Databze Hot News - Rok - vod  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  List  - 2018  2017  2016  2015  2014  2013 
Posledn aktualizace v 08.10.2016 14:19:38

26.11.2014

Bugtraq

[SECURITY] [DSA 3076-1] wireshark security update 2014-11-25
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBUX03166 SSRT101489 rev.1 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass 2014-11-25
security-alert hp com

[security bulletin] HPSBGN03203 rev.1 - HP CMS: UCMDB Browser running OpenSSL, Remote Disclosure of Information 2014-11-25
security-alert hp com

[security bulletin] HPSBGN03201 rev.1 - HP Asset Manager running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com

Slider Revolution/Showbiz Pro shell upload exploit 2014-11-25
simo morxploit com

[security bulletin] HPSBST03148 rev.1 - HP StoreOnce Gen 2 Backup Systems running Bash Shell, Remote Code Execution 2014-11-25
security-alert hp com

[security bulletin] HPSBMU03214 rev.1 - HP Systinet running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com

[ MDVSA-2014:227 ] ffmpeg 2014-11-25
security mandriva com

Malware

RDN/DNSChanger.bfr!e!3E9F61659DCB

RDN/Generic.bfr!hx!F4E8EC8F6309

RDN/Generic.hra!54EBADE7CF2B

RDN/Generic BackDoor!b2q!3E26C9130541

RDN/BackDoor-FBSA!a!3BCCD237AB2C

RDN/Generic BackDoor!b2q!3C68CACEE00E

RDN/Generic BackDoor!b2q!3E0A2AE85E72

RDN/DNSChanger.bfr!e!3D3C0EFC2DE7

RDN/Generic BackDoor!b2q!3BF93A3DAAD3

RDN/Generic PUP.x!0F459E5BD7C1

Generic PUP.x!3B1681C874D6

Generic PUP.x!12CCBF422212

RDN/Generic.bfr!hx!5616D309BA0F

Generic PUP.x!25B1AB701DF1

Downloader-FSH!45156A1B0E47

Generic PUP.x!1EDCABA72F1C

Generic PUP.x!15E78B32E575

Generic PUP.x!16EC4694985C

Generic PUP.x!2A3F75A57A32

Generic PUP.x!250DCD90C6CC

Generic PUP.x!20FF94C3E22D

Generic PUP.x!02FC3AAB13C3

Generic PUP.x!20B559EF0186

Generic PUP.x!0C9BFB83CF7B

Generic PUP.x!257BD3076C95

Generic PUP.x!0996CF63237C

Generic PUP.x!1842A04A903B

Generic PUP.x!13116166AE13

Generic PUP.x!084F3EDA5016

Generic PUP.x!1241B8A5C49A

Phishing

PayPal

26th November 2014

Now check the account

BT at home

26th November 2014

BT.com Important Account
Notice

Halifax UK

26th November 2014

Secure Online Banking

BT

26th November 2014

BT Internet unable to process
your recent payment of bill

Tom Holder

25th November 2014

Important Document

Citibank

25th November 2014

ACCOUNT VERIFICATION REQUIRED

PayPal

25th November 2014

Suspicious Activity on Your
Paypal Account

Apple INC

25th November 2014

YOUR APPLE ACCOUNT WILL BE
BLOCKED

Apple Inc

25th November 2014

YOUR ACCOUNT HAS BEEN LIMITED

PayPal Service

25th November 2014

[PAYPAL] : ATTENTION YOUR
ACCOUNT HAS BEEN LIMITED

Bank of America

25th November 2014

Bank of America Corporate
Office Headquarters

Vulnerebility

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70574

Linux Kernel CVE-2014-3153 Local Privilege Escalation Vulnerability
2014-11-26
http://www.securityfocus.com/bid/67906

Multiple KDE Products CVE-2014-8600 Multiple Security Bypass Vulnerabilities
2014-11-26
http://www.securityfocus.com/bid/71190

Wireshark SigComp Dissector CVE-2014-8710 Remote Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71069

Wireshark NCP Dissector CVE-2014-8712 Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71071

Wireshark NCP Dissector CVE-2014-8713 Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71073

Wireshark AMQP Dissector CVE-2014-8711 Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71070

Wireshark TN5250 Dissector CVE-2014-8714 Infinite Loop Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71072

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70137

Mozilla Firefox/SeaMonkey 'OnChannelRedirect' Method Memory Corruption Vulnerability
2014-11-26
http://www.securityfocus.com/bid/47659

Squid CVE-2014-7142 Unspecified Security Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70022

Direct Web Remoting CVE-2014-5325 XML External Entity Injection Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71093

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70186

libvirt 'domain_conf.c' Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/70210

libvirt CVE-2014-7823 Information Disclosure Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71095

Multiple Asterisk Products 'funcs/func_db.c' Remote Privilege Escalation Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71227

Multiple Asterisk Products Access Control List Security Bypass Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71218

Asterisk Open Source 'res_pjsip_acl' Module Security Bypass Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71221

Asterisk Open Source PJSIP Channel Driver Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71225

Squid 'src/icmp/Icmp4.cc' Remote Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/69688

Multiple Asterisk Products ConfBridge Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71222

Multiple Asterisk Products ConfBridge Dialplan Functions Remote Privilege Escalation Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71228

Asterisk 'res_pjsip_refer' Module Denial of Service Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71224

MantisBT 'core/file_api.php' Security Bypass Vulnerability
2014-11-26
http://www.securityfocus.com/bid/71104

Moodle LTI Module CVE-2014-9060 Security Bypass Vulnerabilities
2014-11-26
http://www.securityfocus.com/bid/71134

FFmpeg and Libav Multiple Remote Security Vulnerabilities
2014-11-26
http://www.securityfocus.com/bid/63796

FFmpeg Prior to 2.1 Multiple Remote Vulnerabilities
2014-11-26
http://www.securityfocus.com/bid/63936

Exploit

 

25.11.2014

Bugtraq

Docker 1.3.2 - Security Advisory [24 Nov 2014] 2014-11-24
Eric Windisch (eric windisch docker com)

CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com

Malware

RDN/Generic PUP.x!68E6CB96092C

Generic PUP.x!4B8614FC56A2

RDN/Generic.dx!dhb!E4FDF7A92038

RDN/BackDoor-FCHE!74921DBFB53D

RDN/BackDoor-FCHE!a!74921DBFB53D

RDN/Generic PWS.y!bbw!B8B75CD22E5F

Generic PUP.x!160315555D9D

RDN/Spybot.bfr!o!747D1E4FF39B

Generic PUP.x!ED1C78A75799

Generic PUP.x!D09E31965F28

RDN/Generic PUP.x!6D3A2517A3CE

RDN/Generic PUP.x!cq3!CB2B1FAC503D

Generic PUP.x!91B7CAECDF13

Generic PUP.x!21696A4F70F5

RDN/Generic PWS.y!bbw!A62FE923B60A

RDN/Generic.bfr!hx!3E9B9EE55A1E

RDN/Generic PUP.x!cq3!679D7548E8E8

RDN/Generic BackDoor!b2q!3B270C750FBA

Generic PUP.x!1919958A59A5

RDN/Generic.bfr!hr!B24F790C4B44

Generic PUP.x!842D1BA62C84

RDN/Generic PUP.x!4AF7ABF320D3

Generic PUP.x!8D6CF81600D6

4shared!0A602BBB4668

RDN/Generic PWS.y!F0176D398E81

RDN/Generic PWS.y!bbw!F0176D398E81

RDN/Generic Downloader.x!19AF237871AC

RDN/Generic Dropper!vp!210783CD493C

RDN/Ransom!57A9939F36E8

Generic PUP.x!556DBE53EBFC

Phishing

Bank of America

25th November 2014

Bank of America Corporate
Office Headquarters

Paypal Service

24th November 2014

Your Paypal Account Has Been
Limited !

service

24th November 2014

[PAYPAL]: PLEASE LOG IN TO
CONFIRM YOUR DEBIT CARD œ

Vulnerebility

Linux Kernel LZO Implementation 'lzo1x_decompress_safe.c' Memory Corruption Vulnerability
2014-11-25
http://www.securityfocus.com/bid/68214

Linux Kernel KVM CVE-2014-3690 Local Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70691

Linux Kernel KVM CVE-2014-3646 Local Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70745

Linux Kernel CVE-2014-3687 Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70766

Linux Kernel KVM CVE-2014-3611 Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70743

Linux Kernel CVE-2014-7207 Local Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70867

Linux Kernel KVM CVE-2014-3647 Local Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70748

Linux Kernel CVE-2014-3673 Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70883

Linux Kernel KVM CVE-2014-3645 Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70746

Linux Kernel KVM 'asm/kvm_host.h' Denial of Service Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70742

Google Chrome CVE-2014-7899 Unspecified Address Bar Spoofing Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71160

Google Chrome CVE-2014-7906 Use After Free Remote Code Execution Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71159

Google Chrome CVE-2014-7909 Information Disclosure Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71167

Google Chrome CVE-2014-7907 Use After Free Remote Code Execution Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71170

Google Chrome CVE-2014-7910 Multiple Security Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/71161

Google Chrome CVE-2014-7908 Integer Overflow Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71168

Google Chrome CVE-2014-7904 Buffer Overflow Vulnerability
2014-11-25
http://www.securityfocus.com/bid/71166

X.Org libXfont Multiple Integer Overflow and Memory Corruption Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/67382

Mozilla Firefox/Thunderbird CVE-2014-1581 Use After Free Memory Corruption Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70426

Mozilla Firefox CVE-2014-1583 Same Origin Policy Security Bypass Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70424

Mozilla Firefox/Thunderbird CVE-2014-1578 Out of Bounds Memory Corruption Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70428

Mozilla Firefox/Thunderbird CVE-2014-1586 Security Bypass Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70427

Mozilla Firefox/Thunderbird CVE-2014-1577 Out of Bounds Memory Corruption Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70440

Mozilla Firefox/Thunderbird CVE-2014-1574 Multiple Memory Corruption Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/70436

Mozilla Firefox/Thunderbird CVE-2014-1576 Remote Heap Buffer Overflow Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70430

Mozilla Firefox/Thunderbird CVE-2014-1585 Security Bypass Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70425

Mozilla Firefox/Thunderbird CVE-2014-1575 Multiple Memory Corruption Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/70439

Incredible PBX 11 'reminders/index.php' Remote Command Execution Vulnerability
2014-11-25
http://www.securityfocus.com/bid/70689

ZTE 831CII Multiple Security Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/70984

ZTE ZXDSL 831 Multiple HTML Injection Vulnerabilities
2014-11-25
http://www.securityfocus.com/bid/70985

Exploit

Hikvision DVR RTSP Request Remote Code Execution

TP-Link TL-WR740N - Denial Of Service

Advantech EKI-6340 Command Injection

PHP 5.5.12 Locale::parseLocale Memory Corruption

tcpdump 4.6.2 Geonet Decoder Denial of Service

24.11.2014

Bugtraq

CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com

Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin 2014-11-22
Larry W. Cashdollar (larry0 me com)

Malware

RDN/Generic PUP.x!cqd!C8D962B308E8

RDN/Generic BackDoor!b2q!13997EBF7AF8

RDN/Generic Downloader.x!lv!2B6EA49E4802

Generic PUP.x!33B33A1DA754

RDN/Generic PUP.x!cqd!72E78A73398F

Generic PUP.x!6BDC4A2981BE

RDN/DNSChanger.bfr!e!6A1705927EAD

GenericR-CKW!69774702E587

RDN/Generic.bfr!96C068552410

RDN/Generic Downloader.x!6FA662C964DB

W32/Induc!0C1714266C7A

RDN/Spybot.bfr!22CD07F148C8

RDN/Generic.tfr!ef!00825BF9C1A6

RDN/Generic.bfr!hx!CB58A6F1E3EE

Generic.bfr!5A607C45A622

RDN/Generic.bfr!hr!9DD4A253378C

RDN/Generic.dx!dhb!872814BF341F

RDN/Generic.bfr!9841DE5752DF

RDN/Generic.bfr!803AE36DDB2A

RDN/Generic Dropper!7707641D90D8

RDN/Generic-FAOD!a!48DBADBBC0C5

RDN/Generic.dx!dhb!6A84FDCB104A

Generic PUP.x!426A93A6CC1C

RDN/Generic BackDoor!8FE6305DE375

RDN/Generic PUP.x!cqd!1BFC976390CE

RDN/Spybot.bfr!11AB0D51D563

Generic PUP.x!409A5AF57850

Generic PUP.x!2AA0461C4B1C

RDN/Generic PWS.y!bbw!DE0063FBD398

RDN/Generic.bfr!097D46CCB3BB

Phishing

Paypal Service

24th November 2014

Your Paypal Account Has Been
Limited !

service

24th November 2014

[PAYPAL]: PLEASE LOG IN TO
CONFIRM YOUR DEBIT CARD œ

Halifax

23rd November 2014

Your Internet Banking is
temporarily suspended

PAYPAL

23rd November 2014

UPDATE YOUR LEGAL AGREEMENTS
WITH PAYPAL IN 24 HOURS ! œ

PAYPAL

22nd November 2014

UPDATE YOUR LEGAL AGREEMENTS
WITH PAYPAL IN 24 HOURS ! œ

PayPal Team

22nd November 2014

[PAYPAL ] :YOUR ACCOUNT HAS
BEEN LIMITED PAYPAL ID
PP-658-119-347 œ

Vulnerebility

QEMU 'vmstate_xhci_event' Field Memory Corruption Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69247

QEMU CVE-2014-3689 Multiple Local Security Bypass Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/70997

QEMU L2 Table Size Validation Integer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67357

QEMU 'hw/usb/bus.c' Heap Based Buffer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67392

QEMU Image Size Validation Integer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67391

QEMU Multiple Memory Corruption Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/67483

QEMU 'vga.c' Information Disclosure Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69654

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67394

QEMU CVE-2014-3640 Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70237

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70089

OpenStack Neutron Security Bypass Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69807

CUPS Web Interface Cross Site Scripting Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66788

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70142

Multiple Puppet Products CVE-2014-3248 Remote Code Execution Vulnerability
2014-11-24
http://www.securityfocus.com/bid/68035

Sendmail File Descriptor Security Vulnerability
2014-11-24
http://www.securityfocus.com/bid/67791

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69168

Poppler and xpdf CVE-2012-2142 Security Vulnerability
2014-11-24
http://www.securityfocus.com/bid/62148

OpenStack Keystonemiddleware SSL Certificate Validation Security Bypass Vulnerability
2014-11-24
http://www.securityfocus.com/bid/69864

QEMU CVE-2014-7815 Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70998

QEMU 'vhdx' Block Driver Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66480

QEMU Block Drivers CVE-2014-0143 Multiple Integer Overflow Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/66486

QEMU CVE-2014-0146 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66472

QEMU CVE-2014-0147 Multiple Local Denial of Service Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/66484

QEMU CVE-2014-0144 Multiple Buffer Overflow Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/66483

Qemu 'virtio-net.c' Local Integer Overflow Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66821

QEMU CVE-2014-0145 Multiple Buffer Overflow Vulnerabilities
2014-11-24
http://www.securityfocus.com/bid/66464

QEMU Division By Zero Error Local Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66481

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-11-24
http://www.securityfocus.com/bid/66976

Wireshark SigComp Dissector CVE-2014-8710 Remote Denial of Service Vulnerability
2014-11-24
http://www.securityfocus.com/bid/71069

MIT Kerberos 5 'svr_principal.c' Information Disclosure Vulnerability
2014-11-24
http://www.securityfocus.com/bid/70380

Exploit

TP-Link TL-WR740N - Denial Of Service

22.11.2014

Bugtraq

[security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-11-21
security-alert hp com

[ MDVSA-2014:224 ] krb5 2014-11-21
security mandriva com

[ MDVSA-2014:223 ] wireshark 2014-11-21
security mandriva com

[ MDVSA-2014:222 ] libvirt 2014-11-21
security mandriva com

[ MDVSA-2014:221 ] php-smarty 2014-11-21
security mandriva com

[ MDVSA-2014:220 ] qemu 2014-11-21
security mandriva com

[ MDVSA-2014:219 ] srtp 2014-11-21
security mandriva com

[security bulletin] HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities 2014-11-21
security-alert hp com

[ MDVSA-2014:218 ] asterisk 2014-11-21
security mandriva com

WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)

AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21
Asterisk Security Team (security asterisk org)

Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
thai q dang itas vn

[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Generic.bfr!hx!DE77DB689C43

RDN/Generic BackDoor!b2q!116F9AB018BB

RDN/Generic PUP.x!2EE636D7DE87

RDN/Ransom!el!3CD2F0C9379C

RDN/PWS-Zbot.hb!c!35FAC154FDDD

Generic.bfr!1E9EA8318DCC

RDN/Generic.bfr!hx!C6C2E2091D28

RDN/Generic PWS.y!bb3!8835A343D366

RDN/Generic.dx!dhb!A2B500DC573E

RDN/Generic BackDoor!b2q!2FDA5C7CF103

RDN/Generic PWS.y!E97826126A08

RDN/Generic BackDoor!b2q!6F6CE5127F89

RDN/Autorun.worm!dn!E81883C389B9

RDN/Downloader.a!tv!7937975B19A9

RDN/Generic.dx!dhb!32BDDB37D59F

RDN/Generic Dropper!AC950393D2F9

RDN/Generic PUP.x!D9385F078EA7

Generic.dx!2F360CCBD8A9

RDN/Generic PWS.y!bb3!B96A0757211E

RDN/Generic BackDoor!b2q!84DC4973574D

RDN/Generic.bfr!hx!1063CF236C5F

RDN/Generic BackDoor!b2q!DEECA3CA1A81

RDN/Generic.bfr!hr!7BE47BDC8A07

RDN/YahLover.worm!bd!19EB37A8572E

RDN/Generic PUP.x!42FE0F510450

RDN/Generic PUP.x!B22CD680399B

RDN/Generic PUP.x!2346B92DA18D

RDN/Generic PUP.x!E80738336190

RDN/Generic.dx!dhb!732985B672C3

RDN/Generic BackDoor!b2q!D889ED70D6E2

Phishing

Natwest

21st November 2014

Important Update Alert.

Scotia OnLine

21st November 2014

You Have 1 New Epost...

Joey

21st November 2014

DISCUSSANT SINGING COLIN

Vulnerebility

QEMU 'vmstate_xhci_event' Field Memory Corruption Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69247

QEMU CVE-2014-3689 Multiple Local Security Bypass Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/70997

QEMU L2 Table Size Validation Integer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67357

QEMU 'hw/usb/bus.c' Heap Based Buffer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67392

QEMU Image Size Validation Integer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67391

QEMU Multiple Memory Corruption Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/67483

QEMU 'vga.c' Information Disclosure Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69654

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67394

QEMU CVE-2014-3640 Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70237

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70089

OpenStack Neutron Security Bypass Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69807

CUPS Web Interface Cross Site Scripting Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66788

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70142

Multiple Puppet Products CVE-2014-3248 Remote Code Execution Vulnerability
2014-11-22
http://www.securityfocus.com/bid/68035

Sendmail File Descriptor Security Vulnerability
2014-11-22
http://www.securityfocus.com/bid/67791

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69168

Poppler and xpdf CVE-2012-2142 Security Vulnerability
2014-11-22
http://www.securityfocus.com/bid/62148

OpenStack Keystonemiddleware SSL Certificate Validation Security Bypass Vulnerability
2014-11-22
http://www.securityfocus.com/bid/69864

QEMU CVE-2014-7815 Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70998

QEMU 'vhdx' Block Driver Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66480

QEMU Block Drivers CVE-2014-0143 Multiple Integer Overflow Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/66486

QEMU CVE-2014-0146 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66472

QEMU CVE-2014-0147 Multiple Local Denial of Service Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/66484

QEMU CVE-2014-0144 Multiple Buffer Overflow Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/66483

Qemu 'virtio-net.c' Local Integer Overflow Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66821

QEMU CVE-2014-0145 Multiple Buffer Overflow Vulnerabilities
2014-11-22
http://www.securityfocus.com/bid/66464

QEMU Division By Zero Error Local Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66481

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-11-22
http://www.securityfocus.com/bid/66976

Wireshark SigComp Dissector CVE-2014-8710 Remote Denial of Service Vulnerability
2014-11-22
http://www.securityfocus.com/bid/71069

MIT Kerberos 5 'svr_principal.c' Information Disclosure Vulnerability
2014-11-22
http://www.securityfocus.com/bid/70380

Exploit

Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation

Supr Shopsystem 5.1.0 - Persistent UI Vulnerability

Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit

MyBB <= 1.8.2 - unset_globals() Function Bypass and Remote Code Execution Vulnerability

21.11.2014

Bugtraq

WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)

AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21
Asterisk Security Team (security asterisk org)

Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
thai q dang itas vn

[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20
Salvatore Bonaccorso (carnil debian org)

CVE-2014-8877 - Code Injection in Wordpress CM Download Manager plugin 2014-11-20
phi n le itas vn

[ MDVSA-2014:217 ] clamav 2014-11-20
security mandriva com

[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20
security mandriva com

Malware

RDN/Generic BackDoor!b2p!1D6ED7BEE3DB

RDN/Generic PWS.y!bb3!D5AA95CE380A

RDN/Generic PUP.x!70CE98FA89DC

Generic Downloader.x!8C6EC0F674E4

Generic.dx!9D484F261123

Generic.bfr!2667860FB3DD

RDN/Generic BackDoor!0A0BE53DD9C5

RDN/Generic BackDoor!A5D97019D2E4

Generic PUP.x!437DEAB95D62

Generic.dx!10C8A14931D8

Generic.dx!7F8F7DAC959D

Generic PUP.x!99F252EBB5C1

GenericR-CKP!7C4FDFDAE278

RDN/Generic PUP.x!cqd!2C22C901CA8D

Generic PUP.x!BEE5CAE8CBA8

RDN/Generic PUP.x!cqd!A9CB0EEBF9D5

RDN/Generic PWS.y!bb3!3C297D200E03

Generic PUP.x!BABE8DADF9A7

GenericR-CKP!9C57878AA16B

Generic Downloader.x!9A83F9899DA2

RDN/Generic.bfr!hr!5371303446AE

RDN/Generic.dx!59804F31512F

RDN/Generic.dx!dhb!808239345AE2

RDN/Generic Dropper!vo!7054F85973C1

RDN/Generic BackDoor!b2p!6ED00D41A654

RDN/Downloader.a!tv!19D3C953FC04

Generic PUP.x!CFCE5945D560

Generic PUP.x!6A8C414E3775

RDN/Generic PUP.x!621C771FC00D

RDN/Generic Dropper!5F8801C95507

Phishing

Halifax UK

20th November 2014

Get Halifax Alert now

AT&T

19th November 2014

Please DocuSign this document:
Contract_changes_11_19_2014.pd
f

Vulnerebility

Google Chrome CVE-2014-7909 Information Disclosure Vulnerability
2014-11-21
http://www.securityfocus.com/bid/71167

Libxml2 Entities Expansion CVE-2014-3660 Denial of Service Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70644

GnuTLS CVE-2014-8564 Multiple Heap Corruption Denial of Service Vulnerabilities
2014-11-21
http://www.securityfocus.com/bid/71003

Google Chrome CVE-2014-7910 Multiple Security Vulnerabilities
2014-11-21
http://www.securityfocus.com/bid/71161

