news aggregator

Linux Kernel ISDN PPP Remote Denial of Service Vulnerability

The former head of Army’s Media Relations in Afghanistan lets loose on the marketing of Osama, the coffin controversy, and engineering combat footage for NBC.

SynScan is a fast half-open port scanner. This tool will send TCP packets with the SYN flag to any block of destination addresses at very high speed. SynScan endeavors to send traffic as fast as the host network interface can support.

XSSscan is a cross site scripting scanner that can take output from google or can search one site. It is written in Python.

PHP versions 5.2.0 and below local buffer overflow exploit for Win32 that makes use of php_iisfunc.dll.

Alpha Centauri Software SIDVault LDAP server remote root exploit.

iDefense Security Advisory 08.27.07 - Remote exploitation of multiple buffer overflow vulnerabilities within Motorola Inc.'s Timbuktu allows attackers to crash the service or potentially execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities within version 8.6.3.1367 of Motorola Inc.'s Timbuktu Pro for Windows. Older versions are suspected to be vulnerable.

iDefense Security Advisory 08.27.07 - Remote exploitation of a directory traversal vulnerability in Motorola Inc.'s Timbuktu Pro allows attackers to delete or create files with SYSTEM privileges. iDefense confirmed the existence of this vulnerability in version 8.6.3.1367 of Motorola Inc.'s Timbuktu Pro for Windows. Other versions, including those for other operating systems are suspected to be vulnerable.

Ubuntu Security Notice 503-1 - Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious email, an attacker could execute arbitrary code with the user's privileges. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. Jesper Johansson discovered that spaces and double-quotes were not correctly handled when launching external programs. In rare configurations, after tricking a user into opening a malicious email, an attacker could execute helpers with arbitrary arguments with the user's privileges.

Debian Security Advisory 1358-1 - Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit. These flaws range from denial of service to code execution vulnerabilities.

Stampit Web suffers from a denial of service vulnerability.

The SIDVault LDAP server is susceptible to a remote buffer overflow vulnerability.

Abledesign Dynamic Picture Frame XSS

Sunshop v4.0 >> Advertisement ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29

[SECURITY] [DSA 1358-1] New asterisk packages fix several vulnerabilities

InterWorx-CP Multiple HTML Injections Vulnerabilitie

Many of us rely on drugs imported from developing countries like India. But a new report reveals the toxic industry that produces them and the people who pay the price.

George Bush and other Iraq War supporters have argued that if we withdraw from Iraq the result will be like the killing fields of Cambodia -- an odd comparison considering that the US has direct responsibility for that holocaust.

Many of us rely on drugs imported from developing countries like India. But a new report reveals the toxic industry that produces them and the people who pay the price.

Hiring former Bush administration EPA head Christie Todd Whitman to chair its "Clean and Safe Energy Coalition" is the nuclear industry's latest PR attempt at "greening" its image.