Security News

The finest blend of the latest IT security news headlines, updated every 4 hours.

IT Security News
Regular Security News
Social Media
Tools

Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff

Security Blogs
Microsoft Security Advisories
Mailing Lists

Bookmark + Share

Colour scheme

IT Security News

News ≈ Packet Storm

The Register – Security

Security Bloggers Network

SANS Internet Storm Center, InfoCON: green Infocon: green ISC StormCast for Thursday, May 23rd 2013 http://isc.sans.edu/podcastdetail.html?id=3326, (Thu, May 23rd) MoVP II, (Thu, May 23rd) Wireshark 1.10.0rc2 is now available http://www.wireshark.org/download.html, (Thu, May 23rd) Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame, (Wed, May 22nd) Apple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222, (Wed, May 22nd) Wireshark 1.8.7 and 1.6.15 Released http://www.wireshark.org/news/20130517.html, (Wed, May 22nd) Privilege escalation, why should I care?, (Wed, May 22nd) ISC StormCast for Wednesday, May 22nd 2013 http://isc.sans.edu/podcastdetail.html?id=3323, (Wed, May 22nd) Moore, Oklahoma tornado charitable organization scams, malware, and phishing, (Tue, May 21st) Chrome 27 stable released http://googlechromereleases.blogspot.ca/ some security fixes, (Tue, May 21st)	The H Security Symantec putting an end to PC Tools security products Apple closes QuickTime vulnerabilities on Windows Twitter implements two-factor authentication Chrome 27 comes with better load speeds and security fixes Report: DDoS service as a legitimate, FBI-approved business Bitdefender Clueful exposes Android spies Google: US counterintelligence service was targeted by Chinese hackers Chinese APT1 hacker group ends its spring break Yahoo Japan suspects 22 million user IDs exposed Tails 0.18 can install packages on the fly NetBSD 6.1 and 6.0.2 released Search engine available for Internet Census 2012 data The H Roundup – Skype surveillance, Linux exploit & Android Studio Lost+Found: Hacking Smart TVs, scammer hotlines and Vaccination Skype’s ominous link checking: Facts and speculation Skype’s ominous link checking: facts and speculation	E Hacking News [ EHN ] – The Best IT Security News \| Hacker News Twitter finally introduces Two-step authentication to prevent account hacks @1923Turkz hits Jharkhand police website Reckz0r identified POST SQL Injection vulnerability in Twitter Hacker @Reckz0r breached CNN website and posted fake articles Facebook page of Mancera,Mayor of Mexico City hacked Hacker @1923Turkz breached Federal University of Bahia website 8 Telegraph Twitter accounts and Facebook hacked by Syrian Electronic Army Bangladesh Air Force Career website’s database hacked by @1923Turkz Four Anonymous hacktivists arrested in Italy Globo.com hacked and sub-domains redirect to spam ads Lomonosov Moscow State University and Imperial College London hacked by @1923Turkz South African Police Service website breached by #Anonymous Saudi Arabia Ministry of Defense Mail System compromised by Syrian Electronic Army Bose.cn hacked and database leaked by Ag3nt47 Hackers stole ₹2.4 crore from Mumbai Bank in 3 hours ATM Hacker Boanta invents "Secure Revolving System(SRS)" to prevent ATM thefts
CNET News – Security & Privacy Is protecting intellectual property from cyberthieves futile? Help protect yourself from signed malware in OS X The wide world of hacking in China Kim Dotcom threatens to sue Twitter, others over patent SAP touts service that sells customer data from phone firms Power utilities claim ‘daily’ and ‘constant’ cyberattacks, says report Guantanamo Wi-Fi shuttered after Anonymous hacking threat Google breach may have led to sensitive data leaks Future Firefox takes tougher stance on mixed content Google security: You (still) are the weakest link	IT Security Blog \| TechRepublic Keeping your corporate social media accounts secure Aaron Swartz legacy lives on with New Yorker’s Strongbox: How it works Mission impossible: Data identification and prioritization Security lessons from the 2013 Verizon Data Breach Report Cloud-service contracts and data protection: Unintended consequences Google’s Inactive Account Manager heightens enterprise awareness for securing data Hackers: From innocent curiosity to illegal activity New McAfee patent hints at a more walled-off online world The future of IT security compliance: 201 CMR 17.00 BoxCryptor vs. DropSmack: The battle to secure Dropbox Surveys: Aid security research by sharing your experience Running the gauntlet: Tips for achieving your CISSP Understanding what motivates Chinese hackers How to test Firefox 23 change on unsecured content before it happens DropSmack: Using Dropbox to steal files and deliver malware Securing Bitcoins: Barrage of attacks undermines value	Astalavista removed

