
2013-09-09
http://www.securityfocus.com/bid/60414

Linux Kernel 'skbuff.c' Local Denial of Service Vulnerability
2013-09-09
http://www.securityfocus.com/bid/61411

Exploit

  freeFTPd 1.0.10 PASS Command SEH Overflow (msf)

  Moodle 2.3.9, 2.4.6 - Multiple Vulnerabilities

  Sophos Web Protection Appliance - Multiple Vulnerabilities

6.9.2013

Bugtraq

[ MDVSA-2013:226 ] roundcubemail 2013-09-05
security mandriva com

[SECURITY] [DSA 2751-1] libmodplug security update 2013-09-04
Raphael Geissert (geissert debian org)

Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players 2013-09-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Call for Paper/Event - nullcon Goa 2014 2013-09-04
nullcon (nullcon nullcon net)

SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities 2013-09-04
SEC Consult Vulnerability Lab (research sec-consult com)

[PSA-2013-0903-1] Apple Safari Heap Buffer Overflow 2013-09-04
bugtraq packetstormsecurity org

[SECURITY] [DSA 2750-1] imagemagick security update 2013-09-03
Florian Weimer (fw deneb enyo de)

PayPal's "invalid" aksession Padding Oracle Flaw 2013-09-03
Timothy D. Morgan (tmorgan vsecurity com)

Malware

RDN/Generic.dx!cqg!FCC006FAA998

Generic PUP.x!FE0B114E2423

RDN/Generic.dx!cqg!FCEEFF19BAE3

RDN/Generic PUP.x!bhh!A2F596EC9A75

RDN/Generic BackDoor!tg!FC2836637833

Generic PUP.x!FD118FC56D73

Generic PUP.x!A4B166665F97

Generic PUP.x!A3A424549688

RDN/Generic.dx!cqg!FC1A71F4FC91

RDN/Generic BackDoor!tg!A2FCB160BDD5

RDN/Generic BackDoor!tg!FB99FE096DC6

RDN/Generic PUP.x!bhh!A3731351941E

RDN/Generic PWS.y!up!FB2539314383

Generic PUP.x!FC6C4EEFF824

RDN/Downloader.gen.a!FBDF0425EBBD

RDN/tdss!g!FA50B0521CA4

Generic PUP.x!A1E29C70CAB1

RDN/PWS-Mmorpg!kc!FAC6BD2C2F4E

RDN/Generic.dx!cqg!FA935635D4FB

Generic PUP.z!FB3DE0FCDB8D

RDN/Generic BackDoor!tg!FA230B834EE8

RDN/Generic PUP.x!F99AEE0A4E80

RDN/Generic Dropper!rk!F9F12F7037BB

RDN/Generic PWS.y!up!FA1716DA5CC9

RDN/Generic PUP.x!bhh!F99AEE0A4E80

RDN/Generic.bfr!ez!9FED50E6CA04

RDN/Generic PUP.x!F9C2E4AD9D5A

RDN/Generic PUP.x!FA2AC8332E33

Generic.bfr!A04CD3EDA338

Generic PUP.x!F9B70C370232

Phishing

 

Vulnerebility

VMware ESXi and ESX NFC Protocol Handling Remote Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/62077

Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/61129

Xen 'xc_vcpu_setaffinity()' Function Buffer Overflow Vulnerability
2013-09-06
http://www.securityfocus.com/bid/59982

Xen CVE-2013-2078 Remote Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60278

Xen CVE-2013-1919 Multiple Denial of Service Vulnerabilities
2013-09-06
http://www.securityfocus.com/bid/59292

Xen CVE-2013-2076 Information Disclosure Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60282

Xen CVE-2013-1952 Local Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/59617

Xen CVE-2013-2077 Remote Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60277

Linux Kernel CVE-2013-2206 NULL Pointer Dereference Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60715

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60618

QEMU Guest Agent CVE-2013-2007 Insecure File Permissions Vulnerability
2013-09-06
http://www.securityfocus.com/bid/59675

Xen CVE-2013-1917 Remote Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/59291

QEMU CVE-2012-6075 Buffer Overflow Vulnerability
2013-09-06
http://www.securityfocus.com/bid/57420

Xen Page Table Manipulation CVE-2013-1918 Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/59615

Xen CVE-2013-0151 Local Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/57495

Qemu 'qemu-nbd' Tool Local Security Bypass Vulnerability
2013-09-06
http://www.securityfocus.com/bid/59070

Xen Page Reference Counting CVE-2013-1432 Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60799

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60627

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-09-06
http://www.securityfocus.com/bid/60653

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/61310

RoundCube Webmail Multiple HTML-injection Vulnerabilities
2013-09-06
http://www.securityfocus.com/bid/61976

OpenStack Nova XML Parsing CVE-2013-4179 Multiple Denial of Service Vulnerabilities
2013-09-06
http://www.securityfocus.com/bid/61692

OpenStack Nova CVE-2013-2256 Security Bypass Vulnerability
2013-09-06
http://www.securityfocus.com/bid/61637

OpenStack Nova CVE-2013-4185 Denial of Service Vulnerability
2013-09-06
http://www.securityfocus.com/bid/61639

GNU glibc 'pt_chown()' Function CVE-2013-2207 Local Security Bypass Vulnerability
2013-09-06
http://www.securityfocus.com/bid/61960

Python 'setuptools' Man in The Middle Vulnerability
2013-09-06
http://www.securityfocus.com/bid/61827

Cisco Secure Access Control System CVE-2013-5470 Remote Denial of Service Vulnerability
2013-09-05
http://www.securityfocus.com/bid/62145

libmodplug CVE-2013-4233 Integer Overflow Vulnerability
2013-09-05
http://www.securityfocus.com/bid/61713

Exploit

  IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL

  Woltlab Burning Board FLVideo Addon (video.php, value param) - SQL Injection

5.9.2013

Bugtraq

[SECURITY] [DSA 2751-1] libmodplug security update 2013-09-04
Raphael Geissert (geissert debian org)

Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players 2013-09-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Call for Paper/Event - nullcon Goa 2014 2013-09-04
nullcon (nullcon nullcon net)

SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities 2013-09-04
SEC Consult Vulnerability Lab (research sec-consult com)

[PSA-2013-0903-1] Apple Safari Heap Buffer Overflow 2013-09-04
bugtraq packetstormsecurity org

[SECURITY] [DSA 2750-1] imagemagick security update 2013-09-03
Florian Weimer (fw deneb enyo de)

PayPal's "invalid" aksession Padding Oracle Flaw 2013-09-03
Timothy D. Morgan (tmorgan vsecurity com)

ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities 2013-09-03
Security Alert (Security_Alert emc com)

[ MDVSA-2013:225 ] libdigidoc 2013-09-02
security mandriva com

Malware

Obfuscated-FBU!hb!5699B36615B9

Obfuscated-FBU!hb!7C85A3AC19D7

Obfuscated-FBU!hb!A842FD8AC455

Obfuscated-FBU!hb!13778802BB45

Obfuscated-FBU!hb!C7E4F98CF833

Obfuscated-FBU!hb!0890573092FD

Obfuscated-FBU!hb!3D1AD2FC86B9

Obfuscated-FBU!hb!2E55FC577A3B

Obfuscated-FBU!hb!EFBD8D427627

Obfuscated-FBU!hb!342991630844

Obfuscated-FBU!hb!5D20E9D67884

Obfuscated-FBU!hb!19ACE98729D3

Obfuscated-FBU!hb!2B9105DF095A

Obfuscated-FBU!hb!BA287C938D5E

Generic PUP.x!45D878023A42

Generic.bfr!10880AD2B8B6

Obfuscated-FBU!hb!E31933D6F2A8

Obfuscated-FBU!hb!EE94841C6CCE

Obfuscated-FBU!hb!6ABA6F489A4D

RDN/Generic StartPage!4821D0CD8D94

RDN/Generic BackDoor!tg!1F00E7231381

Generic PUP.x!76E46BEB698D

Obfuscated-FBU!hb!85AD18DF59DA

Obfuscated-FBU!hb!5DE97FDEF54E

Obfuscated-FBU!hb!F795DA7ABDF8

Obfuscated-FBU!hb!C4A1DEDA828D

Obfuscated-FBU!hb!98B92FA67FA1

Obfuscated-FBU!hb!8CD07939AC1D

Obfuscated-FBU!hb!573B2EB61FB8

Obfuscated-FBU!hb!A5FE05B7AAF0

Phishing

 

Vulnerebility

Cisco Secure Access Control System CVE-2013-5470 Remote Denial of Service Vulnerability
2013-09-05
http://www.securityfocus.com/bid/62145

libmodplug CVE-2013-4233 Integer Overflow Vulnerability
2013-09-05
http://www.securityfocus.com/bid/61713

libmodplug CVE-2013-4234 Multiple Heap Buffer Overflow Vulnerabilities
2013-09-05
http://www.securityfocus.com/bid/61714

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
2013-09-05
http://www.securityfocus.com/bid/57712

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-09-05
http://www.securityfocus.com/bid/60653

Linux Kernel '/net/core/scm.c' nsproxy Local Privilege Escalation Vulnerability
2013-09-05
http://www.securityfocus.com/bid/62072

Oracle E-Business Suite CVE-2013-3749 Remote Password Disclosure Vulnerability
2013-09-05
http://www.securityfocus.com/bid/61268

WebKit CVE-2012-3748 Remote Code Execution Vulnerability
2013-09-05
http://www.securityfocus.com/bid/56362

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2013-09-05
http://www.securityfocus.com/bid/60280

Linux Kernel 'mmc_ioctl_cdrom_read_data()' Function Local Information Disclosure Vulnerability
2013-09-05
http://www.securityfocus.com/bid/60375

Linux Kernel 'key_notify_policy_flush()' Function Local Information Disclosure Vulnerability
2013-09-05
http://www.securityfocus.com/bid/60953

Imagemagick 'gif.c' Memory Corruption Vulnerability
2013-09-05
http://www.securityfocus.com/bid/62080

SPICE CVE-2013-4130 Multiple Denial of Service Vulnerabilities
2013-09-05
http://www.securityfocus.com/bid/61192

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-09-05
http://www.securityfocus.com/bid/57778

Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
2013-09-05
http://www.securityfocus.com/bid/61189

Apache Struts CVE-2013-2248 Multiple Open Redirection Vulnerabilities
2013-09-05
http://www.securityfocus.com/bid/61196

Supermicro IPMI Web Interface Multiple Stack-Based Buffer Overflow Vulnerabilities
2013-09-05
http://www.securityfocus.com/bid/62094

Supermicro IPMI Web Interface Unspecified Remote Privilege Escalation Vulnerability
2013-09-05
http://www.securityfocus.com/bid/62098

Supermicro IPMI Web Interface Unspecified Remote Arbitrary Shell Command Injection
2013-09-05
http://www.securityfocus.com/bid/62097

lighttpd 'http_request_split_value()' Function Remote Denial of Service Vulnerability
2013-09-05
http://www.securityfocus.com/bid/56619

RoundCube Webmail Multiple HTML-injection Vulnerabilities
2013-09-05
http://www.securityfocus.com/bid/61976

HP LoadRunner CVE-2013-4798 Remote Code Execution Vulnerability
2013-09-05
http://www.securityfocus.com/bid/61443

Microsoft Internet Explorer CVE-2013-3184 Memory Corruption Vulnerability
2013-09-05
http://www.securityfocus.com/bid/61668

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-09-05
http://www.securityfocus.com/bid/60627

Oracle Java SE CVE-2012-1533 Remote Code Execution Vulnerability
2013-09-05
http://www.securityfocus.com/bid/56046

Cisco Wireless LAN Controller CVE-2013-3474 Multiple Denial of Service Vulnerabilities
2013-09-05
http://www.securityfocus.com/bid/62084

IBM solidDB Stored Procedure Call Denial of Service Vulnerability
2013-09-04
http://www.securityfocus.com/bid/59637

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-09-04
http://www.securityfocus.com/bid/61310

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-09-04
http://www.securityfocus.com/bid/60634

Cisco IOS CVE-2013-5469 Remote Denial of Service Vulnerability
2013-09-04
http://www.securityfocus.com/bid/62083

Exploit

  KingView 6.53 - Insecure ActiveX Control (SuperGrid)

  KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)

4.9.2013

Bugtraq

[PSA-2013-0903-1] Apple Safari Heap Buffer Overflow 2013-09-04
bugtraq packetstormsecurity org

[SECURITY] [DSA 2750-1] imagemagick security update 2013-09-03
Florian Weimer (fw deneb enyo de)

PayPal's "invalid" aksession Padding Oracle Flaw 2013-09-03
Timothy D. Morgan (tmorgan vsecurity com)

ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities 2013-09-03
Security Alert (Security_Alert emc com)

[ MDVSA-2013:225 ] libdigidoc 2013-09-02
security mandriva com

[ MDVSA-2013:224 ] libtiff 2013-09-02
security mandriva com

[SECURITY] [DSA 2749-1] asterisk security update 2013-09-02
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!A0BE0E9F6391

Generic PUP.x!E8CF3F695CE4

Generic PUP.x!A23164BECF1B

RDN/Generic.tfr!do!EEAE7D5C0667

RDN/Generic PWS.y!up!220F7229C991

Generic PUP.x!C7834871A2FC

Generic PUP.x!772BAF7A2273

Generic PUP.x!75AA31BE3EA8

Generic PUP.x!E638F66D68CD

Generic PUP.x!D4EC40C76344

Generic PUP.x!4C8D7798E886

Generic PUP.x!C3B22AAF6A8F

Generic PUP.x!C25CBB763D77

Generic PUP.x!4B08D8748982

Generic PUP.x!EBFB63CF1A08

Generic PUP.x!A93543757D8D

Generic PUP.x!243C67A34F39

Generic PUP.x!0B211FAC7023

Generic PUP.x!8B4AEFC9AF6A

Generic PUP.x!8E470E4161FF

Generic PUP.x!0EFCADE3EA42

W32/Virut.gen!308C121F0A69

Generic PUP.x!AE0FF148A8EC

RDN/Generic Downloader.x!il!A590A36716F3

Generic PUP.x!F6D78E695FEF

RDN/Generic BackDoor!tg!225E361DD7E9

Generic PUP.x!FBE43E4DF66E

Generic.bfr!F324A076B2F1

Generic PUP.x!A0C2FE6FD561

Generic PUP.x!AECD48DCE04B

Phishing

 

Vulnerebility

lighttpd 'http_request_split_value()' Function Remote Denial of Service Vulnerability
2013-09-04
http://www.securityfocus.com/bid/56619

RoundCube Webmail Multiple HTML-injection Vulnerabilities
2013-09-04
http://www.securityfocus.com/bid/61976

HP LoadRunner CVE-2013-4798 Remote Code Execution Vulnerability
2013-09-04
http://www.securityfocus.com/bid/61443

Microsoft Internet Explorer CVE-2013-3184 Memory Corruption Vulnerability
2013-09-04
http://www.securityfocus.com/bid/61668

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-09-04
http://www.securityfocus.com/bid/60627

Oracle Java SE CVE-2012-1533 Remote Code Execution Vulnerability
2013-09-04
http://www.securityfocus.com/bid/56046

Cisco Wireless LAN Controller CVE-2013-3474 Multiple Denial of Service Vulnerabilities
2013-09-04
http://www.securityfocus.com/bid/62084

IBM solidDB Stored Procedure Call Denial of Service Vulnerability
2013-09-04
http://www.securityfocus.com/bid/59637

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2013-09-04
http://www.securityfocus.com/bid/61310

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-09-04
http://www.securityfocus.com/bid/60634

Cisco IOS CVE-2013-5469 Remote Denial of Service Vulnerability
2013-09-04
http://www.securityfocus.com/bid/62083

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-09-04
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-09-04
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-09-04
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2012-1718 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/53951

Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/53952

Oracle Java SE CVE-2012-1716 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/53947

Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
2013-09-04
http://www.securityfocus.com/bid/53946

Oracle Java SE CVE-2012-1541 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/57697

Oracle Java SE CVE-2012-1711 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/53949

Oracle GlassFish Server Multiple Cross Site Scripting and HTML Injection Vulnerabilities
2013-09-04
http://www.securityfocus.com/bid/53136

Oracle Java SE CVE-2012-1532 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/56051

Oracle Java SE CVE-2012-1531 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/56033

Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/52017

Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/52014

Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
2013-09-04
http://www.securityfocus.com/bid/52161

Oracle Java SE CVE-2012-0547 Remote Java Runtime Environment Weakness
2013-09-04
http://www.securityfocus.com/bid/55339

Oracle Java SE CVE-2012-0504 Remote Java Runtime Environment Vulnerability
2013-09-04
http://www.securityfocus.com/bid/52020

Cisco Mobility Services Engine CVE-2013-3469 Security Bypass Vulnerability
2013-09-04
http://www.securityfocus.com/bid/62091

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-09-04
http://www.securityfocus.com/bid/60651

Exploit

  GOMPlayer 2.2.53.5169 (.wav) - Crash POC

  jetAudio 8.0.16.2000 Plus VX - (.wav) - Crash POC

  Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow

  MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free

  HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution

  Oracle Java lookUpByteBI - Heap Buffer Overflow

  GreenBrowser 6.4.0515 - Heap Overflow Vulnerability

3.9.2013

Bugtraq

[ MDVSA-2013:225 ] libdigidoc 2013-09-02
security mandriva com

[ MDVSA-2013:224 ] libtiff 2013-09-02
security mandriva com

[SECURITY] [DSA 2749-1] asterisk security update 2013-09-02
Moritz Muehlenhoff (jmm debian org)

Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption 2013-09-02
king cope (isowarez isowarez isowarez googlemail com)

Malware

Generic PUP.x!7B63CBF6143D

Generic PUP.x!2BD334C09A2F

Generic PUP.x!402E11ACC6CF

Generic PUP.x!DE07042D71A1

Generic PUP.x!C27707D65ECA

Generic PUP.x!8B59B2F77F62

Generic PUP.x!71AB4E5AD557

RDN/Generic PUP.x!54F3EDF9ABE9

Generic PUP.x!30738DAA52C4

Generic PUP.x!5943632D9AF0

Generic PUP.x!6C64695F747A

Generic PUP.x!6423E7E1EBAF

RDN/Generic PUP.x!bhf!CC5EF373D277

Generic PUP.x!A58A6332FFE0

Generic PUP.x!934B3D00A3A9

Generic PUP.x!907257FCF604

RDN/Generic.bfr!E09E7F3275E8

Generic PUP.x!287EB4C3092B

Generic PUP.x!6EF68C64EF7D

Generic PUP.x!8A729E62DED5

Generic PUP.x!C4DEC92D08A6

Generic PUP.x!8CE6B47E7856

Generic PUP.x!C6484456C63B

Generic PUP.x!AFBAC211EE9A

Generic PUP.x!69F2614E8103

Generic PUP.x!399598FEA08E

RDN/Generic.bfr!C6E657FC4E43

Generic PUP.x!74E6FFE59074

Generic PUP.x!AC474D11346D

Generic PUP.x!EDE4DA967D12

Phishing

Advertisement

2nd September 2013

URGENT SUPPLY, ORDER....

PayPal

2nd September 2013

Your PayPal Transaction Was
Declined And What To Do Next
!!

Yahoo

1st September 2013

Update.

Adam Jones

1st September 2013

Work from home

Vulnerebility

Oracle Java SE CVE-2011-3560 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/50236

Oracle Java SE and Java for Business CVE-2011-0814 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/48145

Oracle Java SE and Java for Business CVE-2011-0869 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/48146

Drupal Entity API Module Multiple Access Bypass Vulnerabilities
2013-09-03
http://www.securityfocus.com/bid/61781

Oracle Java SE CVE-2012-5089 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/56059

Oracle Java SE CVE-2012-5087 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/56043

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-09-03
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-1480 Remote Code Execution Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57691

Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/52018

Oracle Java SE CVE-2011-3547 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/50243

Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
2013-09-03
http://www.securityfocus.com/bid/52011

Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
2013-09-03
http://www.securityfocus.com/bid/52013

Oracle Java SE CVE-2012-0500 Java Runtime Environment Remote Code Execution Vulnerability
2013-09-03
http://www.securityfocus.com/bid/52015

Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/52016

Oracle Java SE CVE-2012-0498 Remote Code Execution Vulnerability
2013-09-03
http://www.securityfocus.com/bid/52019

Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/52012

Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/52009

Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
2013-09-03
http://www.securityfocus.com/bid/51194

Oracle Java SE CVE-2011-3556 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/50231

Oracle Java SE CVE-2011-3557 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/50234

Oracle Java SE CVE-2013-0432 Java Runtime Environment Remote Security Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57727

Oracle Java SE CVE-2011-3554 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/50216

Oracle Java SE CVE-2013-0428 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57713

Oracle Java SE CVE-2013-0429 Remote Java Runtime Environment Remote Security Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57710

Oracle Java SE CVE-2013-0427 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57724

Oracle Java SE CVE-2013-0424 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57715

Oracle Java SE CVE-2013-0426 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57711

Oracle Java SE CVE-2013-0425 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57709

Oracle Java SE CVE-2013-0419 Java Runtime Environment Remote Security Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57714

Oracle Java SE CVE-2013-0409 Remote Java Runtime Environment Vulnerability
2013-09-03
http://www.securityfocus.com/bid/57728

Exploit

  Mikrotik RouterOS sshd (ROSSSH) - Remote Preauth Heap Corruption

  TP-Link TD-W8951ND - Multiple Vulnerabilities

  Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities

  Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities

  GreenBrowser 6.4.0515 - Heap Overflow Vulnerability

  Oracle Java lookUpByteBI - Heap Buffer Overflow

  PotPlayer 1.5.39036 (.wav) - Crash PoC

2.9.2013

Bugtraq

[slackware-security] gnutls (SSA:2013-242-01) 2013-08-30
Slackware Security Team (security slackware com)

VUPEN Security Research - Microsoft Internet Explorer "ReplaceAdjacentText" Use-after-free (MS13-059) 2013-08-30
VUPEN Security Research (advisories vupen com)

[ MDVSA-2013:223 ] asterisk 2013-08-30
security mandriva com

VUPEN Security Research - Microsoft Internet Explorer Protected Mode Sandbox Bypass (Pwn2Own 2013 / MS13-059) 2013-08-30
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Windows "LdrHotPatchRoutine" Remote ASLR Bypass (Pwn2Own 2013 / MS13-063) 2013-08-30
VUPEN Security Research (advisories vupen com)

[slackware-security] php (SSA:2013-242-02) 2013-08-30
Slackware Security Team (security slackware com)

Malware

RDN/Generic PUP.x!4AF42D1B6C65

RDN/Generic PUP.x!0C0E2CA988A9

RDN/Generic PUP.x!54398A654CAD

RDN/Generic PUP.x!0328CCFC0B6F

RDN/Generic PUP.x!6320C16D978F

RDN/Generic PUP.x!7B663114A12B

RDN/Generic PUP.x!F60EEF571C49

RDN/Generic PUP.x!bh3!AA3355287B1C

RDN/Generic PUP.x!28C69D9A5E21

Generic PUP.x!C2AB5E15BBFD

RDN/Generic PUP.x!5CB76E2333C1

Generic PUP.x!A9FBB3676726

RDN/Generic PUP.x!E79DAF18C5E7

RDN/Generic PUP.x!bh3!3AB65FAC1546

RDN/Generic PUP.x!402FE96039E0

RDN/Generic PUP.x!0C0CB66B08C0

RDN/Generic PUP.x!bh3!897B0C84DA5A

RDN/Generic PUP.x!bh3!2A49D63A6AB2

RDN/Generic PUP.x!8173202BA790

RDN/Generic PUP.x!FF12798E8373

RDN/Generic PUP.x!358203578D04

RDN/Generic.bfr!ez!DB9447297BE9

RDN/Generic PUP.x!bh3!BD44BA130BF8

RDN/Generic PUP.x!bh3!0D7E293DF807

RDN/BackDoor-AWQ!bm!9735C8095921

RDN/Generic Dropper!EF3ADC91ECC9

RDN/Generic.dx!cqd!EEB5826D4869

Generic.bfr!3088F3611B84

RDN/Generic StartPage!bo!A3A7C80356D7

RDN/Generic PUP.x!4E274D98A692

Phishing

Yahoo

1st September 2013

Update.