Google Chrome CVE-2014-7907 Use After Free Remote Code Execution Vulnerability
2014-11-21
http://www.securityfocus.com/bid/71170

Google Chrome CVE-2014-7908 Integer Overflow Vulnerability
2014-11-21
http://www.securityfocus.com/bid/71168

Google Chrome CVE-2014-7904 Buffer Overflow Vulnerability
2014-11-21
http://www.securityfocus.com/bid/71166

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70165

Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66850

Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66880

Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66896

Oracle MySQL Server CVE-2014-2432 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66875

Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66858

Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66835

Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66846

Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/66890

Oracle Java SE CVE-2014-6527 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70560

Oracle Java SE CVE-2014-6532 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70507

Oracle Java SE CVE-2014-6492 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70456

Oracle Java SE CVE-2014-6456 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70522

Oracle Java SE CVE-2014-6515 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70565

Oracle Java SE CVE-2014-6458 Local Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70460

Oracle Java SE CVE-2014-4288 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70470

Oracle Java SE CVE-2014-6503 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70518

Oracle Java SE CVE-2014-6493 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70468

Oracle Java SE CVE-2014-6476 Remote Security Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70531

X.Org libXfont Multiple Integer Overflow and Memory Corruption Vulnerabilities
2014-11-21
http://www.securityfocus.com/bid/67382

Multiple Cisco RV Series Routers CVE-2014-2178 Cross Site Request Forgery Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70922

Cisco Small Business RV Series Routers CVE-2014-2179 Arbitrary File Upload Vulnerability
2014-11-21
http://www.securityfocus.com/bid/70920

Exploit

Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)

20.11.2014

Bugtraq

[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20
security mandriva com

[CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)

[CORE-2014-0008] - Advantech AdamView Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)

[CORE-2014-0009] - Advantech EKI-6340 Command Injection 2014-11-19
CORE Advisories Team (advisories coresecurity com)

CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM 2014-11-19
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 3074-2] php5 regression update 2014-11-19
Yves-Alexis Perez (corsac debian org)

Malware

RDN/Generic Dropper!vo!1F69DB677B1B

Generic PUP.x!017F99BEB30E

RDN/Generic PUP.x!cqd!6448A5D577DB

RDN/Spybot.bfr!o!A77EC13EF601

RDN/Generic Downloader.x!lu!F6CFF1FACC4F

RDN/Generic PUP.x!C13415D7FAEF

RDN/Generic PUP.x!BBE3C05E1FBC

RDN/Generic PUP.x!728B2BBB499A

RDN/Generic BackDoor!b2p!E1DBFC8C732E

RDN/Generic PUP.x!0A327B130FCA

RDN/Spybot.bfr!o!3061729CF360

RDN/Generic PUP.x!8B7ECB1317B1

RDN/Generic PUP.x!7681E9022688

RDN/Generic PUP.x!E6107BBCB280

RDN/Generic PUP.x!cqd!24FE3E91A7B8

RDN/Generic.dx!dh3!FDEA9C47CAF8

RDN/Generic Dropper!565A3E8E6459

RDN/Generic PUP.x!cqd!9913DD4EBAFA

Generic PUP.x!A9EB68E8D0BB

Generic PUP.x!5DCAD3946C61

RDN/Generic PUP.x!6FB4C030F2D8

RDN/Generic PUP.x!E23BB0087414

RDN/Generic PWS.y!bb3!FBEBBA09EBE0

RDN/Generic Dropper!vo!EEA7B3E0F0EB

RDN/Generic Dropper!vo!376CBD9B0DB6

RDN/Generic PUP.x!cqd!C7CC58BCEDBD

RDN/Generic PUP.x!E28CE449C0AA

RDN/Downloader.a!tv!85874AAFE4AE

RDN/Generic PUP.z!eh!BB4B332BFDEB

RDN/Generic PUP.x!D171756F3DD9

Phishing

AT&T

19th November 2014

Please DocuSign this document:
Contract_changes_11_19_2014.pd
f

Vulnerebility

Geary CVE-2014-5444 Man in the Middle Security Bypass Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70318

Oracle Java SE CVE-2014-6532 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70507

Oracle Java SE CVE-2014-6503 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70518

Oracle Java SE CVE-2014-6515 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70565

Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70538

Microsoft Internet Explorer CVE-2014-6351 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70323

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2014-11-20
http://www.securityfocus.com/bid/68213

Microsoft Internet Explorer CVE-2014-6348 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70348

Microsoft Internet Explorer CVE-2014-6343 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70344

Microsoft Internet Explorer CVE-2014-6342 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70341

Oracle Java SE CVE-2014-6456 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70522

Oracle Java SE CVE-2014-6527 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70560

Oracle Java SE CVE-2014-6476 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70531

Microsoft Internet Explorer CVE-2014-6347 Remote Memory Corruption Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70347

Oracle Java SE CVE-2014-6502 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70533

Oracle Java SE CVE-2014-6511 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70548

Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70567

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70574

Oracle Java SE CVE-2014-4288 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70470

Oracle Java SE CVE-2014-6558 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70544

Oracle Java SE CVE-2014-6506 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70556

Oracle Java SE CVE-2014-6458 Local Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70460

Oracle Java SE CVE-2014-6531 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70572

IBM Java SDK CVE-2014-3065 Local Arbitrary Code Execution Vulnerability
2014-11-20
http://www.securityfocus.com/bid/71147

Oracle Java SE CVE-2014-6493 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70468

Oracle Java SE CVE-2014-6492 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70456

Rockwell Automation Connected Components Workbench Multiple Arbitrary Code Execution Vulnerabilities
2014-11-20
http://www.securityfocus.com/bid/71052

Oracle Java SE CVE-2014-6466 Local Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/70484

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-20
http://www.securityfocus.com/bid/68636

CKEditor Preview Plugin CVE-2014-5191 Unspecified Cross Site Scripting Vulnerability
2014-11-20
http://www.securityfocus.com/bid/69161

Exploit

  Snowfox CMS 1.0 - CSRF Add Admin Exploit

  Paid Memberships Pro 1.7.14.2 Path Traversal

  MINIX 3.3.0 Remote TCP/IP Stack DoS

19.11.2014

Bugtraq

[SECURITY] [DSA 3074-1] php5 security update 2014-11-18
Yves-Alexis Perez (corsac debian org)

[ MDVSA-2014:213 ] curl 2014-11-18
security mandriva com

[ MDVSA-2014:214 ] dbus 2014-11-18
security mandriva com

CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

Malware

Generic PUP.x!00C13E6E3EB6

Generic PUP.x!00E98E712C2B

FakeAV-M.bfr!BBDC8C713DFB

FakeAV-M.bfr!B5282F5794C1

RDN/Generic.bfr!hx!8C5310EB2E21

RDN/Generic.bfr!hx!C5756F00BDEB

RDN/Generic.bfr!hx!B4FCFF992CF8

RDN/Generic PWS.y!bb3!1ADE20F7B5F4

RDN/Generic BackDoor!b2p!85361CC6DD21

Generic PUP.x!90A7DFCCE751

RDN/Generic BackDoor!b2p!56BF59B841E7

Generic PUP.x!00EDDDCA1644

RDN/Generic.dx!dh3!BC5E4A946D40

RDN/Generic.dx!dh3!E6B330038EA9

RDN/Generic.dx!dh3!47FA264B5895

RDN/Generic.dx!dh3!D32D20350F81

FakeAV-M.bfr!2E4D3FC856E0

Generic PUP.x!68E73B576E5E

Generic PUP.x!00C17DE6F67A

RDN/Generic PWS.y!3C1C7216FE9D

RDN/BackDoor-FBSA!a!4B5361C834F3

Obfuscated-FBU!hb!B4643A3414B5

RDN/Generic PWS.y!bb3!E20307B2950B

Generic PUP.x!56433CD98571

RDN/Generic PWS.y!bb3!451CA4734C60

DNSChanger.bfr!AC72E79583DC

Generic PUP.x!1752930D7B78

RDN/Generic.dx!dh3!3B674035143B

RDN/Generic Dropper!vo!AA27627CC4B9

RDN/Generic.dx!2AF9CF345324

Phishing

 

Vulnerebility

libdigidoc DDOC Routine Arbitrary File Overwrite Vulnerability
2014-11-19
http://www.securityfocus.com/bid/62040

Cisco IOS CVE-2014-7992 Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71145

Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70958

Linux Kernel CVE-2014-7841 SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71081

Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2014-11-19
http://www.securityfocus.com/bid/70971

Linux Kernel CVE-2014-7843 Local Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71082

Linux Kernel KVM CVE-2014-7842 Local Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71078

Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2014-11-19
http://www.securityfocus.com/bid/70972

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70186

libvirt 'domain_conf.c' Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70210

PHP 'donote()' Function Out-of-Bounds Read Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70807

libvirt CVE-2014-7823 Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71095

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70574

Adobe Flash Player and AIR CVE-2014-0574 Double Free Remote Code Execution Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71041

D-Bus CVE-2014-3639 Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69832

D-Bus CVE-2014-3638 Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69833

D-Bus CVE-2014-3636 Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69834

D-Bus CVE-2014-7824 Incomplete Fix Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71012

D-Bus CVE-2014-3635 Local Heap Buffer Overflow Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69831

D-Bus CVE-2014-3637 Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/69829

cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70988

Multiple IBM DB2 Products CVE-2014-6159 Remote Denial of Service Vulnerability
2014-11-19
http://www.securityfocus.com/bid/71006

OpenStack Keystone Trust Chained Delegation Privilage Escalation Vulnerability
2014-11-19
http://www.securityfocus.com/bid/68026

OpenStack Keystone Trust CVE-2014-3520 Privilage Escalation Vulnerability
2014-11-19
http://www.securityfocus.com/bid/68344

HP Storage Data Protector CVE-2014-2623 Unspecified Remote Code Execution Vulnerability
2014-11-19
http://www.securityfocus.com/bid/68672

X.Org libXfont Multiple Integer Overflow and Memory Corruption Vulnerabilities
2014-11-19
http://www.securityfocus.com/bid/67382

Microsoft Internet Explorer CVE-2014-6340 Cross Domain Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70941

Microsoft Internet Explorer CVE-2014-6346 Cross Domain Information Disclosure Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70946

Microsoft Internet Explorer CVE-2014-6342 Remote Memory Corruption Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70341

Microsoft Internet Explorer CVE-2014-6337 Remote Memory Corruption Vulnerability
2014-11-19
http://www.securityfocus.com/bid/70337

Exploit

 

18.11.2014

Bugtraq

CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

[security bulletin] HPSBMU03183 rev.2 - HP Server Automation and Server Automation Virtual Appliance, running SSL, Remote Disclosure of Information 2014-11-17
security-alert hp com

[security bulletin] HPSBMU03072 rev.3 - HP Data Protector, Remote Execution of Arbitrary Code 2014-11-17
security-alert hp com

APPLE-SA-2014-11-17-3 Apple TV 7.0.2 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-11-17-1 iOS 8.1.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

Malware

RDN/Generic PUP.x!0724FAB97D94

RDN/Generic.dx!99F84BDE0439

Generic PUP.x!0D44B7CC3FDA

RDN/Generic BackDoor!b2p!FB35705B76B7

RDN/Ransom!0F2AA697E6C7

RDN/Generic PUP.x!017E325AE31C

Generic PUP.x!A76715CB62E6

RDN/Generic.bfr!EBF9B5B0A914

RDN/Generic Dropper!vo!F42597D96562

RDN/Downloader.a!tv!1CD17EABF047

Generic Downloader.x!B56032E405E7

RDN/Generic.dx!39E5F9EA79E1

RDN/Generic.bfr!hx!083DBCADB6C9

Generic Downloader.x!55B31F5F7567

RDN/Ransom!el!136B380E0367

Generic PUP.x!2852EBD71AC8

RDN/Generic PUP.x!F1D8CCA4256F

RDN/Generic PUP.x!1F1B3D50E79A

RDN/Generic PUP.x!011528B058B0

RDN/Generic BackDoor!b2p!29AAF121B6A9

RDN/Generic BackDoor!b2p!1D1187A13387

Generic PUP.x!83C9CE7AA253

RDN/Downloader.gen.a!BBE4A3B1BF31

RDN/Downloader.a!tv!BBE4A3B1BF31

Generic Downloader.x!CF714E4D1863

Generic Downloader.x!EF9B764AB59F

Downloader.gen.a!19ED8B3721C2

Generic PUP.x!1ED584B8EA9D

RDN/Generic.bfr!hx!A39B0C7102C2

Generic Downloader.x!11CABFCE85F1

Phishing

Paypal Security™

18th November 2014

YOUR ACCOUNT WILL BE LIMITED ,
UPDATE YOUR INFORMATION PLEASE
œ

bt.comms@bt.com

17th November 2014

Your account will be close

Vulnerebility

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68624

OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70584

OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70586

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-11-18
http://www.securityfocus.com/bid/66397

IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
2014-11-18
http://www.securityfocus.com/bid/69798

Cisco IOS and IOS XE Software CVE-2014-3409 Denial of Service Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70715

Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70690

Microsoft .NET Framework TypeFilterLevel CVE-2014-1806 Remote Privilege Escalation Vulnerability
2014-11-18
http://www.securityfocus.com/bid/67286

Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70532

Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70517

Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70530

Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70550

Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70487

Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70510

Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70516

Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70486

MySQL MyISAM Insecure Temporary File Creation Vulnerability
2014-11-18
http://www.securityfocus.com/bid/69732

Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70451

Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70462

Oracle MySQL Server CVE-2014-4243 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68611

Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70455

Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70446

Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68593

Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68573

Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68564

Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
2014-11-18
http://www.securityfocus.com/bid/68579

Check Point Security Gateway Multiple Denial of Service Vulnerabilities
2014-11-18
http://www.securityfocus.com/bid/67993

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70574

OpenSSL 'no-ssl3' Build Option Security Bypass Vulnerability
2014-11-18
http://www.securityfocus.com/bid/70585

Exploit

 Samsung Galaxy KNOX Android Browser RCE

MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037)

 .NET Remoting Services Remote Command Execution

  Safari 8.0 / OS X 10.10 - Crash PoC

17.11.2014

Bugtraq

[slackware-security] mozilla-thunderbird (SSA:2014-320-01) 2014-11-16
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3073-1] libgcrypt11 security update 2014-11-16
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information 2014-11-14

Malware

RDN/Generic PWS.y!bb3!0C767EFD8AD1

RDN/Generic.dx!dh3!784B4F0BC132

RDN/Generic.bfr!hx!5CADD3B00653

RDN/Generic.dx!dh3!31C058EB8CF6

RDN/Generic PUP.x!31199323BE81

RDN/Generic Dropper!3229D4A847A2

RDN/Generic BackDoor!314F6AD2D31F

RDN/Generic Dropper!3130D9D07ADD

4shared!30FD3C935734

RDN/Generic Dropper!7D98EBC1E088

RDN/Generic PWS.y!30A7F429ADA2

RDN/Generic PUP.x!cqb!25CE2EC1C9AC

RDN/Generic.bfr!hx!85E7BA4BC94D

RDN/Generic BackDoor!93DD14696152

RDN/Generic.hra!679EEB69B111

RDN/Generic.hra!cc!0C4BB97365B1

RDN/Generic Downloader.x!696FD446F1CA

RDN/Generic PWS.y!bb3!2AF80852D4DD

RDN/Downloader.gen.a!5EBC6CF2959F

Generic Downloader.x!2A22B66D0F63

RDN/Generic PWS.y!bb3!9338B94C3CE0

RDN/Generic.bfr!hx!313665A1810B

RDN/Generic.bfr!hx!7EF69D4C3CEF

RDN/Generic PUP.x!cqb!E0B91352F321

RDN/Generic.bfr!hx!D9F3F471FD03

RDN/Generic PUP.x!cqb!18559D61F448

Generic PUP.x!5064F4DC27CE

Generic PUP.x!2F7873AEA257

RDN/Generic PUP.x!30653FB57520

Generic PUP.x!2F8492DA5598

Phishing

bt.comms@bt.com

17th November 2014

Your account will be close

Paypa1 Online

16th November 2014

Customer Alert

PayPal

16th November 2014

œ ALERT ! YOUR PAYPAL
ACCOUNT WILL BE LIMITED PP1366

PAYPAL

16th November 2014

UPDATE YOUR LEGAL AGREEMENTS
WITH PAYPAL IN 24 HOURS ! œ

Vulnerebility

Moodle CVE-2014-7833 Information Disclosure Vulnerability
2014-11-17
http://www.securityfocus.com/bid/71120

Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2014-11-17
http://www.securityfocus.com/bid/70538

OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2014-11-17
http://www.securityfocus.com/bid/70584

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68007

cURL/libcURL 'curl_easy_unescape()' Heap Memory Corruption Vulnerability
2014-11-17
http://www.securityfocus.com/bid/60737

cURL/libcURL NTLM connection Remote Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/65270

cURL/libcURL SSL Certificate Host Name Validation Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/63776

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66458

IBM Java SDK CVE-2014-0878 Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/67601

Microsoft Secure Channel CVE-2014-6321 Remote Code Execution Vulnerability
2014-11-17
http://www.securityfocus.com/bid/70954

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/61310

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2014-11-17
http://www.securityfocus.com/bid/57778

php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66233

PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/61776

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69082

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69075

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68624

OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66355

cURL/libcURL CVE-2014-2522 SSL Certificate Validation Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66296

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/67233

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69168

OpenSSH Certificate Validation Security Bypass Vulnerability
2014-11-17
http://www.securityfocus.com/bid/66459

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-11-17
http://www.securityfocus.com/bid/64225

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68636

MIT Kerberos 5 CVE-2014-4343 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69159

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68909

MIT Kerberos 5 CVE-2014-4344 NULL Pointer Dereference Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69160

MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/68908

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69078

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-11-17
http://www.securityfocus.com/bid/69084

Exploit

  Internet Explorer < 11 - OLE Automation Array Remote Code Execution

  Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)

  MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python

  MS14-064 Microsoft Windows OLE Package Manager Code Execution

13.11.2014

Bugtraq

[security bulletin] HPSBMU03182 rev.1 - HP Server Automation running Bash Shell, Remote Code Execution 2014-11-12
security-alert hp com

[SECURITY] [DSA 3050-3] iceweasel security update 2014-11-12
Salvatore Bonaccorso (carnil debian org)

Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731] 2014-11-12
Programa STIC (stic fundacionsadosky org ar)

CVE-2014-8732 2014-11-12
cert it nrw de

CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 2014-11-12
cert it nrw de

[SECURITY] [DSA 3072-1] file security update 2014-11-12
Thijs Kinkhorst (thijs debian org)

Malware

RDN/Generic.dx!dg3!6E42BE034646

RDN/Generic BackDoor!b2o!A4BA201D27B5

RDN/Generic BackDoor!b2o!B4658D758474

RDN/Generic BackDoor!b2o!D2B0B9F0AE02

RDN/Generic.grp!hq!F4B9ACE7817D

Generic.dx!EB4C797737EF

Generic.dx!FFDBE01BB517

Generic.bfr!427D2EADE182

RDN/Generic BackDoor!b2o!CE91FF247A01

RDN/DNSChanger.bfr!e!8700C0248915

RDN/Generic BackDoor!b2o!5F2C1341E91D

RDN/Generic BackDoor!b2o!8A63EA13713B

RDN/Generic.tfr!ee!7D2C265886AD

RDN/Generic BackDoor!b2o!8C8D2210B359

Generic.dx!DA02991D936A

RDN/Generic.tfr!ee!854420D74AED

RDN/Generic.tfr!ee!6F16E05E3F85

Generic.dx!F23366DAEA88

RDN/DNSChanger.bfr!e!8754E0E82C98

RDN/Generic BackDoor!B1AFF2085375

Generic BackDoor!8F04A34A41B1

Generic.dx!EDD3AF94B508

RDN/Generic PUP.x!331E6FEC610C

Generic PUP.x!001F1D55F1AC

Generic.dx!DF7FF20FAF37

Generic.dx!ACBE550995B0

RDN/Generic Dropper!vo!B6805B88BA9D

Generic.dx!9E45067133F4

Generic BackDoor!3BFA4ADAB672

RDN/Generic.grp!hq!DE8D4CF6F2DD

Phishing

Customer service

13th November 2014

IMPORTANT : WE NOTICED AN
UNUSUAL ACTIVITY IN YOUR
PAYPAL ACCOUNT

PayPal

13th November 2014

UPDATE YOUR ACCOUNT WHEN YOU
ARE READY !