Regular Security News
hacking – Google News Phone-hacking victims reject newspapers’ charter proposal – The Guardian Ask Matt: How to profit from computer hacking attacks? – USA TODAY Arizona students accused of hacking their grades – San Francisco Chronicle Two new suspects arrested in British soldier’s hacking death – Los Angeles Times British Mother Confronted Hacking… – ABC News ENRC fears data loss from hacking and stolen laptop – The Guardian The wide world of hacking in China – CNET The real enemy in London hacking death – CNN International Pentagon report says US computer hacking ‘appears to be attributable’ to … – The Verge ‘Hacking Back’ Could Deter Chinese Cyberattacks, Report Says – Huffington Post	computer security – Google News Ask Matt: How to profit from computer hacking attacks? – USA TODAY New Canaan Library offers computer security tips – New Canaan Advertiser County beefs up computer security – The Rushville Republican NIST issues major revision of Core Computer Security Guide: SP 800-53 – SecurityInfoWatch Security experts warn government is making the Internet unsafe – Daily Caller Computer security experts show you how to safeguard your personal accounts … – NewsNet5.com Audit report cites weaknesses in computer security at state agencies – al.com (blog) How the FBI’s online wiretapping plan could get your computer hacked – Washington Post (blog) Local dentist office faced with computer security breach – South Bend Tribune Worried About Computer Security? McAfee Is Launching A New All-In-One … – iDigitalTimes.com	Threat Level WikiLeaks Donations Down to a Trickle Kim Dotcom Claims Ownership of Two-Factor Authentication Obama Stops Championing Treaty That Gives the Blind Better Access to E-Books Hackers Who Breached Google in 2010 Accessed Company’s Surveillance Database Feds Tracked Reporter’s Movements, Personal E-Mail in Criminal Conspiracy Investigation The Strange Story of Marie Antoinette’s Watch Lawmakers Introduce Bill Requiring Court Order to Seize Phone Records LulzSec Hackers Sentenced to Prison by London Court Cops Should Get Warrants to Read Your E-Mail, Attorney General Says Meet the Woman Behind Pakistan’s First Hackathon
Social Media
Reddit /r/netsec – Information Security News & Discussion Uncommon Handle Analysis for IR and Forensics Protecting passwords using SHA256+PBKDF2 hashes (stored in XML files) Identify Back Doors in Firmware By Using Automatic String Analysis Multiple Security Vulnerabilities Reported in X.Org iMAS – iOS Mobile Application Security Development Tools – Encryption and Password Protection for your app (x-post iOSProgramming) Finally released my Nessus results viewer. Fairly basic but others have found it useful. Safe: A Targeted Threat. TrendMicro Whitepaper on Safenet cyber espionage campaign. Automated Volatility Plugin Generation with Dalvik Inspector Exploiting Samsung Galaxy S4 Secure Boot h34dCTF binary and web write-ups Would you knowingly trust an irrevocable SSL certificate? CTF repository since 2011. Lots of great challenges. Dissecting Blackberry 10 – An initial analysis Duplicating house keys using a 3D Printer CVE-2013-2094 perf event exploit ported to x86 New MinimaLT network protocol by Petullo, Zhang, Solworth, DJB, Lange: "Connects faster than TCP, higher security than TLS" [PDF]	Digg is dead	Digg is dead
Delicious/tag/security total-home-security.com 10 simple ways to secure your WordPress site \| Feature \| .net magazine How secure is your WordPress site? \| Webdesigner Depot 20 common WordPress mistakes, myths and misgivings \| Feature \| .net magazine From API key to user with ASP.NET Web API Building Windows Store Applications With jQuery 2.0 \| Nettuts+ Basic Password Security rss.computerworld.com www.securityweek.com Dissidents Fight Back as Governments Step Up Spyware Attacks – Olga Khazan – The Atlantic ESET Latinoamérica – Laboratorio » Blog Archive » Arachni, una alternativa para auditar aplicaciones web www.mi5.gov.uk hawk EDS Lite – Aplicativos para Android no Google Play Where Do You Keep Important Family Documents?	Delicious/tag/hacking YouTube ssc.pdf Shop gehackt – xt:Commerce Webshop Shop Support Chinese Hackers Resume Attacks on U.S. Targets – NYTimes.com PHDays — Positive Hack Days. Contests Hackers Who Breached Google in 2010 Accessed Company’s Surveillance Database \| Threat Level \| Wired.com Deep Inside a DNS Amplification DDoS Attack – CloudFlare blog The Definitive Story of Steve Wozniak, Steve Jobs, and Phone Phreaking – Phil Lapsley – The Atlantic China wants cyber security communication with US Kill the Password: Why a String of Characters Can’t Protect Us Anymore \| Gadget Lab \| Wired.com The Reality Hacker Official Webpage Kill the Password: Why a String of Characters Can’t Protect Us Anymore \| Gadget Lab \| Wired.com Hacked Pacemakers Could Send Deadly Shocks \| TechCrunch twitpic.com Hackito Ergo Sum 2013	Delicious/tag/encryption IBM’s homomorphic encryption library [LWN.net] How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services How can I decrypt SAML with PHP? Digest Authentication with ASP.NET Web API www.vldb.org/pvldb/vol6/p289-tu.pdf siberean – AES encryption of files (and strings) in java with randomization of IV (initialization vector) ssl – How to get the java.security.PrivateKey object from RSA Privatekey.pem (from a file)? – Stack Overflow Ruby rsa encrypt – Stack Overflow Decrypting RSA with Java « Try, Catch… Finally. JAVA RSA decrypt string with private key using bouncy castle Crypto APIs openssl – How to encrypt decrypt with RSA keys in java – Stack Overflow java – RSA decryption with a public key – Stack Overflow Android: decrypt RSA text using a Public key stored in a file – Stack Overflow Convert PHP RSA PublicKey into Android PublicKey – Stack Overflow RSA Encryption Decryption in Android – Stack Overflow
Slashdot: Your Rights Online Bitcoin’s Success With Investors Alienates Earliest Adopters WIPO Panel Says Ron Paul Guilty of Reverse Domain Name Hijacking Main US Weather Satellite Fails As Hurricane Season Looms Curiosity Rewarded: Florida Teen Heading to Space Camp, Not Jail Kim Dotcom Wants Money From Google, Twitter For 2-Factor Authentication Terrorist Murder In London Could Revive Snooper’s Charter One-Time Pad From Caltech Offers Uncrackable Cryptography First Government Lawsuit Against a Patent Troll Why We Should Celebrate Snapchat and Encourage Ephemeral Communication Teens, Social Media, and Privacy Tesla Motors Repays $465M Government Loan 9 Years Early NYPD Detective Accused of Hiring Email Hackers OSI President Questions WebM Patent License Compatibility with Open Source Thousands of Whistle Blowers Vulnerable After Anonymous Hacks SAPS Special Ops Takes Its Manhunts Into Space EPA Makes a Rad Decision	Got any bright ideas about what to put here?	I’m sure you can think of something with an rss feed