Adam Jones

1st September 2013

Work from home

Amazon Shopping UK

31st August 2013

AMAZON ACCOUNT STATUS:
RESTRICTED

Amazon

31st August 2013

Important Alert Action For
Your Amazon Account .

Apple

30th August 2013

Please confirm your account
information

Natwest Bank

29th August 2013

Secure Your Account

Vulnerebility

Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
2013-09-02
http://www.securityfocus.com/bid/53067

Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
2013-09-02
http://www.securityfocus.com/bid/49957

Mozilla Firefox/Thunderbird/Seamonkey CVE-2013-1701 Multiple Memory Corruption Vulnerabilities
2013-09-02
http://www.securityfocus.com/bid/61874

Linux Kernel CVE-2013-2851 Memory Corruption Vulnerability
2013-09-02
http://www.securityfocus.com/bid/60409

Linux Kernel Ceph CVE-2013-1059 Remote Denial of Service Vulnerability
2013-09-02
http://www.securityfocus.com/bid/60922

libdigidoc DDOC Routine Arbitrary File Overwrite Vulnerability
2013-09-02
http://www.securityfocus.com/bid/62040

RoundCube Webmail CVE-2013-5646 HTML-injection Vulnerability
2013-09-02
http://www.securityfocus.com/bid/62038

RoundCube Webmail Multiple HTML-injection Vulnerabilities
2013-09-02
http://www.securityfocus.com/bid/61976

Cacti 'id' Parameter SQL Injection Vulnerability
2013-09-02
http://www.securityfocus.com/bid/62005

Cacti Cross Site Scripting and HTML Injection Vulnerabilities
2013-09-02
http://www.securityfocus.com/bid/62001

OpenStack python-glanceclient CVE-2013-4111 SSL Certificate Validation Spoofing Vulnerability
2013-09-02
http://www.securityfocus.com/bid/61508

strongSwan 'is_asn1()' Function Denial of Service Vulnerability
2013-09-02
http://www.securityfocus.com/bid/61564

Fail2ban Multiple Denial of Service Vulnerabilities
2013-09-02
http://www.securityfocus.com/bid/60467

Multiple Asterisk Products Invalid SDP Denial of Service Vulnerability
2013-09-02
http://www.securityfocus.com/bid/62022

GnuTLS TLS And DTLS Information Disclosure Vulnerability
2013-09-02
http://www.securityfocus.com/bid/57736

Multiple Asterisk Products SIP ACK With SDP Denial of Service Vulnerability
2013-09-02
http://www.securityfocus.com/bid/62021

Cisco Adaptive Security Appliance CVE-2013-3463 Denial of Service Vulnerability
2013-09-02
http://www.securityfocus.com/bid/62068

YingZhi Python Programming Language for iOS Arbitrary File Upload Vulnerability
2013-09-02
http://www.securityfocus.com/bid/62076

Oracle Solaris CVE-2013-3813 Remote Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/61230

Oracle Solaris CVE-2013-3799 Local Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/61273

Oracle Solaris CVE-2013-3757 Remote Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/61263

AWS XMS 'what' Parameter Directory Traversal Vulnerability
2013-09-02
http://www.securityfocus.com/bid/58753

Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/57415

YingZhi Python Programming Language for iOS Directory Traversal Vulnerability
2013-09-02
http://www.securityfocus.com/bid/62074

Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/57408

Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/57400

Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
2013-09-02
http://www.securityfocus.com/bid/56769

Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/57391

Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/56041

Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
2013-09-02
http://www.securityfocus.com/bid/56021

Exploit

  cnzz CMS SQLi (company.php)

30.8.2013

Bugtraq

Microsoft MSRC RSS ASPX - CS Cross Site Web Vulnerability 2013-08-29
Vulnerability Lab (research vulnerability-lab com)

Department of Transport UK - SQL Injection Vulnerability 2013-08-29
Vulnerability Lab (research vulnerability-lab com)

UTA EDU University ENG - SQL Injection Vulnerability 2013-08-29
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2746-1] icedove security update 2013-08-29
Moritz Muehlenhoff (jmm debian org)

CVE-2013-5216 CapaSystems Performance Guard Path Traversal Vulnerability 2013-08-29
kerem kocaer gmail com

CyberArk User Enumeration - Multiple vulnerabilities 2013-08-29
moshez comsecglobal com

Drupal Node View Permissions module and Flag module Vulnerabilities 2013-08-29
danielthomson72 gmail com

[SECURITY] [DSA 2745-1] linux security update 2013-08-29
dann frazier (dannf debian org)

CORE-2013-0726 - AVTECH DVR multiple vulnerabilities 2013-08-28
CORE Advisories Team (advisories coresecurity com)

CORE-2013-0808 - EPS Viewer Buffer Overflow Vulnerability 2013-08-28
CORE Advisories Team (advisories coresecurity com)

30C3 Call for Participation 2013-08-28
fukami (lists foo io)

[CORE-2013-0805] Aloaha PDF Suite Buffer Overflow Vulnerability 2013-08-28
CORE Advisories Team (advisories coresecurity com)

Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability 2013-08-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[security bulletin] HPSBHF02888 rev.3 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution 2013-08-28
security-alert hp com

Two Instagram Android App Security Vulnerabilities 2013-08-28
Georg Lukas (lukas rt-solutions de)

AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP 2013-08-28
Asterisk Security Team (security asterisk org)

AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request 2013-08-28
Asterisk Security Team (security asterisk org)

IBM Lotus iNotes 8.5.x cross-site scripting vulnerabilities 2013-08-28
danielthomson72 gmail com

[ MDVSA-2013:222 ] puppet 2013-08-27
security mandriva com

[SECURITY] [DSA 2744-1] tiff security update 2013-08-27
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2013:221 ] php 2013-08-27
security mandriva com

Malware

RDN/Generic PUP.x!bg3!5881AD4F2161

Generic Qhost!D69F56A85F8E

RDN/Generic Qhost!C5DF67832B51

RDN/Generic.dx!988F6BE13EBF

RDN/Generic BackDoor!A809A50CEC9D

Generic.bfr!401D5588F2C7

RDN/Generic Dropper!F25BD89D8DAB

Generic PUP.x!47064689296C

RDN/Generic Qhost!C4F47F226A91

RDN/Ransom!DB0E4A08F1D9

RDN/Generic PUP.x!3CA11987D905

RDN/Autorun.worm.gen!9CE03F58236E

Generic PUP.x!CD18945F0A2D

RDN/Generic StartPage!D60CFD7C2C5F

RDN/tdss!A5969DB30066

RDN/Generic StartPage!9C64FFF28C7E

RDN/Generic PWS.y!3E48E1160BC4

RDN/Generic.dx!014EF8761076

RDN/Generic PUP.x!bg3!E6B545312A46

RDN/Generic StartPage!26869892BE4F

RDN/Generic.dx!cpw!63303B554A74

RDN/Generic PUP.x!2C7F8108FAFE

Generic.dx!7598FC8A484F

Generic.dx!0CB063506022

Generic.dx!F70829D3D84F

Generic.dx!D7B049A84839

Generic.dx!11764028D3CB

Generic PUP.x!E7DB26A1FE8A

Generic.dx!A618BAF514F8

Generic BackDoor!7A6EEC0138C0

Phishing

Natwest Bank

29th August 2013

Secure Your Account

NatWest Bank Plc

28th August 2013

2 UNREAD SECURED ALERT

Nationwide Building Society

28th August 2013

Account Suspended !

Nationwide Building Society

27th August 2013

NATIONWIDE ALERT ACCOUNT
RE-ACTIVATION

Nationwide

26th August 2013

Nationwide Building Society -
Updates

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1710 Arbitrary Code Execution Vulnerability
2013-08-30
http://www.securityfocus.com/bid/61900

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1714 Same Origin Policy Security Bypass Vulnerability
2013-08-30
http://www.securityfocus.com/bid/61882

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1713 Same Origin Policy Security Bypass Vulnerability
2013-08-30
http://www.securityfocus.com/bid/61876

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2013-1717 Information Disclosure Vulnerability
2013-08-30
http://www.securityfocus.com/bid/61896

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1709 Cross Site Scripting Vulnerability
2013-08-30
http://www.securityfocus.com/bid/61867

Linux Kernel CVE-2012-6544 Multiple Local Information Disclosure Vulnerabilities
2013-08-30
http://www.securityfocus.com/bid/58990

Linux Kernel 'key_notify_policy_flush()' Function Local Information Disclosure Vulnerability
2013-08-30
http://www.securityfocus.com/bid/60953

Linux Kernel CVE-2013-2851 Memory Corruption Vulnerability
2013-08-30
http://www.securityfocus.com/bid/60409

Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
2013-08-30
http://www.securityfocus.com/bid/57400

Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
2013-08-30
http://www.securityfocus.com/bid/56028

Oracle Java SE CVE-2013-1540 Remote Java Runtime Environment Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59149

Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
2013-08-30
http://www.securityfocus.com/bid/55120

Oracle MySQL Server CVE-2013-2392 Remote Security Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59224

Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
2013-08-30
http://www.securityfocus.com/bid/51503

Cisco Unified Computing System Memory Leak Multiple Local Denial of Service Vulnerabilities
2013-08-30
http://www.securityfocus.com/bid/62065

Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2013-08-30
http://www.securityfocus.com/bid/52379

Cisco IOS XR Software CVE-2013-3470 Denial of Service Vulnerability
2013-08-30
http://www.securityfocus.com/bid/62066

Cisco Identity Services Engine CVE-2012-5744 Multiple Cross Site Scripting Vulnerabilities
2013-08-30
http://www.securityfocus.com/bid/62062

Mozilla Firefox/Thunderbird/Seamonkey CVE-2013-1701 Multiple Memory Corruption Vulnerabilities
2013-08-30
http://www.securityfocus.com/bid/61874

Oracle Java Runtime Environment CVE-2013-2423 Security Bypass Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59162

Oracle Java SE CVE-2013-2416 Remote Java Runtime Environment Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59088

Oracle Java SE CVE-2013-2384 Remote Code Execution Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59179

Oracle Java SE CVE-2013-1537 Remote Code Execution Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59194

Oracle Java SE CVE-2013-2418 Remote Java Runtime Environment Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59145

Oracle Java SE CVE-2013-2415 Remote Java Runtime Environment Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59212

Oracle Java SE CVE-2013-1518 Remote Java Runtime Environment Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59141

Oracle Java SE CVE-2013-1488 Remote Code Execution Vulnerability
2013-08-30
http://www.securityfocus.com/bid/58504

Oracle Java SE CVE-2013-1563 Remote Java Runtime Environment Vulnerability
2013-08-30
http://www.securityfocus.com/bid/59208

Python SSL Module CVE-2013-4238 Security Bypass Vulnerability
2013-08-30
http://www.securityfocus.com/bid/61738

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2013-08-30
http://www.securityfocus.com/bid/60107

Exploit

  OSX <= 10.8.4 - Local Root Priv Escalation (py)

29.8.2013

Bugtraq

Drupal Node View Permissions module and Flag module Vulnerabilities 2013-08-29
danielthomson72 gmail com

[SECURITY] [DSA 2745-1] linux security update 2013-08-29
dann frazier (dannf debian org)

CORE-2013-0726 - AVTECH DVR multiple vulnerabilities 2013-08-28
CORE Advisories Team (advisories coresecurity com)

CORE-2013-0808 - EPS Viewer Buffer Overflow Vulnerability 2013-08-28
CORE Advisories Team (advisories coresecurity com)

30C3 Call for Participation 2013-08-28
fukami (lists foo io)

[CORE-2013-0805] Aloaha PDF Suite Buffer Overflow Vulnerability 2013-08-28
CORE Advisories Team (advisories coresecurity com)

Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability 2013-08-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[security bulletin] HPSBHF02888 rev.3 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution 2013-08-28
security-alert hp com

Two Instagram Android App Security Vulnerabilities 2013-08-28
Georg Lukas (lukas rt-solutions de)

AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP 2013-08-28
Asterisk Security Team (security asterisk org)

AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request 2013-08-28
Asterisk Security Team (security asterisk org)

IBM Lotus iNotes 8.5.x cross-site scripting vulnerabilities 2013-08-28
danielthomson72 gmail com

[ MDVSA-2013:222 ] puppet 2013-08-27
security mandriva com

[SECURITY] [DSA 2744-1] tiff security update 2013-08-27
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2013:221 ] php 2013-08-27
security mandriva com

[ MDVSA-2013:220 ] lcms 2013-08-27
security mandriva com

Malware

RDN/Autorun.worm!cv!1F3CF3673B3F

RDN/Generic PUP.x!E81A908468E9

RDN/Generic PUP.x!2DF705752B74

RDN/Generic PUP.x!627816F25E90

RDN/Generic PUP.x!778D368B3CC3

RDN/Downloader.a!ng!BA977A9113EA

RDN/Generic PUP.x!1B48C1CE09D0

RDN/Generic PUP.x!6EFA9CA44BB9

RDN/Generic PUP.x!7E985468B4DF

RDN/Generic PUP.x!9EF2695B2538

RDN/Generic PUP.x!987D1148C986

RDN/Generic PUP.x!BF01823A7626

RDN/Generic PUP.x!10174356945D

RDN/Generic PUP.x!E078C52E5C70

RDN/Generic PUP.x!DAC33BBDC3AE

RDN/Generic PUP.x!A7ADFA8F87FB

RDN/Generic PUP.x!700EFD4E531C

RDN/Generic PUP.x!84D412D20328

RDN/Generic PUP.x!9DFAD7FFA709

RDN/Generic PUP.x!bgw!5362630501F1

RDN/Generic StartPage!bo!465E9F366CC0

RDN/Generic StartPage!bo!51EE64138105

RDN/Generic BackDoor!tc!76C9B8E7FFEA

RDN/Generic StartPage!bo!F38D3607F0ED

RDN/Generic PWS.y!ul!DB8B7EABD1B1

RDN/Generic PUP.x!bgw!01CE50D744A1

RDN/Generic StartPage!bo!F6DCD7C190E8

RDN/Generic PUP.x!D3867A80D88E

RDN/Generic PUP.x!7AB56A083DD1

RDN/Generic PUP.x!7989712824BE

Phishing

NatWest Bank Plc

28th August 2013

2 UNREAD SECURED ALERT

Nationwide Building Society

28th August 2013

Account Suspended !

Nationwide Building Society

27th August 2013

NATIONWIDE ALERT ACCOUNT
RE-ACTIVATION

Nationwide

26th August 2013

Nationwide Building Society -
Updates

Vulnerebility

RubyGems Sounder 'sound.rb' Remote Command Injection Vulnerability
2013-08-29
http://www.securityfocus.com/bid/62023

Mozilla Network Security Services CVE-2013-1620 Information Disclosure Vulnerability
2013-08-29
http://www.securityfocus.com/bid/57777

389 Directory Server CVE-2013-4283 Denial of Service Vulnerability
2013-08-29
http://www.securityfocus.com/bid/62031

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0791 Out of Bounds Memory Corruption Vulnerability
2013-08-29
http://www.securityfocus.com/bid/58826

Red Hat Enterprise Virtualization Hypervisor Incomplete Fix Denial of Service Vulnerability
2013-08-29
http://www.securityfocus.com/bid/61772

RoundCube Webmail Multiple HTML-injection Vulnerabilities
2013-08-29
http://www.securityfocus.com/bid/61976

Oracle Java SE CVE-2013-2421 Remote Java Runtime Environment Vulnerability
2013-08-29
http://www.securityfocus.com/bid/59153

Mozilla Firefox/Thunderbird/Seamonkey CVE-2013-1701 Multiple Memory Corruption Vulnerabilities
2013-08-29
http://www.securityfocus.com/bid/61874

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-08-29
http://www.securityfocus.com/bid/60658

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1709 Cross Site Scripting Vulnerability
2013-08-29
http://www.securityfocus.com/bid/61867

Oracle Java SE CVE-2013-0401 Remote Code Execution Vulnerability
2013-08-29
http://www.securityfocus.com/bid/58507

Multiple Asterisk Products Invalid SDP Denial of Service Vulnerability
2013-08-29
http://www.securityfocus.com/bid/62022

Multiple Asterisk Products SIP ACK With SDP Denial of Service Vulnerability
2013-08-29
http://www.securityfocus.com/bid/62021

AirLive WL-2600CAM CVE-2013-3541 Directory Traversal Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60549

Airlive IP Cameras CVE-2013-3540 Cross Site Request Forgery Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60547

Wireshark CVE-2013-4081 Stack Buffer Overflow Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60505

Wireshark CVE-2013-4080 Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60503

Wireshark CVE-2013-4082 Heap Buffer Overflow Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60506

Wireshark CVE-2013-4083 Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60504

Grandstream Multiple IP Cameras CVE-2013-3542 Multiple Security Bypass Vulnerabilities
2013-08-28
http://www.securityfocus.com/bid/60535

Wireshark CVE-2013-4074 Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60500

Wireshark CVE-2013-4075 Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60501

Wireshark NBAP Dissector Multiple Denial of Service Vulnerabilities
2013-08-28
http://www.securityfocus.com/bid/60502

Wireshark PPP Dissector CVE-2013-4076 Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60499

Wireshark RDP Dissector Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60495

Wireshark DCP ETSI Dissector Integer Overflow Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60003

Wireshark ASN.1 BER Dissector CVE-2013-3557 Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60021

Wireshark DCP ETSI Dissector NULL Pointer Dereference Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60000

Wireshark GSM CBCH Dissector Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/60498

Wireshark GTPv2 Dissector Denial of Service Vulnerability
2013-08-28
http://www.securityfocus.com/bid/59992

Exploit

  HP LoadRunner lrFileIOService ActiveX Remote Code Execution

  Firefox XMLSerializer Use After Free

  SPIP connect Parameter PHP Injection

  Oracle Java ByteComponentRaster.verify() Memory Corruption

  VMWare Setuid vmware-mount Unsafe popen(3)

  Mac OS X Sudo Password Bypass

  appRain CMF 3.0.2 - CSRF Add/Delete Admin Account

  AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities

Metasploit -The Exploit Learning Tree

28.8.2013

Bugtraq

AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP 2013-08-28
Asterisk Security Team (security asterisk org)

AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request 2013-08-28
Asterisk Security Team (security asterisk org)

IBM Lotus iNotes 8.5.x cross-site scripting vulnerabilities 2013-08-28
danielthomson72 gmail com

[ MDVSA-2013:222 ] puppet 2013-08-27
security mandriva com

[SECURITY] [DSA 2744-1] tiff security update 2013-08-27
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2013:221 ] php 2013-08-27
security mandriva com

[ MDVSA-2013:220 ] lcms 2013-08-27
security mandriva com

POC2013 Call for Paper 2013-08-27
pocadm gmail com

[SECURITY] [DSA 2743-1] kfreebsd-9 security update 2013-08-27
Aurelien Jarno (aurelien aurel32 net)

[SECURITY] [DSA 2742-1] php5 security update 2013-08-26
Florian Weimer (fw deneb enyo de)

DC4420 - London DEFCON - August Meet - Tuesday 27th August 2013 2013-08-26
Major Malfunction (majormal pirate-radio org)

[SECURITY] [DSA 2741-1] chromium-browser security update 2013-08-25
Michael Gilbert (mgilbert debian org)

Defense in depth -- the Microsoft way (part 8): execute everywhere! 2013-08-24
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere! 2013-08-24
Jeffrey Walton (noloader gmail com) (3 replies)

Wordpress post-gallery Plugin Xss vulnerabilities 2013-08-24
iedb team gmail com

libtiff <= 3.9.5 integer overflow bug 2013-08-24
geinblues gmail com

[SECURITY] [DSA 2740-1] python-django security update 2013-08-23
Salvatore Bonaccorso (carnil debian org)

Wordpress videowhisper-live-streaming-integration Plugin Xss vulnerabilities 2013-08-23
iedb team gmail com

PayPal Bug Bounty #110 - Auth Bypass (Session) Vulnerability 2013-08-23
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2013:219 ] libtiff 2013-08-23
security mandriva com

Malware

RDN/Generic PUP.x!bgr!64CB1228696D

RDN/Generic PUP.x!bgr!3370A84F26BB

RDN/Generic PUP.x!bgr!6B51DEE5031C

RDN/Generic PUP.x!bgr!C98768E5D9BE

RDN/Generic PUP.x!bgr!BF495C55FB80

RDN/Generic PUP.x!bgr!F50DCD60F3D4

RDN/Generic PUP.x!bgr!93F1EF5C6511

RDN/Generic PUP.x!bgr!DB269FDCF5A5

RDN/Generic PUP.x!bgr!6DF4D5BAAA1D

RDN/Generic PUP.x!bgr!E0F9AF150308

RDN/Generic PUP.x!bgr!83F279F62CC9

RDN/Generic PUP.x!bgr!296099B02CA0

RDN/Generic PUP.x!bgr!359E5DBC10C6

RDN/Generic PUP.x!bgr!B672CC490445

RDN/Generic PUP.x!bgr!50966E855995

RDN/Generic PUP.x!bgr!064AAD67C1FB

RDN/Generic PUP.x!bgr!7F06DDF17285

RDN/Generic PUP.x!bgr!8F5020B59D48

RDN/Generic Dropper!rg!DADF81651916

RDN/Generic PUP.x!bgr!61C4D962B6EC

RDN/Generic PUP.x!bgr!D65D8EE7B0F9

RDN/Generic PUP.x!bgr!9FD3CC7A9CAB

RDN/Generic PUP.x!bgr!86ACD3DA07FC

RDN/Generic PUP.x!bgr!8A5610084010

RDN/Generic PUP.x!bgr!651BF665FB7B

RDN/Generic PUP.x!bgr!A5672B879569

RDN/Generic PUP.x!bgr!37A631CB42EA

RDN/Generic PUP.x!bgr!D722C1F5CEC5

RDN/Generic PUP.x!bgr!3B91E5C2932F

RDN/Generic PUP.x!bgr!A11A27E936C2

Phishing

Nationwide Building Society

28th August 2013

Account Suspended !

