CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Windows Kernel ReadLayoutFile Heap Overflow 1. *Advisory Information* Title: Windows Kernel ReadLayoutFile Heap Overflow Advisory ID: CORE-2011-1123 Advisory URL:

Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

Hi Lists, it seems Microsoft doesn't want to patch the vulnerabilities I posted back in June, at least not in the July update. The posting included some important bugs in the Internet Information Services, one of their flagship products: http://seclists.org/fulldisclosure/2012/Jun/189 The July

Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

Right - if you've compromised the server to the point you can alter directory structures/names, the you've already bypassed the ACLs required in order to exploit the vulnerability that allows you to bypass the ACLs. I don't get it. t On 7/16/12 10:47 AM, Григорий Братислава

DC4420 - London DEFCON - July meet - Tuesday July 17th 2012

OK, this is the last one before the big one! Whether you're coming to Vegas or not, you need to be here for this: Title: Hacking iOS Applications Synopsis: iOS applications are leet and cool. Let's have some fun with them! Pentester Bio: Zsombor Kovacs, Zsombor is a security geek interested

AVAVoIP v1.5.12 - Multiple Web Vulnerabilities

Title: == AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Date: = 2012-06-28 References: === http://www.vulnerability-lab.com/get_content.php?id=437 VL-ID: = 611 Common Vulnerability Scoring System: 6.5 Introduction: =

KeyPass Password Safe v1.22 - Software Filter Vulnerability

Title: == KeyPass Password Safe v1.22 - Software Filter Vulnerability Date: = 2012-06-26 References: === http://www.vulnerability-lab.com/get_content.php?id=615 VL-ID: = 615 Common Vulnerability Scoring System: 3 Introduction:

DomsHttpd 1.0 = Remote Denial Of Service

# DomsHttpd 1.0 = Remote Denial Of Service # Discovered by: Jean Pascal Pereira pere...@secbiz.de About DomsHttpd: A very simple HTTP protocol program base on asynchronous socket model. Vendor URI:

Secunia Research: Cisco Linksys PlayerPT ActiveX Control SetSource() Buffer Overflow

== Secunia Research 17/07/2012 - Cisco Linksys PlayerPT ActiveX Control - - SetSource() Buffer Overflow -

[PT-2012-23] SQL Injection in Dr.Web Anti-virus

- (PT-2012-23) Positive Technologies Security Advisory SQL Injection in Dr.Web Anti-virus - ---[ Vulnerable software ] Dr.Web Anti-virus

[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification,

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03405642 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03405642 Version: 1 HPSBMU02799

[security bulletin] HPSBMU02797 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.1x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification,

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03358587 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03358587 Version: 1 HPSBMU02797