Tools

Security Tool Files ≈ Packet Storm

Obeseus Distributed Denial Of Service Detector 7.1a Obeseus is a light-weight, high-speed ip DDOS detector that has been designed to run on an Intel probe running an advanced 10 Gb/s FPGA card. It detects TCP floods, Fragment Floods, raw ICMP/TCP/UDP, reflected (DNS / SMURF) and BOGON misuse. It also detects application misuse in HTTP and UDP.
360-FAAR Firewall Analysis Audit And Repair 0.4.4 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
CodeCrypt 1.1 codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.
Sanewall 1.0.2 Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any pur. […]
ipset 6.19 ipset allows administration of sets of IP addresses/networks, ports, MAC addresses, and interfaces, which are stored in hash or bitmap data structures. These can then be used in conjunction with iptables to do fast presence lookups.
Packet Fence 4.0.0 PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration. […]
Bing LFI / RFI Scanner This is a python script for searching Bing for sites that may have local and remote file inclusion vulnerabilities.
Sanewall 1.1.1 Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any pur. […]
NTDS Hash Decoder 01.b This application dumps LM and NTLM hashes from active accounts stored in an Active Directory database.
CodeCrypt 1.0 codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.
Sanewall 1.1.0 Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any pur. […]
Multithreaded SQL Injector This is a SQL injection tool similar to havij but is super fast per the author.
ClamWin 0.97.8 ClamWin is a free antivirus solution for Windows that uses the well-respected ClamAV scanning engine. It includes a virus scanner, scheduler, virus database updates, context menu integration to MS Windows Explorer and Add-in to MS Outlook. Also features easy setup program.
WAF-FLE ModSecurity Console 0.6.0 WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in de. […]
Internet Explorer 7/8/9 Password Dumper 1.0 This tool demonstrates how to decode Internet Explorer 7, 8 and 9 passwords. Win32 binary and source code included.
Sanewall 1.0.0 Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any pur. […]

CNET Download.com Security Software New Releases

McAfee Deep Defender 05/23/13 – Protect your PC from all kinds of virus threats.
IObit Malware Fighter 05/23/13 – Protect your PC in real time from malware & spyware.
Protector Plus Internet Security 64 Bit 05/23/13 – Protect your PC against various kinds of threats.
Company Guard Security Software 05/23/13 – Protect your PC against malicious files, viruses, and hacker attacks.
McAfee Labs Stinger 05/23/13 – Find and remove specific viruses from your PC.
McAfee Labs Stinger (64-Bit) 05/23/13 – Find and remove specific viruses from your PC.
My Lockbox 05/23/13 – Hide, lock, and password protect any files.
Antivirus Live CD 05/23/13 – Check your system for viruses with a lightweight antivirus on a CD.
Kruptos 2 Professional 05/23/13 – Password protect your photos, movies, documents, or any other files with 256-bit encryption.
USB Disk Security 05/23/13 – Protect against any threats via USB drive and protect offline computer.

empty

What security software source do you want to see here?