Nationwide Building Society

27th August 2013

NATIONWIDE ALERT ACCOUNT
RE-ACTIVATION

Nationwide

26th August 2013

Nationwide Building Society -
Updates

Halifax

26th August 2013

Account Reviewed Notice

Nationwide Building Society

26th August 2013

Nationwide Alert Account
Re-activation

Nationwide Building

25th August 2013

NATIONWIDE:- INCOMING PAYMENT

Llodys TSB

24th August 2013

LLODYS TSB-SECURITY ALERT

Vulnerebility

Winamp CVE-2013-4694 Multiple Stack Buffer Overflow Vulnerabilities
2013-08-27
http://www.securityfocus.com/bid/60883

TYPO3 Javascript and CSS Optimizer Unspecified Cross Site Scripting Vulnerability
2013-08-27
http://www.securityfocus.com/bid/59660

Drupal Imagemenu Module Cross Site Scripting Vulnerability
2013-08-27
http://www.securityfocus.com/bid/55610

PuTTY SSH keyboard Interactive Authentication Password Information Disclosure Weakness
2013-08-27
http://www.securityfocus.com/bid/51021

FreeBSD 'nfsserver' Module CVE-2013-4851 Access Bypass Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61484

FreeBSD IP_MSFILTER Local Privilege Escalation Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61946

FreeBSD CVE-2013-5209 Information Disclosure Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61939

Oracle Java SE CVE-2013-1557 Remote Java Runtime Environment Vulnerability
2013-08-27
http://www.securityfocus.com/bid/59170

Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability
2013-08-27
http://www.securityfocus.com/bid/58203

IBM WebSphere Application Server Administrative Access Security Bypass Vulnerability
2013-08-27
http://www.securityfocus.com/bid/55309

IBM SPSS Data Collection CVE-2013-0464 Cross Site Scripting Vulnerability
2013-08-27
http://www.securityfocus.com/bid/60246

IBM WebSphere Extended Deployment Compute Grid CVE-2013-4039 Information Disclosure Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61992

Oracle Java SE CVE-2013-0809 Remote Code Execution Vulnerability
2013-08-27
http://www.securityfocus.com/bid/58296

Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability
2013-08-27
http://www.securityfocus.com/bid/58238

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-08-27
http://www.securityfocus.com/bid/60634

IBM Data Studio CVE-2013-0467 Information Disclosure Vulnerability
2013-08-27
http://www.securityfocus.com/bid/58000

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61776

PHP CVE-2011-4718 Session Fixation Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61929

Linux Kernel NULL Pointer Dereference Local Denial of Service Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61995

Python SSL Module CVE-2013-4238 Security Bypass Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61738

Oracle Java SE CVE-2013-1478 Remote Java Runtime Environment Vulnerability
2013-08-27
http://www.securityfocus.com/bid/57686

mooSocial Multiple Input Validation Vulnerabilities
2013-08-27
http://www.securityfocus.com/bid/61979

Restlet Framework XML Deserialization Remote Code Execution Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61694

Real Networks RealPlayer CVE-2013-4973 Stack Based Buffer Overflow Vulnerability
2013-08-27
http://www.securityfocus.com/bid/61989

WordPress VideoWhisper Live Streaming Integration Multiple Cross Site Scripting Vulnerabilities
2013-08-27
http://www.securityfocus.com/bid/61977

OpenSSL ECDH Ciphersuites Remote Denial of Service Vulnerability
2013-08-27
http://www.securityfocus.com/bid/49471

OpenSSL OCSP Stapling 'ClientHello' Handshake Message Parsing Security Vulnerability
2013-08-27
http://www.securityfocus.com/bid/46264

OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
2013-08-27
http://www.securityfocus.com/bid/52428

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-08-27
http://www.securityfocus.com/bid/57778

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-08-27
http://www.securityfocus.com/bid/60268

Exploit

 

22.8.2013

Bugtraq

[security bulletin] HPSBST02897 rev.1 - HP StoreOnce D2D Backup System, Remote Denial of Service (DoS) 2013-08-22
security-alert hp com

Joomla! VirtueMart component <= 2.0.22a - SQL Injection 2013-08-22
Matias Fontanini (matias fontanini gmail com)

CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework 2013-08-22
Pivotal Security Team (security gopivotal com)

[ MDVSA-2013:215 ] cacti 2013-08-22
security mandriva com

Malware

RDN/Generic PUP.x!bgf!E4A6DA9CE221

Downloader.gen.a!D9A4E43FA5F7

Downloader.gen.a!F3ACC662A7A2

RDN/Generic PUP.x!bgf!AB342802CA80

RDN/Generic PUP.x!47DBFD5BDBDB

RDN/Generic.dx!714E62FA8D63

RDN/Generic PUP.x!bgf!5B4024DF7354

RDN/Generic PUP.x!bgf!C4C98FB92810

RDN/Generic PUP.x!bgf!0F6C020E620A

Generic PUP.x!560506E5A3FF

Generic PUP.x!E5DD4BC44AF7

RDN/Generic PUP.z!DFA2E08369DB

RDN/Generic PUP.x!bgf!81ADFFB06FB2

RDN/Generic PUP.x!619A56C549E7

Generic PUP.x!82A4A917D571

RDN/Generic PUP.x!bgf!115580D77D8E

Generic PUP.x!A92C9900EB3D

RDN/Generic PUP.x!bgf!716A4274BB4A

Generic PUP.x!E1D4155DACDE

RDN/Generic Downloader.x!6C77ADBCA90C

RDN/Generic PUP.x!699050640FC3

RDN/Generic PUP.x!bgf!3C4CF173856F

RDN/Generic PUP.x!bgf!01FD2F6FF846

Generic PUP.x!1BA66EF1EDAE

Generic PUP.x!9BDE583047EF

RDN/Generic PUP.x!786166623D1C

Generic PUP.x!F4594CF92788

RDN/Generic PUP.x!bgf!82B5C8FA21AA

RDN/Generic PWS.y!uj!FFC2364793FE

RDN/Generic PUP.x!78608FC8DA69

Phishing

Apple

22nd August 2013

Alert:Please Confirm Your
Apple Account Informations

MBNA

22nd August 2013

Your MBNA online card services
profile

Vulnerebility

Linux Kernel Tracing Mutiple Local Denial of Service Vulnerabilities
2013-08-23
http://www.securityfocus.com/bid/59055

Linux Kernel Netlink Interface Multiple Information Disclosure Vulnerabilities
2013-08-23
http://www.securityfocus.com/bid/58597

Linux Kernel CVE-2013-0914 Local Information Disclosure Vulnerability
2013-08-23
http://www.securityfocus.com/bid/58426

Linux Kernel 'b43' Wireless Driver Local Privilege Escalation Vulnerability
2013-08-23
http://www.securityfocus.com/bid/60410

Oracle Solaris CVE-2013-0398 Remote Security Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61250

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1713 Same Origin Policy Security Bypass Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61876

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2013-1717 Information Disclosure Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61896

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1709 Cross Site Scripting Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61867

Mozilla Firefox/Thunderbird/Seamonkey CVE-2013-1701 Multiple Memory Corruption Vulnerabilities
2013-08-23
http://www.securityfocus.com/bid/61874

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1710 Arbitrary Code Execution Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61900

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1714 Same Origin Policy Security Bypass Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61882

Linux Kernel 'key_notify_policy_flush()' Function Local Information Disclosure Vulnerability
2013-08-23
http://www.securityfocus.com/bid/60953

Linux Kernel CVE-2013-2206 NULL Pointer Dereference Denial of Service Vulnerability
2013-08-23
http://www.securityfocus.com/bid/60715

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2013-08-23
http://www.securityfocus.com/bid/60280

Linux Kernel 'mmc_ioctl_cdrom_read_data()' Function Local Information Disclosure Vulnerability
2013-08-23
http://www.securityfocus.com/bid/60375

Oracle Solaris CVE-2013-3787 Remote Security Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61248

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61479

Foreman 'users_controller.rb' Remote Privilege Escalation Vulnerability
2013-08-23
http://www.securityfocus.com/bid/60835

TP-Link TL-SC3171 IP Camera Arbitrary File Upload Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61531

TP-Link TL-SC3171 IP Camera Remote Security Bypass Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61532

TP-Link TL-SC3171 IP Cameras CVE-2013-2578 Multiple Remote Command Injection Vulnerabilities
2013-08-23
http://www.securityfocus.com/bid/61529

TP-Link TL-SC3171 IP Camera CVE-2013-2579 Remote Command Injection Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61533

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1707 Local Stack Buffer Overflow Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61873

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1706 Local Stack Buffer Overflow Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61869

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1712 Local Privilege Escalation Vulnerability
2013-08-23
http://www.securityfocus.com/bid/61878

Mozilla Firefox/Thunderbird/Seamonkey CVE-2013-1702 Multiple Memory Corruption Vulnerabilities
2013-08-23
http://www.securityfocus.com/bid/61875

Adobe Acrobat and Reader CVE-2013-0618 Remote Code Execution Vulnerability
2013-08-23
http://www.securityfocus.com/bid/57294

Adobe Acrobat and Reader CVE-2013-0607 Remote Code Execution Vulnerability
2013-08-23
http://www.securityfocus.com/bid/57290

Adobe Acrobat and Reader CVE-2013-0614 Remote Code Execution Vulnerability
2013-08-23
http://www.securityfocus.com/bid/57293

Puppet CVE-2013-3567 Remote Code Execution Vulnerability
2013-08-23
http://www.securityfocus.com/bid/60664

Exploit

 

21.8.2013

Bugtraq

[SECURITY] [DSA 2739-1] cacti security update 2013-08-21
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBGN02905 rev.2 - HP LoadRunner, HP Business Process Monitor, Remote Code Execution and Denial of Service (DoS) 2013-08-21
security-alert hp com

Windows Embedded POSReady 2009: cruft, not craft 2013-08-21
Stefan Kanthak (stefan kanthak nexgo de)

Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities 2013-08-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability 2013-08-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager 2013-08-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Netgear ProSafe switches: Unauthenticated startup-config disclosure and Denial of Service 2013-08-21
post encripto no

[ MDVSA-2013:214 ] python 2013-08-21
security mandriva com

CVE-2013-4124 samba nttrans dos private exploit 2013-08-21
geinblues gmail com

Cross-Site Scripting (XSS) in Twilight CMS 2013-08-21
High-Tech Bridge Security Research (advisory htbridge com)

Cross-Site Scripting (XSS) in BackWPup WordPress Plugin 2013-08-21
High-Tech Bridge Security Research (advisory htbridge com)

Malware

RDN/Generic PUP.x!bg3!DC278DFF4E66

W32/Expiro!B75C28CE0FDD

Generic PUP.x!9EC00EBE943A

Generic PUP.x!EE3330DB3969

Generic.bfr!30EB680A0928

W32/Expiro!1B7688A6DA16

RDN/Generic.dx!cp3!ED1ED8E37E93

RDN/Generic.bfr!ey!ED6401D6B8AD

Generic PUP.x!EEAC1DE03F20

Generic.bfr!F8B17204590A

RDN/Generic.bfr!ey!EE89D9C9E27A

Generic.bfr!E6FC29047089

RDN/Generic.bfr!ey!ADA55C8BE37D

Generic PUP.x!A133309CA872

RDN/Generic Dropper!rf!8BE2816ED532

RDN/Generic PUP.x!bg3!7B52D90D907C

W32/Expiro!1763D21AAF2D

RDN/Generic StartPage!bo!EE2792D39666

RDN/Ransom!dm!1E250179C162

RDN/Generic PUP.x!bg3!B50FA27CC152

Generic PUP.x!CFE91E15958C

Generic.bfr!EDB1EA83486D

RDN/Generic PUP.x!bg3!A79DFF0FCB4A

Generic PUP.x!E66A6E9C56B0

Generic PUP.x!C4CB7CDC70B5

Generic PUP.x!121818AF0A39

RDN/Generic PUP.x!C93DAB68DA9B

Generic PUP.x!CC309BB5F2EF

Generic.bfr!8C3053FAD586

Generic PUP.x!B1D4DAC88690

Phishing

Lloyds TSB Bank

21st August 2013

Important Security Update On
Your Account.

Lloyds TSB

21st August 2013

ACCESS TO ONLINE BANKING
SERVICE

PayPal

21st August 2013

ONLINE ACCESS HAS BEEN
SUSPENDED

Vulnerebility

HP LoadRunner CVE-2013-4797 Remote Code Execution Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61444

HP LoadRunner CVE-2013-2368 Unspecified Denial of Service Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61436

HP LoadRunner CVE-2013-4798 Remote Code Execution Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61443

HP LoadRunner CVE-2013-2370 Remote Code Execution Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61441

HP LoadRunner ActiveX Control CVE-2013-4801 Remote Code Execution Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61445

HP LoadRunner CVE-2013-4800 Remote Code Execution Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61446

HP LoadRunner CVE-2013-4799 Remote Buffer Overflow Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61442

HP LoadRunner CVE-2013-2369 Remote Code Execution Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61437

AjaXplorer Multiple Arbitrary Command Execution Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/60863

FFmpeg Multiple Remote Security Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61879

Cacti CVE-2013-1434 Multiple SQL Injection Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61657

Cacti Multiple Command Injection Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61847

Samba CVE-2013-4124 Local Denial of Service Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61597

MongoDB CVE-2013-1892 Remote Code Injection Vulnerability
2013-08-21
http://www.securityfocus.com/bid/58695

MongoDB CVE-2013-2132 NULL Pointer Dereference Remote Denial of Service Vulnerability
2013-08-21
http://www.securityfocus.com/bid/60252

Microsoft Internet Explorer CVE-2013-3186 Remote Code Execution Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61663

Graphite 'renderLocalView()' Function Remote Code Execution Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61894

Python SSL Module CVE-2013-4238 Security Bypass Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61738

Linux Kernel 'key_notify_policy_flush()' Function Local Information Disclosure Vulnerability
2013-08-21
http://www.securityfocus.com/bid/60953

Linux Kernel CVE-2013-2206 NULL Pointer Dereference Denial of Service Vulnerability
2013-08-21
http://www.securityfocus.com/bid/60715

Linux Kernel 'mmc_ioctl_cdrom_read_data()' Function Local Information Disclosure Vulnerability
2013-08-21
http://www.securityfocus.com/bid/60375

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/60280

phpVID CVE-2013-5312 Multiple Cross Site Scripting Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61734

RETIRED: TYPO3 Store Locator Extension Multiple Unspecified Security Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61606

RETIRED: Google Chrome Prior to 29.0.1547.57 Multiple Security Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61865

RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-63 through -75 Multiple Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61641

Sixnet Universal Protocol Undocumented Function Codes Remote Security Bypass Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61837

PuTTY 'getstring()' Function Multiple Integer Overflow Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61599

TYPO3 Faceted Search Extension CVE-2013-5307 Unspecified Cross Site Scripting Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61609

Google Chrome CVE-2013-2900 Unspecified Security Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61887

Exploit

  Ovidentia 7.9.4 - Multiple Vulnerabilities

  CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities

  Netgear ProSafe - Information Disclosure Vulnerability

  Netgear ProSafe - Denial of Service Vulnerability

  Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment

  DeWeS 0.4.2 - Directory Traversal Vulnerability

  Samba nttrans Reply - Integer Overflow Vulnerability

20.8.2013

Bugtraq

[security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-08-20
security-alert hp com

Malware

RDN/Generic StartPage!bo!616601C49DEA

Generic.bfr!713B6E883113

Generic.tfr!7483778612C8

RDN/Generic PUP.x!bgd!28A667309A5D

RDN/Downloader.a!nf!216F7F8984E4

Generic PUP.x!BC381EBDB323

RDN/Generic PUP.x!bgd!3E3CB35BDD03

Generic PUP.x!70EEE0A15AB1

RDN/Generic.tfr!do!29E085CCD1E2

RDN/PWS-Mmorpg!ka!CD0E77C54624

RDN/Generic PUP.x!bgd!88A525B6DFDB

Generic PUP.x!71C2F4768159

RDN/Generic PUP.x!bgd!C7B7D51543A8

RDN/Generic PUP.x!02B6C67A7233

Generic PUP.x!21C10EA043D4

RDN/Generic.bfr!ey!92A745547FD8

Generic PUP.x!3A7F1C19B425

RDN/Generic Downloader.x!ik!0722BA534392

RDN/Generic PUP.x!bgd!8B6107CDF074

RDN/Generic PUP.x!bgd!D1E8F7B47AF4

Generic PUP.x!6B19D62B6143

RDN/Generic PUP.x!bgd!CB90900043B2

Generic PUP.x!F89ED493DDF1

RDN/Generic.dx!cpm!58F47627DC01

RDN/Generic.tfr!do!3EF24DCE9D2F

RDN/Generic PUP.x!bgd!4413371EFA44

RDN/Generic PUP.x!000F0D3AAF5A

RDN/Generic PUP.x!E206766740F6

Generic PUP.x!57FD314B4A34

Generic PUP.x!70FAAD6E9B9F

Phishing

 

Vulnerebility

Sixnet Universal Protocol Undocumented Function Codes Remote Security Bypass Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61837

Symfony CVE-2013-4752 HTTP Header Spoofing Security Bypass Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61715

OpenStack Keystone CVE-2013-2013 Password Information Disclosure Vulnerability
2013-08-21
http://www.securityfocus.com/bid/59504

strongSwan 'is_asn1()' Function Denial of Service Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61564

PuTTY DSA Signature CVE-2013-4207 Remote Buffer Overflow Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61649

PuTTY 'modmul()' Function Buffer Underrun Vulnerability
2013-08-21
http://www.securityfocus.com/bid/61645

PuTTY Private Key 'putty/sshdss.c' Multiple Information Disclosure Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61644

PuTTY 'getstring()' Function Multiple Integer Overflow Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61599

FFmpeg Multiple Remote Security Vulnerabilities
2013-08-21
http://www.securityfocus.com/bid/61879

Linux Kernel 'key_notify_policy_flush()' Function Local Information Disclosure Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60953

Linux Kernel 'mmc_ioctl_cdrom_read_data()' Function Local Information Disclosure Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60375

Linux Kernel Multiple Local Information Disclosure Vulnerabilities
2013-08-20
http://www.securityfocus.com/bid/60280

Linux Kernel CVE-2013-2206 NULL Pointer Dereference Denial of Service Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60715

phpFox CVE-2013-5120 SQL Injection Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61660

Linux Kernel CVE-2013-2851 Memory Corruption Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60409

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60631

Oracle Java SE CVE-2013-2417 Remote Java Runtime Environment Vulnerability
2013-08-20
http://www.securityfocus.com/bid/59187

Linux Kernel CVE-2013-0343 IPv6 Temporary Addresses Remote Security Vulnerability
2013-08-20
http://www.securityfocus.com/bid/58795

Linux Kernel Ceph CVE-2013-1059 Remote Denial of Service Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60922

Linux Kernel CVE-2013-4127 Use After Free Memory Corruption Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61198

Linux Kernel CVE-2013-4247 Memory Corruption Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61800

Linux Kernel 'b43' Wireless Driver Local Privilege Escalation Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60410

Linux Kernel CVE-2013-4125 Remote Denial of Service Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61166

Linux Kernel 'copy_event_to_user()' Function Local Information Disclosure Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60341

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-08-20
http://www.securityfocus.com/bid/57778

Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61129

Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
2013-08-20
http://www.securityfocus.com/bid/59826

FUDforum 'index.php' HTML Injection Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61494

LibTIFF CVE-2013-4231 Multiple Buffer Overflow Vulnerabilities
2013-08-20
http://www.securityfocus.com/bid/61695

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61128

Exploit

  freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow

  Graphite Web Unsafe Pickle Handling

  Oracle Java BytePackedRaster.verify() Signed Integer Overflow

  Bitbot C2 Panel gate2.php - Multiple Vulnerabilities

  Samsung DVR Firmware 1.10 - Authentication Bypass

  Adobe ColdFusion 9 Administrative Login Bypass

  Sitecom N300/N600 Devices - Multiple Vulnerabilities

Win32-Worm:VBS/Jenxcus.A Malware Report

19.8.2013

Bugtraq

Samsung DVR authentication bypass 2013-08-20
Andrea Fabrizi (andrea fabrizi gmail com)

ESA-2013-047: RSAŽ Authentication Agent for PAM Unlimited Login Attempts Vulnerability 2013-08-20
Security Alert (Security_Alert emc com)

Malware

RDN/Generic.grp!fs!A8C92FCB7F9D

RDN/Generic PUP.x!bgb!94FCB001CD6A

RDN/Generic PWS.y!18F9BBB1E8A3

RDN/Generic PWS.y!CF9048D419C2

Generic PUP.x!33C1489A64D4

Generic PUP.x!C77BC789EC53

RemAdm-Gneric!E1CF625D0F9E

RDN/Generic Dropper!52CD3E0DBBB1

RDN/Downloader.gen.a!84C334DD9840

Generic.dx!43B2706C545F

Generic StartPage!91C0EAD7FC3E

RDN/Generic.dx!cpl!62D7197F2D12

Generic PUP.x!C5E92F449CEF

RDN/Generic PUP.x!bgb!E4C1E4658FCC

RDN/Generic PUP.x!34B5668A4532

Generic PUP.x!192AFAE5BADB

RDN/Generic.bfr!7700FA720B24

RDN/Generic.tfr!DED2DDB9A278

RDN/Generic PUP.x!bgb!3A0048739303

RDN/Generic PUP.z!96625B3071D1

RDN/Generic.dx!cpl!9806F115C816

Generic StartPage!71CBCCFC4025

RDN/Generic PUP.x!bgb!1A639820E172

RDN/Generic PUP.x!bgb!1AE929E6CCE6

RDN/Generic.tfr!do!54A2FE2238E9

Generic PUP.x!82569930DD70

RDN/Generic PUP.x!bgb!DCAA86CBB71B

Generic PUP.x!A838C71F2EC5

RDN/Generic.dx!EC1AF38959E9

RDN/Generic.dx!cpl!3420B4C89353

Phishing

Barclays Personal

20th August 2013

Suspicious Account Activity

LloydsTSB Bank

19th August 2013

VERIFY THE FUNDS THAT WAS
TRANSFERRED ON YOUR ACCOUNT

Barclays Personal Banking

19th

Vulnerebility

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60627

Linux Kernel 'perf' Multiple Denial of Service and Information Disclosure Vulnerabilities
2013-08-20
http://www.securityfocus.com/bid/60324

Oracle Java SE CVE-2013-0435 Remote Java Runtime Environment Vulnerability
2013-08-20
http://www.securityfocus.com/bid/57729

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-08-20
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2012-3342 Remote Java Runtime Environment Vulnerability
2013-08-20
http://www.securityfocus.com/bid/57700

Download Monitor 'p' Parameter Cross Site Scripting Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61407

Serendipity 'serendipity_admin_image_selector.php' Cross Site Scripting Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61138

phpVID Multiple Cross Site Scripting and SQL Injection Vulnerabilities
2013-08-20
http://www.securityfocus.com/bid/61734

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2013-08-20
http://www.securityfocus.com/bid/61479

Oracle Java SE CVE-2013-2425 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59191

Oracle Java SE CVE-2013-2445 Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60639

Oracle Java SE CVE-2013-2449 Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60622

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0769 Memory Corruption Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57203

Oracle Java SE CVE-2013-0442 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57687

Oracle Java SE CVE-2013-0441 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57692

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57712

Oracle Java SE CVE-2013-0434 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57730

Oracle Java SE CVE-2013-0432 Java Runtime Environment Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57727

Oracle Java SE CVE-2013-0429 Remote Java Runtime Environment Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57710

Oracle Java SE CVE-2013-0428 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57713

Oracle Java SE CVE-2013-0426 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57711

Oracle Java SE CVE-2013-0427 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57724

Oracle Java SE CVE-2013-0425 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57709

Oracle Java SE CVE-2013-0433 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57719

Oracle Java SE CVE-2013-1478 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57686

Oracle Java SE CVE-2013-1480 Remote Code Execution Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57691

Oracle Java SE CVE-2013-1476 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57696

Oracle Java SE CVE-2013-0450 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57703

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57702

Oracle Java SE CVE-2013-0445 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57689

Exploit

 

18.8.2013

Bugtraq

Multiple vulnerabilities on Sitecom N300/N600 devices 2013-08-19
roberto paleari emaze net

[SECURITY] [DSA 2738-1] ruby1.9.1 security update 2013-08-18
Thijs Kinkhorst (thijs debian org)

Defense in depth -- the Microsoft way (part 7): executable files in data directories 2013-08-17
Stefan Kanthak (stefan kanthak nexgo de)

Malware

RDN/Generic PUP.x!bg3!523D3DA2159F

Generic.bfr!74913FACAC3E

RDN/Generic PUP.x!bg3!334F86220F21

RDN/Generic PUP.x!bg3!285C31767CB4

RDN/Generic BackDoor!sx!3C1163B07856

RDN/Generic Downloader.x!ij!B38B3201AB7E

RDN/Generic BackDoor!DB6FC5C8D197

RDN/Generic PUP.x!bg3!39556EABFCF7

RDN/Generic PUP.x!bg3!773D819B0927

RDN/Downloader.a!nf!6D331945F513

Generic BackDoor!E54B8CA0D15B

RDN/Generic BackDoor!sx!A387684B8741

Generic PUP.x!6DF04C902CA8

RDN/Generic PUP.x!bg3!C5925BA20DEF

RDN/Generic PUP.x!bg3!CBD2B07C15DD

Generic Downloader.x!836AB3B640B5

Generic PUP.x!A9D93D8A4FEC

Generic PUP.x!18EB5DCF6F2F

RDN/Generic BackDoor!FBDB46F9689B

RDN/Generic PUP.x!bg3!DA723E298F39

RDN/Generic PUP.x!bg3!4EFF0F2C646F

RDN/Generic.bfr!F91CD89656E3

Generic PUP.x!039C3482514C

Generic PUP.x!CB3BBD89B058

Generic Dropper!CBE4E39AE028

RDN/Generic.dx!cpj!47626859E441

Generic PUP.x!EA009E5B0E54

Generic PUP.x!B3CC1E52ACE7

Generic PUP.x!6F260B696796

Generic PUP.x!42073698F13D

Phishing

LloydsTSB Bank

19th August 2013

VERIFY THE FUNDS THAT WAS
TRANSFERRED ON YOUR ACCOUNT

Barclays Personal Banking

19th August 2013

ACCOUNT REVIEW NOTICE.