PayPal

12th November 2014

*** CACTUS *** Your account
access is limited

Vulnerebility

Adobe Flash Player and AIR CVE-2014-0582 Unspecified Heap Based Buffer Overflow Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71039

Adobe Flash Player and AIR CVE-2014-8441 Unspecified Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71050

Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71047

Adobe Flash Player and AIR CVE-2014-8438 Use After Free Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71049

Adobe Flash Player and AIR CVE-2014-0590 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71046

Adobe Flash Player and AIR CVE-2014-0581 Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71042

Adobe Flash Player and AIR CVE-2014-0588 Use After Free Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71048

Adobe Flash Player and AIR CVE-2014-0574 Double Free Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71041

Adobe Flash Player and AIR CVE-2014-0586 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71045

Adobe Flash Player and AIR CVE-2014-0577 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71038

Adobe Flash Player and AIR CVE-2014-0584 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71043

Adobe Flash Player and AIR CVE-2014-0573 Use After Free Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71033

Adobe Flash Player and AIR CVE-2014-0585 Type Confusion Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71044

Adobe Flash Player and AIR CVE-2014-0589 Unspecified Heap Based Buffer Overflow Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71051

Adobe Flash Player and AIR CVE-2014-8437 Information Disclosure Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71036

Adobe Flash Player and AIR CVE-2014-0576 Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/71037

Mozilla Firefox/Thunderbird CVE-2014-1586 Security Bypass Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70427

Mozilla Firefox/Thunderbird CVE-2014-1578 Out of Bounds Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70428

Mozilla Firefox/Thunderbird CVE-2014-1577 Out of Bounds Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70440

Mozilla Firefox CVE-2014-1583 Same Origin Policy Security Bypass Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70424

Mozilla Firefox/Thunderbird CVE-2014-1574 Multiple Memory Corruption Vulnerabilities
2014-11-13
http://www.securityfocus.com/bid/70436

Mozilla Firefox/Thunderbird CVE-2014-1585 Security Bypass Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70425

Mozilla Firefox/Thunderbird CVE-2014-1581 Use After Free Memory Corruption Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70426

Mozilla Firefox/Thunderbird CVE-2014-1576 Remote Heap Buffer Overflow Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70430

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-11-13
http://www.securityfocus.com/bid/70166

Cacti Multiple Cross Site Scripting Vulnerabilities
2014-11-12
http://www.securityfocus.com/bid/68759

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70165

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68816

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70103

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70574

Exploit

  MS Office 2007 and 2010 - OLE Arbitrary Command Execution

  WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS Vulnerability

  CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability

12.11.2014

Bugtraq

[security bulletin] HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL, Remote Disclosure of Information 2014-11-11
security-alert hp com

[security bulletin] HPSBST03154 rev.1 - HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBST03181 rev.1 - HP StoreEver ESL G3 Tape Library running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBHF03124 rev.2 - HP Thin Clients running Bash Shell, Remote Execution of Code 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03165 rev.1 - HP Propel running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03184 rev.1 - HP SiteScope running SSL, Remote Disclosure of Information 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03190 rev.1 - HP Helion Cloud Development Platform Community and Commercial Editions, Remote Unauthenticated Access 2014-11-11
security-alert hp com

[security bulletin] HPSBUX03188 SSRT101487 rev.1 - HP-UX running HP Secure Shell, Remote Denial of Service (DoS) and other Vulnerabilities 2014-11-11
security-alert hp com

[SECURITY] [DSA 3071-1] nss security update 2014-11-11
Sebastien Delafond (seb debian org)

Missing SSL certificate validation in MercadoLibre app for Android [STIC-2014-0211] 2014-11-11
Programa STIC (stic fundacionsadosky org ar)

[security bulletin] HPSBGN03191 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running lighttpd, Remote Disclosure of Information and other Vulnerabilities 2014-11-11
security-alert hp com

[security bulletin] HPSBGN03117 rev.2 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBST03155 rev.1 - HP StoreFabric H-series switches running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

Malware

Downloader.gen.a!9A9A0A560D95

Generic PUP.x!FDD86F1C0E6B

Generic PUP.x!607E046CE594

RDN/Generic Downloader.x!lt!2C8EF96F4FC3

W32/Sdbot.worm!65EAE3A21DE9

W32/Sdbot.worm!4B529E07B886

W32/Sdbot.worm!2A3D30F65D53

Generic Downloader.x!0BD80CC44851

RDN/Generic PUP.x!cp3!75B65B579167

RDN/Generic.bfr!C6720E1E9494

Generic PUP.x!0D2D3AF4334E

Generic Dropper!A36B970EDA1C

Generic PUP.x!ED60892ABA47

Generic PUP.x!224A09A3D3E8

RDN/Generic PUP.x!819BF6C432A3

MultiPlug-FSK!A282AAECDC28

RDN/BackDoor-AWQ!bw!8987988169A0

Generic PUP.x!184C1107422D

Generic PUP.x!ABBC83F26ED7

RDN/Generic Dropper!01EFED3EF44C

RDN/Generic.dx!32C4BCE630B0

Generic PUP.x!0065227B53E7

Generic PUP.x!0C936568EE1B

Generic PUP.x!870B8C5A9F35

Generic PUP.x!EAF0C7B79361

Generic PUP.x!CE2C0055D146

Generic PUP.x!5F268E75C653

Generic PUP.x!48E4BC25D438

Generic PUP.x!3865BCCEE8C6

Generic PUP.x!B3EEB86211E1

Phishing

 

Vulnerebility

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68816

Creative Contact Form 'wp-content/plugins/sexy-contact-form' Arbitrary File Upload Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70723

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-11-12
http://www.securityfocus.com/bid/70096

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70091

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70092

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70094

Linux Kernel CVE-2014-3185 'whiteheat.c' Buffer Overflow Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69781

Linux Kernel KVM CVE-2014-3611 Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70743

Linux Kernel KVM CVE-2014-3646 Local Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70745

Linux Kernel KVM CVE-2014-3645 Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70746

Microsoft Windows CVE-2014-6352 OLE Remote Code Execution Vulnerability
2014-11-12
http://www.securityfocus.com/bid/70690

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68632

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69078

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69079

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68603

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69075

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68620

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-11-12
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-11-12
http://www.securityfocus.com/bid/68599

Exploit

 

11.11.2014

Bugtraq

 

Malware

RDN/Generic PUP.x!cpx!B98A2BB33AEE

RDN/DNSChanger.bfr!e!4F562A3D6907

Generic PUP.x!3B56DBFF8AEE

W32/Sality.gen!30CDECF71F7B

Generic PUP.x!702B32F54DC3

RDN/Generic PUP.x!9A55406ED224

Generic PUP.x!8D216C9D2AAC

RDN/Generic PUP.x!1BD910E77E40

RDN/Generic PUP.x!cpx!C66429526D3E

RDN/Generic.dx!5F04B665934C

RDN/Generic.tfr!ee!AF1DFAADEA0A

RDN/Generic PUP.x!cpx!2745C32D1106

RDN/Generic BackDoor!b2n!C3499199DBE7

Downloader.gen.a!28AB8AB1F217

RDN/Generic.grp!17949BFB7F23

Generic Downloader.x!45EB4AB85539

Generic PUP.x!3B09DAF519E0

RDN/Generic PUP.x!6C786F48F361

RDN/Generic PUP.x!cpx!267B86155BC2

RDN/Generic PUP.x!cpx!D6D91456AF29

RDN/Downloader.a!tu!D7CCD914E707

Generic PUP.x!6E61548B53BD

Generic Downloader.x!1FD0548CAF4A

RDN/Generic PUP.z!eh!7DEDDE778EEC

RDN/Generic PUP.x!FF76273A129F

FakeAV-Y.bfr!13B886DCFEDF

RDN/Generic BackDoor!b2n!982F0752F66A

RDN/Generic.bfr!hr!73254EE8B930

RDN/Generic Downloader.x!lt!F51CC82B81C8

Generic PUP.x!37E1B4ACAFB4

Phishing

 

Vulnerebility

OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70574

PHP 'date_from_ISO8601()' Function Buffer Overflow Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70928

Mozilla Firefox/Thunderbird CVE-2014-1575 Multiple Memory Corruption Vulnerabilities
2014-11-11
http://www.securityfocus.com/bid/70439

Mozilla Firefox/Thunderbird CVE-2014-1578 Out of Bounds Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70428

Mozilla Firefox CVE-2014-1583 Same Origin Policy Security Bypass Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70424

Mozilla Firefox/Thunderbird CVE-2014-1581 Use After Free Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70426

Mozilla Firefox/Thunderbird CVE-2014-1585 Security Bypass Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70425

Mozilla Firefox/Thunderbird CVE-2014-1574 Multiple Memory Corruption Vulnerabilities
2014-11-11
http://www.securityfocus.com/bid/70436

Mozilla Firefox/Thunderbird CVE-2014-1576 Remote Heap Buffer Overflow Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70430

Mozilla Firefox/Thunderbird CVE-2014-1586 Security Bypass Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70427

Mozilla Firefox/Thunderbird CVE-2014-1577 Out of Bounds Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70440

Nuevoplayer CVE-2014-8339 SQL Injection Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70833

OpenOffice CVE-2014-3575 Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/69354

Apache Santuario XML Security For JAVA XML Signature Denial of Service Vulnerability
2014-11-11
http://www.securityfocus.com/bid/64437

WordPress Compfight Plugin 'compfight-search.php' Cross Site Scripting Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68518

RESTEasy JaxB XML Entity References Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/51766

RESTEasy XML Entity References Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/51748

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68571

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-11-11
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68603

OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70586

OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70584

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-11-11
http://www.securityfocus.com/bid/70165

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-11-11
http://www.securityfocus.com/bid/68642

Exploit

  Visual Mining NetCharts Server Remote Code Execution

  Internet Explorer 8 MS14-035 Use-After-Free Exploit

  ManageEngine OpManager, Social IT Plus and IT360 - Multiple Vulnerabilities

  XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities

  Password Manager Pro / Pro MSP - Blind SQL Injection

  ZTE ZXDSL 831CII - Insecure Direct Object Reference

  Another Wordpress Classifieds Plugin - SQL Injection

  PHP-Fusion 7.02.07 - SQL Injection

  Progress OpenEdge 11.2 - Directory Traversal

  Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes)

10.11.2014

Bugtraq

[The ManageOwnage series, part VIII]: Remote code execution and blind SQLi in OpManager, Social IT and IT360 2014-11-09
Pedro Ribeiro (pedrib gmail com)

[The ManageOwnage Series, part VII]: Super admin privesc + password DB dump in Password Manager Pro 2014-11-08
Pedro Ribeiro (pedrib gmail com)

[SECURITY] [DSA 3070-1] kfreebsd-9 security update 2014-11-07
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!390A7B209C4C

Generic PUP.x!3976D1F0551C

RDN/Generic PUP.x!cpw!CDC4C41E879A

RDN/Generic PUP.x!7681D3CB0430

RDN/Generic BackDoor!b2n!0E21CAB444D9

RDN/Generic BackDoor!b2n!B4FF01CA197E

RDN/Generic.dx!dgw!BD0E64FF6788

RDN/Generic BackDoor!b2n!3EDE0B30BD80

Generic PUP.x!8F62DAEF371E

RDN/Generic BackDoor!b2n!6F65362784B7

RDN/PWS-Banker!53E970CD53D9

RDN/Generic.bfr!hw!F8028E0F82A3

Generic PUP.x!C2C74207F67C

RDN/Generic PUP.x!cpw!EAD09547746C

Generic PUP.x!367196387990

Generic PUP.x!3449CD8E9D43

RDN/Generic PUP.x!5A14A83BA6E3

Generic PUP.x!A648051FCC48

Generic PUP.x!624A08BCE653

Generic PUP.x!6401C93461F8

Generic PUP.x!8C32DE63995E

Generic PUP.x!51BEEDDB0BE9

Generic PUP.x!40BFD8A54A80

Generic PUP.x!53FEF6C835DC

Generic PUP.x!69C6B1BBBF02

Generic PUP.x!5223BAD0C954

Generic PUP.x!5C5A2E52A181

Generic PUP.x!3CA49AE44383

Generic PUP.x!6271A41FBB30

Generic PUP.x!3D37F5D3E78B

Phishing

PayPal

10th November 2014

YOUR PAYPAL ACCOUNT WAS
LIMITED

Vulnerebility

Oracle Java SE CVE-2014-0455 Remote Code Execution Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66899

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66914

MiniUPnP CVE-2013-0230 Stack-Based Buffer Overflow Vulnerabilities
2014-11-10
http://www.securityfocus.com/bid/57608

Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66910

Oracle Java SE CVE-2014-0458 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66883

Oracle Java SE CVE-2014-0448 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66904

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66879

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66866

Oracle Java SE CVE-2014-0454 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66905

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-0452 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66891

IBM Notes Traveler For Android CVE-2014-6130 Man in the Middle Information Disclosure Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70871

Linux Kernel 'net/mac80211/tx.c' Information Disclosure Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70965

PHP 'exif_thumbnail()' Function Heap Based Buffer Overflow Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70665

PHP CVE-2014-3669 Denial of Service Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70611

PHP 'libxmlrpc/xmlrpc.c' Buffer Overflow Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70666

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66458

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66457

FreeBSD namei CVE-2014-3711 Remote Denial of Service Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70692

FreeBSD CVE-2014-3952 Local Information Disclosure Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68466

FreeBSD CVE-2014-3953 Multiple Local Information Disclosure Vulnerabilities
2014-11-10
http://www.securityfocus.com/bid/68467

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-11-10
http://www.securityfocus.com/bid/69079

Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
2014-11-10
http://www.securityfocus.com/bid/69728

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-10
http://www.securityfocus.com/bid/68636

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-11-10
http://www.securityfocus.com/bid/69077

Quassel 'cipher.cpp' Out-of-Bounds Read Vulnerability
2014-11-10
http://www.securityfocus.com/bid/70740

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-11-10
http://www.securityfocus.com/bid/66881

Exploit

 

9.11.2014

Bugtraq

Open-Xchange Security Advisory 2014-11-07 2014-11-07
Martin Heiland (martin heiland open-xchange com)

[SECURITY] [DSA 3068-1] konversation security update 2014-11-07
Moritz Muehlenhoff (jmm debian org)

FreeBSD Security Advisory FreeBSD-SA-14:24.sshd [REVISED] 2014-11-06
FreeBSD Security Advisories (security-advisories freebsd org)

Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] 2014-11-06
Programa STIC (stic fundacionsadosky org ar)

XCloner Wordpress/Joomla! backup Plugin v3.1.1 (Wordpress) v3.5.1 (Joomla!) Vulnerabilities 2014-11-06
Larry W. Cashdollar (larry0 me com)

ZTE ZXDSL 831 Multiple Cross Site Scripting 2014-11-06
habte yibelo gmail com

ZTE 831CII Multiple Vulnerablities 2014-11-06
habte yibelo gmail com

ZTE ZXDSL 831CII Direct Object Reference 2014-11-06
habte yibelo gmail com

CA20141103-01: Security Notice for CA Cloud Service Management 2014-11-06
Kotas, Kevin J (Kevin Kotas ca com)

[SECURITY] [DSA 3067-1] qemu-kvm security update 2014-11-06
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3066-1] qemu security update 2014-11-06
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3065-1] libxml-security-java security update 2014-11-06
Sebastien Delafond (seb debian org)

[CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper 2014-11-06
mdgh9 yahoo com

i-FTP Buffer Overflow SEH 2014-11-05
metacom27 gmail com

i.Mage Local Crash Poc 2014-11-05
metacom27 gmail com

SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection 2014-11-06
SEC Consult Vulnerability Lab (research sec-consult com)

Cisco RV Series multiple vulnerabilities 2014-11-06
Securify B.V. (lists securify nl)

[The ManageOwnage Series, part VI]: 0day database info and superuser credential disclosure in EventLog Analyser 2014-11-05
Pedro Ribeiro (pedrib gmail com)

i.Hex Local Crash Poc 2014-11-05
metacom27 gmail com

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small Business RV Series Routers 2014-11-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2014-135: RSA Web Threat Detection SQL Injection Vulnerability 2014-11-05
Security Alert (Security_Alert emc com)

WordPress Wordfence Firewall 5.1.2 Cross Site Scripting 2014-11-05
bhati contact gmail com

Arbitrary File Upload in HelpDEZk 2014-11-05
High-Tech Bridge Security Research (advisory htbridge com)

Two Reflected Cross-Site Scripting (XSS) Vulnerabilities in Forma Lms 2014-11-05
High-Tech Bridge Security Research (advisory htbridge com)

Wordpress bulletproof-security <=.51 multiple vulnerabilities 2014-11-05
Pietro Oliva (pietroliva gmail com)

CVE-2014-6616 Softing FG-100 Webui XSS 2014-11-05
Ingmar Rosenhagen (ingmar rosenhagen csnc de)

CVE-2014-6617 Softing FG-100 Backdoor Account 2014-11-05
Ingmar Rosenhagen (ingmar rosenhagen csnc de)

KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read 2014-11-05
KoreLogic Disclosures (disclosures korelogic com)

FreeBSD Security Advisory FreeBSD-SA-14:26.ftp 2014-11-05
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin 2014-11-05
FreeBSD Security Advisories (security-advisories freebsd org)

Malware

RDN/Generic BackDoor!53BA2EED2CFD

RDN/Generic BackDoor!rk!D4A43FE2F61F

RDN/Generic.bfr!4E7A9B5491F1

RDN/Generic PUP.x!7034064E0C8C

Generic PUP.x!00DBCBE8558E

RDN/Generic.bfr!hw!B4CEB6CD7A85

Generic PUP.x!EF4651C00D5A

Generic PUP.x!F4E5063CCCD6

MultiPlug-FSH!FC1C00D40D21

RDN/YahLover.bfr!c!C1BCBB16CFEC

RDN/Generic PUP.x!2091A0627947

RDN/Generic PUP.x!F9AE42387356

RDN/Generic PUP.x!cpv!6A6832509096

RDN/Generic PUP.x!A1247904002D

RDN/Generic PUP.x!C710130A57FB

RDN/Generic PUP.x!6F5B12EAEA6B

MultiPlug-FSH!F7AEA47FEA3B

RDN/Generic BackDoor!b2n!13C84B531D90

MultiPlug-FSH!ED30767898A1

RDN/Generic PUP.x!9837156B41BE

RDN/Generic PUP.x!5F96171DEABD

RDN/Generic PUP.x!EF65A9DD8A58

RDN/Generic PUP.x!F9ED62A264D1

Generic PUP.x!C69EE71F1FA6

RDN/Generic PUP.x!cpv!7B830701B70A

RDN/Generic PUP.x!3B503988D563

RDN/Generic PUP.x!67E843E1C725

RDN/Generic PUP.x!9B34B1079CDF

RDN/Generic PUP.x!4B0F0C6BB720

RDN/Generic PUP.x!4F3C4C8D026D

Phishing

AMAZON.COM.AU

8th November 2014

Revision to Your Amazon.com.au
Account

Vulnerebility

cURL/libcURL CVE-2014-0139 SSL Certificate Validation Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66458

cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66457

FreeBSD namei CVE-2014-3711 Remote Denial of Service Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70692

FreeBSD CVE-2014-3952 Local Information Disclosure Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68466

FreeBSD CVE-2014-3953 Multiple Local Information Disclosure Vulnerabilities
2014-11-09
http://www.securityfocus.com/bid/68467

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/69079

Apache Tomcat CVE-2013-4444 Arbitrary File Upload Vulnerability
2014-11-09
http://www.securityfocus.com/bid/69728

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68636

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-11-09
http://www.securityfocus.com/bid/69077

Quassel 'cipher.cpp' Out-of-Bounds Read Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70740

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66881

Polarssl Multiple Security Vulnerabilities
2014-11-09
http://www.securityfocus.com/bid/70902

PolarSSL Unspecified Memory Corruption Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70905

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-2427 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66909

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-2428 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66870

Oracle Java SE CVE-2014-2420 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66919

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66903

IBM Java SDK CVE-2014-0878 Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/67601

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-2412 Remote Security Vulnerability
2014-11-09
http://www.securityfocus.com/bid/66873

KDE Workspace Arbitrary Command Execution Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70904

requests-kerberos 'requests_kerberos/kerberos_.py' Remote Security Bypass Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70909

PHP CVE-2014-3669 Denial of Service Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70611

PHP 'exif_thumbnail()' Function Heap Based Buffer Overflow Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70665

PHP 'date_from_ISO8601()' Function Buffer Overflow Vulnerability
2014-11-09
http://www.securityfocus.com/bid/70928

Exploit

  Citrix NetScaler SOAP Handler Remote Code Execution

  Belkin n750 jump login Parameter Buffer Overflow

  Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper #2

  IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation

  Windows TrackPopupMenu Win32k NULL Pointer Dereference

  Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

  ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Stored XSS Vulnerability

  Drupal < 7.32 Pre Auth SQL Injection

  MINIX 3.3.0 Local Denial of Service PoC

9.10.2014

Bugtraq

[security bulletin] HPSBMU03110 rev.1 - HP Sprinter, Remote Execution of Code 2014-10-08
security-alert hp com

[security bulletin] HPSBMU03127 rev.1 - HP Operations Manager for UNIX, Remote Code Execution 2014-10-08
security-alert hp com

[SECURITY] [DSA 3048-1] apt security update 2014-10-08
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-10-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[Onapsis Security Advisory 2014-032] SAP BusinessObjects Persistent Cross Site Scripting 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-031] SAP Business Objects Information Disclosure via CORBA 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-030] SAP Business Objects Denial of Service via CORBA 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-027] SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection 2014-10-08
Onapsis Research Labs (research onapsis com)

Two XSS in Contact Form DB WordPress plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in EWWW Image Optimizer WordPress Plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in Google Calendar Events WordPress Plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

[SECURITY] [DSA 3047-1] rsyslog security update 2014-10-08
Luciano Bello (luciano debian org)

Malware

Generic.tfr!1715C76BF414

RDN/Generic PUP.x!c2p!AA0FE7943C19

RDN/Generic PUP.x!c2p!89574B6ABF73

MultiPlug-FQW!147D7CF9FA31

RDN/Generic Dropper!vj!A2D133395EF0

Generic PUP.x!18461F0BD58F

RDN/Generic BackDoor!b2e!E34CE66EBDC8

Generic PUP.x!15A35161B1E0

RDN/Generic Downloader.x!BC02E3C81391

MultiPlug-FQW!78DB74984278

RDN/Generic PUP.x!92D947F01284

RDN/Generic PUP.x!2EE9751C294D

RDN/Generic.dx!dgc!970F0D7CED5D

MultiPlug-FQW!34EDE0F9E391

Generic PUP.x!0189948082D0

RDN/Generic PUP.x!c2p!D1AF7E5BF016

Generic Dropper!051E39446DB3

RDN/Generic Downloader.x!6CAD536B5306

RDN/Generic BackDoor!b2e!E427901B9DD7

RDN/YahLover.worm!bd!15786BA4420F

RDN/Generic PUP.x!CED1CCA74072

RDN/Generic Dropper!vj!4F680869ED18

MultiPlug-FQW!766349EC78F6

RDN/Generic PUP.x!8B5D6304D4A9

RDN/Generic PUP.x!c2p!A4390EDE5858

Generic PWS.y!E75350CEC4D3

RDN/Generic PUP.x!c2p!EAC71C0E0861

RDN/Generic PUP.x!c2p!A8E925DF477D

Generic Downloader.x!79B7CA61C02F

RDN/Generic PWS.y!bbj!4824E2738799

Phishing

Natwest

9th October 2014

NatWest Secure Activation
Confirmation

Chase Online

9th October 2014

Verify Your Account

Vulnerebility

OpenSSH 'child_set_env()' Function Security Bypass Vulnerability
2014-10-09
http://www.securityfocus.com/bid/66355

OpenSSH Certificate Validation Security Bypass Vulnerability
2014-10-09
http://www.securityfocus.com/bid/66459

IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
2014-10-09
http://www.securityfocus.com/bid/69798

Exuberant Ctags 'jscript.c' Remote Denial of Service Vulnerability
2014-10-09
http://www.securityfocus.com/bid/70168

Debian 'apt' Package CVE-2014-7206 Insecure Temporary File Creation Vulnerability
2014-10-09
http://www.securityfocus.com/bid/70310

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68636

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68624

IBM WebSphere Application Server CVE-2014-4816 Cross Site Request Forgery Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69980

IBM WebSphere Application Server CVE-2014-4770 Cross Site Scripting Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69981

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70165

Track-It! CVE-2014-4872 Unauthorized Access Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70264

MediaWiki Multiple Remote Code Execution Vulnerabilities
2014-10-08
http://www.securityfocus.com/bid/65223

Exploit

     Wordpress InfusionSoft Plugin Upload Vulnerability

    Rejetto HttpFileServer Remote Command Execution

  F5 iControl Remote Root Command Execution

  Linux Kernel remount FUSE Exploit

  BMC Track-It! - Multiple Vulnerabilities

  DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities

  Nessus Web UI 2.3.3 - Stored XSS 

8.10.2014

Bugtraq

OWTF 1.0 "Lionheart" released! 2014-10-06
Abraham Aranguren (abraham aranguren owasp org)

Security advisory for Bugzilla 4.5.6, 4.4.6, 4.2.11, and 4.0.15 2014-10-06
dkl mozilla com

CA20141001-01: Security Notice for Bash Shellshock Vulnerability 2014-10-06
Williams, James K (Ken Williams ca com)

Multiple Vulnerabilities in Draytek Vigor 2130 2014-10-06
Erik-Paul Dittmer (epdittmer digitalmisfits com)

PayPal Inc Bug Bounty #53 - Multiple Persistent Vulnerabilities 2014-10-06
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #30 - Filter Bypass & Persistent Vulnerabilities 2014-10-06
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic BackDoor!b2d!A6E5EE456D96