Exploits

Exploit Files ≈ Packet Storm

AVE.CMS 2.09 Blind SQL Injection AVE.CMS versions less than 2.09 suffer from a remote blind SQL injection vulnerability in the “module” parameter. This is a proof of concept exploit. This issue is addressed in later versions.
vBulletin 5b SQL Injection This is an SQL Injection proof of concept that will display information about the vBulletin software and the admin details from the database. It can be adjusted to read any part of the database.
Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow This Metasploit module exploits a stack buffer overflow in versions 1.3.9 to 1.4.0 of nginx. The exploit first triggers an integer overflow in the ngx_http_parse_chunked() by supplying an overly long hex value as chunked block size. This value is later used when determining the number of bytes to re. […]
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Int. […]
Weyal CMS SQL Injection Weyal CMS suffers from a remote SQL injection vulnerability. Note that this finding has site-specific information.
Spider Event Calendar 1.3.0 Cross Site Scripting / Path Disclosure / SQL Injection Spider Event Calendar version 1.3.0 is a WordPress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
Spider Catalog 1.4.6 Cross Site Scripting / Path Disclosure / SQL Injection Spider Catalog version 1.4.6 is a WordPress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
WordPress Flagallery-Skins SQL Injection WordPress Flagallery-skins plugin suffers from an SQL Injection vulnerability. Note that this advisory has site-specific information.
Kimai 0.9.2.1306-3 SQL Injection Kimai version 0.9.2.1306-3 suffers from a remote SQL injection vulnerability.
Ophcrack 3.50 Buffer Overflow / Code Execution Ophcrack version 3.5.0 suffers from stack based buffer overflow vulnerability that leads to local code execution.
Linksys WRT160n apply.cgi Remote Command Injection Some Linksys Routers are vulnerable to an authenticated OS command injection on their web interface where default credentials are admin/admin or admin/password. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. Thi. […]
Sony PS3 Firmware 4.31 Code Execution A local code execution vulnerability is detected in the official PlayStation 3 v4.31 Firmware. The vulnerability allows local attackers to inject and execute code out of vulnerable PlayStation 3 menu main web context.
Trend Micro DirectPass 1.5.0.1060 Command Injection / Denial Of Service Trend Micro DirectPass 1.5.0.1060 suffers from local command/path injection, persistent code injection, and a denial of service vulnerability.
WordPress ProPlayer Plugin SQL Injection WordPress ProPlayer Plugin version 4.7.9.1 suffers from a remote SQL injection vulnerability. Note that this advisory has site-specific information.
D-Link DIR615h OS Command Injection Some D-Link Routers are vulnerable to an authenticated OS command injection on their web interface, where default credentials are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. Thi. […]

Exploit-DB updates

[remote] – Linksys WRT160nv2 apply.cgi Remote Command Injection Linksys WRT160nv2 apply.cgi Remote Command Injection
[papers] – GAME ENGINES: A 0-DAY’S TALE GAME ENGINES: A 0-DAY’S TALE
[webapps] – Kimai 0.9.2.1306-3 – SQL Injection Vulnerability Kimai 0.9.2.1306-3 – SQL Injection Vulnerability
[remote] – D-Link DIR615h OS Command Injection D-Link DIR615h OS Command Injection
[dos] – win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase
[local] – Ophcrack 3.5.0 – Local Code Execution BOF Ophcrack 3.5.0 – Local Code Execution BOF
[remote] – Mutiny 5 Arbitrary File Upload Mutiny 5 Arbitrary File Upload
[webapps] – ZPanel templateparser.class.php Crafted Template Remote Command Execution ZPanel templateparser.class.php Crafted Template Remote Command Execution
[webapps] – Exponent CMS 2.2.0 beta 3 – Multiple Vulnerabilities Exponent CMS 2.2.0 beta 3 – Multiple Vulnerabilities
[dos] – nginx 1.3.9-1.4.0 DoS PoC nginx 1.3.9-1.4.0 DoS PoC

Securityvulns exploits channel

huaweisnmpex.py Huawei SNMPv3 service buffer overflow PoC
dlinkcamab.py D-Link RTSP Authentication Bypass
pfsboex.pl Personal File Share HTTP Server Remote Overflow Vulnerability Exploit
http://forums.comodo.com/10551086108810911089108910821080-russian/eth%20ethplusmnn%20ethfrac34ethacute-ethmiddotethdegn%20ethcediln%20n%20-cis-v-602607392674-t89574.0.html Обход защиты CIS
centrifyex.c Local root exploit for Centrify Deployment Manager
ibmdirectorex.pl IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday)
FreeFTPD_0day_src.zip FreeFTPD all versions Remote System Level Exploit Zero-Day
FreeSSHD_0day.zip FreeSSHD all version Remote Authentication Bypass ZERODAY
mysql_win_remote_stuxnet_technique.zip MySQL Scanner & MySQL Server for Windows Remote SYSTEM Level Exploit
mysql_userenum.pl MySQL Remote Preauth User Enumeration Zeroday
mysql-dos.txt MySQL Denial of Service Zeroday PoC
mysql_privilege_elevation.pl MySQL (Linux) Database Privilege Elevation Zeroday Exploit
mysql_heapoverrun.pl MySQL (Linux) Heap Based Overrun PoC Zeroday
mysql_bufferoverrun.pl MySQL (Linux) Stack based buffer overrun PoC Zeroday
hardcoreviewex.pl Hardcoreview WriteAV Arbitrary Code Execution
vlcreadavex.pl VLC Player 2.0.3

1337day.com

Vulnerabilities

Advisory Files ≈ Packet Storm

Bugtraq

SecurityFocus Vulnerabilities

A feed could not be found at http://secunia.tumblr.com/rss

Unofficial Secunia Security Advisories

Security Videos & Podcasts

SecurityTube.Net

PaulDotCom

Risky Business

Other Stuff

Hack a Day

Announcement

Announcements go here.