Barclays Personal

19th August 2013

Suspicious Account Activity

Webmaster

19th August 2013

Email Account Update Reminder

Vulnerebility

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-1563 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59208

Oracle Java SE CVE-2013-1558 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59219

Oracle Java SE CVE-2013-1540 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59149

Oracle Java SE CVE-2013-1488 Remote Code Execution Vulnerability
2013-08-19
http://www.securityfocus.com/bid/58504

Oracle Java SE CVE-2013-2419 Remote Code Execution Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59131

Oracle Java SE CVE-2013-2417 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59187

Oracle Java SE CVE-2013-2426 Multiple Remote Code Execution Vulnerabilities
2013-08-19
http://www.securityfocus.com/bid/59206

Oracle Java Runtime Environment CVE-2013-2423 Security Bypass Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59162

Oracle Java SE CVE-2013-2422 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59228

Oracle Java SE CVE-2013-2421 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59153

Oracle Java SE CVE-2013-2418 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59145

Oracle Java SE CVE-2013-2467 Local Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60649

Oracle Java SE CVE-2013-3744 Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60654

Oracle Java SE CVE-2013-0441 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57692

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57712

Oracle Java SE CVE-2013-0442 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57687

Oracle Java SE CVE-2013-0437 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57681

Oracle Java SE CVE-2013-0438 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57708

Oracle Java SE CVE-2013-0435 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57729

Oracle Java SE CVE-2013-0434 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57730

Oracle Java SE CVE-2013-0432 Java Runtime Environment Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57727

Oracle Java SE CVE-2013-0431 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/57726

Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59165

Oracle Java SE CVE-2013-2439 Remote Java Runtime Environment Vulnerability
2013-08-19
http://www.securityfocus.com/bid/59178

Oracle Java SE CVE-2013-2437 Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60636

Oracle Java SE CVE-2013-2442 Remote Security Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60643

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60655

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-08-19
http://www.securityfocus.com/bid/60651

Exploit

  Mozilla Firefox 3.6 - Integer Overflow Exploit

  Mozilla Firefox 3.5.4 - Local Color Map Exploit

  PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit

  Cogent DataHub HTTP Server Buffer Overflow

  Java storeImageArray() Invalid Array Indexing Vulnerability

  IBM 1754 GCM 1.18.0.22011 - Remote Command Execution

  VLC Player 2.0.8 (.m3u) - Local Crash PoC

17.8.2013

Bugtraq

Open-Xchange Security Advisory 2013-08-16 2013-08-16
Martin Braun (martin braun open-xchange com)

Update: Linksys EA2700, EA3500, E4200v2, EA4500 Unspecified unauthenticated remote access 2013-08-15
kyle Lovett (krlovett gmail com)

Photo Transfer Upload v1.0 iOS - Multiple Vulnerabilities 2013-08-16
Vulnerability Lab (research vulnerability-lab com)

Copy to WebDAV v1.1 iOS - Multiple Web Vulnerabilities 2013-08-16
Vulnerability Lab (research vulnerability-lab com)

CFP: WorldCIST'14 - World Conference on IST; Best papers published in JCR/ISI Journals 2013-08-14
WorldCIST (aisti-sd aisti eu)

[security bulletin] HPSBMU02915 rev.1 - HP Service Manager, Remote Unauthenticated Access and Elevation of Privilege 2013-08-14
security-alert hp com

Malware

Generic Downloader.x!0510F64DB024

Generic Downloader.x!A29954EBDDFF

Generic PUP.x!DF7FB947B6B4

Generic PUP.x!0E9C2DA1B7FA

BackDoor-FBCY!70D136C24A10!70D136C24A10

Generic.tfr!C9F4540BE0FD

Generic.bfr!FD360BD9F102

Generic PUP.x!FAB05323F88E

Generic StartPage!A4A7E2E9BC65

Generic Downloader.x!A9BFE1F29ABC

RDN/Generic PUP.x!bfv!45B879DC68F4

Generic PUP.x!A37DEF0850A0

RDN/Generic.bfr!ey!C058D4831684

Generic PUP.x!A8E0BCC906FF

Generic.tfr!7776E3B774A3

Generic.dx!C717599E7175

Generic PUP.x!CA87476ED8D3

RDN/Generic PUP.x!EA829BD744E4

RDN/Generic Downloader.x!D7251B642DB9

RDN/Generic PUP.x!9B5C36E11EE7

Generic.bfr!8DE7DC4A332A

RDN/Downloader.a!ne!C8CE4CF1FC2F

RDN/Generic PUP.x!bfv!A28D90A77AE2

Generic PUP.x!24A3CC5F8C52

RDN/Generic.bfr!ey!53D12430C72E

RDN/PWS-Banker!127AA32B7E24

Generic PUP.x!5F2DEDE7152E

RDN/Generic.hra!br!EF2F384B88BC

Generic PUP.x!8245ED4921AF

RDN/Generic PUP.x!750E876D3D4F

Phishing

Apple

16th August 2013

ALERT:PLEASE CONFIRM YOUR
APPLE ACCOUNT INFORMATIONS

Barclays Bank Plc

16th August 2013

Account Suspended !

eBay

15th August 2013

MC999 Your eBay account will
be suspended

Nationwide

15th August 2013

Nationwide Building Society -
Account Limitation

Vulnerebility

Samba CVE-2013-4124 Local Denial of Service Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61597

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-63 through -75 Multiple Vulnerabilities
2013-08-16
http://www.securityfocus.com/bid/61641

Microsoft Windows CVE-2013-3175 Remote Privilege Escalation Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61673

Linux Kernel 'perf_event.c' Local Privilege Escalation Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61793

Multiple Vendor TCP Sequence Number Approximation Vulnerability
2013-08-16
http://www.securityfocus.com/bid/10183

Linux Kernel CVE-2013-1792 Local Denial of Service Vulnerability
2013-08-16
http://www.securityfocus.com/bid/58368

Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
2013-08-16
http://www.securityfocus.com/bid/59799

Linux Kernel 'i915 DRM' Driver Integer Overflow Vulnerability
2013-08-16
http://www.securityfocus.com/bid/58427

Linux Kernel CVE-2013-1767 Local Privilege Escalation Vulnerability
2013-08-16
http://www.securityfocus.com/bid/58177

GNU glibc 'regexec.c' Buffer Overflow Vulnerability
2013-08-16
http://www.securityfocus.com/bid/57638

GNU glibc 'getaddrinfo()' Stack Buffer Overflow Vulnerability
2013-08-16
http://www.securityfocus.com/bid/58839

Ruby SSL Client Certificate Validation CVE-2013-4073 Security Bypass Vulnerability
2013-08-16
http://www.securityfocus.com/bid/60843

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61128

phpFox Multiple SQL Injection Vulnerabilities
2013-08-16
http://www.securityfocus.com/bid/61660

Ruby on Rails CVE-2013-1854 Remote Denial of Service Vulnerability
2013-08-16
http://www.securityfocus.com/bid/58549

Ruby on Rails CVE-2013-1857 Cross Site Scripting Vulnerability
2013-08-16
http://www.securityfocus.com/bid/58555

Ruby on Rails 'sanitize_css()' Method CVE-2013-1855 Cross Site Scripting Vulnerability
2013-08-16
http://www.securityfocus.com/bid/58552

Joomla! 'media.php' Arbitrary File Upload Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61582

MiniWeb Directory Traversal and Arbitrary File Upload Vulnerabilities
2013-08-16
http://www.securityfocus.com/bid/58946

WordPress A Forms Plugin HTML Injection and Cross Site Request Forgery Vulnerabilities
2013-08-16
http://www.securityfocus.com/bid/61815

Open-Xchange Server CVE-2013-5035 Information Disclosure Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61814

cPanel Multiple Remote Security Vulnerabilities
2013-08-16
http://www.securityfocus.com/bid/61812

KCFinder 'file' Parameter Arbitrary File Disclosure Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61810

DotNetNuke Open-Redirection and HTML Injection Vulnerabilities
2013-08-16
http://www.securityfocus.com/bid/61809

Photo Transfer Local File Include, Arbitrary File Upload and HTML Injection Vulnerabilities
2013-08-16
http://www.securityfocus.com/bid/61808

Juniper Networks JUNOS Space CVE-2013-5096 Security Bypass Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61794

Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
2013-08-15
http://www.securityfocus.com/bid/51706

Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
2013-08-15
http://www.securityfocus.com/bid/50802

Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
2013-08-15
http://www.securityfocus.com/bid/49957

Multiple Vendor SSL/TLS Renegotiation Denial Of Service Vulnerability
2013-08-15
http://www.securityfocus.com/bid/48626

Exploit

 

16.8.2013

Bugtraq

Open-Xchange Security Advisory 2013-08-16 2013-08-16
Martin Braun (martin braun open-xchange com)

Update: Linksys EA2700, EA3500, E4200v2, EA4500 Unspecified unauthenticated remote access 2013-08-15
kyle Lovett (krlovett gmail com)

Photo Transfer Upload v1.0 iOS - Multiple Vulnerabilities 2013-08-16
Vulnerability Lab (research vulnerability-lab com)

Copy to WebDAV v1.1 iOS - Multiple Web Vulnerabilities 2013-08-16
Vulnerability Lab (research vulnerability-lab com)

CFP: WorldCIST'14 - World Conference on IST; Best papers published in JCR/ISI Journals 2013-08-14
WorldCIST (aisti-sd aisti eu)

[security bulletin] HPSBMU02915 rev.1 - HP Service Manager, Remote Unauthenticated Access and Elevation of Privilege 2013-08-14
security-alert hp com

Subverting BIND's SRTT Algorithm: Derandomizing NS Selection 2013-08-14
Roee Hay (roeeh il ibm com)

[PSA-2013-0813-1] Oracle Java IntegerInterleavedRaster.verify()Signed Integer Overflow 2013-08-14
bugtraq packetstormsecurity org

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Chris Meisinger (chris meisinger centro net) (1 replies)

Malware

RDN/Generic PUP.x!bf3!1A096F7AB043

RDN/Generic PUP.x!bf3!157E2F22ECB1

RDN/Generic PUP.x!bf3!4887C56FB459

RDN/Generic PUP.x!bf3!F1DFDB5A5E73

RDN/Generic PUP.x!bf3!856FD8ED770B

RDN/Generic Dropper!rd!9229E64036B2

Generic PUP.x!73E603DB2E2B

RDN/Generic PUP.x!07507E4807AE

RDN/Generic PUP.x!972D20C9045C

RDN/Generic Dropper!rd!4AAC0F030931

RDN/Generic PUP.x!bf3!BA1B5E0C453A

RDN/Generic PUP.x!bf3!343BC98FB696

RDN/Generic PUP.x!bf3!E0E3361C6EB2

RDN/Generic PUP.x!bf3!F98E638CA377

RDN/Generic PWS.y!246AD4F95F08

RDN/Generic BackDoor!sw!D26ABD818975

Generic PUP.x!3DD7E350323A

Generic PUP.x!95B8B77C7360

Generic PUP.x!9CBEDEB16F9F

RDN/Generic PUP.x!bf3!94F451E58CEA

Generic.dx!C5DC628E7D4C

RDN/Generic PUP.x!bf3!5C6F23D97E2D

RDN/Generic PUP.x!bf3!4F7885C68A06

Generic.dx!C68B7641088B

RDN/Generic PUP.x!bf3!BC6E09EA7E2E

Generic PWS.y!DF12B7F4796C

Generic.dx!AD8AC7354070

RDN/Generic PUP.x!53DE2966A370

Generic.dx!2A3DED755117

Generic.dx!E5E2A4241AEB

Phishing

Barclays Bank Plc

16th August 2013

Account Suspended !

eBay

15th August 2013

MC999 Your eBay account will
be suspended

Nationwide

15th August 2013

Nationwide Building Society -
Account Limitation

PayPal

14th August 2013

YOUR ACCOUNT ACCESS HAS BEEN
LIMITED FOR THE FOLLOWING
REASON(S):

Santander Bank Plc

14th August 2013

Your Account Summary - August
2013

BT YAHOO

14th August 2013

Important information about
your service-Mail Update

Barclays Bank Plc

14th August 2013

Account Suspended

Barclays Bank Plc

14th August 2013

Account Suspended!

Barclays Personal

14th August 2013

Suspicious Account Activity

Vulnerebility

Joomla! 'media.php' Arbitrary File Upload Vulnerability
2013-08-16
http://www.securityfocus.com/bid/61582

MiniWeb Directory Traversal and Arbitrary File Upload Vulnerabilities
2013-08-16
http://www.securityfocus.com/bid/58946

Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
2013-08-15
http://www.securityfocus.com/bid/51706

Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
2013-08-15
http://www.securityfocus.com/bid/50802

Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
2013-08-15
http://www.securityfocus.com/bid/49957

Multiple Vendor SSL/TLS Renegotiation Denial Of Service Vulnerability
2013-08-15
http://www.securityfocus.com/bid/48626

IBM QRadar Security Information and Event Manager Remote Command Injection Vulnerability
2013-08-15
http://www.securityfocus.com/bid/60284

Chasys Draw IES CVE-2013-3928 Multiple Remote Buffer Overflow Vulnerabilities
2013-08-15
http://www.securityfocus.com/bid/61463

Ultra Mini HTTPD 'GET' Request Stack-Based Buffer Overflow Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61130

IntraSrv Buffer Overflow Vulnerability
2013-08-15
http://www.securityfocus.com/bid/60229

Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
2013-08-15
http://www.securityfocus.com/bid/59826

Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61129

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61776

ModSecurity POST Parameters Security Bypass Vulnerability
2013-08-15
http://www.securityfocus.com/bid/56096

ModSecurity XML External Entity Information Disclosure Vulnerability
2013-08-15
http://www.securityfocus.com/bid/58810

ModSecurity CVE-2013-2765 NULL Pointer Dereference Remote Denial of Service Vulnerability
2013-08-15
http://www.securityfocus.com/bid/60182

ModSecurity Quote Parsing Security Bypass Vulnerability
2013-08-15
http://www.securityfocus.com/bid/54156

SPICE CVE-2013-4130 Multiple Denial of Service Vulnerabilities
2013-08-15
http://www.securityfocus.com/bid/61192

libgcrypt RSA Secret Keys Information Disclosure Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61464

RETIRED: Microsoft August 2013 Advance Notification Multiple Vulnerabilities
2013-08-15
http://www.securityfocus.com/bid/61686

Google Chrome CVE-2013-2882 Remote Code Execution Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61548

OpenStack python-keystoneclient CVE-2013-2167 Security Bypass Vulnerability
2013-08-15
http://www.securityfocus.com/bid/60680

OpenStack python-keystoneclient CVE-2013-2166 Security Bypass Vulnerability
2013-08-15
http://www.securityfocus.com/bid/60684

OpenStack Keystone and python-keystoneclient PKI Tokens Validation Security Bypass Vulnerability
2013-08-15
http://www.securityfocus.com/bid/60193

RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61763

ANGLE Multiple Integer Overflow Vulnerabilities
2013-08-15
http://www.securityfocus.com/bid/61163

ACal 'view' Parameter Local File Include Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61801

Pligg CMS Cross Site Request Forgery Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61799

Alibaba Clone 'id' Parameter SQL Injection Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61798

Kingsoft Writer CVE-2013-3934 Stack Buffer Overflow Vulnerability
2013-08-15
http://www.securityfocus.com/bid/61796

Exploit

  Intrasrv 1.0 Buffer Overflow

  MiniWeb (Build 300) Arbitrary File Upload

  Ultra Mini HTTPD Stack Buffer Overflow

  Joomla Media Manager File Upload Vulnerability

  Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

  Chasys Draw IES Buffer Overflow

  KCFinder 2.51 - Local File Disclosure

  Mac's CMS 1.1.4 - Multiple Vulnerabilities

  Pligg CMS 2.0.0rc2 - CSRF File Creation Vulnerability

  Spitfire CMS 1.1.4 - CSRF Vulnerability

  DotNetNuke DNNArticle Module 10.0 - SQL Injection Vulnerability

  w-CMS 2.0.1 - Remote Code Execution Vulnerability

  ACal 2.2.6 (example.php, view param) - Local File Inclusion Vulneberality

  Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection Vulnerability

15.8.2013

Bugtraq

Subverting BIND's SRTT Algorithm: Derandomizing NS Selection 2013-08-14
Roee Hay (roeeh il ibm com)

[PSA-2013-0813-1] Oracle Java IntegerInterleavedRaster.verify()Signed Integer Overflow 2013-08-14
bugtraq packetstormsecurity org

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Chris Meisinger (chris meisinger centro net) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Jorge Dorantes (jdorantes nordicnaturals com)

[ MDVSA-2013:213 ] xymon 2013-08-13
security mandriva com

[ MDVSA-2013:212 ] otrs 2013-08-13
security mandriva com

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
Reindl Harald (h reindl thelounge net) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

Struts2 Prefixed Parameters Open Redirect Vulnerability 2013-08-13
$B8!::8!::(B (mbsdtest01 gmail com)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
coderaptor (coderaptor gmail com) (2 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Matthew Caron (Matt Caron redlion net)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Reindl Harald (h reindl thelounge net) (3 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
coderaptor (coderaptor gmail com) (1 replies)

Malware

Generic BackDoor!CD5AFE897D09

RDN/Generic BackDoor!6A5A1018D460

RDN/FakeAlert-HDD!c!5B67FF24206D

RDN/Generic PWS.y!ug!26780E369F04

RDN/Generic BackDoor!sv!61A93433FC54

RDN/Generic Dropper!rc!2B58BF14041E

RDN/Generic.dx!cpd!934AA06DC8C2

RDN/Generic PWS.y!ug!D9786F11D22F

RDN/Generic.dx!cpd!727471165105

RDN/Generic BackDoor!sv!D915C530838A

RDN/FakeAlert-HDD!c!AD8B2AF8963E

Generic Dropper!83B548D5BE77

Generic PUP.x!D8A14462C19E

RDN/Generic.dx!D638525D1449

Generic Downloader.x!2AC307D186B5

RDN/FakeAlert-HDD!c!86E97225E648

Generic Dropper!86AA44871FFF

Generic PUP.x!D1336BA0E85C

T-RAI-ABU!68E6F0802966

RDN/Generic PUP.x!B6FEB948CF05

Generic PUP.x!D87D8F9E93A9

Generic PUP.x!D8C7942636F4

RDN/IRCbot.ds!c!51C6D11639EF

RDN/Generic.dx!cpd!DAF979823451

Generic.dx!8A1B28B5944D

RDN/FakeAlert-HDD!c!6B1C5DA2F7E0

Generic BackDoor!896482CBA769

RDN/Generic PUP.x!4D959DF098B7

RDN/Generic PUP.x!960CF198A51F

Generic PUP.x!D8C68A87F377

Phishing

PayPal

14th August 2013

YOUR ACCOUNT ACCESS HAS BEEN
LIMITED FOR THE FOLLOWING
REASON(S):

Santander Bank Plc

14th August 2013

Your Account Summary - August
2013

BT YAHOO

14th August 2013

Important information about
your service-Mail Update

 

Barclays Bank Plc

14th August 2013

Account Suspended

Barclays Bank Plc

14th August 2013

Account Suspended!

Barclays Personal

14th August 2013

Suspicious Account Activity

Vulnerebility

ANGLE Multiple Integer Overflow Vulnerabilities
2013-08-15
http://www.securityfocus.com/bid/61163

HP LoadRunner ActiveX Control CVE-2013-4801 Remote Code Execution Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61445

HP LoadRunner CVE-2013-4797 Remote Code Execution Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61444

HP LoadRunner CVE-2013-4798 Remote Code Execution Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61443

libimobiledevice 'userpref.c' Insecure Temporary File Creation Vulnerability
2013-08-14
http://www.securityfocus.com/bid/60249

HP LoadRunner CVE-2013-4799 Remote Buffer Overflow Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61442

SPICE CVE-2013-4130 Multiple Denial of Service Vulnerabilities
2013-08-14
http://www.securityfocus.com/bid/61192

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61479

HP System Management Homepage CVE-2013-2362 Unspecified Local Denial of Service Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61337

HP LoadRunner CVE-2013-2368 Unspecified Denial of Service Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61436

HP Network Node Manager I CVE-2013-2351 Unspecified Unauthorized Access Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61132

HP LoadRunner CVE-2013-2369 Remote Code Execution Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61437

Dovecot 'LIST' Command Denial of Service Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61763

HP Application Lifecycle Management Quality Center Multiple Cross Site Scripting Vulnerabilities
2013-08-14
http://www.securityfocus.com/bid/61450

Microsoft Internet Explorer CVE-2013-3194 Use After Free Memory Memory Corruption Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61679

Oracle Database Server CVE-2013-3751 Stack Overflow Remote Code Execution Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61206

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-08-14
http://www.securityfocus.com/bid/60657

Microsoft Internet Explorer CVE-2013-3184 Memory Corruption Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61668

Oracle Endeca Server CVE-2013-3763 Remote Code Execution Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61217

strongSwan 'is_asn1()' Function Denial of Service Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61564

Oracle Endeca Server CVE-2013-3764 Remote Code Execution Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61224

Microsoft Internet Explorer CVE-2013-3199 Use After Free Memory Corruption Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61680

Microsoft Internet Explorer CVE-2013-3193 Use After Free Memory Corruption Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61678

OTRS CVE-2013-4088 Remote Security Bypass Vulnerability
2013-08-14
http://www.securityfocus.com/bid/60688

Multiple OTRS Products CVE-2013-4718 Unspecified HTML Injection Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61036

OTRS ITSM/FAQ Module CVE-2013-2637 Multiple HTML Injection Vulnerabilities
2013-08-14
http://www.securityfocus.com/bid/58930

OTRS and OTRS ITSM CVE-2013-4717 Unspecified SQL Injection Vulnerabilitiy
2013-08-14
http://www.securityfocus.com/bid/61037

Multiple OTRS Products CVE-2013-2625 Access Bypass Vulnerability
2013-08-14
http://www.securityfocus.com/bid/58936

Multiple OTRS Products CVE-2013-3551 Information Disclosure Vulnerability
2013-08-14
http://www.securityfocus.com/bid/60117

Novell iPrint Client CVE-2012-0411 Remote Code Execution Vulnerability
2013-08-14
http://www.securityfocus.com/bid/57037

Exploit

 

14.8.2013

Bugtraq

[PSA-2013-0813-1] Oracle Java IntegerInterleavedRaster.verify()Signed Integer Overflow 2013-08-14
bugtraq packetstormsecurity org

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Chris Meisinger (chris meisinger centro net) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Jorge Dorantes (jdorantes nordicnaturals com)

[ MDVSA-2013:213 ] xymon 2013-08-13
security mandriva com

[ MDVSA-2013:212 ] otrs 2013-08-13
security mandriva com

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
Reindl Harald (h reindl thelounge net) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

Struts2 Prefixed Parameters Open Redirect Vulnerability 2013-08-13
$B8!::8!::(B (mbsdtest01 gmail com)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
coderaptor (coderaptor gmail com) (2 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Matthew Caron (Matt Caron redlion net)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
Reindl Harald (h reindl thelounge net) (3 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
coderaptor (coderaptor gmail com) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
Reindl Harald (h reindl thelounge net)

Struts2 Prefixed Parameters OGNL Injection Vulnerability 2013-08-13
$B8!::8!::(B (mbsdtest01 gmail com)

CakePHP AssetDispatcher Local File Inclusion Vulnerability 2013-08-13
$B8!::8!::(B (mbsdtest01 gmail com)

Malware

W32/MoonLight.worm!9BB48AC1AAE5

RDN/Generic PUP.x!57E11984CAF8

RDN/Generic PWS.bfr!e!655D77D7B2D0

RDN/Generic Dropper!57E78222E45E

Generic.dx!A312B93C037E

RDN/Generic PWS.y!ug!A9F8608E98C7

RDN/Generic PUP.x!bfr!95001CE89B96

RDN/Generic BackDoor!sv!4F3314C6FF2D

FakeRean-FAD!5B7132D773A1!5B7132D773A1

RDN/Generic PUP.x!bfr!E15773F593C2

Generic.tfr!592C162C93F8

RDN/Generic Dropper!58D5F015AA45

Generic.tfr!59C4DAF24E2E

FakeRean-FAD!597E5E8A58E0!597E5E8A58E0

FakeRean-FAD!58416104706F!58416104706F

Generic PUP.x!5A0B78B3D070

FakeRean-FAD!5F35A4FEB864!5F35A4FEB864

FakeRean-FAD!576D3D8E1440!576D3D8E1440

RDN/Generic.dx!cpb!AF8DB65EF598

Generic PUP.x!591AFCB04902

FakeRean-FAD!507794F4D94C!507794F4D94C

RDN/Generic PUP.x!bfr!DEFC679DA81A

RDN/Generic.grp!fr!45AC1C684892

RDN/Generic PUP.x!bfr!A5D12E4EAB81

RDN/Generic PWS.y!ug!0760C14D7196

RDN/Generic.bfr!04E5C14C03B5

FakeRean-FAD!4C3B7D4B6C49!4C3B7D4B6C49

RDN/Generic PUP.x!EECC8844AA01

Generic PUP.x!899BB08A31A9

RDN/Generic PUP.x!FBD3AF5888E4

Phishing

Wells Fargo Online

13th August 2013

Your Wells Fargo Online
Account Security NotificationŠ

Halifax Online

13th August 2013

REVIEW YOUR ACCOUNT FOR
PAYMENT NOTIFICATION

Barclays Personal

13th August 2013

Suspicious Account Activity

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-63 through -75 Multiple Vulnerabilities
2013-08-14
http://www.securityfocus.com/bid/61641

