======================================================================

Secunia Research 29/10/2010

- SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control -
- "Install3rdPartyComponent()" Method Buffer Overflow -

===========================================

[ more ]  [ reply ]

======================================================================

Secunia Research 29/10/2010

- Adobe Shockwave Player "DEMX" Chunk Parsing Vulnerability -

======================================================================
Table of Contents

Affected Software.

[ more ]  [ reply ]

======================================================================

Secunia Research 29/10/2010

- Adobe Shockwave Player "pamm" Chunk Parsing Vulnerability -

======================================================================
Table of Contents

Affected Software.

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-1011-3 October 29, 2010
xulrunner-1.9.1, xulrunner-1.9.2 vulnerability
CVE-2010-3765
===========================================================

A security issue affects the following Ubuntu releases:

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-1011-2 October 28, 2010
thunderbird vulnerability
CVE-2010-3765
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubunt

[ more ]  [ reply ]

nSense Vulnerability Research Security Advisory NSENSE-2010-002
---------------------------------------------------------------
t2'10 infosec conference special release
http://www.t2.fi
-------------------------------------------

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:213
http://www.mandriva.com/security/
______________________________________________________________________

[ more ]  [ reply ]

Secunia PSI is not associated with any file types and does not support
opening of HTML files nor any other files. Furthermore, the application
does not load Schannel.dll.

Secunia PSI is therefore not vulnerable to the "Insecure Library
Loading" vulnerability.

Stay Secure,

Jakob Balle
https://twit

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-1011-1 October 28, 2010
firefox, firefox-3.0, firefox-3.5 vulnerability
CVE-2010-3765
===========================================================

A security issue affects the following Ubuntu releases:

[ more ]  [ reply ]

Vulnerability ID: HTB22652
Reference: http://www.htbridge.ch/advisory/xss_in_ninkobb.html
Product: NinkoBB
Vendor: NinkoBB ( http://ninkobb.com )
Vulnerable Version: 1.3RC5 and probably prior versions
Vendor Notification: 13 October 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: No

[ more ]  [ reply ]

rPath Security Advisory: 2010-0071-1
Published: 2010-10-27
Products:
rPath Linux 2

Rating: Informational
Exposure Level Classification:
Local User Non-deterministic Unauthorized Access
Updated Versions:
automake=conary.rpath.com@rpl:2/1.10-1.1-1

rPath Issue Tracking System:
https:/

[ more ]  [ reply ]

Vulnerability ID: HTB22646
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_blogbird.html
Product: BlogBird
Vendor: BlogBird ( http://www.blogbird.nl/ )
Vulnerable Version: Current actual version on http://www.blogbird.nl/
Vendor Notification: 13 October 2010
Vulnerability Type: Sto

[ more ]  [ reply ]

MyCart 2.0 Multiple Remote Vulnerabilities

Name MyCart
Vendor http://open.appideas.com
Versions Affected 2.0

Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Dat

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02165172
Version: 1

HPSBMA02533 SSRT080049 rev.1 - HP LoadRunner Web Tours 9.10 Remote Denial of Service

NOTICE: The information in this Security Bulletin should be acted upon as soon as possibl

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02552030
Version: 1

HPSBST02595 SSRT1000303 rev.1 - HP Storage Essentials Using LDAP, Remote Unauthenticated Access

NOTICE: The information in this Security Bulletin should be acted upon as soon

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02552030
Version: 1

HPSBST02595 SSRT1000303 rev.1 - HP Storage Essentials Using LDAP, Remote Unauthenticated Access

NOTICE: The information in this Security Bulletin should be acted upon as soon

[ more ]  [ reply ]

Nessus 4.2.0 and newer versions are not affected (as there's no fat client any more). So, technically, this was patched last year.