Files ≈ Packet Storm

AVE.CMS 2.09 Blind SQL Injection AVE.CMS versions less than 2.09 suffer from a remote blind SQL injection vulnerability in the “module” parameter. This is a proof of concept exploit. This issue is addressed in later versions.
vBulletin 5b SQL Injection This is an SQL Injection proof of concept that will display information about the vBulletin software and the admin details from the database. It can be adjusted to read any part of the database.
Apple Security Advisory 2013-05-22-1 Apple Security Advisory 2013-05-22-1 – QuickTime 7.7.4 is now available and addresses multiple issues including buffer overflows and arbitrary code execution vulnerabilities.
IBM WebSphere DataPower 3.8.2 / 4.0.x / 5.0 Cross Site Scripting IBM WebSphere DataPower Integration Appliance XI50 versions 3.8.2, 4.0, 4.0.1, 4.0.2, 5.0.0 suffer from a cross site scripting vulnerability.
Debian Security Advisory 2677-1 Debian Linux Security Advisory 2677-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Red Hat Security Advisory 2013-0849-01 Red Hat Security Advisory 2013-0849-01 – Red Hat provides a Red Hat Enterprise Linux 6.4 KVM Guest Image for cloud instances. This image is provided as a minimally configured system image which is available for use as-is or for configuration and customization as required by end users. The Red Hat En. […]
Debian Security Advisory 2692-1 Debian Linux Security Advisory 2692-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2691-1 Debian Linux Security Advisory 2691-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2690-1 Debian Linux Security Advisory 2690-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2673-1 Debian Linux Security Advisory 2673-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2674-1 Debian Linux Security Advisory 2674-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2675-1 Debian Linux Security Advisory 2675-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2676-1 Debian Linux Security Advisory 2676-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2689-1 Debian Linux Security Advisory 2689-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2688-1 Debian Linux Security Advisory 2688-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2687-1 Debian Linux Security Advisory 2687-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]

Files ≈ Packet Storm

AVE.CMS 2.09 Blind SQL Injection AVE.CMS versions less than 2.09 suffer from a remote blind SQL injection vulnerability in the “module” parameter. This is a proof of concept exploit. This issue is addressed in later versions.
vBulletin 5b SQL Injection This is an SQL Injection proof of concept that will display information about the vBulletin software and the admin details from the database. It can be adjusted to read any part of the database.
Apple Security Advisory 2013-05-22-1 Apple Security Advisory 2013-05-22-1 – QuickTime 7.7.4 is now available and addresses multiple issues including buffer overflows and arbitrary code execution vulnerabilities.
IBM WebSphere DataPower 3.8.2 / 4.0.x / 5.0 Cross Site Scripting IBM WebSphere DataPower Integration Appliance XI50 versions 3.8.2, 4.0, 4.0.1, 4.0.2, 5.0.0 suffer from a cross site scripting vulnerability.
Debian Security Advisory 2677-1 Debian Linux Security Advisory 2677-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Red Hat Security Advisory 2013-0849-01 Red Hat Security Advisory 2013-0849-01 – Red Hat provides a Red Hat Enterprise Linux 6.4 KVM Guest Image for cloud instances. This image is provided as a minimally configured system image which is available for use as-is or for configuration and customization as required by end users. The Red Hat En. […]
Debian Security Advisory 2692-1 Debian Linux Security Advisory 2692-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2691-1 Debian Linux Security Advisory 2691-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2690-1 Debian Linux Security Advisory 2690-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2673-1 Debian Linux Security Advisory 2673-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2674-1 Debian Linux Security Advisory 2674-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2675-1 Debian Linux Security Advisory 2675-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2676-1 Debian Linux Security Advisory 2676-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2689-1 Debian Linux Security Advisory 2689-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2688-1 Debian Linux Security Advisory 2688-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]
Debian Security Advisory 2687-1 Debian Linux Security Advisory 2687-1 – Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitizing may lead to privilege escalation or denial of serv. […]