TYPO3 Static Methods since 2007 Extension Unspecified Cross Site Scripting Vulnerability
2013-08-14
http://www.securityfocus.com/bid/57288

Anchor CMS 'name' Field HTML Injection Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61376

Advantech WebAccess HMI/SCADA CVE-2013-2299 Cross Site Scripting Vulnerability
2013-08-14
http://www.securityfocus.com/bid/57227

cgit 'url' Parameter Directory Traversal Vulnerability
2013-08-14
http://www.securityfocus.com/bid/60164

Apache HTTP Server CVE-2013-1896 Remote Denial of Service Vulnerability
2013-08-14
http://www.securityfocus.com/bid/61129

Oracle Outside In Technology CVE-2013-3781 Local Security Vulnerability
2013-08-13
http://www.securityfocus.com/bid/61232

Oracle Fusion Middleware CVE-2013-2393 Local Security Vulnerability
2013-08-13
http://www.securityfocus.com/bid/59129

Oracle Outside In Technology CVE-2013-3776 Local Security Vulnerability
2013-08-13
http://www.securityfocus.com/bid/61234

Microsoft Windows CVE-2013-2556 ASLR Security Bypass Vulnerability
2013-08-13
http://www.securityfocus.com/bid/58566

Apache Axis2 'engagingglobally' Cross-Site Scripting Vulnerability
2013-08-13
http://www.securityfocus.com/bid/40327

SAP BusinessObjects 'Axis2' Component Default Password Security Bypass Vulnerability
2013-08-13
http://www.securityfocus.com/bid/44055

MinaliC Remote Buffer Overflow Vulnerability
2013-08-13
http://www.securityfocus.com/bid/59056

Apache HTTP Server Terminal Escape Sequence in Logs Command Injection Vulnerability
2013-08-13
http://www.securityfocus.com/bid/59826

Xymon Remote Arbitrary File Deletion Vulnerability
2013-08-13
http://www.securityfocus.com/bid/61466

OTRS and OTRS ITSM CVE-2013-4717 Unspecified SQL Injection Vulnerabilitiy
2013-08-13
http://www.securityfocus.com/bid/61037

Review Board CVE-2013-2209 HTML Injection Vulnerability
2013-08-13
http://www.securityfocus.com/bid/60743

Squash Multiple Arbitrary Code Execution Vulnerabilities
2013-08-13
http://www.securityfocus.com/bid/61661

Red Hat Enterprise Virtualization Hypervisor CVE-2013-0167 Denial of Service Vulnerability
2013-08-13
http://www.securityfocus.com/bid/60456

TRIDIUM NiagaraAX CVE-2012-4027 Directory Traversal Vulnerability
2013-08-13
http://www.securityfocus.com/bid/54454

HP LeftHand Virtual SAN Appliance CVE-2013-2343 Remote Arbitrary Code Execution Vulnerability
2013-08-13
http://www.securityfocus.com/bid/60884

Open-FTPD Multiple Command Authentication Bypass Vulnerabilities
2013-08-13
http://www.securityfocus.com/bid/41479

Niagara Framework Session Hijacking Vulnerability
2013-08-13
http://www.securityfocus.com/bid/55042

HMS Testimonials Multiple Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
2013-08-13
http://www.securityfocus.com/bid/61712

OSIsoft PI Interface for IEEE C37.118 Invalid Memory Denial of Service Vulnerability
2013-08-13
http://www.securityfocus.com/bid/61767

OSIsoft PI Interface for IEEE C37.118 CVE-2013-2800 Memory Corruption Vulnerability
2013-08-13
http://www.securityfocus.com/bid/61766

Dovecot 'LIST' Command Denial of Service Vulnerability
2013-08-13
http://www.securityfocus.com/bid/61763

IBM InfoSphere Information Server CVE-2013-0585 Multiple Cross Site Scripting Vulnerabilities
2013-08-13
http://www.securityfocus.com/bid/61756

Review Board CVE-2013-4795 HTML Injection Vulnerability
2013-08-13
http://www.securityfocus.com/bid/61750

CakePHP AssetDispatcher Class Local File Include Vulnerability
2013-08-13
http://www.securityfocus.com/bid/61746

Exploit

 

13.8.2013

Bugtraq

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
coderaptor (coderaptor gmail com)

Struts2 Prefixed Parameters OGNL Injection Vulnerability 2013-08-13
$B8!::8!::(B (mbsdtest01 gmail com)

CakePHP AssetDispatcher Local File Inclusion Vulnerability 2013-08-13
$B8!::8!::(B (mbsdtest01 gmail com)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
George Machitidze (giomac gmail com)

[SECURITY] [DSA 2737-1] swift security update 2013-08-12
Thijs Kinkhorst (thijs debian org)

[ MDVSA-2013:211 ] lcms2 2013-08-12
security mandriva com

[PSA-2013-0811-1] Oracle Java storeImageArray() Invalid ArrayIndexing 2013-08-12
bugtraq packetstormsecurity org

[SECURITY] [DSA 2736-1] putty security update 2013-08-11
Salvatore Bonaccorso (carnil debian org)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Michal Zalewski (lcamtuf coredump cx) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Tobias Kreidl (tobias kreidl nau edu)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-10
Tobias Kreidl (tobias kreidl nau edu) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Reindl Harald (h reindl thelounge net) (2 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Reindl Harald (h reindl thelounge net) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Reindl Harald (h reindl thelounge net) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
Coderaptor (coderaptor gmail com) (3 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
Reindl Harald (h reindl thelounge net) (2 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
Brandon M. Graves (bgraves slicer-net com)

RE: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
Peter Gregory (Peter Gregory tommybahama com)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Ansgar Wiechers (bugtraq planetcobalt net) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-10
Gichuki John Chuksjonia (chuksjonia gmail com) (3 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-10
terry white (twhite aniota com)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-10
Reindl Harald (h reindl thelounge net)

Malware

RDN/Generic PUP.x!bfp!D857CD50F487

Generic.dx!DCBF883C13BC

RDN/Generic PUP.x!bfp!F4921B04A847

RDN/Generic StartPage!bn!D888A005DCD0

Generic.dx!3A542A992132

RDN/Generic PUP.x!bfp!63E90D27CA05

RDN/Generic PUP.x!bfp!CAA829EF6807

Generic PUP.x!D7B7016B089C

Generic PUP.x!512DF8ADA709

RDN/Generic PUP.x!bfp!860D2FD09D7B

RDN/Generic PUP.x!D6ECB5DD751F

RDN/Generic PUP.x!E15C60AF448B

Generic PUP.x!2A64E448184D

Downloader.gen.a!C577A2315824

Generic PUP.x!D8408DCF7762

RDN/Generic PUP.x!bfp!0EDB205C77FF

RDN/Generic PUP.x!bfp!BCCF561F5E78

RDN/Generic PUP.x!bfp!A3EBB75170F1

RDN/Generic PUP.x!bfp!FC304B994F8D

RDN/Generic PUP.z!376427A9CFF0

Generic.dx!DD08E05128C6

RDN/Generic PUP.x!D938646A98D6

RDN/Generic PUP.x!bfp!32AB39049B2E

RDN/Generic PUP.x!bfp!A2E952C6301A

RDN/PWS-Mmorpg.gen!9C522B702C6E

Generic PUP.x!D87212E9D4DF

RDN/Generic PUP.x!bfp!5F9745F32EC4

Generic PUP.x!D919EB28D2BE

RDN/Generic.bfr!E360B485DAD0

Generic PUP.x!D90697F63DE8

Phishing

Eve

12th August 2013

*** *** Re-instate Your
Account

Nationwide Online

11th August 2013

Nationwide Building Society -
Updates

Barclays Personal

11th August 2013

Suspicious Account Activity

Barclays Bank

10th August 2013

ACCOUNT INFORMATION

Barclays Personal Banking

10th August 2013

Account Confirmation

onlinebanking@lloydstsb.co.uk

10th August 2013

Security measure

Barclays Bank

9th August 2013

DEAR CUSTOMER, YOUR ACCOUNT
MIGHT BE COMPROMISED,

PayPal

9th August 2013

Errors Were Detected On Your
Account (fix now) !

Vulnerebility

HP LeftHand Virtual SAN Appliance CVE-2013-2343 Remote Arbitrary Code Execution Vulnerability
2013-08-13
http://www.securityfocus.com/bid/60884

Open-FTPD Multiple Command Authentication Bypass Vulnerabilities
2013-08-13
http://www.securityfocus.com/bid/41479

Niagara Framework Session Hijacking Vulnerability
2013-08-13
http://www.securityfocus.com/bid/55042

HMS Testimonials Multiple Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
2013-08-13
http://www.securityfocus.com/bid/61712

OpenX 'flowplayer-3.1.1.min.js' Backdoor Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61650

OpenStack Swift CVE-2013-4155 Denial of Service Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61690

OpenStack Swift CVE-2013-2161 XML Files Handling Security Bypass Vulnerability
2013-08-12
http://www.securityfocus.com/bid/60543

Cisco Finesse CVE-2013-3455 User Data Information Disclosure Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61707

Cisco Finesse CVE-2013-3457 Information Disclosure Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61706

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61128

PHP Calendar Extension 'SndToJewish()' Remote Denial of Service Vulnerability
2013-08-12
http://www.securityfocus.com/bid/60731

Xen CVE-2013-2195 Pointer Dereference Privilege Escalation Vulnerability
2013-08-12
http://www.securityfocus.com/bid/60701

Xen CVE-2013-2196 Remote Privilege Escalation Vulnerability
2013-08-12
http://www.securityfocus.com/bid/60703

Xen CVE-2013-2194 Remote Privilege Escalation Vulnerability
2013-08-12
http://www.securityfocus.com/bid/60702

Little CMS Multiple Unspecified Null Pointer Dereference Denial of Service Vulnerabilities
2013-08-12
http://www.securityfocus.com/bid/61328

Oracle WebCenter Content CVE-2013-1559 Remote Code Execution Vulnerability
2013-08-12
http://www.securityfocus.com/bid/59122

Microsoft Windows Print Spooler CVE-2012-1851 Remote Code Execution Vulnerability
2013-08-12
http://www.securityfocus.com/bid/54928

Oracle Java SE CVE-2013-2460 Remote Java Runtime Environment Vulnerability
2013-08-12
http://www.securityfocus.com/bid/60635

libmodplug CVE-2013-4233 Integer Overflow Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61713

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61479

Apache Tomcat Hash Collision Denial Of Service Vulnerability
2013-08-12
http://www.securityfocus.com/bid/51200

IBM WebSphere Application Server Administrative Access Security Bypass Vulnerability
2013-08-12
http://www.securityfocus.com/bid/55309

IBM SPSS Data Collection CVE-2013-0464 Cross Site Scripting Vulnerability
2013-08-12
http://www.securityfocus.com/bid/60246

LibTIFF Memory Corruption and Multiple Buffer Overflow Vulnerabilities
2013-08-12
http://www.securityfocus.com/bid/61695

Drupal Authenticated User Page Caching Module Information Disclosure Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61681

Drupal Mozilla Persona Module Cross Site Request Forgery Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61674

Linux Kernel CVE-2013-4205 Local Denial of Service Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61636

Chrony CVE-2012-4503 Remote Denial of Service Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61703

Chrony CVE-2012-4502 Denial of Service Vulnerability
2013-08-12
http://www.securityfocus.com/bid/61700

SPICE CVE-2013-4130 Multiple Denial of Service Vulnerabilities
2013-08-12
http://www.securityfocus.com/bid/61192

Exploit

  MinaliC Webserver 2.0.0 - Buffer Overflow (Egghunter)

  HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow

  Open-FTPD 1.2 Arbitrary File Upload

  onehttpd 0.7 - Denial of Service

12.8.2013

Bugtraq

[PSA-2013-0811-1] Oracle Java storeImageArray() Invalid ArrayIndexing 2013-08-12
bugtraq packetstormsecurity org

[SECURITY] [DSA 2736-1] putty security update 2013-08-11
Salvatore Bonaccorso (carnil debian org)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Michal Zalewski (lcamtuf coredump cx) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-10
Tobias Kreidl (tobias kreidl nau edu) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Reindl Harald (h reindl thelounge net) (2 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
Ansgar Wiechers (bugtraq planetcobalt net) (1 replies)

Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-10
Gichuki John Chuksjonia (chuksjonia gmail com) (3 replies)

Re: Apache suEXEC privilege elevation / information disclosure 2013-08-09
Kingcope (isowarez isowarez isowarez googlemail com) (1 replies)

RE: [Full-disclosure] Apache suEXEC privilege elevation / 2013-08-09
Dico Emil (emil abonet ro)

ReviewBoard Vulnerabilities 2013-08-09
Craig Young (vuln-report secur3 us)

[RCA-201308-01] HMS Testimonials 2.0.10 WP plugin - Multiple vulnerabilities 2013-08-08
roguecoder hush com

OUTDATED, UNSUPPORTED and VULNERABLE 3rd party components installed with Exact Audio Copy 2013-08-08
Stefan Kanthak (stefan kanthak nexgo de)

[security bulletin] HPSBHF02912 rev.1 - HP Networking Products including H3C and 3COM Routers and Switches, OSPF Remote Information Disclosure and Denial of Service 2013-08-08
security-alert hp com

Joomla! redSHOP component v1.2 SQL Injection 2013-08-08
Matias Fontanini (matias fontanini gmail com)

Re: Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-08
Hv5hA5ms discardmail com

[slackware-security] mozilla-thunderbird (SSA:2013-219-02) 2013-08-08
Slackware Security Team (security slackware com)

[slackware-security] mozilla-firefox (SSA:2013-219-01) 2013-08-08
Slackware Security Team (security slackware com)

[slackware-security] seamonkey (SSA:2013-219-03) 2013-08-08
Slackware Security Team (security slackware com)

HP Data Protector Arbitrary Remote Command Execution 2013-08-07
alessandro dipinto artificialstudios org

Two Vulnerabilities in NetworkMiner : DLL Hijacking + Directory Traversal 2013-08-07
Erik Hjelmvik (erik hjelmvik gmail com)

PHPFox v3.6.0 (build3) Multiple SQL Injection vulnerabilities 2013-08-07
Matias Fontanini (matias fontanini gmail com)

Malware

Generic PUP.x!34E958AE62B2

Generic PWS.y!6C778559EC5E

RDN/Generic PUP.x!bfm!902E55CAE0AE

Downloader.gen.a!696729B23BAF

RDN/Generic BackDoor!st!73983A3486EA

RDN/Generic PUP.z!db!67C9B768CFBA

RDN/Generic BackDoor!st!5371D00EE82C

RDN/Generic StartPage!bn!E9C46BDD4C50

RDN/Generic BackDoor!rk!6244550D53B2

Downloader.gen.a!332E487E3D14

RDN/Generic PUP.x!bfm!3ED6037443C6

RDN/Generic BackDoor!rk!91A866877B94

RDN/Generic BackDoor!rk!D55C6F99B818

RDN/Generic BackDoor!rk!6F35FCF2055F

RDN/Generic BackDoor!rk!579AAF96D351

RDN/Generic BackDoor!rk!450A8E263BA3

RDN/Generic BackDoor!rk!625FD1150394

RDN/Generic.dx!c2x!BC5B7871FDC9

RDN/Generic BackDoor!rk!4EE2293BC121

RDN/Generic BackDoor!rk!9C0B2B0DD561

RDN/Generic BackDoor!rk!5C73523989C3

RDN/Generic BackDoor!rk!A7F487D1E875

RDN/Generic BackDoor!rk!493FD5DD2738

RDN/Generic BackDoor!rk!99AA2B1223B8

RDN/Generic BackDoor!rk!EE08F6D4BA7D

RDN/Generic BackDoor!rk!3E714A004603

RDN/Generic BackDoor!rk!8A448332EE5D

RDN/Generic BackDoor!rk!0D2E12D0B9F8

RDN/Generic BackDoor!rk!1CF602A23B73

Generic.dx!090342A5BB4C

Phishing

Nationwide Online

11th August 2013

Nationwide Building Society -
Updates

Barclays Personal

11th August 2013

Suspicious Account Activity

Barclays Bank

10th August 2013

ACCOUNT INFORMATION

Barclays Personal Banking

10th August 2013

Account Confirmation

onlinebanking@lloydstsb.co.uk

10th August 2013

Security measure

Barclays Bank

9th August 2013

DEAR CUSTOMER, YOUR ACCOUNT
MIGHT BE COMPROMISED,

PayPal

9th August 2013

Errors Were Detected On Your
Account (fix now) !

Vulnerebility

IBM Rational Directory Server CVE-2013-0599 Information Disclosure Vulnerability
2013-08-12
http://www.securityfocus.com/bid/60107

Linux Kernel CVE-2013-4220 Multiple Local Denial of Service Vulnerabilities
2013-08-09
http://www.securityfocus.com/bid/61698

IBM Java CVE-2013-4002 Unspecified Security Vulnerability
2013-08-09
http://www.securityfocus.com/bid/61310

Cacti Command Injection and SQL Injection Vulnerabilities
2013-08-09
http://www.securityfocus.com/bid/61657

D-Link DIR-600 and DIR-300 Multiple Security Vulnerabilities
2013-08-09
http://www.securityfocus.com/bid/57734

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2013-08-09
http://www.securityfocus.com/bid/61479

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0791 Out of Bounds Memory Corruption Vulnerability
2013-08-09
http://www.securityfocus.com/bid/58826

Mozilla Network Security Services CVE-2013-1620 Information Disclosure Vulnerability
2013-08-09
http://www.securityfocus.com/bid/57777

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-63 through -75 Multiple Vulnerabilities
2013-08-09
http://www.securityfocus.com/bid/61641

PuTTY DSA Signature CVE-2013-4207 Remote Buffer Overflow Vulnerability
2013-08-09
http://www.securityfocus.com/bid/61649

PuTTY 'modmul()' Function Buffer Underrun Vulnerability
2013-08-09
http://www.securityfocus.com/bid/61645

PuTTY 'getstring()' Function Multiple Integer Overflow Vulnerabilities
2013-08-09
http://www.securityfocus.com/bid/61599

PuTTY Private Key 'putty/sshdss.c' Multiple Information Disclosure Vulnerabilities
2013-08-09
http://www.securityfocus.com/bid/61644

HP OpenView Storage Data Protector Multiple Remote Code Execution Vulnerabilities
2013-08-09
http://www.securityfocus.com/bid/46234

Siemens COMOS CVE-2013-4943 Local Privilege Escalation Vulnerability
2013-08-09
http://www.securityfocus.com/bid/61704

D-Link DIR-600 and DIR-300 Multiple Security Vulnerabilities
2013-08-08
http://www.securityfocus.com/bid/59405

Mozilla Firefox/Thunderbird CVE-2013-1690 Remote Code Execution Vulnerability
2013-08-08
http://www.securityfocus.com/bid/60778

Chrony CVE-2012-4503 Remote Denial of Service Vulnerability
2013-08-08
http://www.securityfocus.com/bid/61703

Chrony CVE-2012-4502 Denial Of Service Vulnerability
2013-08-08
http://www.securityfocus.com/bid/61700

Intel wimax-ns Multiple Security Vulnerabilities
2013-08-08
http://www.securityfocus.com/bid/61696

OpenStack Cinder XML Parsing CVE-2013-4202 Multiple Denial of Service Vulnerabilities
2013-08-08
http://www.securityfocus.com/bid/61693

OpenStack Nova XML Parsing CVE-2013-4179 Multiple Denial of Service Vulnerabilities
2013-08-08
http://www.securityfocus.com/bid/61692

Multiple HP Products CVE-2013-4806 Information Disclosure and Denial of Service Vulnerabilities
2013-08-08
http://www.securityfocus.com/bid/61691

MLM Auction 'gallery.php' Script SQL Injection Vulnerability
2013-08-08
http://www.securityfocus.com/bid/61687

Microsoft August 2013 Advance Notification Multiple Vulnerabilities
2013-08-08
http://www.securityfocus.com/bid/61686

Atlassian Confluence '/doconfigurerssfeed.action' Multiple Cross Site Scripting Vulnerabilities
2013-08-07
http://www.securityfocus.com/bid/61648

Atlassian JIRA 'name' Parameter Cross Site Scripting Vulnerabiliy
2013-08-07
http://www.securityfocus.com/bid/61647

Multiple Cisco Products CVE-2013-0149 Remote Security Bypass Vulnerability
2013-08-07
http://www.securityfocus.com/bid/61566

National Instruments Multiple ActiveX Controls CWUI Remote Code Execution Vulnerability
2013-08-07
http://www.securityfocus.com/bid/60493

Oracle Java SE CVE-2013-2466 Remote Security Vulnerability
2013-08-07
http://www.securityfocus.com/bid/60624

Exploit

  D-Link Devices Unauthenticated Remote Command Execution

  Oracle Java storeImageArray() Invalid Array Indexing

  Ruby on Rails Known Secret Session Cookie Remote Code Execution

  OpenX Backdoor PHP Code Execution

  Squash YAML Code Execution

  Tribq CMS 5.2.7 - Adding/Editing New Administrator Account CSRF

  Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities

  MLMAuction Script (gallery.php, id param) - SQL Injection

  phpVID 1.2.3 - Multiple Vulnerabilities

  Gnew 2013.1 - Multiple Vulnerabilities

  Integrated CMS - SQL Injection

  Wordpress HMS Testimonials Plugin 2.0.10 - Multiple Vulnerabilities

  Joomla redSHOP Component 1.2 - SQL Injection

  Firefox onreadystatechange Event DocumentViewerImpl Use After Free

  Apache suEXEC Privilege Elevation / Information Disclosure

  HP Data Protector Arbitrary Remote Command Execution

  Agnitum Outpost Security Suite 8.1 - Privilege Escalation

  Windows RT ARM Bind Shell (Port 4444)

26.7.2013

Bugtraq

[security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS) 2013-07-24
security-alert hp com

[security bulletin] HPSBGN02905 rev.1 - HP LoadRunner, Remote Code Execution and Denial of Service (DoS) 2013-07-24
security-alert hp com

iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability 2013-07-24
Vulnerability Lab (research vulnerability-lab com)

Basic Forum by JM LLC - Multiple Vulnerabilities 2013-07-24
Sp3ctrecore ­ (sp3ctrecore gmail com)

Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager 2013-07-24
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Easy Blog by JM LLC - Multiple Vulnerabilities 2013-07-24
Sp3ctrecore ­ (sp3ctrecore gmail com)

Cross-Site Scripting (XSS) in Duplicator WordPress Plugin 2013-07-24
advisory htbridge com

Cross-Site Scripting (XSS) in Magnolia CMS 2013-07-24
advisory htbridge com

Re: [Full-disclosure] nginx exploit documentation, about a generic way to exploit Linux targets 2013-07-24
Albert Puigsech Galicia (albert puigsech com)