Generic BackDoor!BBD17B5C81EA

RDN/Generic PUP.x!c2m!9C08A79B5445

RDN/Generic PUP.x!c2m!045D129AAC8A

Generic PUP.x!FA05ED28873A

Generic PUP.x!9D85176AEC0B

Generic PUP.x!C1A0A23B36EA

RDN/Generic.bfr!29E90097C981

RDN/Generic PUP.x!DA4A4F1D70E4

RDN/Generic PUP.x!c2m!AD76E2853B18

RDN/Generic.bfr!hs!BB89DA673353

RDN/Generic PUP.x!97D22CCB9485

RDN/Generic Dropper!vi!98C1595083B5

RDN/Generic.bfr!hs!AFB8BB49B823

RDN/Generic BackDoor!2AC7ACB21151

RDN/Generic PUP.x!c2m!202125C7C7A8

RDN/Generic.bfr!hs!FE5713E831AF

Generic.dx!1584676FD155

RDN/Generic Dropper!vi!64B92F10158C

Generic Dropper!98EA33E2CDFD

RDN/Generic Dropper!AB0B0F62FA57

RDN/Generic.bfr!617EF7B58A2C

Generic.tfr!48B80FF03562

RDN/Generic PUP.x!c2m!379DBBF74E5C

RDN/Generic BackDoor!b2d!2E4A64BA2D10

RDN/Generic PUP.x!c2m!15F95766298C

RDN/Generic PUP.x!c2m!703F1BAA8C6B

RDN/Generic.tfr!ed!736FF5FB294D

RDN/Generic PUP.x!2617B4FCE46F

Generic.bfr!21CFBDCE784A

Phishing

no-reply@bt.com

7th October 2014

Account Verification

NatWest

7th October 2014

NatWest YourPoints Online

E-ZPass Customer Service Cente

7th October 2014

Indebtedness for driving on
toll road

Account

6th October 2014

NOTICE:UPDATE YOUR INFORMATION

Dun & BradStreet

6th October 2014

FW: Case - 6393394696

Vulnerebility

Schneider Electric ClearSCADA CVE-2014-5413 Weak Hashing Algorithm Remote Security Weakness
2014-10-08
http://www.securityfocus.com/bid/69842

Schneider Electric ClearSCADA CVE-2014-5412 Remote Security Bypass Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69840

Siemens SIMATIC WinCC and PCS7 CVE-2014-4686 Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68875

Siemens SIMATIC WinCC and PCS 7 CVE-2014-4685 Local Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68872

Siemens SIMATIC WinCC and PCS7 Database Server Remote Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68880

Siemens SIMATIC WinCC And PCS7 CVE-2014-4683 Remote Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68879

Siemens SIMATIC WinCC And PCS7 WebNavigator Server Information Disclosure Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68876

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70137

IBM Embedded WebSphere Application Server CVE-2014-3020 Local Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69034

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68636

IBM Security Access Manager CVE-2014-6079 Unspecified Cross Site Scripting Vulnerability
2014-10-08
http://www.securityfocus.com/bid/70197

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68632

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-10-08
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68603

Oracle Database Server CVE-2014-4245 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68617

Oracle Database Server CVE-2014-4236 Remote Security Vulnerability
2014-10-08
http://www.securityfocus.com/bid/68633

Exploit

Asx to Mp3 2.7.5 - Stack Overflow

7.10.2014

Bugtraq

[SECURITY] [DSA 3046-1] mediawiki security update 2014-10-05
Salvatore Bonaccorso (carnil debian org)

Malware

PUP-FMK!2F218975826E

PUP-FMK!029CCAB6569C

Generic Downloader.x!F77D362082C1

RDN/Generic PUP.x!0011BF22D66C

MultiPlug-FQW!E7351D4BC208

PUP-FMK!BCA3D65CB17C

PUP-FMK!67076CEA7629

PUP-FMK!58969671BF50

RDN/Generic.bfr!hs!5554CA6BA99C

RDN/Generic.bfr!B6A04A798D5B

RDN/Generic.dx!dgb!6B774BEA33D2

RDN/Generic.tfr!ed!6906F155B8EC

PUP-FMK!0E6263B69EDA

PUP-FMK!6E93CE76F4A2

RDN/Generic.bfr!hs!B6A04A798D5B

PUP-FMS!EAFB42D5B89A

Generic PUP.x!00CE66ED87ED

RDN/Generic.bfr!hs!80FDB733C5F2

MultiPlug-FQW!D24B5AE91B2A

MultiPlug-FQW!42A538D69465

RDN/Generic BackDoor!8B57F53EF2F1

RDN/Generic.bfr!hs!E68D82ABD118

RDN/Generic PUP.x!0DE9A77000C3

Generic PUP.x!4D60D8DC2380

RDN/Generic PUP.x!003B95B2F6C6

MultiPlug-FQW!7DABDC9149AA

MultiPlug-FQW!0DB61BA6D2D3

RDN/Generic PUP.x!583D85840F93

RDN/Generic PUP.x!c2k!C2E8E5AE5809

RDN/Generic.dx!dgb!6EF3CDDDE2D0

Phishing

Account

6th October 2014

NOTICE:UPDATE YOUR INFORMATION

Dun & BradStreet

6th October 2014

FW: Case - 6393394696

PayPal

6th October 2014

Your Account is Limited !

Halifax UK

6th October 2014

Halifax Online Banking
SecureForm.

PayPal

6th October 2014

Security Measure

Vulnerebility

Cisco Adaptive Security Appliance (ASA) Software Arbitrary File Overwrite Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70251

PolicyKit Local Privilege Escalation Vulnerability
2014-10-07
http://www.securityfocus.com/bid/68771

HTTP File Server 'ParserLib.pas' Remote Command Execution Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69782

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69075

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70094

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-10-07
http://www.securityfocus.com/bid/67899

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70092

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70091

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-10-07
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-10-07
http://www.securityfocus.com/bid/70096

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/67898

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-10-07
http://www.securityfocus.com/bid/66363

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69573

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-10-07
http://www.securityfocus.com/bid/66397

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69084

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69083

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69079

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-10-07
http://www.securityfocus.com/bid/69077

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70166

Cisco ASA Software CVE-2014-3398 Information Disclosure Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70230

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70103

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69082

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70165

Cisco IOS XR Software CVE-2014-3396 Access List Security Bypass Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70236

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70154

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70153

Node.js qs Module Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70113

Exploit

 

6.10.2014

Bugtraq

[SECURITY] [DSA 3045-1] qemu security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3046-1] mediawiki security update 2014-10-05
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3044-1] qemu-kvm security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3042-1] exuberant-ctags security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic PUP.x!DD9B5DAA1F08

RDN/Downloader.a!tl!2E12C5EFE738

RDN/Generic.tfr!ed!D2143D5457E7

RDN/Generic.dx!dg3!0AFC5FADAFDF

RDN/Generic.bfr!hs!84A57FBE4098

RDN/Generic PUP.x!c2i!5C76A69B7978

RDN/DNSChanger.bfr!d!5C0381600E5D

RDN/Generic.dx!dg3!BB3EB3D7F24B

Generic PUP.x!51634A2B0BCD

RDN/DNSChanger.bfr!d!2949C8721183

RDN/DNSChanger.bfr!d!E8D4382B2A34

RDN/PWS-Mmorpg.gen!37168FCED0BF

RDN/Generic PWS.y!bb3!FD3072619AF6

Generic PUP.x!ED3ABE79CDA9

Generic PUP.x!20F65FFE3324

RDN/Generic PUP.x!CFB02A2F2A49

RDN/Generic.dx!dg3!5A32D3C65223

RDN/Downloader.a!tl!1E08A8034DB7

Generic Downloader.x!CAC0C16AC2F0

RDN/Generic PUP.x!c2i!B4800B6D913F

RDN/Generic.bfr!BE8656A8046E

RDN/Generic.bfr!hs!AB8A3DB2596A

RDN/Generic.dx!dg3!D6A4D106DDD2

RDN/Generic.dx!dg3!11563BD7E0B0

RDN/Generic.bfr!A65091F3961A

RDN/Generic Downloader.x!lc!EF75FE4F30EF

RDN/Generic PUP.x!c2i!D40B3A89D19E

RDN/Generic PWS.y!bb3!AE7421D7D1E6

RDN/Sdbot.worm!cb!40F81B74B6B5

RDN/Generic PUP.x!c2i!8ABDA107250E

Phishing

PayPal

6th October 2014

Security Measure

Vulnerebility

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70165

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70137

Linux Kernel 'net_get_random_once' Local Information Disclosure Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70209

FreePBX 'index.php' Remote Command Execution Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70188

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69325

OpenVPN 'openvpn_decrypt()' Function Information Disclosure Vulnerability
2014-10-06
http://www.securityfocus.com/bid/59672

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/68983

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70186

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/61310

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/68084

Perl 'Email::Address' Module CVE-2014-4720 Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/68446

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70089

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70153

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69396

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69763

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69428

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69779

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69799

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70025

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70142

Node.js 'lib/send.js' Directory Traversal Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70100

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-10-06
http://www.securityfocus.com/bid/64225

Node.js qs Module Denial of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70113

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-10-06
http://www.securityfocus.com/bid/70116

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69648

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-10-06
http://www.securityfocus.com/bid/69647

Exploit

  Postfix SMTP - Shellshock Exploit

  Apache mod_cgi - Remote Exploit (Shellshock)

  Bash - CGI RCE (MSF) Shellshock Exploit

  AutoWeb 3.0 - (noticias.php id_cat) SQL Injection Exploit

4.10.2014

Bugtraq

[security bulletin] HPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code 2014-10-03
security-alert hp com

PayPal Inc Bug Bounty Issue #70 France - Persistent (Escape Shopping) Mail Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)

HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PUP.x!c2h!9964B78F2FE2

Generic PUP.x!2CC475DA3312

RDN/Generic.dx!dfz!BFFFBBB9A3F6

RDN/Autorun.worm!dm!A8FFF76CDF07

RDN/Generic Downloader.x!lc!A8F76130BF79

RDN/Generic.dx!dfz!A8BB0DFC284B

Generic Downloader.x!C30454F3132A

RDN/Generic PUP.x!188701D0F4F9

RDN/Generic PWS.y!0B31DB8353AA

RDN/Generic PUP.x!c2h!C2E1E344313F

RDN/Downloader.a!tl!C2D3F33E43C6

RDN/Downloader.a!tl!C2D26C26446A

RDN/Downloader.a!tl!C2C1B1C96667

RDN/Generic PUP.x!c2h!E03E04DAB267

RDN/Generic.bfr!hs!D6DEF94FF064

RDN/Generic PUP.x!C80C016BF30B

W32/Virus.gen!7F1A038D1464

W32/Sality.gen!0323E943A80B

Generic PUP.x!691B663C872D

Generic PUP.x!5A41C6A2C66C

Generic.bfr!B7E1B3CEA37B

RDN/Generic PUP.x!43A30C12480B

RDN/Generic PUP.x!2A74E54A6BDD

Generic PUP.x!45A0D344D5F9

Generic PUP.x!C88167B3BA2A

Generic PUP.x!B1E07A40B5E7

RDN/Generic PUP.x!c2h!BF123E880141

Generic.bfr!7A91B76599CB

W32/Sality.gen!74A57025FAD5

RDN/Generic BackDoor!b2b!F516EB22C48A

Phishing

Paypal Inc

4th October 2014

YOUR ACCOUNT WILL BE LIMITED !

Paypal Help

4th October 2014

PAYPAL : UPDATE YOUR PAYPAL
ACCOUNT ! œ

PayPal

4th October 2014

[PAYPAL] : UPDATE YOUR PAYPAL
ACCOUNT ! œ

Paypal.Inc

4th October 2014

YOUR ACCOUNT HAS LIMITATION!
YOU CAN RESOLVE THIS NOW.?

PayPal

4th October 2014

Account Suspended

Vulnerebility

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70165

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70137

Linux Kernel 'net_get_random_once' Local Information Disclosure Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70209

FreePBX 'index.php' Remote Command Execution Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70188

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69325

OpenVPN 'openvpn_decrypt()' Function Information Disclosure Vulnerability
2014-10-04
http://www.securityfocus.com/bid/59672

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-10-04
http://www.securityfocus.com/bid/68983

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70186

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/61310

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/68084

Perl 'Email::Address' Module CVE-2014-4720 Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/68446

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70089

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70153

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69396

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69763

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69428

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69779

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69799

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70025

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70142

Node.js 'lib/send.js' Directory Traversal Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70100

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-10-04
http://www.securityfocus.com/bid/64225

Node.js qs Module Denial of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70113

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-10-04
http://www.securityfocus.com/bid/70116

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69648

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-10-04
http://www.securityfocus.com/bid/69647

Exploit

 

3.10.2014

Bugtraq

[ MDVSA-2014:195 ] libvirt 2014-10-03
security mandriva com

[security bulletin] HPSBMU02895 SSRT101253 rev.3 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 2014-10-02
security-alert hp com

[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2014-10-02
security-alert hp com

Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra Protect) Vulnerabilities 2014-10-02
Patrick Webster (patrick osisecurity com au)

[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com

[ MDVSA-2014:194 ] phpmyadmin 2014-10-03
security mandriva com

Elasticsearch vulnerability CVE-2014-6439 2014-10-02
Jordan Sissel (jordan sissel elasticsearch com)

Malware

Generic PUP.x!52C1A906E781

Generic PUP.x!51BE26245F83

Generic PUP.x!53CBB4CB70BC

Generic PUP.x!54DA64B562F5

RDN/Generic PUP.x!c2f!54E05A203165

Generic PUP.z!52EC75639A69

RDN/Generic Downloader.x!lc!57E21B5B733B

Generic PUP.x!5185C59E1736

RDN/Generic Downloader.x!lc!54FD5B4358E9

RDN/Generic.bfr!55FB6858CAD5

RDN/Generic Downloader.x!lc!55B00BFF1C7A

RDN/Generic.dx!dfz!566E7D17FE51

Generic PUP.x!5274D807B402

Generic PUP.x!55825DF93872

RDN/Generic.bfr!hs!50F5C164E1A2

Generic PUP.x!56CC85EF7591

RDN/Generic.dx!dfz!53B406EEDF8E

RDN/Generic.dx!dfz!53844C48AEB2

RDN/Generic.bfr!54530D6295C5

Generic PUP.x!51B929AC8DCE

RDN/Generic BackDoor!b2b!5421ECA29BA8

Generic PUP.x!4F9A14ED4674

RDN/Generic.dx!52A511B7E971

Generic.bfr!5336AC7C99BC

RDN/Generic PWS.y!bbg!5160010240B2

RDN/Generic Downloader.x!lc!507F125364B7

Generic PUP.x!49FEFD6E0BDE

RDN/Generic.bfr!hs!50A61E31E20C

Generic PUP.x!521C513CAA2E

RDN/Generic.dx!dfz!4F2414829594

Phishing

Paypal Inc

2nd October 2014

YOUR ACCOUNT WILL BE LIMITED !

Vulnerebility

Linux Kernel 'net_get_random_once' Local Information Disclosure Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70209

FreePBX 'index.php' Remote Command Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70188

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69325

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70137

OpenVPN 'openvpn_decrypt()' Function Information Disclosure Vulnerability
2014-10-03
http://www.securityfocus.com/bid/59672

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70165

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70152

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-10-03
http://www.securityfocus.com/bid/68983

libvirtd 'qemuDomainGetBlockIoTune()' Function Out-of-Bounds Read Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70186

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/61310

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/68084

Perl 'Email::Address' Module CVE-2014-4720 Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/68446

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70089

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70153

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69396

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69763

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69428

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69779

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69799

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70025

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70142

Node.js 'lib/send.js' Directory Traversal Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70100

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-10-03
http://www.securityfocus.com/bid/64225

Node.js qs Module Denial of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70113

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-10-03
http://www.securityfocus.com/bid/70116

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69648

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-10-03
http://www.securityfocus.com/bid/69647

Exploit

 

2.10.2014

Bugtraq

[SECURITY] [DSA 3041-1] xen security update 2014-10-01
Moritz Muehlenhoff (jmm debian org)

Reflected Cross-Site Scripting (XSS) in Textpattern 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)

Cross-Site Scripting (XSS) in Photo Gallery WordPress plugin 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)

FreePBX (All Versions) RCE 2014-10-01
rob thomas schmoozecom com

NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities 2014-10-01
VMware Security Response Center (security vmware com)

[security bulletin] HPSBHF03119 rev.1 - HP DreamColor Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com

[SECURITY] [DSA 3040-1] rsyslog security update 2014-09-30
Luciano Bello (luciano debian org)

Malware

Generic Downloader.x!91B14B967DD3

Generic PUP.x!15C5A3EF3DE3

Generic.bfr!432180388155

Generic.dx!27620747E668

RDN/Spybot.bfr!n!5E23DA9E75F0

Generic Downloader.x!76431649CAFA

RDN/Generic PWS.y!bbf!5596879AC298

RDN/Generic.bfr!hs!AADAF7941CE9

Generic PUP.x!9AE3200A5329

RDN/PWS-Mmorpg!mh!41D2C78A1EE5

RDN/Spybot.bfr!n!6B1D2F768778

RDN/Generic Dropper!vh!DFB5BA034E9E

RDN/Spybot.bfr!1D5448452A7A

RDN/Spybot.bfr!62D008711AE1

RDN/Spybot.bfr!AB9C87511C9F

RDN/Generic BackDoor!b2b!9095AA6D11A4

RDN/Generic.dx!df3!902F5E576DE6

RDN/Generic Downloader.x!la!884100F78D31

RDN/Ransom!ek!501F42A5DEED

BackDoor-FAJ!15BACEFCD98A

Generic PUP.x!47B7895C349B

RDN/Generic.bfr!8D32EA888C5C

RDN/Generic Dropper!vh!095BF0E5BC7D

Generic PUP.x!91C2866C46E1

Generic.dx!911B87AD568A

RDN/Ransom!ek!BB8FD766348F

RDN/Autorun.worm!dm!8FCB9DB26327

RDN/Autorun.worm!dm!8ED6B07BCD88

RDN/Generic.dx!df3!DA26C1B6428E

RDN/Generic PWS.y!bbf!5F46F598CC97

Phishing

 

Vulnerebility

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70137

IBM Java CVE-2013-4002 Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/61310

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70103

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/68084

Perl 'Email::Address' Module CVE-2014-4720 Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/68446

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70165

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70089

GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70166

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70153

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69396

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69763

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69428

Linux Kernel Magic Mouse HID Device Driver CVE-2014-3181 Stack-Based Buffer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69779

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69799

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70025

Perl CVE-2014-4330 Stack Overflow Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70142

Node.js 'lib/send.js' Directory Traversal Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70100

PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2014-10-02
http://www.securityfocus.com/bid/64225

Node.js qs Module Denial of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70113

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70116

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69648

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69647

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-02
http://www.securityfocus.com/bid/70154

python-oauth2 CVE-2013-4347 Multiple Predictable Random Number Generator Weaknesses
2014-10-02
http://www.securityfocus.com/bid/62388

python-oauth2 Signed URL Nonce Verification Security Bypass Vulnerability
2014-10-02
http://www.securityfocus.com/bid/62386

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-10-02
http://www.securityfocus.com/bid/65930

cURL/libcURL SSL Certificate Host Name Validation Security Bypass Vulnerability
2014-10-02
http://www.securityfocus.com/bid/64431

WordPress Colormix Theme Multiple Security Vulnerablities
2014-10-02
http://www.securityfocus.com/bid/59371

Adobe Flash Player and AIR CVE-2014-0556 Unspecified Heap Based Buffer Overflow Vulnerability
2014-10-02
http://www.securityfocus.com/bid/69696

Exploit

  Kolibri Webserver 2.0 Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass

   GNU bash 4.3.11 Environment Variable dhclient Exploit

  Pure-FTPd External Authentication Bash Environment Variable Code Injection

  HP Network Node Manager I PMD Buffer Overflow

  ManageEngine OpManager / Social IT Arbitrary File Upload

  HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution

  All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability

  RBS Change Complet Open Source 3.6.8 - CSRF Vulnerability

  PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution

  TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities

  Epicor Enterprise 7.4 - Multiple Vulnerabilities

  Moab < 7.2.9 - Authorization Bypass

  TeamSpeak Client 3.0.14 - Buffer Overflow Vulnerability

1.10.2014

Bugtraq

London DEFCON - September 30th 2014 2014-09-30
Major Malfunction (majormal pirate-radio org)

[slackware-security] bash (SSA:2014-272-01) 2014-09-29
Slackware Security Team (security slackware com)

Malware

RDN/Generic FakeAlert!fe!91ACCED88EC4

Generic PUP.x!165FCB5E97B0

RDN/Downloader.a!tl!47D0AD41F5AB

Generic PUP.x!8DE422768627

RDN/Ransom!ek!FCE8A87FF1BB

RDN/Generic PUP.x!A27E4A674CB8

RDN/Generic.dx!df3!A0ADFEF1DEE6

RDN/Generic PUP.x!c2b!A0610BD60EB9

RDN/Generic PUP.x!c2b!281488DEB6EE

RDN/Generic.tfr!ed!BAAB1F3F8329

Generic PUP.x!D8DFB01D2F04

RDN/Generic.dx!df3!A03839463A9B

RDN/Generic.grp!55D74D8FF0ED

RDN/Generic.dx!df3!242831B991BB

RDN/Generic PWS.y!bbf!DE2DA82F410B

Generic Downloader.x!D2173B0911B4

RDN/Generic.dx!df3!07DF1E790A95

RDN/YahLover.worm!u!DFD93FE1D70C

RDN/Generic.dx!D77DE4696FAF

RDN/Generic.bfr!hs!D2D6D550BC16

RDN/Generic.bfr!hs!F5344F4CC8F8

RDN/Generic BackDoor!b2b!D70D03F2E9D6

RDN/Autorun.bfr!d!BB6AC2AD74F2

RDN/Generic Dropper!vh!7B9DEB304D66

Trojan-FAUE!E49A113A2800

RDN/Generic.bfr!hs!4F358BB80348

RDN/Generic.dx!df3!02BFB2EE9ED9

RDN/Generic BackDoor!b2b!C9A2D2BC7116

Generic PWS.y!006B817BA13F

RDN/Generic BackDoor!b2b!E3CF23CAED95

Phishing

 

Vulnerebility

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/69325

PHP DNS TXT Record Handling CVE-2014-3597 Heap Buffer Overflow Vulnerability
2014-10-01
http://www.securityfocus.com/bid/69322

PHP 'ext/spl/spl_dllist.c' Local Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68513

php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/66233

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68007

PHP 'ext/spl/spl_array.c' Use After Free Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68511

file Composite Document File Format Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/52225

RSyslog and sysklogd CVE-2014-3634 Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70187

PHP CVE-2014-5120 Multiple Arbitrary File Overwrite Vulnerabilities
2014-10-01
http://www.securityfocus.com/bid/69375

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68348

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/66406

Cisco WebEx Meetings Server CVE-2014-3395 Arbitrary File Download Vulnerabilitiy
2014-10-01
http://www.securityfocus.com/bid/70181

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70165

GNU Bash CVE-2014-6278 Incomplete Fix Unspecified Remote Code Execution Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70166