-rd

On Oct 27, 2010, at 9:48 AM, apa-iutcert (at) nsec (dot) ir [email concealed] wrote:

> A vulnerability has been discovered in Nessus Client ,which can be exploited by malicious people to c

[ more ]  [ reply ]

PoC to generate Reverse TCP backdoors (x86, x64, all ports), malicious
LNK and PDF files with fileformat exploits. It can also help to run
Auto[run|play]/[EXE|LNK|PDF] USB remote infections and dumping all USB
files remotely on multiple targets (and multiple USB drives) at the
same time. A set can b

[ more ]  [ reply ]

Good news everyone!
nSense is releasing a tool which instruments executables during
runtime in order to extract code coverage data. This is done through
runtracing using runtime instrumentation.

Why?
Analyzing code coverage of large or self modifying executables with
various input files is a non-tr

[ more ]  [ reply ]

CVE-2010-3700 - Spring Security - Bypassing of security constraints

Severity:
Important

Vendor:
SpringSource, a division of VMware

Versions affected:
Spring Security 3.0.0 to 3.0.3
Spring Security 2.0.0 t0 2.0.5
Acegi Security 1.0.0 to 1.0.7

Description:
Spring Security does not consider URL

[ more ]  [ reply ]

rPath Security Advisory: 2010-0074-1
Published: 2010-10-27
Products:
rPath Linux 2

Rating: Informational
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
ImageMagick=conary.rpath.com@rpl:2/6.3.6.9-1.2-1

rPath Issue Tracking System:
ht

[ more ]  [ reply ]

Vulnerability ID: HTB22660
Reference: http://www.htbridge.ch/advisory/information_disclosure_in_bloofoxcms_1.h
tml
Product: BloofoxCMS
Vendor: bloofox.com ( http://bloofox.com/ )
Vulnerable Version: 0.3.5 and probably prior versions
Vendor Notification: 13 October 2010
Vulnerability Type: Informat

[ more ]  [ reply ]

Vulnerability ID: HTB22654
Reference: http://www.htbridge.ch/advisory/path_disclosure_in_mybb.html
Product: MyBB
Vendor: MyBB ( http://www.mybb.com )
Vulnerable Version: 1.6
Vendor Notification: 13 October 2010
Vulnerability Type: Path disclosure
Status: Not Fixed, Vendor Alerted, Awaiting Vendor

[ more ]  [ reply ]

Vulnerability ID: HTB22659
Reference: http://www.htbridge.ch/advisory/information_disclosure_in_bloofoxcms.htm
l
Product: BloofoxCMS
Vendor: bloofox.com ( http://bloofox.com/ )
Vulnerable Version: 0.3.5 and probably prior versions
Vendor Notification: 13 October 2010
Vulnerability Type: Information

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02498311
Version: 1

HPSBMI02573 SSRT100227 rev.1 - Palm webOS, webOS Doc Viewer, Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as soon as pos

[ more ]  [ reply ]

A vulnerability has been discovered in WinMerge,which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the application loading libraries in an insecure manner.

Libraries list called is as follows:

? mfc71enu.dll

? mfc71loc.dll

This can be ex

[ more ]  [ reply ]

An old unfixed Windows functional bug was just upgraded to a security bug. Our
researchers have discovered that Windows' inability to consistently expand
environment variables in user and system PATH breaks the binary planting protection
provided by the SetDllDirectory function. The article describ

[ more ]  [ reply ]

Vulnerability ID: HTB22651
Reference: http://www.htbridge.ch/advisory/sql_injection_in_dbhcms.html
Product: DBHcms
Vendor: drbenhur.com ( http://www.drbenhur.com/ )
Vulnerable Version: 1.1.4 and probably prior versions
Vendor Notification: 13 October 2010
Vulnerability Type: SQL Injection
Status:

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02516786
Version: 1

HPSBMI02580 SSRT100254 rev.1 - Palm webOS, Code execution vulnerability in Palm webOS service API

NOTICE: The information in this Security Bulletin should be acted upon as so

[ more ]  [ reply ]

AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities

Name AlstraSoft E-Friends
Vendor http://www.alstrasoft.com
Versions Affected 4.96

Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatoref

[ more ]  [ reply ]