[ MDVSA-2013:198 ] libxml2 2013-07-24
security mandriva com

Malware

RDN/Generic PUP.x!bdv!22CB1542D5C7

RDN/Generic.dx!cnp!3C00F0966427

RDN/Generic PUP.x!bdv!77B9CA402FED

RDN/Generic PUP.x!bdv!3AFB6B905DF1

RDN/Generic PUP.x!bdv!6EB64990E6FF

RDN/Generic PUP.x!bdv!B638E35DE751

RDN/Ransom!dj!6CDA5B4DB27F

RDN/Generic PUP.x!bdv!9FA4167A29F4

RDN/Generic PUP.x!bdv!17C5EF127DA3

Generic Downloader.x!7C6551BAA0CA

RDN/Generic.dx!cnp!C6F99D4EDAA2

RDN/Generic PUP.x!881EC8D45DB7

RDN/Generic PUP.x!bdv!A49190BDA969

RDN/Generic.tfr!dn!B3A004D51CB2

RDN/Generic Downloader.x!ic!A45C3F74A1D4

RDN/Generic PUP.x!bdv!332E6D4F74CA

RDN/Generic PUP.x!bdv!21088211CD98

RDN/Generic.bfr!ew!88EC83CCABCB

RDN/Generic PUP.x!7F9C71398DF0

RDN/Generic PUP.x!bdv!9594DC9F9594

RDN/Generic PUP.x!bdv!193669D9E8FF

RDN/Generic PUP.x!bdv!7BCA1492D867

RDN/Generic PWS.y!tu!0663EBE63C48

RDN/Generic PUP.x!bdv!7288B43EC2F6

Downloader-FLN!3D031CFD6CBA!3D031CFD6CBA

RDN/PWS-Banker!cn!F0A9594B6106

RDN/Downloader.a!mw!AF51D22281B5

RDN/Downloader.gen.a!095A9BB80859

RDN/Generic PUP.x!6D28AD183E1F

RDN/Generic PUP.x!82568C2022A8

Phishing

Western Union

25th July 2013

CONTACT WESTERN UNION FOR YOUR
PAYMENT

Santander Bank

24th July 2013

Santander Online banking
customer support desk

Email Support

24th July 2013

[Bulk] Email Security Alert

Vulnerebility

Symantec Web Gateway CVE-2013-1616 Remote Command Injection Vulnerability
2013-07-26
http://www.securityfocus.com/bid/61106

Symantec Web Gateway CVE-2013-1617 SQL Injection Vulnerability
2013-07-26
http://www.securityfocus.com/bid/61101

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60627

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2446 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60620

Oracle Java SE CVE-2013-2445 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60639

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2455 Remote Code Execution Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60619

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60646

Oracle Java SE CVE-2013-2456 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60641

Oracle Java SE CVE-2013-2453 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60644

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60659

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60655

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60657

Oracle Java SE CVE-2013-2472 Buffer Overflow Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60656

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60647

Oracle Java SE CVE-2013-2451 Local Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60625

Oracle Java SE CVE-2013-2473 Buffer Overflow Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60623

PECL radius 'radius_get_vendor_attr()' Function Remote Denial of Service Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60845

Python 'backports.ssl_match_hostname' Package CVE-2013-2098 Denial of Service Vulnerability
2013-07-26
http://www.securityfocus.com/bid/60197

Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2013-07-26
http://www.securityfocus.com/bid/59877

Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
2013-07-26
http://www.securityfocus.com/bid/61210

Exploit

 

25.7.2013

Bugtraq

[security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS) 2013-07-24
security-alert hp com

[security bulletin] HPSBGN02905 rev.1 - HP LoadRunner, Remote Code Execution and Denial of Service (DoS) 2013-07-24
security-alert hp com

iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability 2013-07-24
Vulnerability Lab (research vulnerability-lab com)

Basic Forum by JM LLC - Multiple Vulnerabilities 2013-07-24
Sp3ctrecore ­ (sp3ctrecore gmail com)

Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager 2013-07-24
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Easy Blog by JM LLC - Multiple Vulnerabilities 2013-07-24
Sp3ctrecore ­ (sp3ctrecore gmail com)

Cross-Site Scripting (XSS) in Duplicator WordPress Plugin 2013-07-24
advisory htbridge com

Cross-Site Scripting (XSS) in Magnolia CMS 2013-07-24
advisory htbridge com

Re: [Full-disclosure] nginx exploit documentation, about a generic way to exploit Linux targets 2013-07-24
Albert Puigsech Galicia (albert puigsech com)

[ MDVSA-2013:198 ] libxml2 2013-07-24
security mandriva com

CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions 2013-07-23
CORE Advisories Team (advisories coresecurity com)

Orbit Downloader versions causing massive SYN flooding. Cyberoam cautions! 2013-07-23
bhadresh k patel cyberoam com

Malware

Generic Downloader.x!E4C0BA75E0A2

RDN/Generic PUP.x!bdq!400A80918ABD

RDN/Generic PUP.x!bdq!4E43E7C9E224

RDN/Generic PUP.x!bdq!0AA52FCB20DF

RDN/Generic PUP.x!bdq!9B24837B2741

RDN/Generic PUP.x!67D1FAFE9BE5

RDN/Generic Dropper!qq!21C9C3354C90

RDN/Generic PUP.x!bdq!0228271B17C1

Generic PUP.x!BF27A2E7D79C

RDN/Generic PUP.x!bdq!F5960E970495

Generic PUP.x!E183B7449286

RDN/Generic PUP.x!bdq!E01AFAEE48AE

RDN/Generic PUP.x!bdq!8BB67E548986

RDN/Generic PUP.x!bdq!35619ABF7204

RDN/Generic PUP.x!bdq!8226005E34B1

Generic PUP.x!A2D8605FC41A

RDN/Generic PUP.x!F82D961D84EE

RDN/Generic.bfr!ew!60FD2EDFACDD

RDN/Generic.bfr!ew!05CDE473D2E9

RDN/Generic PUP.x!BE6B4036B115

RDN/Generic BackDoor!sf!DF1940E9186F

RDN/Generic PUP.x!8C8597DE1A25

RDN/Generic PUP.x!bdq!84006C33514F

RDN/Generic PUP.x!47BF14B2E08D

Generic PUP.x!11943CB2F8C4

RDN/Generic PUP.x!bdq!F45C2F0FBB81

RDN/Generic PUP.x!bdq!C19FAD702A67

RDN/Generic PUP.x!bdq!B1493387D457

RDN/Generic BackDoor!sf!F0EFAC967570

Generic.bfr!A4517C67EFAD

Phishing

Santander Bank

24th July 2013

Santander Online banking
customer support desk

Email Support

24th July 2013

[Bulk] Email Security Alert

Vulnerebility

Cisco Video Surveillance Manager CVE-2013-3430 Remote Authentication Bypass Vulnerability
2013-07-25
http://www.securityfocus.com/bid/61432

Cisco Video Surveillance Manager CVE-2013-3431 Remote Authentication Bypass Vulnerability
2013-07-25
http://www.securityfocus.com/bid/61431

RETIRED: McAfee ePolicy Orchestrator Multiple SQL Injection and Cross Site Scripting Vulnerabilities
2013-07-24
http://www.securityfocus.com/bid/61145

Oracle Java SE CVE-2013-2447 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60629

Oracle Java SE CVE-2013-2458 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60652

Cisco Video Surveillance Manager CVE-2013-3429 Directory Traversal Vulnerability
2013-07-24
http://www.securityfocus.com/bid/61430

McAfee ePolicy Orchestrator Multiple Cross Site Scripting Vulnerabilities
2013-07-24
http://www.securityfocus.com/bid/61422

McAfee ePolicy Orchestrator Multiple SQL Injection Vulnerabilities
2013-07-24
http://www.securityfocus.com/bid/61421

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60627

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-2461 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60645

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2446 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60620

Oracle Java SE CVE-2013-2445 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60639

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2453 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60644

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2455 Remote Code Execution Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60619

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60646

Oracle Java SE CVE-2013-2456 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60641

Oracle Java SE CVE-2013-3743 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60626

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60659

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60657

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60655

Exploit

  FOSCAM IP-Cameras Improper Access Restrictions

24.7.2013

Bugtraq

CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions 2013-07-23
CORE Advisories Team (advisories coresecurity com)

Orbit Downloader versions causing massive SYN flooding. Cyberoam cautions! 2013-07-23
bhadresh k patel cyberoam com

[ MDVSA-2013:197 ] mysql 2013-07-23
security mandriva com

CORE-2013-0701 - Artweaver Buffer Overflow Vulnerability 2013-07-22
CORE Advisories Team (advisories coresecurity com)

CORE-2013-0705 - XnView Buffer Overflow Vulnerability 2013-07-22
CORE Advisories Team (advisories coresecurity com)

Re: Samsung TV - DoS vulnerability 2013-07-22
malik itsecgames com

Photo Server 2.0 iOS - Multiple Critical Vulnerabilities 2013-07-22
Vulnerability Lab (research vulnerability-lab com)

Defense in depth -- the Microsoft way (part 4) 2013-07-22
Stefan Kanthak (stefan kanthak nexgo de)

SurgeFtp Server BufferOverflow Vulnerability 2013-07-22
Anil Pazvant (pazwant gmail com)

Malware

RDN/Generic PUP.x!bdm!558B90EB7ED2

RDN/Generic.dx!cnh!C810FA152328

Downloader-FLN!9A0E0C75845D!9A0E0C75845D

Generic PUP.x!2A24CBA7EA6F

Downloader-FLN!7D62C8E8C9CB!7D62C8E8C9CB

Downloader-FLN!9CB34F152872!9CB34F152872

Generic PUP.x!7D0D366E576B

Generic.dx!9BA5B92D71FF

RDN/Generic PUP.x!bdm!37138DBF8870

Downloader-FLN!DA356D8F3708!DA356D8F3708

Downloader-FLN!138F3028DDF6!138F3028DDF6

RDN/Generic PUP.x!bdm!3827360C72F9

Downloader-FLN!79D0BC025A6A!79D0BC025A6A

Downloader-FLN!9A65A1E8C9EC!9A65A1E8C9EC

Downloader-FLN!3FF4769C784C!3FF4769C784C

RDN/Generic PUP.x!bdm!24759E195B45

Downloader-FLN!9C3E98BAAEF4!9C3E98BAAEF4

Downloader-FLN!F6B30729EE3E!F6B30729EE3E

RDN/Generic PUP.x!bdm!5355943BC453

RDN/Generic PUP.x!bdm!4085C6659067

Downloader-FLN!2FB28C3484AD!2FB28C3484AD

RDN/Generic PUP.x!bdm!9DD47367354D

Downloader-FLN!7CE5BF102E18!7CE5BF102E18

Downloader-FLN!A00672146E54!A00672146E54

Generic PUP.x!B4CF52787CB6

RDN/Generic PUP.x!bdm!2B1CC3AAD193

Downloader-FLN!F21AEC93E88F!F21AEC93E88F

Generic PUP.x!22885D1D62B3

Generic PUP.x!F2E46DA4D933

Generic PUP.x!946308A522CE

Phishing

Lloyds

23rd July 2013

TECHNICAL SECURITY ERROR

Nationwide

22nd July 2013

UPGRADE YOUR SECURITY SYSTEM.

Vulnerebility

Ruby SSL Client Certificate Validation CVE-2013-4073 Security Bypass Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60843

QEMU Guest Agent CVE-2013-2231 Local Privilege Escalation Vulnerability
2013-07-24
http://www.securityfocus.com/bid/61388

Oracle Java SE CVE-2013-2456 Remote Security Vulnerability
2013-07-24
http://www.securityfocus.com/bid/60641

Moodle CVE-2013-2246 Security Bypass Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61187

Moodle CVE-2013-2242 Security Bypass Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61178

Moodle CVE-2013-2245 Information Disclosure Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61184

Moodle CVE-2013-2244 Cross Site Scripting Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61181

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61128

Node Packaged Modules Symlink Attack Local Privilege Escalation Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61083

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60646

Oracle Java SE CVE-2013-2453 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60644

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60632

Django User Account Enumeration Information Disclosure Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61385

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60627

Novell Client for Windows 'nicm.sys' Local Privilege Escalation Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60203

HP System Management Homepage CVE-2012-5217 Remote Unauthorized Access Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61340

Novell Client 'NWFS.SYS' Local Integer Overflow Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60202

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60618

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2461 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60645

Oracle Java SE CVE-2013-2445 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60639

Oracle Java SE CVE-2013-2446 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60620

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2455 Remote Code Execution Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60619

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2447 Remote Security Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60629

McAfee ePolicy Orchestrator Multiple SQL Injection and Cross Site Scripting Vulnerabilities
2013-07-23
http://www.securityfocus.com/bid/61145

Exploit

  FOSCAM IP-Cameras Improper Access Restrictions

nginx Exploit Documentation About a Generic Way to Exploit Linux Targets

23.7.2013

Bugtraq

CORE-2013-0701 - Artweaver Buffer Overflow Vulnerability 2013-07-22
CORE Advisories Team (advisories coresecurity com)

CORE-2013-0705 - XnView Buffer Overflow Vulnerability 2013-07-22
CORE Advisories Team (advisories coresecurity com)

Re: Samsung TV - DoS vulnerability 2013-07-22
malik itsecgames com

Photo Server 2.0 iOS - Multiple Critical Vulnerabilities 2013-07-22
Vulnerability Lab (research vulnerability-lab com)

Defense in depth -- the Microsoft way (part 4) 2013-07-22
Stefan Kanthak (stefan kanthak nexgo de)

SurgeFtp Server BufferOverflow Vulnerability 2013-07-22
Anil Pazvant (pazwant gmail com)

Juniper Secure Access XSS Vulnerability 2013-07-22
Anil Pazvant (pazwant gmail com)

Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities 2013-07-22
Vulnerability Lab (research vulnerability-lab com)

Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials 2013-07-22
kyle Lovett (krlovett gmail com)

Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability 2013-07-22
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic FakeAlert!ed!F5C7EFE8F95C

RDN/Generic Dropper!qo!3C7E35C6CF82

RDN/Generic PUP.x!bd3!381BBE8364CC

RDN/Generic PUP.x!bd3!FFB49A34EDB0

RDN/Generic PUP.x!bd3!451E90B47C97

RDN/Generic.bfr!ew!F9570BC8BBF3

RDN/Generic PUP.x!bd3!F86437BF6FF4

RDN/Generic PUP.x!bd3!499C264C6FAD

Generic.dx!78F22EE3EE1D

Generic.dx!B1288DB3EFC6

RDN/Generic Dropper!qo!F37F99A447DD

Generic.dx!5FA5ECC6FC45

Generic.dx!575F3E7F9EFD

RDN/Generic Dropper!3DC1A8F60DF7

Generic.dx!E296F6730504

RDN/Downloader.a!mv!3885BBF1FC41

Generic.dx!E2CA4ED452CF

Generic.dx!4A29F9AFB087

RDN/Generic Downloader.x!8FDDBDB4EFA1

RDN/Generic PUP.x!14679B5B3C10

RDN/Generic PUP.x!bd3!03075DD48367

Generic.dx!DCFF217CF93A

Downloader-FLN!98419986E697!98419986E697

RDN/Generic PUP.x!F1AD8BFE692B

Generic PUP.x!DAF216ED7792

Generic.dx!42DD499CB048

RDN/Vundo!di!098955C3380B

RDN/Generic.dx!cnd!F4D68E09887F

Generic PUP.x!DB02B8444540

RDN/Generic PUP.x!bd3!58148C580FEF

Phishing

Nationwide

22nd July 2013

UPGRADE YOUR SECURITY SYSTEM.

Amazon

22nd July 2013

Online Security Measure

Virgin Media

21st July 2013

Virgin Media Team

Vulnerebility

Corel PDF Fusion CVE-2013-3248 Stack Based Buffer Overflow Vulnerability
2013-07-23
http://www.securityfocus.com/bid/61010

ERDAS ER Viewer 'rf_report_error()' Function Stack Buffer Overflow Vulnerability
2013-07-23
http://www.securityfocus.com/bid/60178

RETIRED: Verizon Wireless Network Extender Multiple Local Privilege Escalation Vulnerabilities
2013-07-23
http://www.securityfocus.com/bid/61169

Adobe Flash Player CVE-2013-3344 Unspecified Heap Buffer Overflow Vulnerability
2013-07-22
http://www.securityfocus.com/bid/61043

Adobe Flash Player CVE-2013-3347 Integer Overflow Vulnerability
2013-07-22
http://www.securityfocus.com/bid/61048

PCMan's FTP Server 'USER' Command Buffer Overflow Vulnerability
2013-07-22
http://www.securityfocus.com/bid/60837

Xen AMD IOMMU CVE-2013-0153 Local Denial of Service Vulnerability
2013-07-22
http://www.securityfocus.com/bid/57745

Oracle Sun Products Suite CVE-2013-0415 Local Solaris Vulnerability
2013-07-22
http://www.securityfocus.com/bid/57403

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-07-22
http://www.securityfocus.com/bid/61128

Multiple Western Digital My Net Devices Information Disclosure Vulnerability
2013-07-22
http://www.securityfocus.com/bid/61361

YardRadius Multiple Local Format String Vulnerabilities
2013-07-22
http://www.securityfocus.com/bid/61356

Oracle Java SE CVE-2013-2384 Remote Code Execution Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59179

Oracle Java SE CVE-2013-2394 Remote Code Execution Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59172

Oracle Java SE CVE-2012-1719 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/53950

Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/52017

Oracle Java SE CVE-2013-2432 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59154

Cisco IOS GET VPN Encryption Policy CVE-2013-3436 Security Bypass Vulnerability
2013-07-22
http://www.securityfocus.com/bid/61362

Oracle Java SE CVE-2013-1537 Remote Code Execution Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59194

Oracle Java SE CVE-2013-2424 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59159

Oracle Java SE CVE-2013-2420 Integer Overflow Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59167

Oracle Java SE CVE-2013-0401 Remote Code Execution Vulnerability
2013-07-22
http://www.securityfocus.com/bid/58507

Oracle Java SE CVE-2013-2417 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59187

Oracle Java SE CVE-2013-2383 Remote Code Execution Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59190

Oracle Java SE CVE-2013-1569 Stack Buffer Overflow Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59166

Oracle Java SE CVE-2012-1718 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/53951

Oracle Java SE CVE-2013-1558 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59219

Oracle Java SE CVE-2013-1540 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/59149

Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
2013-07-22
http://www.securityfocus.com/bid/53952

Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
2013-07-22
http://www.securityfocus.com/bid/52011

Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
2013-07-22
http://www.securityfocus.com/bid/53946

Exploit

  D-Link Devices UPnP SOAP Command Execution

  Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection

  VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload

  Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities

  Photo Server 2.0 iOS - Multiple Vulnerabilities

  Samsung PS50C7700 TV - Denial of Service

  Artweaver 3.1.5 (.AWD) - Buffer Overflow Vulnerability

  XnView 2.03 (.PCT) - Buffer Overflow Vulnerability

  DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056)

  VbsEdit 5.9.3 (.smi) - Buffer Overflow Vulnerability

22.7.2013

Bugtraq

Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability 2013-07-20
Vulnerability Lab (research vulnerability-lab com)

Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities 2013-07-20
Vulnerability Lab (research vulnerability-lab com)

Download Lite v4.3 iOS - Persistent File Web Vulnerability 2013-07-19
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic PUP.x!123EE364E630

RDN/Generic PUP.x!bdg!221935253FF0

RDN/Generic PUP.x!bdg!187578AD9D0B

RDN/Generic PUP.x!bdg!4FB04A6EF7F2

RDN/Generic PUP.x!bdg!E7C6F1A333D9

RDN/Generic PUP.x!bdg!DAEAEDA084D0

RDN/Generic PUP.x!bdg!5DC859ACB3CD

RDN/Generic BackDoor!sa!7578140760CF

RDN/Generic Downloader.x!ib!849F0BA34B59

RDN/Generic PWS.y!tq!F3EFA161D58A

RDN/Generic PWS.y!tq!173D30F78ECD

RDN/Generic PUP.x!bdg!5E841AE2CCAF

RDN/Generic PUP.x!bdg!1B9542A294C0

RDN/Generic PUP.x!bdg!B49ACF86D90C

RDN/Generic BackDoor!sa!50043FDB54D5

RDN/Generic.dx!cn3!1DD0E457214D

RDN/Generic Downloader.x!ib!10E9FF9EEF89

RDN/Generic.dx!cn3!52D8A4B04258

Generic PUP.x!0F44C2F5D0A5

RDN/Generic BackDoor!sa!9E038B429D18

RDN/Generic Dropper!qn!C3AFA024C80B

Generic.bfr!27ADA3FC91EB

RDN/Generic PUP.x!00C3CB139CF9

RDN/Generic PUP.x!bdg!42657F033602

RDN/Generic BackDoor!sa!0B228EBAAF48

RDN/Generic PWS.y!tq!D18BAA37283A

RDN/Generic PWS.y!tq!8E3C85A60D7A

RDN/Generic.grp!fl!E731C2AC5807

RDN/Generic PUP.x!bdg!308182113C5A

RDN/Generic PUP.z!E8B32D254D1F

Phishing

Virgin Media

21st July 2013

Virgin Media Team

PayPal

21st July 2013

Your payment to Ebay.com INC.

RHB Group

19th July 2013

Secure Alert

Bank of America

18th July 2013

BANK OF AMERICA ALERT: ONLINE
BANKING ACCOUNT VERIFICATION

RHB Group

18th July 2013

Account Alert

Vulnerebility

Apache OpenJPA Object Deserialization Arbitrary File Creation or Overwrite Vulnerability
2013-07-22
http://www.securityfocus.com/bid/60534

Oracle Java SE CVE-2013-2462 Remote Security Vulnerability
2013-07-21
http://www.securityfocus.com/bid/60630

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-07-20
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-2447 Remote Security Vulnerability
2013-07-20
http://www.securityfocus.com/bid/60629

Oracle Java SE CVE-2013-3743 Remote Security Vulnerability
2013-07-20
http://www.securityfocus.com/bid/60626

IBM Java CVE-2013-3008 Unspecified Arbitrary Code Execution Vulnerability
2013-07-20
http://www.securityfocus.com/bid/61307

IBM Java CVE-2013-3009 Unspecified Arbitrary Code Execution Vulnerability
2013-07-20
http://www.securityfocus.com/bid/61308

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60631

Oracle Java SE CVE-2013-2460 Remote Java Runtime Environment Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60635

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60659

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60657

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60655

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2458 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60652

Oracle Java SE CVE-2013-2454 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60650

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60647

Oracle Java SE CVE-2013-2456 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60641

Oracle Java SE CVE-2013-2453 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60644

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2013-2446 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60620

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2472 Buffer Overflow Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60656

Oracle Java SE CVE-2013-2407 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60653

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60633

Oracle Java SE CVE-2013-2451 Local Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60625

Oracle Java SE CVE-2013-2473 Buffer Overflow Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60623

Oracle Java SE CVE-2013-2412 Remote Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60618

Exploit

  PCMan FTP Server 2.0.7 - Remote Exploit (msf)

  Apple Quicktime 7 Invalid Atom Length Buffer Overflow

  HP Managed Printing Administration jobAcct Remote Command Execution

  Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities

  Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability

  MLM (Multi Level Marketing) Script - Multiple Vulnerabilities

  Sybase EAServer 6.3.1 - Multiple Vulnerabilities

  VbsEdit 5.9.3 (.smi) - Buffer Overflow Vulnerability

Flash JIT – Spraying info leak gadgets

19.7.2013

Bugtraq

[SECURITY] [DSA 2725-1] tomcat6 security update 2013-07-18
Moritz Muehlenhoff (jmm debian org)

Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit 2013-07-18
th_decoder 126 com

[SE-2012-01] New Reflection API affected by a known 10+ years old attack 2013-07-18
Security Explorations (contact security-explorations com)

[security bulletin] HPSBMU02900 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities 2013-07-18
security-alert hp com

[security bulletin] HPSBST02896 rev.2 - HP StoreVirtual Storage, Remote Unauthorized Access 2013-07-18
security-alert hp com

Dell PacketTrap MSP RMM 6.6.x - Multiple Persistent Web Vulnerabilities 2013-07-18
Vulnerability Lab (research vulnerability-lab com)

ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities 2013-07-17
Vulnerability Lab (research vulnerability-lab com)

Barracuda CudaTel 2.6.02.04 - Multiple Client Side Cross Site Vulnerabilities (Bug Bounty #17) 2013-07-17
Vulnerability Lab (research vulnerability-lab com)

Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability 2013-07-17
Vulnerability Lab (research vulnerability-lab com)

WiFly 1.0 Pro iOS - Multiple Web Vulnerabilities 2013-07-17
Vulnerability Lab (research vulnerability-lab com)

Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units 2013-07-17
krlovett gmail com

Malware

RDN/Vundo!di!C3F71E102074

RDN/Generic BackDoor!C8D502357850

W32/Autorun.worm.gen!680286F7BCF7

RDN/Generic PUP.x!13BFA578973C

Generic PUP.x!1202595CA252

RDN/Generic PUP.x!DE33076B1515

RDN/Generic BackDoor!rv!548536B85287

RDN/Generic PUP.z!cy!D37F9ADB0179

RDN/Generic StartPage!bj!E3CC99A34756

Generic PUP.x!E944C3C4FDF6

RDN/Generic PUP.x!bcq!A48450093464

RDN/Generic PUP.x!E6CE24C4523B

Generic PUP.x!8C9D3F5309F6

Generic PWS.y!F9C930561CCC

Downloader.gen.a!911BAE287BA7

W32/Sdbot.worm!6AC8BA2D27A0

Generic PUP.x!8D7144E5C276

W32/Autorun.worm.gen!6B841F31EB5D

Generic PWS.y!540B6F58758C

RDN/Generic StartPage!bj!7A23D374BFD2

W32/Sdbot.worm!6FF00D87C2EF

Generic.dx!547A1A7BB711

RDN/Generic PUP.x!bcq!15503B757E86

RDN/Generic PUP.x!bcq!C48FE0C62EF9

RDN/Generic.grp!847BACA5CEEF

BackDoor-FJW!C084CB7800A5

Generic PWS.y!4BDE5068882D

Generic PWS.y!260101F9B7AA

Generic PWS.y!056F7202416C

W32/Sdbot.worm!2E647EB95949

Phishing

Bank of America

18th July 2013

BANK OF AMERICA ALERT: ONLINE
BANKING ACCOUNT VERIFICATION

RHB Group

18th July 2013

Account Alert

Chase

17th July 2013

CHASE ONLINE : IMPORTANT
SECURITY ALERTS.