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70152

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-10-01
http://www.securityfocus.com/bid/70137

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67671

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67668

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68624

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/67975

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/65335

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-10-01
http://www.securityfocus.com/bid/66356

Network Security Services 'ssl_Do1stHandshake()' Function Information Disclosure Vulnerability
2014-10-01
http://www.securityfocus.com/bid/64944

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-10-01
http://www.securityfocus.com/bid/68816

Mozilla Network Security Services CVE-2014-1491 Unspecified Security Vulnerability
2014-10-01
http://www.securityfocus.com/bid/65332

Exploit

 

30.9.2014

Bugtraq

Moab Authentication Bypass (insecure message signing) [CVE-2014-5376] 2014-09-29
john fitzpatrick mwrinfosecurity com

Moab User Impersonation [CVE-2014-5375] 2014-09-29
john fitzpatrick mwrinfosecurity com

Moab Authentication Bypass [CVE-2014-5300] 2014-09-29
john fitzpatrick mwrinfosecurity com

[slackware-security] mozilla-firefox (SSA:2014-271-01) 2014-09-29
Slackware Security Team (security slackware com)

[The ManageOwnage Series, part V]: RCE / file upload / arbitrary file deletion in OpManager, Social IT and IT360 2014-09-27
Pedro Ribeiro (pedrib gmail com)

Malware

Generic PUP.x!4259AC93E310

RDN/Generic BackDoor!b2a!423A0C05F700

Generic PUP.x!41861CA2DD3E

Generic PUP.x!41320CDCDD9D

RDN/Generic BackDoor!b2a!401C87402E41

Generic PUP.x!404A2480FC05

RDN/Spybot.bfr!n!C1064CE985A9

RDN/Generic PUP.x!cnz!96C8B548547C

RDN/DNSChanger.bfr!d!96BE64AB6B48

Generic PUP.x!9684124BFA52

RDN/YahLover.worm!FFCD4B330607

RDN/Generic.dx!df3!A0A88A90DE40

RDN/Spybot.bfr!6F2F76BF6B5E

Generic PUP.x!331DE5886CFB

RDN/Generic Dropper!vh!2B87A45B9E4A

RDN/Generic BackDoor!b2a!36A21B2A9BC4

RDN/Spybot.bfr!C3130A742BE9

RDN/Generic PUP.x!cnz!9CAE837AA884

Generic PUP.x!2E8A270EDC33

Generic PUP.x!4A425B5DF504

Generic PUP.x!24DF01A1C821

Generic PUP.x!682AB5CD1A56

Generic PUP.x!09ACAE7FAD31

RDN/Generic PUP.x!cnz!12DA5505939C

Generic PUP.x!09D64E8FC6AD

Generic PUP.x!4785A4A37F5D

Generic PUP.x!DB981CE6541C

Generic PUP.x!3DABBAD83C41

Generic PUP.x!373EC41B9233

Generic PUP.x!37438A3D16D6

Phishing

Paypal.inc

29th September 2014

NOTICE OF POLICY UPDATES

Tesco Credit Card

28th September 2014

Win A Free Tesco Voucher

Vulnerebility

Exuberant Ctags 'jscript.c' Remote Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70168

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-30
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-09-30
http://www.securityfocus.com/bid/66914

Mozilla Network Security Services CVE-2013-1620 Information Disclosure Vulnerability
2014-09-30
http://www.securityfocus.com/bid/57777

GnuTLS Certificate Validation Security Bypass Weakness
2014-09-30
http://www.securityfocus.com/bid/65792

LibVNCServer CVE-2014-6053 Remote Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70092

libvirt XML Entity Expansion CVE-2014-0179 Information Disclosure Vulnerability
2014-09-30
http://www.securityfocus.com/bid/67289

libVNCserver CVE-2014-6051 Integer Overflow Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70093

LibVNCServer CVE-2014-6055 Multiple Stack Based Buffer Overflow Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/70096

LibVNCServer CVE-2014-6052 Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70091

LibVNCServer CVE-2014-6054 Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70094

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70103

GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70154

GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70152

ZeroMQ Multiple Security Bypass Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/70157

TYPO3 JobControl SQL Injection and Cross Site Scripting Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/70155

Mediawiki SVG File Handling Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70153

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70116

Go TLS Server Implementation Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/70156

python-oauth2 CVE-2013-4347 Multiple Predictable Random Number Generator Weaknesses
2014-09-30
http://www.securityfocus.com/bid/62388

python-oauth2 Signed URL Nonce Verification Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/62386

Cisco IOS and IOS XE Software CVE-2014-3354 Multiple Denial of Service Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/70131

Drupal XML-RPC Endpoint Multiple Denial of Service Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/69146

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/68084

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-09-30
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/65767

RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities
2014-09-30
http://www.securityfocus.com/bid/64758

Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
2014-09-30
http://www.securityfocus.com/bid/59797

Ruby on Rails 'create_with()' Function Security Bypass Vulnerability
2014-09-30
http://www.securityfocus.com/bid/69265

Exploit

 

29.9.2014

Bugtraq

[SECURITY] [DSA 3039-1] chromium-browser security update 2014-09-28
Michael Gilbert (mgilbert debian org)

Hands-on Mobile (Android & iOS) + ARM Exploitation Training at Toorcon 2014-09-27
Aditya Gupta (adi0x90 gmail com)

WorldCIST 2015 - 3rd World Conference on Information Systems and Technologies 2014-09-27
ML (marialemos72 gmail com)

Malware

RDN/Generic.dx!df3!37CEC03CD0E8

PUP-FMH!9A3B2295E20B

RDN/Generic Dropper!8EA8A248DC69

RDN/Generic PUP.x!cnz!9639ADD3933B

PUP-FMK!9A3D74C33071

iBryte!9A3D23BDCEA4

PUP-FLT!9A3D6D057CA2

PUP-FIC!9A3C51024E74

Generic PWS.y!E0B0D8817DF7

Generic PUP.x!7D26A223361A

PUP-FMU!9A3A4A29FFFF

PUP-FLT!9A39EBEF850A

RDN/Spybot.bfr!n!AFC9017456C5

PUP-FMK!9A39AFF43FBB

Generic Downloader.x!0B65EFF2AB60

Generic Downloader.x!4DF20D6B82D0

PUP-FHQ!9A3818B0DA20

RDN/Generic PUP.x!cnz!139E23B72501

PUP-FHQ!9A391E622383

PUP-FLN!9A3704954742

iBryte!9A33D83E17E1

CryptDomaIQ!9A303BDCFB7C

MultiPlug!9A2DDC4A929F

PUP-FLN!9A295E4BB4A1

PUP-FHQ!9A2EAB1D4EF0

MultiPlug!9A23B8F86C64

Midia!9A2B6E8C2C20

PUP-FLN!9A2282ACC367

SoftDropper!9A21F16FC93B

iBryte!9A1F5C649587

Phishing

Paypal.inc

29th September 2014

NOTICE OF POLICY UPDATES

Tesco Credit Card

28th September 2014

Win A Free Tesco Voucher

PayPal

27th September 2014

[PAYPAL] : UPDATE YOUR PAYPAL
ACCOUNT !! œ

Natwest

27th September 2014

Last notice regarding your
account.

E-ZPass Service Center

27th September 2014

INDEBTEDNESS FOR DRIVING ON
TOLL ROAD

Vulnerebility

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-29
http://www.securityfocus.com/bid/70103

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/70116

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-09-29
http://www.securityfocus.com/bid/70137

Go TLS Server Implementation Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/70156

python-oauth2 CVE-2013-4347 Multiple Predictable Random Number Generator Weaknesses
2014-09-29
http://www.securityfocus.com/bid/62388

python-oauth2 Signed URL Nonce Verification Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/62386

Cisco IOS and IOS XE Software CVE-2014-3354 Multiple Denial of Service Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/70131

Drupal XML-RPC Endpoint Multiple Denial of Service Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/69146

Perl 'Email::Address' Module Local Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/68084

Apache Tomcat CVE-2013-4590 XML External Entity Information Disclosure Vulnerability
2014-09-29
http://www.securityfocus.com/bid/65768

Apache Tomcat CVE-2013-4322 Incomplete Fix Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/65767

RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/64758

Apache Tomcat CVE-2012-3544 Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/59797

Ruby on Rails 'create_with()' Function Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69265

Embarcadero ER/Studio Data Architect ActiveX Remote Code Execution Vulnerability
2014-09-29
http://www.securityfocus.com/bid/68489

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69082

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69081

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69075

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69076

EMC AlphaStor Format String and Command Injection Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/57472

Cart Engine Multiple Security Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/69841

HAProxy Multiple Buffer Overflow Vulnerabilities
2014-09-29
http://www.securityfocus.com/bid/69690

Microsoft Internet Explorer CVE-2014-4067 Remote Memory Corruption Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69134

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69742

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69748

Wireshark SES Dissector CVE-2014-6428 Remote Denial of Service Vulnerability
2014-09-29
http://www.securityfocus.com/bid/69865

Openfiler CVE-2014-7190 Denial of Service Vulnerability
2014-09-27
http://www.securityfocus.com/bid/70163

ZeroMQ Multiple Security Bypass Vulnerabilities
2014-09-26
http://www.securityfocus.com/bid/70157

Wireshark MEGACO Dissector CVE-2014-6423 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69860

Wireshark Sniffer File CVE-2014-6431 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69858

Exploit

  Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass (MS12-037)

  Microsoft Exchange IIS HTTP Internal IP Address Disclosure

  OpenFiler 2.99.1 - CSRF Vulnerability

  GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability

26.9.2014

Bugtraq

SmarterTools Smarter Track 6-10 - Information Disclosure Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Oracle Corporation MyOracle - Persistent Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #16 - Persistent Mail Encoding Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #32 - Multiple Persistent Vulnerabilities 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:190 ] bash 2014-09-26
security mandriva com

[slackware-security] bash (SSA:2014-268-01) 2014-09-25
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3036-1] mediawiki security update 2014-09-26
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 3035-1] bash security update 2014-09-25
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: GNU Bash Environmental Variable Command Injection Vulnerability 2014-09-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[slackware-security] bash (rebuild for Slackware 13.0 only) (SSA:2014-268-02) 2014-09-25
Slackware Security Team (security slackware com)

[slackware-security] bash (SSA:2014-267-01) 2014-09-24
Slackware Security Team (security slackware com)

[oCERT-2014-007] libvncserver multiple issues 2014-09-25
Andrea Barisani (lcars ocert org)

Malware

PUP-FMU!9073DA400D01

Generic PUP.x!0B0EC1675C6A

Generic PUP.x!2F40DB35B9BA

PUP-FMU!9073D956919E

MultiPlug!90717E75E8DE

PUP-FLN!9071D20DC8D5

Generic PUP.x!308A6FCACC4A

Generic PUP.x!3954FC148F61

iBryte!907AA4F594F5

Downloader.gen.a!33CBD18917DF

PUP-FLN!90746C879E96

PUP-FLN!906C07C07175

RDN/Generic Downloader.x!la!121ECBD3DE9F

RDN/Generic PUP.x!cnt!28F4A167AD8A

Generic PUP.x!30C0F778F48D

RDN/Generic BackDoor!zz!3884ED3E06E0

RDN/Generic.bfr!hs!23BDAE8EB2CD

iBryte!906F27C124BD

RDN/Generic BackDoor!zz!D9106D08BC03

BackDoor-FAUP!B1321B21E39D

PUP-FMK!907B46ADFBA0

RDN/Generic BackDoor!zz!DE8EFCC8DBFD

RDN/Generic.dx!dfv!6C6D287996D0

RDN/Generic BackDoor!zz!C850FD8E8008

RDN/Generic.dx!dfv!24C1CA47B4BC

PUP-FHQ!906C4600EF41

Generic PUP.x!3910D13767F7

RDN/Generic BackDoor!zz!7C00386DDA8C

Generic PUP.x!A411D1377230

Generic PUP.x!15FBF03A282A

Phishing

USAA

26th September 2014

USAA ACCESS

NATWEST

25th September 2014

Activate Your Natwest Account

Paypal Service

25th September 2014

YOUR ACCOUNT WILL BE LIMITED ,
UNTIL WE HERE FROM YOU .TO
UPDATE YOUR INFO

Vulnerebility

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-09-26
http://www.securityfocus.com/bid/70116

EMC AlphaStor Format String and Command Injection Vulnerabilities
2014-09-26
http://www.securityfocus.com/bid/57472

GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2014-09-26
http://www.securityfocus.com/bid/70137

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-26
http://www.securityfocus.com/bid/70103

Cart Engine Multiple Security Vulnerabilities
2014-09-26
http://www.securityfocus.com/bid/69841

HAProxy Multiple Buffer Overflow Vulnerabilities
2014-09-26
http://www.securityfocus.com/bid/69690

Microsoft Internet Explorer CVE-2014-4067 Remote Memory Corruption Vulnerability
2014-09-26
http://www.securityfocus.com/bid/69134

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-26
http://www.securityfocus.com/bid/69742

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-26
http://www.securityfocus.com/bid/69748

Wireshark SES Dissector CVE-2014-6428 Remote Denial of Service Vulnerability
2014-09-26
http://www.securityfocus.com/bid/69865

Wireshark MEGACO Dissector CVE-2014-6423 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69860

Wireshark Sniffer File CVE-2014-6431 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69858

Wireshark Netflow Dissector CVE-2014-6424 Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69862

Wireshark RTSP Dissector CVE-2014-6427 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69861

Wireshark Sniffer File CVE-2014-6432 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69859

Wireshark Sniffer File Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69853

Wireshark RTP Dissector CVE-2014-6422 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69856

Wireshark RTP Dissector CVE-2014-6421 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69855

Wireshark Sniffer File CVE-2014-6430 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69857

Python 'bufferobject.c' Integer Overflow Vulnerability
2014-09-25
http://www.securityfocus.com/bid/70089

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69573

Moodle Quiz CVE-2014-3545 Remote Code Execution Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68774

Moodle Shibboleth Plugin CVE-2014-3552 Authentication Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68780

Moodle Repositories CVE-2014-3541 PHP Code Injection Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68778

Moodle CVE-2014-3543 XML External Entity Information Disclosure Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68755

Moodle CVE-2014-3546 Multiple Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/68773

Moodle CVE-2014-3547 Cross Site Scripting Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68758

Moodle CVE-2014-3548 Multiple Cross Site Scripting Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/68766

Moodle Forum CVE-2014-3553 Unauthorized Access Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68772

Moodle CVE-2014-3544 Cross Site Scripting Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68756

Exploit

 

25.9.2014

Bugtraq

 

Malware

Generic PUP.x!3468D6469DD2

Generic PUP.x!33C02FB82FB5

Generic PUP.x!32BDB8F8FF95

Generic PUP.x!7E7975B5AA06

Generic PUP.x!3278E7102DF9

RDN/Generic PUP.x!6EB51997FFF9

RDN/Generic PUP.x!cnq!D024EF258852

RDN/Downloader.a!ti!AA876C064952

RDN/Generic PUP.x!cnq!2EF7525B77AC

RDN/Generic PUP.x!cnq!0AFBDF6DB9BD

RDN/Generic Downloader.x!la!348C8E09F697

RDN/Downloader.a!ti!AFD76B7814B1

Downloader.gen.a!368782188826

Generic PUP.x!B7489C30E26D

Generic PUP.x!2F7DA9AB1BFD

Generic PUP.x!24989C3CC516

RDN/Generic PUP.x!cnq!D3626ECF7C78

RDN/Generic PUP.x!cnq!2C8F941AC167

Generic PUP.x!35571782C2AF

RDN/Generic PUP.x!cnq!BB215EA77B06

Generic PUP.x!30F6B93F22F1

RDN/Generic.bfr!28CB746C4BD5

Generic PUP.x!2F6DBB3760B2

Generic PUP.x!83B179F1BF7C

Generic PUP.x!39AC53C34C49

RDN/Generic.bfr!hs!28CB746C4BD5

RDN/Generic PUP.x!8AF35DD42ABF

Downloader.gen.a!D31AAF367077

Generic PUP.x!78F39A86F59A

RDN/Generic.bfr!hs!D0280E33A251

Phishing

Service Paypal

24th September 2014

YOUR ACCOUNT HAS BEEN LIMITED
!

Natwest Bank Plc

24th September 2014

Natwest: Review Your Message

Natwest

24th September 2014

Activate Your Natwest Account

Vulnerebility

GNU Bash Remote Stack Based Buffer Overflow Vulnerability
2014-09-25
http://www.securityfocus.com/bid/54937

GNU glibc Locale Environment Handling Directory Traversal Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68505

Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/70116

GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2014-09-25
http://www.securityfocus.com/bid/70103

Advantech WebAccess CVE-2014-2364 Multiple Remote Stack Based Buffer Overflow Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/68714

libgadu SSL Certificate Validation CVE-2013-4488 Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/63473

Net-SNMP snmptrapd CVE-2014-3565 Remote Denial of Service Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69477

phpMyAdmin Micro History Feature Cross Site Scripting Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69790

Zarafa WebAccess and WebApp Local Information Disclosure Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68247

Zarafa '/var/log/zarafa/' Directory Multiple Local Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69365

Zarafa '/etc/zarafa/license/' Directory Multiple Local Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69370

Zarafa WebAccess and WebApp Incomplete Fix Multiple Local Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69362

Zarafa WebAccess and WebApp '/tmp' Directory Multiple Local Information Disclosure Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69369

Oberhumer LZO CVE-2014-4607 Multiple Memory Corruption Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/68213

HAProxy Multiple Buffer Overflow Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/69690

Moodle '/mod/forum/view.php' Remote Information Disclosure Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69789

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/69496

Multiple Red Hat JBoss Products Local Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/65591

OpenSAML-Java ParserPool and Decrypter XML External Entity Injection Vulnerability
2014-09-25
http://www.securityfocus.com/bid/64345

HawtJNI CVE-2013-2035 Local Privilege Escalation Vulnerability
2014-09-25
http://www.securityfocus.com/bid/59876

JBoss Enterprise Application Platform Plain Text Password Local Information Disclosure Vulnerability
2014-09-25
http://www.securityfocus.com/bid/65762

JBoss Enterprise Application Platform Java Security Manager Policy Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/66596

Apache Xalan-Java Library CVE-2014-0107 Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/66397

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-09-25
http://www.securityfocus.com/bid/67899

Mozilla Firefox and Thunderbird CVE-2011-2365 Memory Corruption Vulnerability
2014-09-25
http://www.securityfocus.com/bid/48368

Mozilla Firefox and Thunderbird CVE-2011-2364 Memory Corruption Vulnerability
2014-09-25
http://www.securityfocus.com/bid/48367

Mozilla Firefox/Thunderbird/SeaMonkey Enter Key Dialog Bypass Weakness
2014-09-25
http://www.securityfocus.com/bid/49811

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-25
http://www.securityfocus.com/bid/68636

TP-LINK WDR4300 HTML Injection and Denial of Service Vulnerabilities
2014-09-25
http://www.securityfocus.com/bid/70037

Exploit

  GNU bash Environment Variable Command Injection

  Bash Environment Variables Code Injection Exploit

  EMC AlphaStor Device Manager Opcode 0x75 Command Injection

  Advantech WebAccess dvs.ocx GetColor Buffer Overflow

  Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities

  OsClass 3.4.1 (index.php, file param) - Local File Inclusion

  Cart Engine 3.0 - Multiple Vulnerabilities

24.9.2014

Bugtraq

Glype proxy local address filter bypass 2014-09-22
Securify B.V. (lists securify nl)

[security bulletin] HPSBPI03107 rev.1 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access 2014-09-22
security-alert hp com

Glype proxy privacy settings can be disabled via CSRF 2014-09-22
Securify B.V. (lists securify nl)

Glype proxy cookie jar path traversal allows code execution 2014-09-22
Securify B.V. (lists securify nl)

[ MDVSA-2014:180 ] gnupg 2014-09-22
security mandriva com

Malware

PUP-FNL!552FE7216F70

RDN/Generic.bfr!8A512B7C74BA

RDN/Generic PUP.x!cnp!B2968A96A192

RDN/Generic PUP.x!cnp!1F4AA336D919

RDN/Generic PUP.x!cnp!05373CD3FEEE

RDN/Generic PUP.x!cnp!078A1CED3BBB

Generic PUP.x!91844DAAA314

Generic PUP.x!C51139D5C2BC

RDN/Generic PUP.x!cnp!1F692AEFA280

Generic PUP.x!2ACDF24AFD73

Generic PUP.x!14EBD47D7BC3

Generic PUP.x!DBB6B487A63A

RDN/Generic PUP.x!cnp!A3221796A439

PUP-FNL!6B49A13255BD

Generic PUP.x!2318C07CF44A

Generic.bfr!D98D7A8D0EBD

RDN/Generic PUP.x!cnp!12906963C9D3

Generic PUP.x!1FD1AAC7B928

PUP-FNL!DC039EBDF8DA

RDN/Generic BackDoor!zy!B62ED9989323

PUP-FNL!C454FB97340A

PUP-FNL!AF3C031AB9D2

RDN/Generic PUP.x!cnp!2E76503C2D31

Generic PUP.x!E4C3A651968A

Generic PUP.x!8C3B6DFC4142

Generic PUP.x!75017FE64C95

Generic PUP.x!51DC408CBA6B

Generic PUP.x!5ABF1DDF15C3

RDN/Generic PUP.x!cnp!94F1341D575D

RDN/Generic PUP.x!cnp!34B51CFE1CDE

Phishing

iTunes

23rd September 2014

ITUNES ACCOUNT WAS BEEN FROZEN

Pay.Pal Inc

23rd September 2014

YOUR ACCOUNT IS NOW LOCKED,
YOU HAVE TO UPDATE YOUR
INFORMATION

Vulnerebility

Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2014-09-24
http://www.securityfocus.com/bid/69428

Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2014-09-24
http://www.securityfocus.com/bid/69396

Linux Kernel SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-09-24
http://www.securityfocus.com/bid/68881

Linux Kernel KVM 'virt/kvm/iommu.c' Denial of Service Vulnerability
2014-09-24
http://www.securityfocus.com/bid/69489

IBM Embedded WebSphere Application Server CVE-2014-3020 Local Privilege Escalation Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69034

Multiple Huawei Products 'eSap' Platform Remote Heap Buffer Overflow Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/68130

Google Chrome CVE-2014-3172 Unspecified Security Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69401

Mozilla Firefox/Thunderbird/SeaMonkey XUL Tree Item Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/39123

Google Chrome Multiple Unspecified Remote Code Execution Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/69404

Mozilla Firefox CVE-2010-0174 Multiple Remote Memory Corruption Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/39122

Google Chrome CVE-2014-3168 Use After Free Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69398

Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/32281

Mozilla Firefox/Thunderbird/SeaMonkey 'optgroup' XUL Tree Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/39128

Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/41872

Mozilla Firefox/Thunderbird/SeaMonkey 'nsIContentPolicy' Security Bypass Vulnerability
2014-09-23
http://www.securityfocus.com/bid/39479

Mozilla Firefox Cross Document DOM Node Movement Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/38952

Google Chrome CVE-2014-3173 Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69403

Google Chrome CVE-2014-3174 Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69407

Google Chrome CVE-2014-3170 Extension Permission Dialog Spoofing Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69400

Mozilla Firefox CVE-2010-0173 Multiple Remote Memory Corruption Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/39125

