Wireshark 1.4.0 Malformed IKE Packet Denial of Service
--
I. Summary
A flaw has been identified in Wireshark 1.4.0 when send a specific malformed
IKE packet that will cause a denial of service .
Ok, Dan, just for you:
Launch Internet Explorer 9 on Windows 7 (probably other IE/Win works too), go
to File->Open (or press Ctrl+O), browse to Test.html and open it. No
double-clicking and you couldn't launch an executable this way. Better?
Cheers,
Mitja
On Jul 8, 2011, at 9:10 PM, Dan Kamins
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] bind (SSA:2011-189-01)
New bind packages are available for Slackware 13.37, and -current to
fix a security issue.
Here are the details from the Slackware 13.37 ChangeLog:
+--+
patches/packages/bind-9.7.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2276-1 secur...@debian.org
http://www.debian.org/security/ Luciano Bello
July 10, 2011
This is a reminder that the Call for Papers for the 9th annual
HITBSecConf in Malaysia is closing this Friday, 15th of July. The event
takes place from the 10th - 13th of October at the Intercontinental
Kuala Lumpur.
As always, talks that are more technical or that discuss new and never
before se
## www.BugReport.ir
###
#
# AmnPardaz Security Research Team
#
# Title: Ferdows CMS Pro <=1.1.0 and Ferdows CMS <=9.0.5 Multiple
Vulnerabilities
# Vendor: www.fcms.ir
# Exploit: Available
# Vulnerable Version: 1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] mozilla-thunderbird (SSA:2011-189-02)
New mozilla-thunderbird packages are available for Slackware 13.0, 13.1, 13.37,
and -current to fix security issues.
Here are the details from the Slackware 13.37 ChangeLog:
+
I'm flooded with requests for a POC and many doubt that these
vulnerabilities are exploitable. And since this vulnerability is
rather technically interesting I believe many could learn from it.
http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02896506
Version: 1
HPSBUX02689 SSRT100494 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service
(DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon
as poss
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02906075
Version: 1
HPSBMU02690 SSRT100569 rev.1 - HP Business Availability Center (BAC) Running on
Solaris and Windows, Remote Denial of Service (DoS)
NOTICE: The information in this Security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2275-1 secur...@debian.org
http://www.debian.org/security/Nico Golde
July 7, 2011
ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-233
July 7, 2011
-- CVE ID:
CVE-2011-0549
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Symantec
-- Affected Products:
Symantec Web Gateway
-- TippingP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2277-1 secur...@debian.org
http://www.debian.org/security/Nico Golde
July 10, 2011
ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-234
July 11, 2011
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Trend Micro
-- Affected Products:
Trend Micro Control Man
The 6th international hacking and security conference "POC2011" by hackers will
be held
in Seoul, Korea on November 3 ~ 4.
'POC' means Power of Community.
POC believes that the power of community can make the world safer.
POC doesnt pursue money. So POC is free to show real hacking and secur
It's a nice attempt, but no. The social engineering required to pull
that off exceeds what's required to get somebody to download and
execute setup.exe, and we don't call that RCE either.
Hundreds of false bugs are blinding you to probably a dozen real bugs.
Likely more. In security as in finan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2274-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
July 07, 2011
###
phpMyAdmin 3.x Multiple Remote Code Executions
###[ Advisory from
]###
¨#¨¨¨
###
Luigi Auriemma
Application: Sybase Adaptive Server
http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise
Versions: <= 15.5
Platforms:Solaris, Windows,
19 matches
Mail list logo