Nationwide

17th July 2013

NATIONWIDE UPDATE NOTIFICATION

Vulnerebility

Google Chrome CVE-2013-2875 Out of Bounds Memory Corruption Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61057

Google Chrome CVE-2013-2876 Security Bypass Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61060

Google Chrome CVE-2013-2880 Multiple Unspecified Security Vulnerabilities
2013-07-19
http://www.securityfocus.com/bid/61061

Google Chrome CVE-2013-2871 Use After Free Remote Code Execution Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61054

Google Chrome CVE-2013-2873 Use After Free Remote Code Execution Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61056

Google Chrome CVE-2013-2878 Out of Bounds Memory Corruption Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61051

Google Chrome CVE-2013-2877 Out of Bounds Denial of Service Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61050

Google Chrome CVE-2013-2868 NPAPI Extension Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61055

Google Chrome CVE-2013-2869 Out of Bounds Memory Corruption Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61047

Google Chrome CVE-2013-2870 Use After Free Remote Code Execution Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61052

Google Chrome CVE-2013-2879 Remote Code Execution Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61046

Google Chrome CVE-2013-2867 Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61049

Google Chrome CVE-2013-2853 Man in the Middle Security Vulnerability
2013-07-19
http://www.securityfocus.com/bid/61059

HP Managed Printing Administration Multiple Remote Security Vulnerabilities
2013-07-19
http://www.securityfocus.com/bid/51174

Apple QuickTime CVE-2013-1017 Buffer Overflow Vulnerability
2013-07-19
http://www.securityfocus.com/bid/60097

PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability
2013-07-19
http://www.securityfocus.com/bid/53455

HP System Management Homepage (SMH) CVE-2013-2364 Cross Site Scripting Vulnerability
2013-07-18
http://www.securityfocus.com/bid/61341

McAfee Data Loss Prevention Multiple Information Disclosure Vulnerabilities
2013-07-18
http://www.securityfocus.com/bid/61033

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
2013-07-18
http://www.securityfocus.com/bid/49778

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
2013-07-18
http://www.securityfocus.com/bid/53158

Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
2013-07-18
http://www.securityfocus.com/bid/53046

Opera Web Browser Information Disclosure Vulnerability
2013-07-18
http://www.securityfocus.com/bid/49388

PHP 'php-cgi' Information Disclosure Vulnerability
2013-07-18
http://www.securityfocus.com/bid/53388

HP StoreVirtual Products Using LeftHand OS CVE-2013-2352 Remote Unauthorized Access Vulnerability
2013-07-18
http://www.securityfocus.com/bid/61070

Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
2013-07-18
http://www.securityfocus.com/bid/59797

Apache Tomcat CVE-2013-2067 Session Fixation Vulnerability
2013-07-18
http://www.securityfocus.com/bid/59799

Quagga bgpd Null Pointer Deference Denial Of Service Vulnerability
2013-07-18
http://www.securityfocus.com/bid/42642

Linux Kernel SCTP Local Race Condition Vulnerability
2013-07-18
http://www.securityfocus.com/bid/45661

Quagga bgpd Route-Refresh Message Stack Buffer Overflow Vulnerability
2013-07-18
http://www.securityfocus.com/bid/42635

Asante Voyager I and II Network Cameras Hardcoded Credentials Security Bypass Vulnerability
2013-07-18
http://www.securityfocus.com/bid/61119

Exploit

  Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation

  WiFly 1.0 Pro iOS - Multiple Vulnerabilities

  Flux Player v3.1.0 iOS - Multiple Vulnerabilities

  ePhoto Transfer v1.2.1 iOS - Multiple Vulnerabilities

  Xibo 1.2.2 and 1.4.1 (index.php, p param) - Directory Traversal Vulnerability

  Dell PacketTrap MSP RMM 6.6.x - Multiple XSS Vulnerabilities

  Dell PacketTrap PSA 7.1 - Multiple XSS Vulnerabilities

  Windows Movie Maker Version 2.1.4026.0 (.wav) - Crash POC

18.7.2013

Bugtraq

Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units 2013-07-17
krlovett gmail com

[SECURITY] [DSA 2723-1] php5 security update 2013-07-17
Florian Weimer (fw deneb enyo de)

[security bulletin] HPSBHF02888 rev.2 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution 2013-07-17
security-alert hp com

Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units 2013-07-17
krlovett gmail com

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Intrusion Prevention System Software 2013-07-17
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager 2013-07-17
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2013-055: EMC Avamar Multiple Vulnerabilities 2013-07-17
Security Alert (Security_Alert emc com)

XSS Vulnerabilities in OpenCms 2013-07-17
advisory htbridge com

[slackware-security] php (SSA:2013-197-01) 2013-07-16
Slackware Security Team (security slackware com)

[security bulletin] HPSBGN02882 rev.1 - HP Database and Middleware Automation (DMA) using SSL, Remote Disclosure of Information 2013-07-16
security-alert hp com

Malware

W32/Relnek!167DBF881265

Generic.dx!168D780C7CF1

RDN/Generic PWS.y!tm!1C9B8EFA75B0

RDN/Generic PUP.x!bch!0761BAC23EDA

RDN/Generic PWS.y!tm!F79AAF9CB405

RDN/BackDoor-CEP!bq!A13F50ABF014

RDN/Generic Downloader.x!hz!3A056B165D2B

RDN/Generic.bfr!ev!245D177E2074

Generic PUP.x!78DDECE745C7

RDN/Generic Downloader.x!hz!E26486A8CBAB

Generic Dropper!05A65CB30F7A

Generic.bfr!F7DE69A622AC

RDN/Generic PUP.x!bch!BCB16843EF5E

RDN/Generic Dropper!qi!05D1BF282885

RDN/Generic.bfr!ev!9463873C806B

Generic Dropper!F26BCF305791

RDN/Generic PWS.y!tm!2E17353951DA

RDN/Generic.bfr!ev!01441117F3C4

Generic PUP.x!DF3E03073EFE

RDN/Generic.bfr!ev!F7C71D345361

RDN/Generic.tfr!0ED0913D2838

RDN/Generic.bfr!ev!8AD373461196

RDN/Generic PUP.x!FE2DA596336E

RDN/Generic PUP.x!A552F40C7788

RDN/Generic.bfr!ev!0A5BFA2241E3

RDN/Generic.bfr!ev!1801C645E061

Generic PUP.x!CC0F86B46732

Downloader-FLN!138BA8FCD041!138BA8FCD041

Downloader-FLN!01D14B0E950D!01D14B0E950D

W32/Sdbot.worm!072B9353D8B5

Phishing

Chase

17th July 2013

CHASE ONLINE : IMPORTANT
SECURITY ALERTS.

Nationwide

17th July 2013

NATIONWIDE UPDATE NOTIFICATION

Account NatWest Bank Plc

16th July 2013

RE-CONFIRM YOUR ONLINE ACCESS
FOR ONLINE BANKING
AUTHENTICITY

 

Barclays Personal Banking

16th July 2013

IMPORTANT UPDATE - ACCOUNT
ACCESS BLOCKED

Vulnerebility

Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
2013-07-18
http://www.securityfocus.com/bid/61189

Ruby SSL Client Certificate Validation CVE-2013-4073 Security Bypass Vulnerability
2013-07-18
http://www.securityfocus.com/bid/60843

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60657

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60627

Cisco Unified Communications Manager CVE-2013-3412 SQL Injection Vulnerability
2013-07-17
http://www.securityfocus.com/bid/61295

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/61128

Tinyproxy Header Multiple Denial of Service Vulnerabilities
2013-07-17
http://www.securityfocus.com/bid/55099

Django Denial of Service Vulnerability And Information Disclosure Vulnerabilities
2013-07-17
http://www.securityfocus.com/bid/58061

Django 'HttpRequest.get_host()' Information Disclosure Vulnerability
2013-07-17
http://www.securityfocus.com/bid/56146

Multiple OpenStack Products CVE-2013-1665 XML External Entity Information Disclosure Vulnerability
2013-07-17
http://www.securityfocus.com/bid/58022

QEMU Guest Agent CVE-2013-2007 Insecure File Permissions Vulnerability
2013-07-17
http://www.securityfocus.com/bid/59675

Oracle Java SE CVE-2013-2467 Local Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60649

Oracle Java SE CVE-2013-2462 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60630

Oracle Java SE CVE-2013-3744 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60654

Oracle Java SE CVE-2013-2400 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60621

Oracle Java SE CVE-2013-2442 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60643

Oracle Java SE CVE-2013-2468 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60637

Oracle Java SE CVE-2013-2437 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60636

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60659

Oracle Java SE CVE-2013-3743 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60626

Oracle Java SE CVE-2013-2466 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60624

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60631

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60655

Oracle Java SE CVE-2013-2458 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60652

Oracle Java SE CVE-2013-2454 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60650

Oracle Java SE CVE-2013-2461 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60645

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60647

Oracle Java SE CVE-2013-2446 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60620

Exploit

Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation

Windows Movie Maker Version 2.1.4026.0 (.wav) - Crash POC

17.7.2013

Bugtraq

[security bulletin] HPSBGN02882 rev.1 - HP Database and Middleware Automation (DMA) using SSL, Remote Disclosure of Information 2013-07-16
security-alert hp com

[security bulletin] HPSBMU02870 SSRT101012 rev.2 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access 2013-07-16
security-alert hp com

Voice Logger astTECS - bypass login & arbitrary file download 2013-07-16
MichaÅ? BÅ?aszczak (blaszczakm gmail com)

[CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4 2013-07-16
é??éºť (mazuishenghuo gmail com)

Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

Nikon CoolPix L Series Fw1.0 - Information Disclosure Issue 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

Re: Multiple vulnerabilities in McAfee ePO 4.6.6 2013-07-15
Harold_Toomey McAfee com

[CVE-2013-2745, CVE-2013-2738, CVE-2013-2739] MiniDLNA v1.0.25 Multiple Vulnerabilities 2013-07-15
Craig Young (vuln-report secur3 us)

Malware

RDN/Generic.dx!cmk!BA64280D54DA

RDN/Generic PUP.z!cw!9B61F984CB6C

RDN/Generic PUP.x!bch!A7A8A1299E6C

RDN/Generic.bfr!ev!D9EC683F2421

RDN/Generic.bfr!ev!184657182BAB

RDN/Generic.bfr!ev!FB36767B14B3

RDN/Generic PWS.y!F8501BCA140D

Generic.bfr!EBD2CC03F4E0

RDN/Generic.bfr!ev!89D099446601

BackDoor-FJW!0C1F5CF4874C

RDN/FakeAlert-HDD!c!5C68217BED13

RDN/Generic PWS.y!4799E7C72B55

RDN/Generic BackDoor!rs!5196E4DE00C0

RDN/Generic.bfr!ev!C58E3ECC8AAB

RDN/Generic.bfr!D685CE0C3A70

RDN/Generic.tfr!C301F773CF5A

RDN/Generic.bfr!ev!599930EFDFA6

RDN/Generic.bfr!ev!331DA51DC07B

RDN/Generic.bfr!ev!80C5B599E55C

RDN/Generic.bfr!ev!3BAF8F44AA46

RDN/Generic.bfr!ev!D5A5F44BB702

RDN/Generic.bfr!ev!232AC028E7ED

Generic PUP.x!163C6E31A58F

Generic.bfr!B68298FF610C

RDN/Generic PUP.x!4B99EF6A6197

Generic.bfr!FFA94A17A4C9

RDN/Generic BackDoor!rs!2EE2DEF2763C

RDN/Generic.bfr!7B162BD4642E

RDN/Generic.bfr!ev!D685CE0C3A70

RDN/FakeAlert-HDD!C0EE61C73414

Phishing

Account NatWest Bank Plc

16th July 2013

RE-CONFIRM YOUR ONLINE ACCESS
FOR ONLINE BANKING
AUTHENTICITY

Barclays Personal Banking

16th July 2013

IMPORTANT UPDATE - ACCOUNT
ACCESS BLOCKED

AOL

15th July 2013

AOL CHALLENGE

Barclays Personal

15th July 2013

Important Update - Account
Access Blocked

Vulnerebility

Microsoft Windows TrueType Font CVE-2013-3129 Remote Code Execution Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60978

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60268

Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60631

Oracle Java SE CVE-2013-3743 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60626

Oracle Java SE CVE-2013-2469 Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60658

Oracle Java SE CVE-2013-2471 Buffer Overflow Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60659

Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60657

Oracle Java SE CVE-2013-2463 Remote Code Execution Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60655

Oracle Java SE CVE-2013-2470 Memory Corruption Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60651

Oracle Java SE CVE-2013-2454 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60650

Oracle Java SE CVE-2013-2456 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60641

Oracle Java SE CVE-2013-2452 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60617

Oracle Java SE CVE-2013-2459 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60647

Oracle Java SE CVE-2013-2443 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60646

Oracle Java SE CVE-2013-2450 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60638

Oracle Java SE CVE-2013-2447 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60629

Oracle Java SE CVE-2013-2455 Remote Code Execution Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60619

Oracle Java SE CVE-2013-2472 Buffer Overflow Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60656

Oracle Java SE CVE-2013-1571 Frame Injection Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60634

Oracle Java SE CVE-2013-2448 Remote Code Execution Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60640

Oracle Java SE CVE-2013-2457 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60632

Oracle Java SE CVE-2013-1500 Local Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60627

Oracle Java SE CVE-2013-2444 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60633

MIT Kerberos 5 kadmind CVE-2002-2443 Remote Denial of Service Vulnerability
2013-07-17
http://www.securityfocus.com/bid/60008

Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/61264

Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
2013-07-17
http://www.securityfocus.com/bid/61244

Apache Subrequest Handling Information Disclosure Vulnerability
2013-07-16
http://www.securityfocus.com/bid/38580

Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability
2013-07-16
http://www.securityfocus.com/bid/27237

Apache mod_imagemap and mod_imap Cross-Site Scripting Vulnerability
2013-07-16
http://www.securityfocus.com/bid/26838

Apache 'mod_isapi' Memory Corruption Vulnerability
2013-07-16
http://www.securityfocus.com/bid/38494

Exploit

  FTP Sprite v1.2.1 iOS - Persistent XSS Vulnerability

  Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities

  Dell Kace 1000 SMA v5.4.70402 - Persistent XSS Vulnerabilities

  Saurus CMS 4.7.1 - Multiple Vulnerabilities

  Squid 3.3.5 - DoS PoC

  rpcbind (CALLIT Procedure) UDP Crash PoC

  Light Audio Mixer Version 1.0.12 (.wav) - Crash POC

  Kate's Video Toolkit Version 7.0 (.wav) - Crash POC

16.7.2013

Bugtraq

Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

Nikon CoolPix L Series Fw1.0 - Information Disclosure Issue 2013-07-16
Vulnerability Lab (research vulnerability-lab com)

Re: Multiple vulnerabilities in McAfee ePO 4.6.6 2013-07-15
Harold_Toomey McAfee com

[CVE-2013-2745, CVE-2013-2738, CVE-2013-2739] MiniDLNA v1.0.25 Multiple Vulnerabilities 2013-07-15
Craig Young (vuln-report secur3 us)

Squid-3.3.5 DoS PoC 2013-07-15
king cope (isowarez isowarez isowarez googlemail com)

[security bulletin] HPSBPV02891 rev.1 - HP ProCurve Switches, Remote Unauthorized Information Disclosure 2013-07-15
security-alert hp com

CVE-2013-4788 - Eglibc PTR MANGLE bug 2013-07-15
Hector Marco (hecmargi upv es)

[SECURITY] [DSA 2722-1] openjdk-7 security update 2013-07-15
Moritz Muehlenhoff (jmm debian org)

[CVE-2013-2612] Huawei E587 3G Mobile Hotspot Command Injection 2013-07-15
FrÊdÊric Basse (basse frederic gmail com)

Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting vulnerability 2013-07-15
FrÊdÊric Basse (basse frederic gmail com)

[ MDVSA-2013:196 ] java-1.6.0-openjdk 2013-07-15
security mandriva com

Malware

RDN/Generic PUP.x!bcg!5641C32AECF9

Generic PUP.x!B793B31AE731

Generic.dx!B7FC6C02A730

RDN/Backdoor-FJW!c!00E719B105BF

RDN/Generic PWS.y!tl!B81EECCDF88A

BackDoor-FJW!7E02D9D26047

RDN/Generic.bfr!er!568477757783

Downloader-FLN!E78B256B590E!E78B256B590E

RDN/Backdoor-FJW!c!F3CD90BE86D8

RDN/Generic PWS.y!tl!B54162308B67

Downloader-FLN!19FDCDE9F962!19FDCDE9F962

Downloader-FLN!05FD38C1946E!05FD38C1946E

Downloader-FLN!3A56CE711997!3A56CE711997

RDN/Backdoor-FJW!c!A90074C9DD08

Generic PUP.x!B6F15839DB92

Downloader-FLN!1D497B1EA6ED!1D497B1EA6ED

BackDoor-FAXD!7310E5DDE795!7310E5DDE795

RDN/Generic Dropper!qi!C41BA7D6063A

Generic.dx!317B0D617647

Downloader-FLN!AEB2C9C9A0D3!AEB2C9C9A0D3

Downloader-FLN!C642E3994C95!C642E3994C95

RDN/Backdoor-FJW!c!E48BB9B8811B

RDN/Generic PUP.x!8238A1DEB9D8

Downloader-FLN!50EFBE6AAE1A!50EFBE6AAE1A

RDN/Generic PUP.x!bcg!311EFB9070F7

RDN/Generic PUP.x!DEFAD13E739F

BackDoor-FAXD!B4FECABAA5F7!B4FECABAA5F7

RDN/Generic BackDoor!rr!B4446B9CDC33

RDN/Generic.bfr!er!E2DCCA683C08

Downloader-FLN!2D1ACA49E93B!2D1ACA49E93B

Phishing

Barclays Personal Banking

16th July 2013

IMPORTANT UPDATE - ACCOUNT
ACCESS BLOCKED

AOL

15th July 2013

AOL CHALLENGE

Barclays Personal

15th July 2013

Important Update - Account
Access Blocked

Santander

15th July 2013

Santander Bank_ Account
Management

Vulnerebility

Mozilla Firefox CVE-2013-1696 Clickjacking Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60788

Mozilla Firefox/Thunderbird CVE-2013-1697 Security Bypass Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60784

Mozilla Firefox/Thunderbird CVE-2013-1694 Remote Code Execution Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60776

Mozilla Firefox CVE-2013-1695 Security Bypass Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60789

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60783

Mozilla Firefox CVE-2013-1688 Remote Code Execution Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60779

Corel PDF Fusion CVE-2013-3248 Stack Based Buffer Overflow Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61010

Python 'backports.ssl_match_hostname' Package CVE-2013-2098 Denial of Service Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60197

Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2013-07-15
http://www.securityfocus.com/bid/59877

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61128

SWFUpload Multiple Content Spoofing and Cross Site Scripting Vulnerabilities
2013-07-15
http://www.securityfocus.com/bid/58417

Linux Kernel Ceph CVE-2013-1059 Remote Denial of Service Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60922

Nano-10 PLC Modbus Packet Handling Denial of Service Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61024

ansible 'paramiko_ssh.py' Security Bypass Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60869

dbus-glib CVE-2013-0292 Local Privilege Escalation Vulnerability
2013-07-15
http://www.securityfocus.com/bid/57985

Adobe Flash Player CVE-2013-3345 Unspecified Memory Corruption Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61045

Adobe Flash Player CVE-2013-3347 Integer Overflow Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61048

Adobe Flash Player CVE-2013-3344 Unspecified Heap Buffer Overflow Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61043

Linux Kernel '/dev/ptmx' File Local Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/57176

Mediacoder '.m3u' File Buffer Overflow Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60735

HP StoreOnce D2D Backup System CVE-2013-2342 Remote Unauthorized Access Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60819

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/57778

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60268

HP Data Protector CVE-2013-2329 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60304

Mesa Out of Bounds CVE-2013-1872 Memory Corruption Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60285

Mozilla Firefox and Thunderbird CVE-2013-1693 Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60787

Mozilla Firefox CVE-2013-1698 Security Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60790

Mozilla Firefox/Thunderbird CVE-2013-1690 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60778

FreeRDP Multiple Security Vulnerabilities
2013-07-12
http://www.securityfocus.com/bid/61072

Mozilla Firefox CVE-2013-1699 Homograph Domain Spoofing Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60785

Exploit

 

15.7.2013

Bugtraq

Ruxcon 2013 Final Call For Papers 2013-07-15
cfp ruxcon org au

[CVE-2012-6458] Multiple Persistent XSS in silverstripe-ecommerce 2013-07-14
Craig Young (vuln-report secur3 us)

[waraxe-2013-SA#106] - Multiple Vulnerabilities in Saurus CMS 4.7.1 2013-07-14
come2waraxe yahoo com

Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units 2013-07-14
kyle Lovett (krlovett gmail com)

Botconf 2013 - Call for short talks - Deadline Aug 31 2013 2013-07-13
Eric Freyssinet (eric freyssinet gmail com)

MiniUPnPd Information Disclosure (CVE-2013-2600) 2013-07-12
cyoung tripwire com (1 replies)

Re: MiniUPnPd Information Disclosure (CVE-2013-2600) 2013-07-12
Jeffrey Walton (noloader gmail com)

[Foreground Security 2013-002]: Corda Path Disclosure and XSS 2013-07-12
Adam Willard (awillard foregroundsecurity com)

[security bulletin] HPSBST02890 rev.3 - HP StoreOnce D2D Backup System, Remote Unauthorized Access, Modification, and Escalation of Privilege 2013-07-12
security-alert hp com

Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 10.2.1.95 2013-07-12
NCIRC INFOSEC EVAL (infoseceval ncirc nato int)

Multiple vulnerabilities in McAfee ePO 4.6.6 2013-07-12
NCIRC INFOSEC EVAL (infoseceval ncirc nato int)

CVE-2013-3568 - Linksys CSRF + Root Command Injection 2013-07-12
vuln-report secur3 us

CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2 2013-07-12
cyoung tripwire com