Google Chrome CVE-2014-3171 Use After Free Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69406

Mozilla Firefox CVE-2010-0159 Multiple Remote Memory Corruption Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/38286

Google Chrome CVE-2014-3169 Use After Free Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69405

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
2014-09-23
http://www.securityfocus.com/bid/36935

Mozilla Firefox/Thunderbird/SeaMonkey HTML Parser Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/38287

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/33990

Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/33827

Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/32882

Mozilla SeaMonkey/Thunderbird Newsgroup Cancel Message Handling Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/31411

Mozilla Firefox/SeaMonkey/Thunderbird Multiple Remote Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/31346

Exploit

  ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure

  Onlineon E-Ticaret Database Disclosure Exploit

  Joomla Face Gallery 1.0 - Multiple vulnerabilities

  Joomla Mac Gallery 1.5 - Arbitrary File Download

  LittleSite 0.1 'file' Parameter Local File Include Vulnerability

  WS10 Data Server SCADA Exploit Overflow PoC

23.9.2014

Bugtraq

 

Malware

PUP-FHQ!82BFF84ECB4C

Generic PUP.x!F4A939528BAB

Generic PUP.x!FB1D2B5DD44E

Generic PUP.x!DF78B204FB36

Generic PUP.x!A1C6D3E7287C

Generic PUP.x!F8E16FF43E7E

Generic PUP.x!12C32FCC2CD5

Generic PUP.x!485B7F1245AE

Generic PUP.x!BC41DB953C0B

Generic.bfr!D5A6C41B68CE

Generic PUP.x!0D2EB688E0A9

Generic PUP.x!E958BABC09C3

Generic PUP.x!EADA679A8295

Generic PUP.x!24AFFD286FDB

Generic PUP.x!BD125AF56CFA

Generic PUP.x!0296C3D5442B

Generic PUP.x!D38C567B76F6

Generic PUP.x!51099C6B531A

Generic PUP.x!E5CDEBA015E8

RDN/Generic BackDoor!zx!E46AC2E58EE7

Midia!82BFC5AE6B91

Generic PUP.x!F2735C2ED6E8

Generic PUP.x!D2DECF423B5D

Generic PUP.x!E4BAF2D51993

Generic PUP.x!E19CAB882805

Generic PUP.x!DF064BFFEBE6

Generic.dx!59A8E0740021

Generic PUP.x!DECBA8C6F115

Generic PUP.x!DE0D023DB797

Generic PUP.x!ED5B8B65DA66

Phishing

Pay.Pal Inc

23rd September 2014

YOUR ACCOUNT IS NOW LOCKED,
YOU HAVE TO UPDATE YOUR
INFORMATION

Apple Support

22nd September 2014

WARNING ACCOUNT DISABLED

Vulnerebility

srvx Multiple Denial of Service Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/69454

D-Bus CVE-2014-3638 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69833

D-Bus CVE-2014-3636 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69834

D-Bus CVE-2014-3639 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69832

D-Bus CVE-2014-3635 Local Heap Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69831

D-Bus CVE-2014-3637 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69829

nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2014-09-23
http://www.securityfocus.com/bid/70025

RETIRED: Apple iOS Prior to iOS 8 and TV Prior to TV 7 Multiple Vulnerabilities
2014-09-23
http://www.securityfocus.com/bid/69882

Apple Mac OS X CVE-2014-4350 Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69908

Apache Struts 'includeParams' CVE-2013-1966 Security Bypass Vulnerability
2014-09-23
http://www.securityfocus.com/bid/60166

Adobe Acrobat and Reader CVE-2013-2730 Remote Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/59923

Kolibri CVE-2014-4158 Stack Based Buffer Overflow Vulnerability
2014-09-23
http://www.securityfocus.com/bid/68195

libgcrypt Elgamal Encryption Subkeys Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69164

Openfiler 'Hostname' Field Arbitrary Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67383

Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69907

Lua 'ldo.c' Remote Code Execution Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69342

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69453

Multiple Aztech Modem Routers Session Hijacking Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69811

Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69809

Aztech Modem Routers Information Disclosure Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69808

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67899

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67900

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67901

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/67898

OpenSSL CVE-2014-0076 Information Disclosure Weakness
2014-09-23
http://www.securityfocus.com/bid/66363

Squid 'src/icmp/Icmp4.cc' Remote Denial of Service Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69688

Google Android Browser CVE-2014-6041 Same Origin Policy Security Bypass Vulnerability
2014-09-23
http://www.securityfocus.com/bid/69548

Apple Mac OS X and iOS CVE-2014-4374 XML External Entity Information Disclosure Vulnerability
2014-09-22
http://www.securityfocus.com/bid/69905

Linux Kernel 'SMB2_tcon' NULL Pointer Dereference Denial of Service Vulnerability
2014-09-22
http://www.securityfocus.com/bid/69867

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-09-22
http://www.securityfocus.com/bid/69183

Exploit

LittleSite 0.1 'file' Parameter Local File Include Vulnerability

22.9.2014

Bugtraq

TP-LINK WDR4300 - Stored XSS & DoS 2014-09-21
ozelisyan gmail com

Strength and Weakness of Methods to Confirm SSH Host Key 2014-09-22
John Leo (johnleo checkssh com)

[SECURITY] [DSA 3030-1] mantis security update 2014-09-20
Moritz Muehlenhoff (jmm debian org)

CVE-2014-5516 CSRF protection bypass in "KonaKart" Java eCommerce product 2014-09-20
Christian Schneider (mail Christian-Schneider net)

[SECURITY] [DSA 3029-1] nginx security update 2014-09-20
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3025-2] apt regression update 2014-09-18
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!D439688CE220

Generic PUP.x!925229B36035

Generic PUP.x!48834C474B72

Generic PUP.x!6F018DA23DEA

Generic PUP.x!E9EE75D24D52

RDN/Generic PUP.x!cnn!B39BB440970E

RDN/Generic PUP.x!25E66595D9E1

Generic PUP.x!59FB3C30596B

RDN/Generic PUP.x!88CAC4302C68

Generic PUP.x!57A374F328BF

Generic PUP.x!590C4AB489CB

Generic PUP.x!0CCA3A6CC33A

Generic PUP.x!42EF3656EC27

RDN/Generic PUP.x!CAAF2948A411

RDN/Generic PUP.x!F61631C712F4

RDN/Generic PUP.x!D170B2F5A2D3

RDN/Generic PUP.x!4179CB2002A0

Downloader.gen.a!4AE9451E802C

Generic PUP.x!A44822C0E471

RDN/Generic PUP.x!49F2A6088C1D

RDN/Generic PUP.x!6784B4CB9855

RDN/Generic PUP.x!F6E74DB6C0A6

RDN/Generic PUP.x!BDAAB6F0049C

Generic PUP.x!D95B00D5F264

Generic PUP.x!96265C3AC125

Generic PUP.x!571DB3DF3159

iBryte!81D46AA9E72C

RDN/Generic.bfr!hs!1AF343800DAF

RDN/Generic PUP.x!21D4307440AF

RDN/Generic.dx!dfq!9F8138C7A436

Phishing

Pay.Pal Inc

22nd September 2014

YOUR ACCOUNT IS NOW LOCKED,
YOU HAVE TO UPDATE YOUR
INFORMATION

USAA

21st September 2014

Important Message from USAA
Online Security

PayPal

20th September 2014

Your Account is Limited

Vulnerebility

Multiple IBM DB2 Products CVE-2012-4826 Remote Stack Buffer Overflow Vulnerability
2014-09-21
http://www.securityfocus.com/bid/56133

IBM DB2 and DB2 Connect CVE-2013-4033 Multiple Unauthorized Access Vulnerabilities
2014-09-21
http://www.securityfocus.com/bid/62018

IBM DB2 and DB2 Connect CVE-2013-5466 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/64334

IBM DB2 Multiple File Disclosure Security Bypass and Stack Buffer Overflow Vulnerabilities
2014-09-21
http://www.securityfocus.com/bid/54487

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68624

Fortinet FortiOS CVE-2014-2216 Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69338

Fortinet FortiOS CVE-2014-0351 Man in the Middle Information Disclosure Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69754

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68636

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69082

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69081

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69076

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69075

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68632

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-09-21
http://www.securityfocus.com/bid/68599

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69799

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-21
http://www.securityfocus.com/bid/65930

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69084

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69647

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-09-21
http://www.securityfocus.com/bid/69648

Exploit

 

20.9.2014

Bugtraq

 

Malware

RDN/Generic Downloader.x!kz!051398B2779B

RDN/Generic PUP.x!cnk!CC7F9174424A

RDN/Generic PWS.y!bbd!8EF2750F6F44

Generic PUP.x!9F63F8ECBC6A

RDN/Generic.bfr!2D3F3CE26704

RDN/Generic PUP.x!cnk!292ADFCDAA72

Generic PUP.x!F1F61C7761A1

Generic PUP.x!9269FC12E583

Generic PUP.x!8E2B99EDF1AC

Generic PUP.x!8EB05008256E

Generic PUP.x!7B0F2EAB0471

RDN/Generic PUP.x!cnk!1B798BF0B147

RDN/Generic PUP.x!509FDA5C4E8E

Generic FakeAlert!8F6616BAFCD3

RDN/Generic PUP.x!cnk!AF573CDAF35F

RDN/Generic PUP.x!cnk!5C576AA08513

RDN/Generic PUP.x!cnk!76B470619E75

RDN/Generic PUP.x!cnk!AC159211F2F4

RDN/Generic PUP.x!cnk!3D4453209870

RDN/Generic PUP.x!cnk!A2AF95FBF814

RDN/Generic PUP.x!cnk!B9DBB78E13A7

RDN/Downloader.a!tf!BE675036180E

Generic PUP.x!8A9D1BDBD202

RDN/Spybot.bfr!75B706655E26

Generic.dx!7C4817BBDFAC

RDN/Generic PUP.x!cnk!1EFF4C17A151

RDN/Generic PUP.x!cnk!9B748984F16E

RDN/Generic.bfr!hs!C5B3A9C7CE43

RDN/Generic PUP.x!cnk!215D2E0FCE7E

RDN/Generic PUP.x!cnk!F6E85D095C47

Phishing

Lloyds Bank Lloyds+Tb6eUqG@smt

19th September 2014

ALERT - ONLINE BANKING
SUSPENDED

Pay.Pal Inc

19th September 2014

YOUR ACCOUNT IS NOW LOCKED,
YOU HAVE TO UPDATE YOUR
INFORMATION

Vulnerebility

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68583

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68632

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69183

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68599

Linux Kernel 'fs/udf/inode.c' Local Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69799

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-20
http://www.securityfocus.com/bid/65930

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69084

Apache POI OpenXML parser CVE-2014-3529 XML External Entity Information Disclosure Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69647

Apache POI CVE-2014-3574 Denial Of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69648

PolicyKit Local Privilege Escalation Vulnerability
2014-09-20
http://www.securityfocus.com/bid/68771

LibYAML 'yaml_parser_scan_uri_escapes()' Function Remote Heap Based Buffer Overflow Vulnerability
2014-09-20
http://www.securityfocus.com/bid/66478

Review Board CVE-2013-4519 Multiple HTML Injection Vulnerabilities
2014-09-20
http://www.securityfocus.com/bid/63601

Review Board CVE-2013-4410 Access Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/63022

Linux Kernel PicoLCD HID Device Driver Buffer Overflow Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69763

Review Board CVE-2013-4411 Remote Security Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/63023

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69083

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69079

HAProxy Multiple Buffer Overflow Vulnerabilities
2014-09-20
http://www.securityfocus.com/bid/69690

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69075

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69077

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69078

PowerDNS Recursor CVE-2014-3614 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69778

Libxml2 Entity Substituton CVE-2014-0191 Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/67233

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69453

Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2014-09-20
http://www.securityfocus.com/bid/59877

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69748

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-20
http://www.securityfocus.com/bid/69742

Exploit

  Livefyre LiveComments Plugin - Stored XSS

  ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities

  Seafile-server <= 3.1.5 - Remote DoS

19.9.2014

Bugtraq

[SECURITY] [DSA 3025-2] apt regression update 2014-09-18
Salvatore Bonaccorso (carnil debian org)

AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations 2014-09-18
Asterisk Security Team (security asterisk org)

AST-2014-009: Remote crash based on malformed SIP subscription requests 2014-09-18
Asterisk Security Team (security asterisk org)

CVE ID Syntax Change - Deadline Approaching 2014-09-18
Christey, Steven M. (coley mitre org)

Oracle Corporation MyOracle - Persistent Vulnerability 2014-09-18
Vulnerability Lab (research vulnerability-lab com)

Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw 2014-09-18
VSR Advisories (advisories vsecurity com)

APPLE-SA-2014-09-17-6 OS X Server 2.2.3 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-5 OS X Server 3.2.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

CVE ID Syntax Change - Deadline Approaching 2014-09-17
Christey, Steven M. (coley mitre org)

APPLE-SA-2014-09-17-7 Xcode 6.0.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw 2014-09-18
VSR Advisories (advisories vsecurity com)

[SECURITY] [DSA 3028-1] icedove security update 2014-09-17
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!AED7DFEE2A8B

PUP-FHQ!7A32C39C9A9F

PUP-FLN!7A32BCD1CD27

Generic PUP.x!B085222EE39E

RDN/Generic.bfr!hs!E6A20314BA60

Generic PUP.x!B2C2EAA83DB4

PUP-FLN!7A337591D7F0

PUP-FMK!7A35C40359E2

Generic PUP.x!DB21D969ED37

Generic PUP.x!CEA79BCA12DD

PUP-FHQ!7A3765171F03

RDN/Generic PUP.x!cnj!7A2C812979A5

Generic PUP.x!A748C4C95DC6

RDN/Generic PUP.x!cnj!A66C66E0EF9C

PUP-FLT!7A2A2210D2BB

Adware-FMV!7A2DC38FC4A7

PUP-FMU!7A2FA7E92D5C

PUP-FLN!7A2A183605D3

CryptInno!7A2E492920C6

Generic PUP.x!AE0D0D4CC7EE

PUP-FHQ!7A2A225CF57B

CryptInno!7A31316FBFDA

PUP-FLN!7A2CEEA63FE1

RDN/Generic.dx!df3!A6758AF75CE9

Downloader.gen.a!7A3005896DB2

PUP-FHQ!7A2C8649F77A

Generic PWS.y!E8C264C6A0A3

Generic PUP.x!A7C7E87AEFA2

Generic PUP.x!A0215F17B19B

Generic PUP.x!AE0945C07F3A

Phishing

PayPal

18th September 2014

*** CACTUS *** You have added
keithsandland@hotmail.com as a
new email address for your
PayPal account.

PayPal

18th September 2014

Notice Of Paypal.

RBC

18th September 2014

RBC Royal Bank Online Banking
Important Service Message

iTunes

18th September 2014

ITUNES ACCOUNT WAS BEEN FROZEN

Lloyds Bank

17th September 2014

Online Banking and Access
services!

CHARLES FEENEY

17th September 2014

Cancelled: Your Donation From
Mr Charles Feeney

Vulnerebility

apt CVE-2014-0489 Security Bypass Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69835

apt CVE-2014-0490 Security Bypass Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69837

apt CVE-2014-0488 Security Bypass Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69838

apt CVE-2014-0487 Security Bypass Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69836

Multiple Apple Products CVE-2014-4377 PDF Handling Integer Overflow Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69903

Apache Subversion 'mod_dav_svn' Module SVNListParentPath Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/65434

Apple QuickTime 'mvhd' Atom Heap Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68852

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69520

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68007

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68239

PHP '/tmp/phpglibccheck' Symlink Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67837

PHP unserialize() Function Type Confusion Security Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68237

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-19
http://www.securityfocus.com/bid/69519

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68120

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68238

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component Out of Bounds Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/66002

PHP Fileinfo Component Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/66406

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67759

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67765

File Utility CVE-2014-1943 Remote Code Execution Vulnerability
2014-09-19
http://www.securityfocus.com/bid/65596

PHP FPM 'php-fpm.conf.in' Local Privilege Escalation Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67118

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68243

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/68909

MIT Kerberos 5 CVE-2013-6800 Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/63770

MIT Kerberos 5 CVE-2014-4344 NULL Pointer Dereference Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69160

MIT Kerberos 5 'setup_server_realm()' Function CVE-2013-1418 Remote Denial of Service Vulnerability
2014-09-19
http://www.securityfocus.com/bid/63555

Apple Mac OS X CVE-2014-1391 Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69907

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-09-19
http://www.securityfocus.com/bid/67975

MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2014-09-19
http://www.securityfocus.com/bid/69168

Exploit

 

18.9.2014

Bugtraq

APPLE-SA-2014-09-17-2 Apple TV 7 2014-09-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-1 iOS 8 2014-09-17
Apple Product Security (product-security-noreply lists apple com)

Reflected Cross-Site Scripting (XSS) in MODX Revolution 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)

Path Traversal in webEdition 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)

MIUI Torch Open Vulnerability 2014-09-17
vuln nipc org cn

MIUI Wifi Connection Message Vulnerability 2014-09-17
vuln nipc org cn

Android Bluetooth Pairing Packet Processing Vulnerability(by wangzq from NCNIPC) 2014-09-17
vuln nipc org cn

[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow 2014-09-16
CORE Advisories Team (advisories coresecurity com)

[SECURITY] [DSA 3026-1] dbus security update 2014-09-16
Florian Weimer (fw deneb enyo de)

Malware

RDN/Generic PUP.x!cn3!58C96A11A5CB

Generic PUP.x!665D2AAE1E68

Generic.dx!E47728BC565E

Generic PUP.x!6F6CBB84AB91

Generic PUP.x!8BF4F84BAD1E

RDN/Generic PUP.x!cn3!ADD69D263EBE

RDN/Generic.grp!ho!391552FB8DE3

RDN/Generic.dx!dfn!6DECE7153719

RDN/Generic PUP.x!F48A9E2E29DC

RDN/Generic PWS.y!bbc!BD14D6DDE5EC

Generic PUP.x!AFA5DDA9B121

Generic PUP.x!CAA0F461CBEE

Generic PUP.x!411EF0A9B3C8

Generic.dx!195AC2F45DAC

RDN/Generic.dx!dfn!C4092AAB953A

RDN/Generic Dropper!vf!DDF7D1D8DDC8

Generic PUP.x!19279EACA7BF

Generic.dx!EC72881CD5F5

Generic PUP.x!82F819FD9E80

Generic PUP.x!D215562F1BDE

RDN/Downloader.a!te!1F624863074C

Generic.dx!263462C1F047

Generic PUP.x!C9CDE4EDA526

Generic PUP.x!5EA7475A199B

Generic PUP.x!FD88CFE7FA9D

Generic PUP.x!ADFFB9660FB4

Generic PUP.x!AC985F2FF9E5

Generic PUP.x!45DC19395B0C

RDN/Downloader.a!te!A95B471641AC

RDN/Generic.dx!dfn!A08089BB48B9

Phishing

Lloyds Bank

17th September 2014

Online Banking and Access
services!

CHARLES FEENEY

17th September 2014

Cancelled: Your Donation From
Mr Charles Feeney

PayPal

17th September 2014

Your Account is Limited

Vulnerebility

ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
2014-09-18
http://www.securityfocus.com/bid/61479

ISC BIND NSEC3 Signed Zones Queries Handling Remote Denial of Service Vulnerability
2014-09-18
http://www.securityfocus.com/bid/64801

ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
2014-09-18
http://www.securityfocus.com/bid/58736

GNU Automake Local Arbitrary Code Execution Vulnerability
2014-09-18
http://www.securityfocus.com/bid/54418

Mozilla Firefox CVE-2011-0062 Multiple Unspecified Memory Corruption Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/46647

Mozilla Firefox 3.5/3.6 Remote Heap Buffer Overflow Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44425

Mozilla Firefox SeaMonkey Thunderbird Modal Calls Cross Domain Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44252

Mozilla Firefox SeaMonkey and Thunderbird 'document.write' Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44247

Mozilla Firefox SeaMonkey and Thunderbird 'nsBarProp' Use-After-Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44248

Mozilla Firefox and Thunderbird CVE-2010-3175 Multiple Memory-Corruption Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/44245

Mozilla Firefox SeaMonkey and Thunderbird 'LookupGetterOrSetter' Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/44249

WebKit APPLE-SA-2014-08-13-1 Multiple Unspecified Memory Corruption Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/69223

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/65930

Apple iOS Prior to 7.1.2 Multiple Security Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/68276

Apple iPhone/iPad/iPod touch Prior to iOS 7 CVE-2011-2391 Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/62531

Apple Safari CVE-2013-5227 Multiple Cross Origin Information Disclosure Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/64355

Apple iOS 'facetime-audio://' Security Bypass Vulnerability
2014-09-17
http://www.securityfocus.com/bid/66108

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-17
http://www.securityfocus.com/bid/68624

Mozilla Firefox/Thunderbird/SeaMonkey Use-After-Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47655

Mozilla Firefox/Thunderbird/SeaMonkey Cross-Domain JavaScript Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47656

Mozilla Firefox/Thunderbird/SeaMonkey Double Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47654

Mozilla Firefox/Thunderbird/SeaMonkey Out-Of-Memory Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47651

Mozilla Firefox/Thunderbird/SeaMonkey HTML Content (CVE-2011-0081) Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47653

Mozilla Firefox/Thunderbird/SeaMonkey HTML Frameset Tag Interger Overflow Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47648

Mozilla Firefox/Thunderbird/SeaMonkey HTML Iframe Tag Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47647

Mozilla Firefox/Thunderbird/SeaMonkey HTML Content Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47641

Mozilla Firefox/Thunderbird/SeaMonkey Marquee Elements Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/47646

Mozilla Firefox and Thunderbird JPEG Image Decoding Buffer Overflow Vulnerability
2014-09-17
http://www.securityfocus.com/bid/46651

Mozilla Firefox/Thunderbird/SeaMonkey OS Font Code Multiple Unspecified Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/45352

Mozilla Firefox SeaMonkey and Thunderbird CVE-2011-0053 Multiple Memory Corruption Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/46645

Exploit

 

17.9.2014

Bugtraq

ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities 2014-09-15
Security Alert (Security_Alert emc com)

Briefcase 4.0 iOS - Code Execution & File Include Vulnerability 2014-09-15
Vulnerability Lab (research vulnerability-lab com)

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

Malware

RDN/Generic BackDoor!zv!8272BC2F7AF3

Generic PUP.x!A4704DDDE8AE

RDN/Generic.dx!dfm!821A74834EF9

RDN/Generic PUP.x!cnh!96E7D4ABBADD

Generic PUP.x!3897DF2D2C7F

Generic PUP.x!DC6BEBB5F116

Generic PUP.x!E5ACAEE4C1E1

Generic PUP.x!3CD4BD278374

RDN/Generic PUP.x!cnh!BE70C05C0CE7

Generic PUP.x!CD11D3B276B0

Generic PUP.x!A2883DF89E60

Downloader.gen.a!814CE9BACA4F

Generic PUP.x!802D74E70A9F

Generic PUP.x!531AF24AA92D

RDN/Generic PUP.z!ef!7F2806FAC96E

RDN/Generic PUP.x!cnh!9943E3E6D98C

RDN/Generic.dx!dfm!BBD25A3C7642

Generic PUP.x!0E44F1290C41

Generic PUP.x!BB689D659B01

Generic PUP.x!16CE94CEEB77

Generic PUP.z!ACAA32B9999C

RDN/Downloader.a!te!C7C15C6B0DA3

Generic PUP.x!A2CC9ED7B918

Generic PUP.x!92C9B258E27D

Generic Downloader.x!0697E8A6F7B0

Generic PUP.x!2204DF30BA87

Generic PUP.x!2325974A9FC0

RDN/Generic.tfr!ed!B5D2ADD73496

Generic PUP.x!878FFA6889CC

Generic PUP.x!1ED0CC752A82

Phishing

 