Security Blogs

Security Bloggers Network Cloud Computing Trends Report: Understanding IT Maturity Practices Book Review: The Phoenix Project HP ArcSight is named in leaders quadrant in Gartner 2013 SIEM report, 10 years in a rwo and counting Funky Juniper URLs How do I protect my online accounts from being hacked? Cyber threats hit close to home Study Shows Teens Adopting New Social Media and Reducing Facebook Dependency Yes, I know it’s not Sunday…Shared from Richi Jennings: Sunday Circle Share of Awesome… Yes, I know it’s not Sunday…Shared from Richi Jennings: Sunday Circle Share of Awesome… ZAccess/Sirefef.P Artifacts Sophos RED scoops “Protector Award” at this year’s AusCERT conference From a Site Compromise to Full Root Access – Symlinks to Root – Part I Microsoft Remote Connectivity Analyzer Don’t drone me, bro Black Hat: Chief Engineer of NASA’s Jet Propulsion Laboratory To Keynote Day Two Of Black Hat USA 2013 Video game console hacking	Schneier on Security One-Shot vs. Iterated Prisoner’s Dilemma "The Global Cyber Game" DDOS as Civil Disobedience Surveillance and the Internet of Things Security Risks of Too Much Security Friday Squid Blogging: Striped Pyjama Squid Pet Sculpture Applied Cryptography on Elementary Bluetooth-Controlled Door Lock Transparency and Accountability 2007 NSA Manual on Internet Hacking Friday Squid Blogging: Squid Festival in Monterey The Onion on Browser Security	LinuxSecurity.com – Latest News Watch out for waterhole attacks — hackers’ latest stealth weapon Reporters sued as ‘hackers’ for finding a security hole with Google Bitdefender Clueful exposes Android spies Guantanamo Wi-Fi shuttered after Anonymous hacking threat Critical Linux vulnerability imperils users, even after "silent" fix Exploit for local Linux kernel bug in circulation – Update Hackers From China Resume Attacks on U.S. Targets Pressure mounts for building in security during application development Large Attacks Hide More Subtle Threats In DDoS Data How to hack an electric car-charging station LulzSec Hackers Sentenced In London How a Career Con Man Led a Federal Sting That Cost Google $500 Million
TaoSecurity Practice of Network Security Monitoring Table of Contents Bejtlich Teaching New Class at Black Hat in July Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days Recovering from Suricata Gone Wild Using Bro to Log SSL Certificates Practical Network Security Monitoring Book on Schedule On Thought Leadership and Non-Technical Relevance How to Win This TCP/IP Book Bejtlich’s New Book: Planned for Summer Publication Happy 10th Birthday TaoSecurity Blog Welcome to Network Security Monitoring in the Cloud Security Onion + (ELSA or Snorby) + CapMe = Awesome Best Book Bejtlich Read in 2012 2012: The Year I Changed What I Read Five No Starch Books for Kids, Reviewed by Kids The Value of Branding and Simplicity to Certifications	XML error: Invalid character at line 112, column 35 SecuriTeam Blogs Password reset questions “New” ideas about distributed computing? S. Korea Cyber Attack Crashes Navigation Devices. Time to fuzz your GPS? The Users are smarter than we give them credit for Western society is WEIRD [1] Read this book. If you have anything to do with security, read this book. REVIEW: Identity Theft Manual: Practical Tips, Legal Hints, and Other Secrets Revealed, Jack Nuern Memory lane … Online forum rule haikus Secure Awareness mottoes and one-liners Official (ISC)2 Guide to the CISSP CBK The death of AV. Yet again. Comparison Review: AVAST! antiviral Beware! The “Metavirus”! 10 Skills Needed to be a Successful Pentester Bell bull	Open Malware – Community Malicious code research and analysis New Search System, No More Accounts Needed [1] State of Offensive Computing VizSec 2012 Call for Papers Out Scalable, Automated Baremetal Malware Analysis BHO Reversing Practical Malware Analysis – A Book Review and Curmudgeonly Rant on the State of Reverse Engineering CAST Slides: Hunting malware with Volatility v2.0 The WOW-Effect: Imho something the IT-Security community should be aware of … Introduction to IDA Python CSI:Internet series – Spyeye detection with Volatility v2 and kernel debugging the TDL4 rootkit
Darknet – The Darkside PentesterLab.com – Excercises To Learn Penetration Testing New eLearnSecurity Course – WAPT – Web Application Penetration Testing Large Scale Botnet Brute Force Password Cracking Against WordPress Sites HoneyDrive Desktop v0.2 Released – Honeypot LiveCD Andrew Auernheimer AKA Weev Gets 41 Months Jail Time For GET Requests SSLyze v0.6 Available For Download – SSL Server Configuration Scanning Tool Evernote Hacked – ALL Users Required To Reset Passwords ARPwner – ARP & DNS Poisoning Attack Tool Apple, Facebook & Hundreds More Hacked By 0-Day Java Exploit Weevely – PHP Stealth Tiny Web Shell	The Dark Visitor Unnatural Selection by Mara Hvistendahl Unemployed PRC prick hacks TV contestants’ webcams (RSA tokens probably not involved) Word cloud and Word document for 2011 White Paper on National Defense FBI: $11 million worth of unauthorized wire transfers to China The online “Water Army” Chinese hackers bringing the world together Shock: Chinese hackers not supporting the Jasmine Revolution China’s White Paper on National Defense 2010 Chinese hackers suspected in compromise of Australian PM’s computer South Korean firms paying Chinese hackers	WhiteHat Security Blog Interview With A Blackhat (Part 3) Interview With A Blackhat (Part 2) Interview With A Blackhat (Part 1) InfoSec Europe Wrapup The State of Web Security Why You Should Overload WebSite Errors “How does WhiteHat Security approach BYOD?” Tor Hidden-Service Passive De-Cloaking Simple Vulnerabilities Aren’t Always Simple Checklist To Prepare Yourself In Advance of a DDoS Attack
cr0 blog Introducing Chrome’s next-generation Linux sandbox Javocalypse There’s a party at Ring0, and you’re invited CVE-2010-0232: Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack Virtualization security and the Intel privilege model CVE-2009-2267: Mishandled exception on page fault in VMware Security in Depth for Linux Software CVE-2009-2793: Iret #GP on pre-commit handling failure: the NetBSD case CVE-2009-2698: udp_sendmsg() vulnerability Linux NULL pointer dereference due to incorrect proto_ops initializations (CVE-2009-2692) Old school local root vulnerability in pulseaudio (CVE-2009-1894) Bypassing Linux’ NULL pointer dereference exploit prevention (mmap_min_addr) Time-stamp counter disabling oddities in the Linux kernel Write once, own everyone, Java deserialization issues Local bypass of Linux ASLR through /proc information leaks Interesting vulnerability in udevd	HITBSecNews – Keeping Knowledge Free for Over a Decade Spam and the Byzantine Empire: How Bitcoin tech REALLY works Tavis Ormandy bashes Microsoft’s handling of security researchers, drops Windows zero-day 5 Steps To Implementing A Mobile Data Security Policy Next-generation firewalls provide protection but add to workload Hackers Find China Is Land of Opportunity Teenager creates device that could charge your phone in under 30 seconds U.S. urged to ban foreign firms that steal intellectual property String theory may limit space brain threat Wi-Fi chip pushes 1.7Gbps over four streams using 802.11ac standard Twitter finally launched two-factor authentication – Here’s how to enable it Reporters use Google, find breach, get branded as "hackers" Google’s Chrome team developing app launcher for Mac Chinese hackers said to have accessed law enforcement targets The true root causes of software security failures Practice Makes Perfect? Not So Much, New Research Finds Hacker claims successful attack on CNN	Krebs on Security NC Fuel Distributor Hit by $800,000 Cyberheist Krebs, KrebsOnSecurity, As Malware Memes Conversations with a Bulletproof Hoster Ragebooter: ‘Legit’ DDoS Service, or Fed Backdoor? Microsoft, Adobe Push Critical Security Updates DDoS Services Advertise Openly, Take PayPal A Stopgap Fix for the IE8 Zero-Day Flaw Trade Sanctions Cited in Hundreds of Syrian Domain Seizures Zero-Day Exploit Published for IE8 Alleged SpyEye Seller ‘Bx1′ Extradited to U.S.