Malware

Generic PUP.x!002CC68512D4

RDN/Generic BackDoor!rr!FCAAF765FA6D

RDN/Generic Dropper!FF8FEC3EB15F

RDN/Generic PWS.y!tl!F875022986F9

RDN/Generic.bfr!er!F7A288EE1476

Downloader-FLN!87BA130AFBCF!87BA130AFBCF

Generic.dx!DC496987D75B!1827FD19ED80

RDN/Generic PUP.x!bcg!F7ED0F0801A8

Generic PUP.x!EC511DB7A04C

RDN/Generic BackDoor!rr!F6AD6FDD1710

Generic PUP.x!EEC85ED7AAB7

Generic PUP.x!E34CB98C2A74

Generic PUP.x!E2142CBB3F44

Generic PUP.x!2F99C104A4EB

Generic PUP.x!E6A45EC709EE

Generic PUP.x!F65337988D3D

RDN/Generic PUP.z!cw!F12D691CF57A

RDN/Generic.bfr!er!EAFE8F2A6D3A

Generic PUP.x!DF5744BD3D66

RDN/Generic PWS.y!tl!B17F01057099

Generic.bfr!DFAFF598A16C

RDN/Generic Dropper!E16E7C69BBF1

RDN/Generic.tfr!dm!13C4B157BCAA

Generic PUP.x!DCD39C80C8EB

RDN/Vundo!di!EC484A7B8461

RDN/Generic.dx!cm3!DF20AA9DA5BB

RDN/Generic StartPage!bj!FEF2B488D6B5

Downloader-FLN!630A4F8C3567!630A4F8C3567

Generic PUP.x!DEBD157C4A28

Generic PUP.x!EF4D6C7B1B47

Phishing

Santander

15th July 2013

Santander Bank_ Account
Management

Nationwide Building Society

14th July 2013

Internet Banking Status and
Verification

Vulnerebility

ansible 'paramiko_ssh.py' Security Bypass Vulnerability
2013-07-15
http://www.securityfocus.com/bid/60869

dbus-glib CVE-2013-0292 Local Privilege Escalation Vulnerability
2013-07-15
http://www.securityfocus.com/bid/57985

Adobe Flash Player CVE-2013-3345 Unspecified Memory Corruption Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61045

Adobe Flash Player CVE-2013-3347 Integer Overflow Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61048

Adobe Flash Player CVE-2013-3344 Unspecified Heap Buffer Overflow Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61043

PHP CVE-2013-4113 Heap Memory Corruption Vulnerability
2013-07-15
http://www.securityfocus.com/bid/61128

Linux Kernel '/dev/ptmx' File Local Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/57176

Corel PDF Fusion Insecure Library Loading Code Execution and Stack Buffer Overflow Vulnerabilities
2013-07-12
http://www.securityfocus.com/bid/61010

Mediacoder '.m3u' File Buffer Overflow Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60735

HP StoreOnce D2D Backup System CVE-2013-2342 Remote Unauthorized Access Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60819

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/57778

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60268

HP Data Protector CVE-2013-2329 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60304

Mesa Out of Bounds CVE-2013-1872 Memory Corruption Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60285

Mozilla Firefox CVE-2013-1688 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60779

Mozilla Firefox CVE-2013-1695 Security Bypass Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60789

Mozilla Firefox CVE-2013-1696 Clickjacking Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60788

Mozilla Firefox and Thunderbird CVE-2013-1693 Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60787

Mozilla Firefox/Thunderbird CVE-2013-1697 Security Bypass Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60784

Mozilla Firefox CVE-2013-1698 Security Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60790

Mozilla Firefox/Thunderbird CVE-2013-1694 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60776

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60783

Mozilla Firefox/Thunderbird CVE-2013-1690 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60778

FreeRDP Multiple Security Vulnerabilities
2013-07-12
http://www.securityfocus.com/bid/61072

Mozilla Firefox CVE-2013-1699 Homograph Domain Spoofing Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60785

Cisco Unified Communications Domain Manager Multiple Cross Site Scripting Vulnerabilities
2013-07-12
http://www.securityfocus.com/bid/61100

Cisco TelePresence TC Software CVE-2013-3405 Remote Authentication Bypass Vulnerability
2013-07-12
http://www.securityfocus.com/bid/61113

Linux Kernel 'call_console_drivers()' Local Denial of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58118

Linux Kernel KVM CVE-2013-1798 Denial of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58604

Linux Kernel CVE-2012-6549 Local Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58993

Exploit

13.7.2013

 

Bugtraq

MiniUPnPd Information Disclosure (CVE-2013-2600) 2013-07-12
cyoung tripwire com (1 replies)

Re: MiniUPnPd Information Disclosure (CVE-2013-2600) 2013-07-12
Jeffrey Walton (noloader gmail com)

[Foreground Security 2013-002]: Corda Path Disclosure and XSS 2013-07-12
Adam Willard (awillard foregroundsecurity com)

[security bulletin] HPSBST02890 rev.3 - HP StoreOnce D2D Backup System, Remote Unauthorized Access, Modification, and Escalation of Privilege 2013-07-12
security-alert hp com

Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 10.2.1.95 2013-07-12
NCIRC INFOSEC EVAL (infoseceval ncirc nato int)

Multiple vulnerabilities in McAfee ePO 4.6.6 2013-07-12
NCIRC INFOSEC EVAL (infoseceval ncirc nato int)

CVE-2013-3568 - Linksys CSRF + Root Command Injection 2013-07-12
vuln-report secur3 us

CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2 2013-07-12
cyoung tripwire com

Windows 7/8 admin account installation password stored in the clear in LSA Secrets 2013-07-11
Dnegel X. (dnegel666 gmail com) (1 replies)

Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets 2013-07-11
Rob (synja synfulvisions com) (1 replies)

Re: [Full-disclosure] XSS and SQL Injection Vulnerabilities in MiniBB 2013-07-11
Henri Salo (henri nerv fi)

Facebook Url Redirection Vuln. 2013-07-11
CANSIN YILDIRIM (canyildirim ku edu tr) (1 replies)

Re: Facebook Url Redirection Vuln. 2013-07-11
Anthony Dubuissez (anthony dubuissez webera fr) (1 replies)

Re: Facebook Url Redirection Vuln. 2013-07-11
Jann Horn jann+libev (at) thejh (dot) net [email concealed] (jann+libev thejh net)

[ MDVSA-2013:193 ] apache 2013-07-11
security mandriva com

[ MDVSA-2013:194 ] kernel 2013-07-11
security mandriva com

Hard-coded accounts on multiple network cameras 2013-07-11
roberto paleari emaze net

Malware

Downloader-FLN!D562855A731D!D562855A731D

Downloader-FLN!58CD7F35E203!58CD7F35E203

BackDoor-FAXD!B7BBDC896FA5!B7BBDC896FA5

BackDoor-FAXD!27771419C4E6!27771419C4E6

Downloader-FLN!433D8005EB60!433D8005EB60

BackDoor-FAXD!9DEFBE728BE8!9DEFBE728BE8

RDN/Generic PUP.x!bcg!E024B30C9233

RDN/Generic PUP.x!bcg!6CCBAE1B661C

RDN/Generic PUP.x!bcg!51D7552679C6

RDN/Generic PUP.x!bcg!F4A6B18585E0

RDN/Generic PUP.x!bcg!5F3B519E6915

RDN/Generic PUP.x!bcg!C72FDE2DA08A

Generic PUP.x!229DC4B1335B

Downloader-FLN!4C2935499AE7!4C2935499AE7

RDN/Generic PUP.x!bcg!6612FCD4F20F

RDN/Generic PUP.x!bcg!08494F3DAA03

RDN/Generic PUP.x!bcg!95C072164EFA

RDN/Generic PUP.x!bcg!F5B460897B0B

RDN/Generic PUP.x!bcg!8B416D1E0C49

RDN/Generic.hra!bp!CA3BFE629AA2

RDN/Generic PUP.x!bcg!F18F9066F99B

RDN/Generic PUP.x!bcg!F6ADE0FD31B2

RDN/Generic PUP.x!bcg!B717B743B4E4

RDN/Generic PUP.x!bcg!CC1930611E5E

RDN/Generic PUP.x!bcg!F67129054093

RDN/Generic PUP.x!bcg!566B55A89FFC

RDN/Generic PUP.z!cw!E872C29647C9

RDN/Generic PUP.z!6F5B037D77A2

RDN/Generic PUP.z!19CF52124B10

RDN/Generic PUP.z!09C7941E0693

Phishing

Nationwide Building Society

14th July 2013

Internet Banking Status and
Verification

Daily

13th July 2013

TERMINATION OF ACCOUNT

Chase

13th July 2013

SECURITY ALERT: CHASE ACCOUNT
UPDATE

Buckeye-Express Support

12th July 2013

Access to your Buckeye Express
account will be suspened soon.

Vulnerebility

Linux Kernel '/dev/ptmx' File Local Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/57176

Corel PDF Fusion Insecure Library Loading Code Execution and Stack Buffer Overflow Vulnerabilities
2013-07-12
http://www.securityfocus.com/bid/61010

Mediacoder '.m3u' File Buffer Overflow Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60735

HP StoreOnce D2D Backup System CVE-2013-2342 Remote Unauthorized Access Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60819

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/57778

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60268

HP Data Protector CVE-2013-2329 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60304

Mesa Out of Bounds CVE-2013-1872 Memory Corruption Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60285

Mozilla Firefox CVE-2013-1688 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60779

Mozilla Firefox CVE-2013-1695 Security Bypass Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60789

Mozilla Firefox CVE-2013-1696 Clickjacking Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60788

Mozilla Firefox and Thunderbird CVE-2013-1693 Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60787

Mozilla Firefox/Thunderbird CVE-2013-1697 Security Bypass Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60784

Mozilla Firefox CVE-2013-1698 Security Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60790

Mozilla Firefox/Thunderbird CVE-2013-1694 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60776

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60783

Mozilla Firefox/Thunderbird CVE-2013-1690 Remote Code Execution Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60778

FreeRDP Multiple Security Vulnerabilities
2013-07-12
http://www.securityfocus.com/bid/61072

Mozilla Firefox CVE-2013-1699 Homograph Domain Spoofing Vulnerability
2013-07-12
http://www.securityfocus.com/bid/60785

Cisco Unified Communications Domain Manager Multiple Cross Site Scripting Vulnerabilities
2013-07-12
http://www.securityfocus.com/bid/61100

Cisco TelePresence TC Software CVE-2013-3405 Remote Authentication Bypass Vulnerability
2013-07-12
http://www.securityfocus.com/bid/61113

Linux Kernel 'call_console_drivers()' Local Denial of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58118

Linux Kernel KVM CVE-2013-1798 Denial of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58604

Linux Kernel CVE-2012-6549 Local Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58993

Linux Kernel 'MSR' Driver Local Privilege Escalation Vulnerability
2013-07-12
http://www.securityfocus.com/bid/57838

Linux Kernel CVE-2013-0914 Local Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58426

Linux Kernel CVE-2012-6548 Local Information Disclosure Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58994

Linux Kernel CVE-2013-0311 Denial Of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58053

Linux Kernel KVM CVE-2013-1796 Buffer Overflow Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58607

Linux Kernel CVE-2013-1792 Local Denial of Service Vulnerability
2013-07-12
http://www.securityfocus.com/bid/58368

Exploit

  Corel PDF Fusion Stack Buffer Overflow

  Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability

  BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities

  McAfee ePO 4.6.6 - Multiple Vulnerabilities

  Tri-PLC Nano-10 r81 - Denial of Service

12.7.2013

Bugtraq

CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2 2013-07-12
cyoung tripwire com

Windows 7/8 admin account installation password stored in the clear in LSA Secrets 2013-07-11
Dnegel X. (dnegel666 gmail com) (1 replies)

Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets 2013-07-11
Rob (synja synfulvisions com) (1 replies)

Re: [Full-disclosure] XSS and SQL Injection Vulnerabilities in MiniBB 2013-07-11
Henri Salo (henri nerv fi)

Facebook Url Redirection Vuln. 2013-07-11
CANSIN YILDIRIM (canyildirim ku edu tr) (1 replies)

Re: Facebook Url Redirection Vuln. 2013-07-11
Anthony Dubuissez (anthony dubuissez webera fr) (1 replies)

Re: Facebook Url Redirection Vuln. 2013-07-11
Jann Horn jann+libev (at) thejh (dot) net [email concealed] (jann+libev thejh net)

[ MDVSA-2013:193 ] apache 2013-07-11
security mandriva com

[ MDVSA-2013:194 ] kernel 2013-07-11
security mandriva com

Hard-coded accounts on multiple network cameras 2013-07-11
roberto paleari emaze net

[SECURITY] [DSA 2719-1] poppler security update 2013-07-11
Michael Gilbert (mgilbert debian org)

Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability 2013-07-10
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic.tfr!dm!39C2D84A3842

Generic.dx!D8254B39B4CB

RDN/Generic PUP.x!bcf!A26A65802A9E

RDN/Generic BackDoor!rk!846803335EF8

Generic PUP.x!86925E325C3C

RDN/Generic PUP.x!bcf!8B97F336C225

RDN/Generic.bfr!er!C85D3E821505

RDN/Generic PUP.x!C8B5BADAEEFB

RDN/Downloader.a!mr!1A2324BC21FC

Downloader.gen.a!F25CB3F5F35A

RDN/Generic Dropper!F926224268A8

Generic PUP.x!9329F8D9CCC7

RDN/Generic.dx!cmf!5339167CE28D

RDN/FakeAlert-HDD!c!8EF84A970DF8

RDN/Generic.bfr!er!E9AFF75604C5

Generic.dx!C825A95E92D9

RDN/FakeAlert-HDD!c!C2AADD7B35CD

RDN/FakeAlert-HDD!c!B515AF04847E

RDN/Generic.hra!bp!52C9CD8FBD27

RDN/Generic PUP.x!CD88A2833308

RDN/Generic.tfr!4B09600C9788

RDN/Generic Dropper!B89A418E9914

Downloader.gen.a!957313BFEF79

Downloader.gen.a!F0F3909B0EFF

RDN/Generic.tfr!dm!E6AB9EF97899

Generic PUP.x!BD9EC5934073

RDN/Generic PUP.x!bcf!C8D5D2BC94B5

RDN/Generic PUP.x!7692AA3785ED

Generic PUP.x!F5C26F7B8FDA

RDN/Generic BackDoor!rp!0B2E422AE1AE

Phishing

eBay

10th July 2013

New eBay Unpaid Item Message
from metronomicon_uk :
#281008991765-- response
required

Barclays Personal Banking

9th July 2013

New Message

Barclays Personal

8th July 2013

ACCOUNT BLOCKED

BT Notification

8th July 2013

ALERT ABOUT YOUR BT BILLING
INFORMATION ON FILE

Vulnerebility

Google Chrome CVE-2013-2877 Out of Bounds Denial of Service Vulnerability
2013-07-11
http://www.securityfocus.com/bid/61050

OpenStack Compute (Nova) CVE-2013-2096 Denial of Service Vulnerability
2013-07-11
http://www.securityfocus.com/bid/59924

strongSwan CVE-2013-2054 DNS TXT Record Buffer Overflow Vulnerability
2013-07-11
http://www.securityfocus.com/bid/59837

Openswan CVE-2013-2053 DNS TXT Record Buffer Overflow Vulnerability
2013-07-11
http://www.securityfocus.com/bid/59838

libtirpc 'svc_getargs()' Function Denial of Service Vulnerability
2013-07-11
http://www.securityfocus.com/bid/59365

Mesa Out of Bounds CVE-2013-1872 Memory Corruption Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60285

Linux Kernel CVE-2013-0914 Local Information Disclosure Vulnerability
2013-07-11
http://www.securityfocus.com/bid/58426

RETIRED: Microsoft July 2013 Advance Notification Multiple Vulnerabilities
2013-07-11
http://www.securityfocus.com/bid/60960

nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
2013-07-11
http://www.securityfocus.com/bid/59699

Algis Info aiContactSafe Component for Joomla! 'url' Parameter Cross-Site Scripting Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60261

Microsoft Internet Explorer CVE-2013-3163 Memory Corruption Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60975

X.Org libXp CVE-2013-2062 Multiple Remote Code Execution Vulnerabilities
2013-07-11
http://www.securityfocus.com/bid/60131

Ruby SSL Client Certificate Validation CVE-2013-4073 Security Bypass Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60843

Mozilla Firefox and Thunderbird CVE-2013-1686 Use-After-Free Memory Corruption Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60774

Mozilla Firefox/Thunderbird CVE-2013-1683 Multiple Unspecified Memory Corruption Vulnerabilities
2013-07-11
http://www.securityfocus.com/bid/60768

Mozilla Firefox and Thunderbird CVE-2013-1685 Use-After-Free Memory Corruption Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60773

Mozilla Firefox CVE-2013-1688 Remote Code Execution Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60779

Mozilla Firefox/Thunderbird CVE-2013-1682 Multiple Memory Unspecified Corruption Vulnerabilities
2013-07-11
http://www.securityfocus.com/bid/60765

Mozilla Firefox CVE-2013-1698 Security Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60790

Mozilla Firefox and Thunderbird CVE-2013-1684 Use-After-Free Memory Corruption Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60766

Mozilla Firefox CVE-2013-1696 Clickjacking Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60788

Mozilla Firefox and Thunderbird CVE-2013-1693 Information Disclosure Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60787

Mozilla Firefox/Thunderbird CVE-2013-1694 Remote Code Execution Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60776

Mozilla Firefox CVE-2013-1695 Security Bypass Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60789

Mozilla Firefox and Thunderbird CVE-2013-1687 Remote Code Execution Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60777

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60783

Mozilla Firefox/Thunderbird CVE-2013-1690 Remote Code Execution Vulnerability
2013-07-11
http://www.securityfocus.com/bid/60778

Poppler CVE-2013-1790 Memory Corruption Vulnerability
2013-07-11
http://www.securityfocus.com/bid/59366

Poppler CVE-2013-1788 Multiple Memory Corruption Vulnerabilities
2013-07-11
http://www.securityfocus.com/bid/59364

Linux Kernel CVE-2013-3235 Local Information Disclosure Vulnerability
2013-07-10
http://www.securityfocus.com/bid/59393

Exploit

  nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit

  Ultra Mini HTTPD 1.21 - Stack Buffer Overflow

Atlassian Confluence 4.3.5 - Multiple Vulnerabilities

27.6.2013

Bugtraq

[ MDVSA-2013:184 ] perl-Dancer 2013-06-27
security mandriva com

[ MDVSA-2013:183 ] java-1.7.0-openjdk 2013-06-27
security mandriva com

[ MDVSA-2013:182 ] mesa 2013-06-27
security mandriva com

[ MDVSA-2013:181 ] mesa 2013-06-27
security mandriva com

[ MDVSA-2013:180 ] curl 2013-06-27
security mandriva com

CVE-2013-2210 2013-06-27
Cantor, Scott (cantor 2 osu edu)

[security bulletin] HPSBUX02886 rev.1 - HP-UX Running HP Secure Shell, Remote Denial of Service (DoS) 2013-06-27
security-alert hp com

[security bulletin] HPSBST02890 rev.1 - HP StoreOnce D2D Backup System, Unauthorized Remote Access and Modification 2013-06-26
security-alert hp com

[SECURITY] [DSA 2715-1] puppet security update 2013-06-26
Raphael Geissert (geissert debian org)

Cisco Security Advisory: Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability 2013-06-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Content Security Management Appliance 2013-06-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[ MDVSA-2013:179 ] firefox 2013-06-26
security mandriva com

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Web Security Appliance 2013-06-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Email Security Appliance 2013-06-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Security focus, we need your help 2013-06-26
Adnan Ahmad (ahmad adnan gmail com)

[SECURITY] [DSA 2716-1] iceweasel security update 2013-06-26
Moritz Muehlenhoff (jmm debian org)

Multiple XSS Vulnerabilities in Xaraya 2013-06-26
advisory htbridge com

 

Malware

RDN/Generic PUP.x!32359F3005F0

RDN/Generic.bfr!A235BE98E57A

VBS/LoveLetter@MM!AA7831F4633E

RDN/Generic PUP.x!3724B3D2437D

Generic.bfr!4EDF456AA40D

RDN/Qhost-Gen!y!B0FC7045D346

RDN/Qhost-Gen!y!5E2AA15333B0

RDN/Qhost-Gen!y!737472888CE0

RDN/Generic Dropper!F9882504D00E

RDN/Generic.dx!clv!70EBBADFC1D1

RDN/Generic.dx!clv!45580A9F80B4

RDN/Generic.dx!2F48B93E739F

RDN/Generic PWS.y!ti!B1E85E7A1F22

BackDoor-FJW!237EC1359B50

W32/Sality.gen!959DFA36CBA3

RDN/Generic PUP.x!bbz!E394FC80A995

RDN/Generic PUP.x!bbz!17A6E1B8DA66

RDN/Generic BackDoor!rl!36136EDBAC34

RDN/Generic PUP.x!bbz!C877D2C109E5

RDN/Generic.tfr!dm!3AB6D2746FCE

RDN/PWS-Banker!38476E27D192

Generic PUP.x!3354C9B2F5B3

RDN/Generic PUP.x!bbz!4A1111603616

RDN/Generic PUP.x!bbz!D3FFFC5A2AB9

Generic PUP.x!2E250E064EB1

RDN/Downloader.gen.a!C19CB62F224F

RDN/Generic PUP.x!bbz!DFC2B24FCB07

RDN/Generic PUP.x!bbz!6A27A1F849B8

RDN/Generic PUP.x!bbz!76729873A1D1

BackDoor-FJW!A5167074C6B0

Phishing

Barclays Personal Banking

27th June 2013

YOUR ACCOUNT HAS BEEN
SUSPENDED

Halifax

27th June 2013

YOUR ACCOUNT HAS BEEN
SUSPENDED.

Barbara A. Susman, Esq.

26th June 2013

YOUR AOL! ACCOUNT TERMINATION
REQUEST.

Barclays Online Banking

26th June 2013

Your Account Has Been
Suspended

Barclays Personal Banking

26th June 2013

New Message

Amazon.com

26th June 2013

Amazon.com - Your Cancellation
(286-6177346-1631297)

Natwest Purchase

26th June 2013

PURCHASE PROCESS : WAITING FOR
AUTHORIZATION

Vulnerebility

OpenSSL CVE-2012-2686 Remote Denial of Service Vulnerability
2013-06-27
http://www.securityfocus.com/bid/57755

OpenSSL CVE-2013-0166 Remote Denial of Service Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60268

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2013-06-27
http://www.securityfocus.com/bid/57778

Oracle Java SE CVE-2013-2415 Remote Java Runtime Environment Vulnerability
2013-06-27
http://www.securityfocus.com/bid/59212

Perl Dancer.pm CVE-2012-5572 HTTP Header Injection Vulnerability
2013-06-27
http://www.securityfocus.com/bid/56711

Apache Santuario XML Security for C++ CVE-2013-2210 Heap Buffer Overflow Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60817

Mesa Out of Bounds CVE-2013-1872 Memory Corruption Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60285

Mesa libGLX CVE-2013-1993 Multiple Remote Code Execution Vulnerabilities
2013-06-27
http://www.securityfocus.com/bid/60149

WebKit CVE-2013-2845 Multiple Memory Corruption Vulnerabilities
2013-06-27
http://www.securityfocus.com/bid/60076

cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60737

TYPO3 'meta_feedit' Extension Unspecified SQL Injection Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60296

TYPO3 'sofortueberweisung2commerce' Extension Unspecified SQL Injection Vulnerability
2013-06-27
http://www.securityfocus.com/bid/59664

TYPO3 Maag Form Captcha Extension Open Redirection Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60298

TYPO3 Multishop Extension Unspecified SQL Injection Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60271

Fortinet FortiClient VPN Client SSL Certificate Validation Security Bypass Vulnerability
2013-06-27
http://www.securityfocus.com/bid/59604

PEiD PE File Memory Corruption Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60730

Mozilla Firefox CVE-2013-1699 Homograph Domain Spoofing Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60785

Mozilla Firefox CVE-2013-1696 Clickjacking Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60788

Mozilla Firefox CVE-2013-1698 Security Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60790

Mozilla Firefox CVE-2013-1695 Security Bypass Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60789

Mozilla Firefox/Thunderbird CVE-2013-1697 Security Bypass Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60784

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60783

Mozilla Firefox and Thunderbird CVE-2013-1687 Remote Code Execution Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60777

Mozilla Firefox and Thunderbird CVE-2013-1686 Use-After-Free Memory Corruption Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60774

Mozilla Firefox/Thunderbird CVE-2013-1683 Multiple Unspecified Memory Corruption Vulnerabilities
2013-06-27
http://www.securityfocus.com/bid/60768

Mozilla Firefox and Thunderbird CVE-2013-1685 Use-After-Free Memory Corruption Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60773

Mozilla Firefox/Thunderbird CVE-2013-1690 Remote Code Execution Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60778

Mozilla Firefox CVE-2013-1688 Remote Code Execution Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60779

Mozilla Firefox/Thunderbird CVE-2013-1694 Remote Code Execution Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60776

Mozilla Firefox and Thunderbird CVE-2013-1684 Use-After-Free Memory Corruption Vulnerability
2013-06-27
http://www.securityfocus.com/bid/60766

SANS News

 

Exploit