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4212 Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/56630

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3963 Use-After-Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/55340

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-4195 Cross Site Scripting Vulnerability
2014-09-17
http://www.securityfocus.com/bid/56302

Linux Kernel SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/68881

Linux Kernel 'sctp_association_free()' Function Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/68224

Linux Kernel 'control.c' File Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/68164

Linux Kernel Multiple Local Security Bypass Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/68162

Linux Kernel 'net/x25/af_x25.c' Local Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/64746

Linux Kernel 'net/packet/af_packet.c' Local Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/64744

Linux Kernel 'filter.c' CVE-2014-3145 Local Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/67321

Linux Kernel 'filter.c' CVE-2014-3144 Multiple Local Denial of Service Vulnerabilities
2014-09-17
http://www.securityfocus.com/bid/67309

Linux Kernel 'net/netrom/af_netrom.c' Local Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/64742

Linux Kernel 'skbuff.c' Local Denial of Service Vulnerability
2014-09-17
http://www.securityfocus.com/bid/61411

Mozilla Firefox/Thunderbird/SeaMonkey 'cairo-dwrite' CVE-2012-0472 Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/53218

Mozilla Firefox and Thunderbird CVE-2013-1678 Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59864

Mozilla Firefox and Thunderbird CVE-2013-1677 Out of Bounds Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59868

Mozilla Firefox and Thunderbird CVE-2013-1670 Cross Site Scripting Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59865

Mozilla Firefox and Thunderbird CVE-2013-1669 Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59870

Mozilla Firefox and Thunderbird CVE-2013-1676 Out of Bounds Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59863

Mozilla Firefox and Thunderbird CVE-2013-1679 Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59860

Mozilla Firefox/Thunderbird CVE-2013-1674 Remote Code Execution Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59859

Mozilla Firefox and Thunderbird CVE-2013-1680 Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59861

Mozilla Firefox and Thunderbird CVE-2013-1681 Use After Free Memory Corruption Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59862

Mozilla Firefox and Thunderbird CVE-2013-1675 Information Disclosure Vulnerability
2014-09-17
http://www.securityfocus.com/bid/59858

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0787 Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/58391

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0743 Security Bypass Vulnerability
2014-09-16
http://www.securityfocus.com/bid/57258

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2013-0793 Cross Site Scripting Vulnerability
2014-09-16
http://www.securityfocus.com/bid/58837

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5838 Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/56644

Mozilla Firefox CVE-2012-5837 Developer Toolbar Cross Site Scripting Vulnerability
2014-09-16
http://www.securityfocus.com/bid/56645

Mozilla Firefox and Thunderbird CVE-2013-0801 Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/59855

Exploit

 

16.9.2014

Bugtraq

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12
security-alert hp com

Malware

RDN/Generic.dx!dfl!C69B8E544EFE

RDN/Generic.dx!dfl!5D3DB0AA7A2E

RDN/Generic.dx!2C236C4B74C6

RDN/Generic.bfr!1A310E3E244F

Generic.dx!8832F4174341

Generic.dx!462DC2BD7689

Generic PUP.x!64675FD51FEE

Generic.dx!4EC01698A065

Generic PUP.x!1216AD9C1078

RDN/Generic StartPage!ca!51F50B63C13E

RDN/Downloader.gen.a!CCFF60F97184

Generic.tfr!AD0A8D81BAC8

RDN/Generic.gl!c!3654BE75A01F

RDN/Generic.hra!51ABB9AE4459

RDN/Generic.bfr!hq!CFEE47AA1A9F

RDN/Downloader.a!td!E61A3AE3C085

RDN/Generic.bfr!hr!CF0548D403BA

RDN/Generic PUP.x!cn3!82FA9D7519E7

Generic PUP.x!C077FB333F0E

RDN/Generic PUP.x!FD20628E5E6D

Generic.dx!DF7B8354F9A7

RDN/Generic PWS.y!bbb!C13641644F2A

RDN/Generic.dx!dfl!C4AD71141FA4

Generic PUP.z!5D3C6616C285

RDN/Generic Qhost!l!D3116C744237

Generic PUP.x!EF65EBF4F679

RDN/Generic StartPage!ca!5CD92665174E

RDN/Generic.bfr!hq!AEF0DAD8DC39

RDN/Generic.dx!dfl!C602737100D8

RDN/Generic StartPage!ca!575D72BAD814

Phishing

 

Vulnerebility

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1967 Privilege Escalation Vulnerability
2014-09-16
http://www.securityfocus.com/bid/54573

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1958 Use-After-Free Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/54574

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1960 Out of Bounds Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/54572

Mozilla Firefox/Thunderbird/SeaMonkey '.lnk' Files Information Disclosure Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53799

Mozilla Firefox/Thunderbird/SeaMonkey Use-After-Free Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53792

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1941 Heap Buffer Overflow Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53793

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1947 Heap Buffer Overflow Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53791

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1937 Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/53800

Mozilla Firefox/Thunderbird/SeaMonkey CSP's Inline-Script Blocking Feature Security Bypass Weakness
2014-09-16
http://www.securityfocus.com/bid/53801

Plone and Zope Multiple Remote Security Vulnerabilities
2014-09-16
http://www.securityfocus.com/bid/56341

Mozilla Firefox SeaMonkey and Thunderbird MFSA 2010-49 Multiple Memory-Corruption Vulnerabilities
2014-09-16
http://www.securityfocus.com/bid/43118

Multiple Mozilla Products 'XMLHttpRequest' Cross Domain Information Disclosure Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43104

Mozilla Firefox, Thunderbird, and SeaMonkey HTML Frameset Element Integer Overflow Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43095

Mozilla Firefox, Thunderbird, and SeaMonkey 'normalizeDocument' Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43100

Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41853

Multiple Browser Wild Card Certificate Spoofing Vulnerability
2014-09-16
http://www.securityfocus.com/bid/42817

Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeContentView' Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43097

Mozilla Firefox, Thunderbird, and SeaMonkey UTF-7 Charset Cross Site Scripting Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43101

Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41871

Mozilla Firefox and Thunderbird 'XPCSafeJSObjectWrapper' Chrome Privilege Escalation Vulnerability
2014-09-16
http://www.securityfocus.com/bid/43092

Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1212 Remote Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41865

Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1211 Remote Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41859

Mozilla Firefox and SeaMonkey CVE-2013-6672 Information Disclosure Vulnerability
2014-09-16
http://www.securityfocus.com/bid/64210

Mozilla Network Security Services CVE-2014-1492 Security Bypass Vulnerability
2014-09-16
http://www.securityfocus.com/bid/66356

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-6671 Remote Code Execution Vulnerability
2014-09-16
http://www.securityfocus.com/bid/64212

Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability
2014-09-16
http://www.securityfocus.com/bid/41852

libpng Memory Corruption and Memory Leak Vulnerabilities
2014-09-16
http://www.securityfocus.com/bid/41174

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1514 Out of Bounds Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/66240

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-1497 Out of Bounds Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/66423

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
2014-09-16
http://www.securityfocus.com/bid/67975

MantisBT Null Byte Poisoning LDAP Authentication Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69780

SolarWinds Storage Manager 'AuthenticationFilter' Class Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69438

ImageMagick PSD Image File Handling CVE-2014-1947 Remote Buffer Overflow Vulnerability
2014-09-15
http://www.securityfocus.com/bid/65683

OpenOffice CVE-2014-3575 Information Disclosure Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69354

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69742

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69748

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69496

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69573

IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69643

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69081

IBM V7000 Unified CVE-2014-4811 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69771

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1710 Arbitrary Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/61900

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2014-09-15
http://www.securityfocus.com/bid/60783

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2014-09-15
http://www.securityfocus.com/bid/62468

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/62475

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69077

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69082

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69075

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-15
http://www.securityfocus.com/bid/65930

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69078

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69083

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69079

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69084

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69076

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69520

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-15
http://www.securityfocus.com/bid/69519

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68824

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68814

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68822

OpenOffice CVE-2013-4156 Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/61468

Exploit

USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability  

Http File Server 2.3.x - Remote Command Execution

  Railo Remote File Include

  ManageEngine Eventlog Analyzer Arbitrary File Upload

  SolarWinds Storage Manager Authentication Bypass

  ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

  CacheGuard-OS 5.7.7 - CSRF Vulnerability

15.9.2014

Bugtraq

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12
security-alert hp com

Malware

RDN/Generic.dx!dfl!C69B8E544EFE

RDN/Generic.dx!dfl!5D3DB0AA7A2E

RDN/Generic.dx!2C236C4B74C6

RDN/Generic.bfr!1A310E3E244F

Generic.dx!8832F4174341

Generic.dx!462DC2BD7689

Generic PUP.x!64675FD51FEE

Generic.dx!4EC01698A065

Generic PUP.x!1216AD9C1078

RDN/Generic StartPage!ca!51F50B63C13E

RDN/Downloader.gen.a!CCFF60F97184

Generic.tfr!AD0A8D81BAC8

RDN/Generic.gl!c!3654BE75A01F

RDN/Generic.hra!51ABB9AE4459

RDN/Generic.bfr!hq!CFEE47AA1A9F

RDN/Downloader.a!td!E61A3AE3C085

RDN/Generic.bfr!hr!CF0548D403BA

RDN/Generic PUP.x!cn3!82FA9D7519E7

Generic PUP.x!C077FB333F0E

RDN/Generic PUP.x!FD20628E5E6D

Generic.dx!DF7B8354F9A7

RDN/Generic PWS.y!bbb!C13641644F2A

RDN/Generic.dx!dfl!C4AD71141FA4

Generic PUP.z!5D3C6616C285

RDN/Generic Qhost!l!D3116C744237

Generic PUP.x!EF65EBF4F679

RDN/Generic StartPage!ca!5CD92665174E

RDN/Generic.bfr!hq!AEF0DAD8DC39

RDN/Generic.dx!dfl!C602737100D8

RDN/Generic StartPage!ca!575D72BAD814

Phishing

 

Vulnerebility

MantisBT Null Byte Poisoning LDAP Authentication Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69780

SolarWinds Storage Manager 'AuthenticationFilter' Class Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69438

ImageMagick PSD Image File Handling CVE-2014-1947 Remote Buffer Overflow Vulnerability
2014-09-15
http://www.securityfocus.com/bid/65683

OpenOffice CVE-2014-3575 Information Disclosure Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69354

cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69742

cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69748

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69496

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69573

IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69643

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69081

IBM V7000 Unified CVE-2014-4811 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69771

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1710 Arbitrary Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/61900

Mozilla Firefox and Thunderbird CVE-2013-1692 Cross-Site Request Forgery Vulnerability
2014-09-15
http://www.securityfocus.com/bid/60783

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1728 Security Vulnerability
2014-09-15
http://www.securityfocus.com/bid/62468

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-1737 Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/62475

OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69077

OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69082

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69075

Google Chrome Prior to 33.0.1750.146 Multiple Security Vulnerabilities
2014-09-15
http://www.securityfocus.com/bid/65930

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69078

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69083

OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69079

OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69084

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69076

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/69520

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-15
http://www.securityfocus.com/bid/69519

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68824

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68814

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-09-15
http://www.securityfocus.com/bid/68822

OpenOffice CVE-2013-4156 Memory Corruption Vulnerability
2014-09-15
http://www.securityfocus.com/bid/61468

Exploit

  Http File Server 2.3.x - Remote Command Execution

  Railo Remote File Include

  ManageEngine Eventlog Analyzer Arbitrary File Upload

  SolarWinds Storage Manager Authentication Bypass

  ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

  CacheGuard-OS 5.7.7 - CSRF Vulnerability

12.9.2014

Bugtraq

Call for Participation: Semantic Web Business and Innovation (SWBI2015) * Switzerland 2014-09-11
jackie sdiwc info

ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

Photorange v1.0 iOS - File Include Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3021-2] file regression update 2014-09-10
Luciano Bello (luciano debian org)

[SECURITY] [DSA 3022-1] curl security update 2014-09-10
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 3020-1] acpi-support security update 2014-09-10
Raphael Geissert (geissert debian org)

[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat 2014-09-10
Mark Thomas (markt apache org)

Malware

RDN/Generic.dx!dfj!8CDECA7E38AC

RDN/Generic.dx!dfj!0BB92BEF3AD1

RDN/Generic.dx!dfj!0859FD6DFAB3

RDN/Generic PUP.x!cnb!C29FD7EA07E0

Generic.dx!9404A6065F6B

Generic PUP.x!CD12DAF786D1

Generic Downloader.x!8B56CA22AB3C

W32/Virus.gen!25ECDB78AC4D

Generic PUP.x!E3B3D44B40BC

Generic PUP.x!F0785AEDA326

Generic PUP.x!2D205A5B90CF

Generic PUP.x!60C4FD06E26D

Generic PUP.x!B95AF1CA366A

Generic PUP.x!764593985633

FakeAV-M.bfr!97014BCBEE47

RDN/Generic.dx!dfj!1EA8720A7613

Generic Downloader.x!6FBAFA22376C

Generic FakeAlert!23C2AD45666C

RDN/Generic Dropper!ve!A9C197068A73

RDN/Generic.dx!dfj!7BB6924AE4EC

RDN/Generic BackDoor!zt!88FBCC105918

FakeAV-M.bfr!B71BB097C5BB

RDN/Generic PUP.x!cnb!6FC1A32A95D6

Downloader.gen.a!C87318BABDB5

RDN/Generic PUP.x!cnb!2948DB7AA650

Generic.dx!00B90C14C811

Generic FakeAlert!2453E7290559

RDN/Generic PUP.x!cnb!51DEE98B1F87

RDN/Generic PUP.x!cnb!60037AD4F829

RDN/Generic PUP.x!cnb!5E344057EC4E

Phishing

Tesco Credit Card

12th September 2014

Win A Free Tesco Voucher

RBC Express

10th September 2014

User Roles Waiting For
Approval

Vulnerebility

Adobe Flash Player and AIR CVE-2014-0551 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69702

Adobe Flash Player and AIR CVE-2014-0553 Use After Free Remote Code Execution Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69707

Adobe Flash Player and AIR CVE-2014-0556 Unspecified Heap Based Buffer Overflow Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69696

Adobe Flash Player and AIR CVE-2014-0557 Multiple Unspecified Memory Corruption Vulnerabilities
2014-09-12
http://www.securityfocus.com/bid/69701

Adobe Flash Player and AIR CVE-2014-0550 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69700

Adobe Flash Player and AIR CVE-2014-0549 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69699

Adobe Flash Player and AIR CVE-2014-0552 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69703

Adobe Flash Player and AIR CVE-2014-0554 Unspecified Security Bypass Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69697

Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69705

Adobe Flash Player and AIR CVE-2014-0547 Unspecified Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69695

Mozilla Firefox/Thunderbird CVE-2014-1557 Remote Code Execution Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68824

Mozilla Firefox/Thunderbird CVE-2014-1556 Remote Code Execution Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68822

Mozilla Firefox CVE-2014-1561 Event Spoofing Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68826

Mozilla Firefox/Thunderbird CVE-2014-1559 Security Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68815

Mozilla Firefox/Thunderbird CVE-2014-1555 Use After Free Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68814

Mozilla Firefox/Thunderbird CVE-2014-1558 Security Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68812

Mozilla Firefox/Thunderbird CVE-2014-1547 Multiple Memory Corruption Vulnerabilities
2014-09-12
http://www.securityfocus.com/bid/68811

Mozilla Firefox/Thunderbird CVE-2014-1552 Same Origin Policy Security Bypass Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68821

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68816

Mozilla Firefox/Thunderbird CVE-2014-1549 Heap Buffer Overflow Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68820

Mozilla Firefox/Thunderbird CVE-2014-1548 Multiple Memory Corruption Vulnerabilities
2014-09-12
http://www.securityfocus.com/bid/68818

Mozilla Firefox/Thunderbird CVE-2014-1550 Use After Free Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68810

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68348

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5593 Address Bar URI Spoofing Vulnerability
2014-09-12
http://www.securityfocus.com/bid/63429

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5600 Remote Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/63427

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68243

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5602 Remote Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/63424

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-5599 Remote Memory Corruption Vulnerability
2014-09-12
http://www.securityfocus.com/bid/63423

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-09-12
http://www.securityfocus.com/bid/68238

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-09-12
http://www.securityfocus.com/bid/69325

Exploit

  OroCRM - Stored XSS Vulnerability

  Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection

  Photorange 1.0 iOS - File Inclusion Vulnerability

  ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability

11.9.2014

Bugtraq

[SECURITY] [DSA 3020-1] acpi-support security update 2014-09-10
Raphael Geissert (geissert debian org)

[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat 2014-09-10
Mark Thomas (markt apache org)

[slackware-security] seamonkey (SSA:2014-252-01) 2014-09-09
Slackware Security Team (security slackware com)

[security bulletin] HPSBMU03075 rev.1 - HP Network Node Manager I (NNMi) for Windows and Linux, Remote Execution of Arbitrary Code 2014-09-09
security-alert hp com

NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries 2014-09-09
VMware Security Response Center (security vmware com)

Re: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-09-09
sales prochatrooms com

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

Malware

Generic PUP.x!0C6745A27CC3

Generic PUP.x!0F019216AA9B

RDN/Generic PUP.x!cn3!50D6DB8D39FB

Generic PUP.x!CCEC238202E2

Generic.bfr!8B140379E0EA

Generic PUP.x!DADBCD3C0F53

RDN/Generic.dx!dfh!F2E45BAB5E28

Generic PUP.x!E81B8055827C

RDN/Generic PUP.x!AE417D382B73

Generic PUP.x!074BC2472DDE

RDN/Downloader.gen.a!FE6B84A9D0F9

RDN/Generic.bfr!hq!CF8E86542807

Generic PUP.x!10CB0929203D

iBryte!54AA3342AC94

GenericR-CAO!0619055DD67B

Generic PUP.x!654CF63E97AF

RDN/PWS-Banker!dk!2813572919D5

Generic PUP.x!4B33A593A3C0

RDN/Generic.bfr!0DB3A7BC548C

Generic BackDoor!53281A425D44

RDN/Generic PUP.x!474083FCD01D

RDN/Ransom!ek!7BFBE32E73C8

RDN/Generic.dx!dfh!DA8122BE2C69

RDN/Generic PUP.x!cn3!2746E07E861D

RDN/Generic.bfr!hq!AA1BB243E202

Generic PUP.x!84181677726C

Generic PUP.x!A5520BEC7921

Generic PUP.x!ECCC6461ABDB

RDN/Generic PUP.x!cn3!6106B6BA6492

Generic PUP.x!240914DC6025

Phishing

RBC Express

10th September 2014

User Roles Waiting For
Approval

Vulnerebility

Adobe Flash Player and AIR CVE-2014-0548 Same Origin Policy Security Bypass Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69705

Adobe Flash Player and AIR CVE-2014-0553 Use After Free Remote Code Execution Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69707

Adobe Flash Player and AIR CVE-2014-0555 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69706

Adobe Flash Player and AIR CVE-2014-0559 Unspecified Heap Based Buffer Overflow Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69704

Adobe Flash Player and AIR CVE-2014-0551 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69702

Adobe Flash Player and AIR CVE-2014-0552 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69703

Adobe Flash Player and AIR CVE-2014-0554 Unspecified Security Bypass Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69697

Adobe Flash Player and AIR CVE-2014-0550 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69700

Adobe Flash Player and AIR CVE-2014-0547 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69695

Adobe Flash Player and AIR CVE-2014-0549 Unspecified Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69699

Adobe Flash Player and AIR CVE-2014-0556 Unspecified Heap Based Buffer Overflow Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69696

Adobe Flash Player and AIR CVE-2014-0557 Multiple Unspecified Memory Corruption Vulnerabilities
2014-09-11
http://www.securityfocus.com/bid/69701

Mozilla Firefox/Thunderbird CVE-2014-1563 Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69523

Mozilla Firefox/Thunderbird CVE-2014-1553 Multiple Memory Corruption Vulnerabilities
2014-09-11
http://www.securityfocus.com/bid/69524

Mozilla Firefox/Thunderbird CVE-2014-1565 Out of Bounds Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69521

Mozilla Firefox and Thunderbird CVE-2014-1564 Information Disclosure Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69525

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-11
http://www.securityfocus.com/bid/69519

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69520

RETIRED: Microsoft September 2014 Advance Notification Multiple Vulnerabilities
2014-09-11
http://www.securityfocus.com/bid/69636

Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66907

Oracle Java SE CVE-2014-0446 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66903

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-09-11
http://www.securityfocus.com/bid/65568

Oracle Java SE CVE-2014-0456 Remote Code Execution Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66877

Oracle Java SE CVE-2014-2410 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66886

Oracle Java SE CVE-2014-0432 Remote Code Execution Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66897

Oracle Java SE CVE-2014-0451 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66879

Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2014-09-11
http://www.securityfocus.com/bid/66893

IBM Initiate Master Data Service CVE-2014-4786 Unspecified Frame Injection Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69720

Linux Kernel 'netdevice.h' NULL Pointer Dereference Denial of Service Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69721

Linux Kernel CVE-2014-0205 Local Privilege Escalation Vulnerability
2014-09-11
http://www.securityfocus.com/bid/69725

Exploit

 

10.9.2014

Bugtraq

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
FreeBSD Security Advisories (security-advisories freebsd org)

Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic PWS.bfr!e!D52EBA8C38F9

RDN/Generic PWS.bfr!e!593A55D19F8A

Generic PUP.x!9F2D2B65341F

Generic PUP.x!68FC775C0C58

RDN/BackDoor-FBSA!a!6F4A5D6950E3

Generic PUP.x!9C8F485EF7A5

Generic PUP.x!9D3D0EBCF49B

Generic PUP.x!9B06B380FD72

Dropper-FLV!F1AEFC1A6DE4

Generic PUP.x!924150BB06D8

Generic PUP.x!9268DE306E1E

RDN/Generic PUP.x!49EBC7D22F40

RDN/Generic BackDoor!zt!59FD76A1BAF2

RDN/Generic PWS.y!bb3!6D6138EB28EB

RDN/Generic PWS.y!bb3!4A3E98397F45

Generic PUP.x!93B480CF3027

RDN/Generic.dx!dfg!DB67E30BA659

Generic PUP.x!9B86D1558050

RDN/Generic PWS.y!bb3!D53B14B79C34

Downloader.gen.a!3D00B1307A98

RDN/Generic.dx!095C7462CC57

Generic PUP.x!92F290DA65EC

Generic PUP.x!94C9399FD167

Generic PUP.x!950215A411B5

RDN/Generic Downloader.x!ku!F99ECE93DC9C

Generic PUP.x!9A76597E9EE0

RDN/Generic PWS.bfr!e!52C7A86AF2B2

Generic PUP.x!9B759309CBE6

Generic PUP.x!960A593FE7ED

Generic PUP.x!9B47FCB6DEAB

Phishing

 