The Ethical Hacker Network RSS News Feed

Carnal0wnage & Attack Research Blog

Daily Dave

ha.ckers.org web application security lab

Security4all – Dedicated to digital security, enterprise 2.0 and presentation skills

Metasploit

DVLabs: Blogs

The RISKS Digest

A feed could not be found at http://feeds.voices.washingtonpost.com/wp/securityfix/index

Post Politics: Breaking Politics News, Political Analysis & More – The Washington Post

Microsoft Security Advisories

MSRC

May 2013 Security Bulletin Webcast, Q&A, and Slide Deck For those who couldn’t attend the live webcast, today we’re publishing the May 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer (MS13-037 and MS13-038). […]
Microsoft Customer Protections for May 2013 Today, we are releasing 10 bulletins, addressing 33 vulnerabilities in Microsoft products. Before we get into the details, we wanted to first let our enterprise customers know about a change in how we’re communicating technical details within our security advisories. Starting today, customers will. […]
Advance Notification Service for the May 2013 Security Bulletin Release Today we’re providing Advance Notification of 10 bulletins for release on Tuesday, May 14, 2013. This release brings two Critical and eight Important-class bulletins, which address 33 unique vulnerabilities. The Critical-rated bulletins address issues in Microsoft Windows and Internet Explorer. Of. […]
Fix it for Security Advisory 2847140 is available We have updated Security Advisory 2847140 to include an easy, one-click Fix it to address the known attack vectors. The Fix it is available to all customers and helps prevent known attacks that leverage the vulnerability to execute code and should not affect your ability to browse the Web. Additiona. […]
Microsoft Releases Security Advisory 2847140 Today, we released Security Advisory 2847140 regarding an issue that impacts Internet Explorer 8. Internet Explorer 6, 7, 9 and 10 are not affected by the vulnerability. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occu. […]
New update available for MS13-036 Portuguese (Brazil), Русский Today we released a new update to replace KB2823324, which was originally made available through MS13-036. As we previously discussed, we stopped distributing this update when we learned some customers were having issues. The new update, KB2840149, still addres. […]
April 2013 Security Bulletin Webcast, Q&A, and Slide Deck Today we’re publishing the April 2013 Security Bulletin Webcast Questions & Answers page. We fielded nine questions during the webcast, with almost half of those focused on the Remote Desktop Client bulletin (MS13-024). One question that was not answered on air has been included on the Q&A pag. […]
KB2839011 Released to Address Security Bulletin Update Issue Portuguese (Brazil), Русский We are aware that some of our customers may be experiencing difficulties after applying security update 2823324, which we provided in security bulletin MS13-036 on Tuesday, April 9. We’ve determined that the update, when paired with certain third-party softwar. […]
Out with the old, in with the April 2013 security updates Windows XP was originally released on August 24, 2001. Since that time, high-speed Internet connections and wireless networking have gone from being a rarity to the norm, and Internet usage has grown from 360 million to almost two-and-a-half billion users. Thanks to programs like Skype, we now make. […]
Advance Notification Service for the April 2013 Security Bulletin Release In celebration of spring’s onset, today we’re providing advance notification for the April 2013 release of nine bulletins; two Critical and seven Important. The Critical bulletins address vulnerabilities in Microsoft Windows and Internet Explorer, and the seven Important-rated bulletins will add. […]

