🕴 Tushu, Take Twoshu: Malicious SDK Reappears in Google Play 🕴
📖 Read
via "Dark Reading: ".
Months after the Tushu SDK was found infecting Android apps on Google Play, its operators are back with new evasive techniques.📖 Read
via "Dark Reading: ".
Dark Reading
Tushu, Take Twoshu: Malicious SDK Reappears in Google Play
Months after the Tushu SDK was found infecting Android apps on Google Play, its operators are back with new evasive techniques.
❌ TrickBot Evolves to Go After SSH Keys ❌
📖 Read
via "Threatpost".
The info-stealing malware has updated its password-grabbing module.📖 Read
via "Threatpost".
Threat Post
TrickBot Evolves to Go After SSH Keys
The info-stealing malware has updated its password-grabbing module.
ATENTION‼ New - CVE-2011-3351
📖 Read
via "National Vulnerability Database".
openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this flaw to conduct symlink attacks to overwrite arbitrary files on the system.📖 Read
via "National Vulnerability Database".
🔐 How to use per-host SSH configuration 🔐
📖 Read
via "Security on TechRepublic".
Learn how to make your SSH use more efficient and convenient with per-host configurations.📖 Read
via "Security on TechRepublic".
TechRepublic
How to use per-host SSH configuration
Learn how to make your SSH use more efficient and convenient with per-host configurations.
ATENTION‼ New - CVE-2011-3596
📖 Read
via "National Vulnerability Database".
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3584
📖 Read
via "National Vulnerability Database".
The TYPO3 Core wec_discussion extension before 2.1.1 is vulnerable to SQL Injection due to improper sanitation of user-supplied input.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3583
📖 Read
via "National Vulnerability Database".
It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3374
📖 Read
via "National Vulnerability Database".
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3373
📖 Read
via "National Vulnerability Database".
Drupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when the vocabulary has had user tagging enabled and the "Modify node taxonomy terms" action is used. A remote attacker could provide a specially-crafted URL that could lead to cross-site scripting (XSS) attack.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3355
📖 Read
via "National Vulnerability Database".
evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-4090
📖 Read
via "National Vulnerability Database".
Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-4082
📖 Read
via "National Vulnerability Database".
A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. A remote attacker could use this flaw to cause a denial of service via specially-crafted request.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-4076
📖 Read
via "National Vulnerability Database".
OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3632
📖 Read
via "National Vulnerability Database".
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3631
📖 Read
via "National Vulnerability Database".
Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3630
📖 Read
via "National Vulnerability Database".
Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3624
📖 Read
via "National Vulnerability Database".
Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3617
📖 Read
via "National Vulnerability Database".
Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3609
📖 Read
via "National Vulnerability Database".
A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3606
📖 Read
via "National Vulnerability Database".
A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DOM environment modification and arbitrary HTML or web script execution.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2011-3600
📖 Read
via "National Vulnerability Database".
The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. In addition, it can also be used to probe for open network ports, and figure out from returned error messages whether a file exists or not. This affects OFBiz 16.11.01 to 16.11.04.📖 Read
via "National Vulnerability Database".