Vulnerebility

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67121

Microsoft Internet Explorer CVE-2013-7331 Information Disclosure Vulnerability
2014-09-10
http://www.securityfocus.com/bid/65601

PHPIDS ReDoS Filters Security Bypass Vulnerability
2014-09-10
http://www.securityfocus.com/bid/51277

PHP 'cdf_read_property_info()' Function CVE-2014-3587 Incomplete Fix Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69325

Mozilla Firefox/Thunderbird CVE-2014-1544 Use After Free Memory Corruption Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68816

PHP Fileinfo Component 'cdf_read_short_sector()' Function Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68243

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68120

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67759

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component Incomplete Fix Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68348

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67765

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/68238

Adobe Reader and Acrobat APSB14-20 Prenotification Multiple Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/69646

Multiple ManageEngine Products CVE-2014-5005 Arbitrary File Upload Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69494

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67899

OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69081

OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69078

OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69076

QEMU Block Drivers CVE-2014-0143 Multiple Integer Overflow Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/66486

Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
2014-09-10
http://www.securityfocus.com/bid/69258

QEMU 'virtio_load()' Function Memory Corruption Vulnerability
2014-09-10
http://www.securityfocus.com/bid/66976

QEMU CVE-2014-0144 Multiple Buffer Overflow Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/66483

QEMU CVE-2013-4541 Remote Code Execution Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67394

QEMU L2 Table Size Validation Integer Overflow Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67357

QEMU 'hw/usb/bus.c' Heap Based Buffer Overflow Vulnerability
2014-09-10
http://www.securityfocus.com/bid/67392

QEMU CVE-2014-0145 Multiple Buffer Overflow Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/66464

QEMU Multiple Memory Corruption Vulnerabilities
2014-09-10
http://www.securityfocus.com/bid/67483

QEMU CVE-2014-0146 NULL Pointer Dereference Local Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/66472

QEMU Division By Zero Error Local Denial of Service Vulnerability
2014-09-10
http://www.securityfocus.com/bid/66481

Exploit

 

9.9.2014

Bugtraq

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
FreeBSD Security Advisories (security-advisories freebsd org)

Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)

IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability 2014-09-08
main gsmcnamara com

[security bulletin] HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-08
security-alert hp com

CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)

Malware

RDN/Generic PUP.x!cmx!0DA098437BAA

CryptDomaIQ!46F5A8FF5DF9

CryptDomaIQ!46F6556E15E7

RDN/Generic.dx!dfg!0142D1CA3D22

RDN/Generic.hra!ca!03E1141B265D

Generic PUP.x!00B39D8F5F89

Generic PUP.x!06DD6A6BD43E

Generic PUP.x!04F27AB1EA18

RDN/Generic PUP.x!cmx!0431AF45F4E2

CryptDomaIQ!46F4C13F4B77

W32/Virus.gen!057ACD44646B

RDN/Generic PUP.x!cmx!0D240AECFAB9

RDN/Generic.dx!dfg!0564C7AFB61C

RDN/Generic PUP.x!08D3AA6C55E1

Generic PUP.x!0C748F6AEF18

RDN/Generic PUP.x!0B6F5889EA2B

Generic.bfr!0410A7DDA9B9

RDN/Generic PUP.x!cmx!0C194144F1B3

CryptDomaIQ!46EF183005EE

RDN/Generic PUP.x!cmx!022871AE441C

CryptDomaIQ!46DDDC1EEE69

CryptDomaIQ!46E4569FF286

Generic PUP.x!0435E06A5641

Generic PUP.x!0C1EAA2C86FC

RDN/Generic PUP.x!cmx!0AE8123DF11A

RDN/Generic.dx!dfg!0A1EA71AF237

RDN/Generic PUP.x!cmx!073753DF7E09

RDN/Generic PUP.x!cmx!0808DC98AF30

RDN/Generic PUP.x!cmx!04DAA3ADF107

RDN/Generic.dx!dfg!09D8E727D98A

Phishing

PayPal

9th September 2014

[IMPORTANT] Update your paypal
account information

PayPal

8th September 2014

Account Review

bt.athome@bt.com

8th September 2014

Your BT security is still not
active !!!

Vulnerebility

PHP unserialize() Function Type Confusion Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68237

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-09-09
http://www.securityfocus.com/bid/66303

PHP Fileinfo Component 'cdf_count_chain()' Function Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68238

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67668

PHP Fileinfo Component CVE-2014-3478 Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68239

PHP Fileinfo Component 'cdf_check_stream_offset()' Function Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68241

PHP Fileinfo Component 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68120

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68007

Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66880

Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66846

Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66896

Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66890

Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66858

Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66872

Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66835

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68624

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/69453

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67898

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-09-09
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67900

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67193

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68909

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/67901

MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/68908

Rsync Use Chroot Insecure File Creation Vulnerability
2014-09-09
http://www.securityfocus.com/bid/26638

Django 'return()' Function URI Redirection Vulnerability
2014-09-09
http://www.securityfocus.com/bid/69425

Django 'contrib.admin' Information Disclosure Vulnerability
2014-09-09
http://www.securityfocus.com/bid/69429

Django CVE-2014-0481 Denial of Service Vulnerability
2014-09-09
http://www.securityfocus.com/bid/69423

Exploit

  ManageEngine Desktop Central StatusUpdate Arbitrary File Upload

  ALCASAR 2.8 Remote Root Code Execution Vulnerability

  TP-LINK Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities

  TP-LINK Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities

  Atmail Webmail 7.2 - Multiple Vulnerabilities

  PHP Stock Management System 1.02 - Multiple Vulnerabilty

  Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash

8.9.2014

Bugtraq

 

Malware

RDN/Generic.bfr!hr!C194B0FAF154

DNSChanger.bfr!CDD2B6BFD4BE

RDN/Generic FakeAlert!fd!9D2FE51733D5

CryptDomaIQ!39E10D027527

Generic.bfr!39E0359C8E95

CryptDomaIQ!39E101177F50

DNSChanger.bfr!3E702F195EB5

RDN/Generic PUP.x!cm3!04F9EC6576DA

CryptDomaIQ!39D858C4C774

CryptDomaIQ!39D7A7BE946E

CryptDomaIQ!39E2EF0386EC

iBryte!39DBFE7883B4

CryptDomaIQ!39D79FA68B26

iBryte!63242FA7AA22

RDN/Generic BackDoor!zs!593B70359824

PUP-FMK!39DB827A19FA

iBryte!39CC12CC28EE

RDN/Generic.dx!df3!CE299FF74DC8

Generic PUP.x!28F5CDD290BA

RDN/Generic PUP.x!cm3!BB05D1A3878E

RDN/Generic Downloader.x!kx!B153C79909B0

CryptDomaIQ!39E223C329DF

W32/Worm-AAEH.g!CD240A380171

Generic.dx!866B0A34A837

RDN/Generic.dx!ECB517F25AF9

Generic PUP.x!2A683B1550E7

Generic PUP.x!C221BD481E4B

Generic PUP.x!1EE2CF2E52E2

Generic BackDoor!335D88F56E24

RDN/Generic PUP.x!cm3!BD3B74F20F79

Phishing

LogMeIn.com Auto-Mailer

7th September 2014

Verify your LogMeIn account

Paypal support

7th September 2014

PLEASE VALIDATE YOUR ACCOUNT
INFORMATION

Pay-Pal...

7th September 2014

TEMPORARELY BLOCKED ACCOUNT

PayPal Service

7th September 2014

UPDATE YOUR PAYPAL INFORMATION
!

PayPal

7th September 2014

PAYPAL ACCOUNT SERVICE

PayPal

6th September 2014

PAYPAL ACCOUNT SERVICE

PayPal Service

6th September 2014

UPDATE YOUR PAYPAL INFORMATION
!

no_reply@bt.com

6th September 2014

Your BT security is still not
active.

PayPal

6th September 2014

IMPORTANT - New Security
Upgrade

Vulnerebility

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69453

OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67898

OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2014-09-08
http://www.securityfocus.com/bid/66801

OpenSSL CVE-2014-0195 Memory Corruption Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67900

OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67193

MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68909

OpenSSL DTLS CVE-2014-0221 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67901

MIT Kerberos 5 GSSAPI Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68908

Rsync Use Chroot Insecure File Creation Vulnerability
2014-09-08
http://www.securityfocus.com/bid/26638

Django 'return()' Function URI Redirection Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69425

Django 'contrib.admin' Information Disclosure Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69429

Django CVE-2014-0481 Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69423

MIT Kerberos 5 CVE-2014-4344 NULL Pointer Dereference Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69160

Django CVE-2014-0482 Authentication Bypass Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69430

Rsync F_Name Off-By-One Buffer Overflow Vulnerability
2014-09-08
http://www.securityfocus.com/bid/25336

MIT Kerberos 5 CVE-2014-4343 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69159

PPP 'options.c' CVE-2014-3158 Remote Integer Overflow Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69399

GNU glibc 'iconv()' Function Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69470

GNU glibc 'iconv()' Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69472

libgcrypt Elgamal Encryption Subkeys Information Disclosure Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69164

GNU glibc '__gconv_translit_find()' Function Memory Corruption Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68983

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68636

PHP 'cdf_read_property_info()' Function Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67765

PHP '/ext/standard/info.c' Type Confusion Information Disclosure Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68423

PHP 'cdf_unpack_summary_info()' Function Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67759

PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68007

PHP '/tmp/phpglibccheck' Symlink Vulnerability
2014-09-08
http://www.securityfocus.com/bid/67837

PHP unserialize() Function Type Confusion Security Vulnerability
2014-09-08
http://www.securityfocus.com/bid/68237

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-08
http://www.securityfocus.com/bid/69083

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67668

Exploit

  IP Board 3.x - CSRF Token hjiacking

  LoadedCommerce7 - Systemic Query Factory Vulnerability

  Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability

  PhpOnlineChat 3.0 - XSS

  WordPress Acento Theme (view-pdf.php, file param) - Arbitrary File Download

5.9.2014

Bugtraq

[ MDVSA-2014:174 ] apache 2014-09-04
security mandriva com

Avolve Software ProjectDox Multiple Vulnerability Disclosure 2014-09-03
Romano, Christian (cromano caanes com)

[security bulletin] HPSBMU03083 rev.2 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-03
security-alert hp com

Reflected Cross-Site Scripting (XSS) in MyWebSQL 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in BlackCat CMS 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Malware

iBryte!1E2C3BEA1BF6

CryptDomaIQ!1E1222F0990C

Generic PUP.x!5CC07BAECF11

CryptDomaIQ!1E1C17FB4725

Generic PUP.x!2C1AC8A15E71

CryptDomaIQ!1E21145F551F

Generic PUP.x!EDC402DE907C

RDN/Generic PWS.y!0B2D4691DC4F

CryptDomaIQ!1E237709B855

CryptDomaIQ!1E27ABBC8C6A

Generic PUP.x!13F950C86215

Generic PUP.x!EFB503898C3D

Generic PUP.x!3050BCE94929

CryptDomaIQ!1E2740EAD3C2

Generic PUP.x!18DFFE3E7C4A

CryptDomaIQ!1E2A519D2BE6

CryptDomaIQ!1E23D4C809DE

CryptDomaIQ!1E2FE37768B4

PowerPack!1E2C4780D899

Generic PUP.x!EFCA5D01C7DD

Generic PUP.x!E79A39BE50CC

Generic PUP.x!18AF68478FFB

Generic PUP.x!F1633D7291C6

Generic PUP.x!EC8E7E172242

Generic PUP.x!EE3554461175

Generic PUP.x!2D1C0DB4F34E

RDN/Downloader.a!sx!090262D83C13

CryptDomaIQ!1E18F80FD05D

CryptDomaIQ!1E1643A0C292

CryptDomaIQ!1E0741DA982F

Phishing

Apple

5th September 2014

Unauthorised Login Attempt

Paypal Team

4th September 2014

Card Declined - Upload Your
Acc

Paypal support

3rd September 2014

PLEASE VALIDATE YOUR ACCOUNT
INFORMATION

Vulnerebility

OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/69083

Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67668

Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67669

Apache Tomcat CVE-2014-0096 XML External Entity Information Disclosure Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67667

Apache Tomcat CVE-2014-0095 AJP Request Remote Denial Of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67673

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67671

OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2014-09-05
http://www.securityfocus.com/bid/67899

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68624

Procmail Formail Utility 'formisc.c' Heap Overflow Vulnerability
2014-09-05
http://www.securityfocus.com/bid/69573

Oracle Java SE CVE-2014-4209 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68639

Oracle Java SE CVE-2014-4227 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68603

Oracle Java SE CVE-2014-4262 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68599

Oracle Java SE CVE-2014-4264 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68612

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-2483 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68608

Oracle Java SE CVE-2014-4208 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68580

Oracle Java SE CVE-2014-4223 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68590

Oracle Java SE CVE-2014-4221 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68571

Oracle Java SE CVE-2014-2490 Remote Code Execution Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68645

Oracle Java SE CVE-2014-4247 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68626

Oracle Java SE CVE-2014-4216 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68562

Oracle Java SE CVE-2014-4252 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68642

Oracle Java SE CVE-2014-4220 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68576

Oracle Java SE CVE-2014-4219 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68620

Oracle Java SE CVE-2014-4265 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68632

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4268 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68615

Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2014-09-05
http://www.securityfocus.com/bid/68583

RETIRED: IBM SDK for Node.js CVE-2014-5256 Remote Denial of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/69462

V8 JavaScript Engine Denial of Service Vulnerability
2014-09-05
http://www.securityfocus.com/bid/69157

Exploit

 

4.9.2014

Bugtraq

Reflected Cross-Site Scripting (XSS) in MyWebSQL 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in BlackCat CMS 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

[SECURITY] [DSA 3018-1] iceweasel security update 2014-09-03
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:172 ] php 2014-09-03
security mandriva com

[ MDVSA-2014:173 ] busybox 2014-09-03
security mandriva com

Re: ntopng 1.2.0 XSS injection using monitored network traffic 2014-09-03
Steffen Bauch (mail steffenbauch de)

[CORE-2014-0005] - Advantech WebAccess Vulnerabilities 2014-09-02
CORE Advisories Team (advisories coresecurity com)

[security bulletin] HPSBGN03099 rev.1 - HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL, Remote Disclosure of Information 2014-09-02
security-alert hp com

Malware

Generic PUP.x!8D6D3577E029

Generic Dropper!150C800758EB

RDN/Generic PUP.x!cmk!4DF5EFA5CF44

Generic PUP.x!8CA71830B547

Generic PUP.x!4E0DFD9E8528

CryptDomaIQ!0DB08989B3B7

RDN/Generic.dx!3B235027EA50

CryptDomaIQ!0DA85A07ABE6

MultiPlug!0DB0A899A230

CryptDomaIQ!0DB40F91648F

MultiPlug!0DB3B2A77EEA

MultiPlug!0DB35740B528

MultiPlug!0DA760CF9C6B

Generic PUP.x!3EE39603C136

CryptDomaIQ!0DA40740A351

PUP-FMK!0DA1CAE3AFE9

iBryte!0DA4A54F886B

PUP-FMK!0DA248DAC0CA

Downloader.gen.a!8B6095504C48

RDN/Downloader.a!sx!1FC06DEC85E7

Downloader.gen.a!8351101A2DC1

Generic PUP.x!E60A2EE92097

RDN/Downloader.a!sx!8C127169A97A

Generic PUP.x!839CB4FCF0E3

Generic PUP.x!4879AEC457A2

Generic PUP.x!110F61C06182

Generic Downloader.x!2387E22BFE7C

Generic PUP.x!A42E07AA8DDE

PUP-FMK!2F746034108F

Generic PUP.x!5668B1E53C0A

Phishing

Paypal Team

4th September 2014

Card Declined - Upload Your
Acc

Paypal support

3rd September 2014

PLEASE VALIDATE YOUR ACCOUNT
INFORMATION

Tesco Bank

3rd September 2014

NEW NOTIFICATION FROM TESCO
BANK

Wells Fargo OnlineЮwells._f

3rd September 2014

IMPORTANT MESSAGE FROM WELLS
FARGO ONLINE

Vulnerebility

Mozilla Firefox and Thunderbird CVE-2014-1564 Information Disclosure Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69525

Mozilla Firefox/Thunderbird CVE-2014-1567 Use After Free Memory Corruption Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69520

Squid 'idnsALookup()' Function Remote Buffer Overflow Vulnerability
2014-09-04
http://www.securityfocus.com/bid/61111

Squid CVE-2014-3609 Remote Denial of Service Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69453

Mozilla Firefox/Thunderbird CVE-2014-1562 Multiple Memory Corruption Vulnerabilities
2014-09-04
http://www.securityfocus.com/bid/69519

Apache HttpComponents Incomplete Fix CVE-2014-3577 SSL Validation Security Bypass Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69258

Google Chrome CVE-2014-3172 Unspecified Security Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69401

Google Chrome Multiple Unspecified Remote Code Execution Vulnerabilities
2014-09-04
http://www.securityfocus.com/bid/69404

libgcrypt Elgamal Encryption Subkeys Information Disclosure Vulnerability
2014-09-04
http://www.securityfocus.com/bid/69164

dhcpcd 'dhcp.c' Denial of Service Vulnerability
2014-09-04
http://www.securityfocus.com/bid/68970

Lua 'ldo.c' Remote Code Execution Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69342

Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68636

Oracle Java SE CVE-2014-4244 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68624

Oracle Java SE CVE-2014-0453 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66914

ManageEngine EventLog Analyzer Multiple Security Vulnerabilities
2014-09-03
http://www.securityfocus.com/bid/69482

JSON-C Weak Hash Function CVE-2013-6371 Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66715

Apache Commons FileUpload CVE-2014-0050 Denial Of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/65400

Advantech WebAccess CVE-2014-0768 Stack-Based Buffer Overflow Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66732

Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass Vulnerability
2014-09-03
http://www.securityfocus.com/bid/65999

IBM Tivoli Monitoring Agent CVE-2013-5467 Unspecified Local Privilege Escalation Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69436

Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66881

Multiple Oracle Java Products 'unpack.cpp' Insecure Temporary File Creation Vulnerability
2014-09-03
http://www.securityfocus.com/bid/65568

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability
2014-09-03
http://www.securityfocus.com/bid/63676

Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass Vulnerability
2014-09-03
http://www.securityfocus.com/bid/67064

Apache Tomcat CVE-2014-0075 Chunk Request Remote Denial Of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/67671

libpng 'png_read_transform_info()' Function NULL Pointer Dereference Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/64493

Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/64918

TorrentFlux 'profile.php' Remote Information Disclosure Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69483

TorrentFlux 'details.php' Cross Site Scripting Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69481

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69075

Exploit

vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit

3.9.2014

Bugtraq

[SECURITY] [DSA 3017-1] php-cas security update 2014-09-02
Thijs Kinkhorst (thijs debian org)

Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability 2014-09-02
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:171 ] dhcpcd 2014-09-02
security mandriva com

[ MDVSA-2014:170 ] jakarta-commons-httpclient 2014-09-02
security mandriva com

Defense in depth -- the Microsoft way (part 18): Microsoft Office 2010 registers command lines with unquoted pathnames 2014-09-02
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:169 ] bugzilla 2014-09-02
security mandriva com

[ MDVSA-2014:168 ] libvncserver 2014-09-02
security mandriva com

[ MDVSA-2014:167 ] file 2014-09-02
security mandriva com

[ MDVSA-2014:166 ] serf 2014-09-02
security mandriva com

[ MDVSA-2014:165 ] krb5 2014-09-02
security mandriva com

[ MDVSA-2014:163 ] python-imaging 2014-09-02
security mandriva com

[ MDVSA-2014:164 ] phpmyadmin 2014-09-02
security mandriva com

[ MDVSA-2014:162 ] catfish 2014-09-02
security mandriva com

[ MDVSA-2014:161 ] subversion 2014-09-02
security mandriva com

[ MDVSA-2014:160 ] gpgme 2014-09-02
security mandriva com

Re: [FD] SSH host key fingerprint - through HTTPS 2014-09-02
John Leo (johnleo checkssh com)

Malware

Generic PUP.x!B6DB6DF7B0A2

RDN/Generic PUP.x!56851A88981C

RDN/Generic PUP.x!54D504B2C13F

RDN/Generic BackDoor!zi!55C7AA587ABB

RDN/Generic PUP.x!562E9FD93DAA

RDN/Generic PUP.x!55EE7264E9CC

Generic PUP.x!5F74B6787360

PUP-FMK!028F18FED502

RDN/Generic PUP.x!55D74DCCE734

PowerPack!0347F6AC42AE

RDN/Generic.bfr!96F93F172A61

RDN/Generic PUP.x!56271A8C70FF

Generic.tfr!D98D0013BF46

RDN/Generic PUP.x!cmj!C5F6449CB9F6

RDN/Generic.dx!dfb!5A90AB38A944

RDN/Generic PUP.x!B68E1597AA31

RDN/Generic PUP.x!551FE0FF5F7A

RDN/Generic PUP.x!54C809CE0A4A

RDN/Generic PUP.x!54B5367BF72B

RDN/Generic PUP.z!82D7D11F64B3

RDN/Generic PUP.x!cmj!C3F5A7280DD3

PowerPack!01982EDDDDD7

Generic PUP.x!011716E39BCC

RDN/Generic PUP.x!DD3122A8C2E2

RDN/Generic PUP.x!549588C99D8B

Generic PUP.x!CC3B21A0AF89

RDN/Generic.tfr!ed!55321D945486

RDN/Generic PUP.x!cmj!52FF393E8968

RDN/Generic PUP.x!cmj!C44A52856CA0

Generic PUP.x!71627BD9C797

Phishing

PayPal

3rd September 2014

your account paypal is limited

TheMailTeam

2nd September 2014

MAILACCOUNTMGMT UPDATE NOW

PayPal

2nd September 2014

NOTICE : YOUR ACCOUNT HAS BEEN
LIMITED PLEASE UPDATE NOW.

Vulnerebility

Linux Kernel Unspecified Local Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68126

Linux Kernel Multiple Local Security Bypass Vulnerabilities
2014-09-03
http://www.securityfocus.com/bid/68162

Linux Kernel 'control.c' File Use After Free Memory Corruption Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68164

Linux Kernel SCTP NULL Pointer Dereference Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68881

Linux Kernel 'sctp_association_free()' Function Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68224

Linux Kernel 'mm/slab.c' Local Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68125

Apache OpenOffice Calc CVE-2014-3524 Command Injection Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69351

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability
2014-09-03
http://www.securityfocus.com/bid/69496

Apache HTTP Server CVE-2014-0231 Remote Denial of Service Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68742

Apache HTTP Server 'mod_status' CVE-2014-0226 Remote Code Execution Vulnerability
2014-09-03
http://www.securityfocus.com/bid/68678

Apache HTTP Server Multiple Denial of Service Vulnerabilities
2014-09-03
http://www.securityfocus.com/bid/66303

Oracle Java SE CVE-2014-2423 Remote Security Vulnerability
2014-09-03
http://www.securityfocus.com/bid/66887

Oracle Java SE CVE-2014-2397 Remote Security Vulnerab