Microsoft Sec Notification

Microsoft Security Bulletin Minor Revisions Posted by Microsoft on May 23******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: May 23, 2013 ******************************************************************** Summary ======= The following bulletins have undergone minor. […]
Microsoft Security Bulletin Minor Revisions Posted by Microsoft on May 22******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: May 22, 2013 ******************************************************************** Summary ======= The following bulletins have undergone minor. […]
Microsoft Security Bulletin Minor Revisions Posted by Microsoft on May 16******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: May 15, 2013 ******************************************************************** Summary ======= The following bulletins have undergone minor. […]
Microsoft Security Advisory Notification Posted by Microsoft on May 14******************************************************************** Title: Microsoft Security Advisory Notification Issued: May 14, 2013 ******************************************************************** Security Advisories Updated or Released Today ==================. […]
Microsoft Security Bulletin Minor Revisions Posted by Microsoft on May 14******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: May 14, 2013 ******************************************************************** Summary ======= The following bulletins have undergone minor. […]
Microsoft Security Bulletin Summary for May 2013 Posted by Microsoft on May 14******************************************************************** Microsoft Security Bulletin Summary for May 2013 Issued: May 14, 2013 ******************************************************************** This bulletin summary lists security bulletins released for May. […]
Microsoft Security Bulletin Advance Notification for May 2013 Posted by Microsoft on May 09******************************************************************** Microsoft Security Bulletin Advance Notification for May 2013 Issued: May 9, 2013 ******************************************************************** This is an advance notification of security bulleti. […]
Microsoft Security Advisory Notification Posted by Microsoft on May 08******************************************************************** Title: Microsoft Security Advisory Notification Issued: May 8, 2013 ******************************************************************** Security Advisories Updated or Released Today ===================. […]
Microsoft Security Advisory Notification Posted by Microsoft on May 04******************************************************************** Title: Microsoft Security Advisory Notification Issued: May 3, 2013 ******************************************************************** Security Advisories Updated or Released Today ===================. […]
Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 26******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 26, 2013 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 24******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 24, 2013 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
Microsoft Security Bulletin Re-Releases Posted by Microsoft on Apr 23******************************************************************** Title: Microsoft Security Bulletin Re-Releases Issued: April 23, 2013 ******************************************************************** Summary ======= The following bulletins have undergone a major. […]
Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 18******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 17, 2013 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 16******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 16, 2013 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
Microsoft Security Bulletin Summary for April 2013 Posted by Microsoft on Apr 09******************************************************************** Microsoft Security Bulletin Summary for April 2013 Issued: April 9, 2013 ******************************************************************** This bulletin summary lists security bulletins released for. […]

Mailing Lists

Full Disclosure

Show In Browser 0.0.3 Ruby Gem /tmp fileinjection vulnerability Posted by Larry W. Cashdollar on May 24TITLE: Show In Browser 0.0.3 Ruby Gem /tmp file injection vulnerability. DATE: 5/15/2023 AUTHOR: Larry W. Cashdollar (@_larry0) DOWNLOAD: https://rubygems.org/gems/show_in_browser DESCRIPTION: Opens arbitrary text in your browser VENDOR: Jonathan Leung FIX: N/A. […]
little proof-of-concept for remote traffic statistics using the IP ID field Posted by Jann Horn on May 23Hello, I built a small C helper for remotely generating traffic statistics using the IP ID field. Well, hping3 does all the interesting stuff. This program will just, every five minutes, send 20 SYN packets in intervals of 100ms to port 80 of the target machine, then sum. […]
Question on SMBRelay through Meterpreter Posted by sd on May 23Hi guys, Does anyone here have any experience with SMBRelay? Specifically running this module on a meterpreter session? Imagine I run: run autoroute -s 10.1.13.0/24 and the IP of the meterpreter client is 10.1.13.26. If I set the SRVHOST to listen on this address w. […]
XSS and FPD vulnerabilities in I Love It Newtheme for WordPress Posted by MustLive on May 23Hello list! These are Cross-Site Scripting and Full path disclosure vulnerabilities in I Love It New theme for WordPress. This is commercial (premium) theme. Earlier I've wrote about vulnerabilities in VideoJS (http://seclists.org/fulldisclosure/2013/May/21) and in m. […]
[SECURITY] [DSA 2692-1] libxxf86vm security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2692-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2691-1] libxinerama securityupdate Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2691-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2690-1] libxxf86dga securityupdate Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2690-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2673-1] libdmx security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2673-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2674-1] libxv security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2674-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2675-1] libxvmc security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2675-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2676-1] libxfixes security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2676-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2689-1] libxtst security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2689-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2688-1] libxres security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2688-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2687-1] libfs security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2687-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]
[SECURITY] [DSA 2686-1] libxcb security update Posted by Moritz Muehlenhoff on May 23————————————————————————- Debian Security Advisory DSA-2686-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq ——————————. […]

Top WordPress blogs