Security News Portal - Computer Network Virus Security News Main Index  InfoSysSec.com   
SecurityChatX.com   
SecurityForumX.com   
SecurityNewsPortal.com   
HomelandSecurityX.com   
SNP HomeAbout SNPSubmit NewsForumsChat RoomsPollsComicContact SNP
Front Page NewsPage 1Page 2Page 3Page 4Page 5Page 6Page 7Page 8

Download your free 30 day evaluation version today!

Centralized event log
management made easy

Download your free 30 day
evaluation version today!






Click here to request information about our low low banner ad space rates



2-in-1 Masters Program
Info Sys Sec & Business Management
Click here for more information



   Latest Bug Reports
   from Security Focus
 

  • Postfix Local Information Disclosure and Local Privilege Escalation
  • Postfix 'epoll' Linux Event Handler Local Denial of Service
  • Microsoft Windows SeImpersonatePrivilege Local Privilege Escalation
  • Ruby 'rb_ary_fill()' Remote Denial Of Service
  • Ruby 'regex.c' Remote Denial Of Service
  • Ruby Multiple Security Bypass and Denial of Service
  • Ruby REXML Remote Denial Of Service
  • PHP 5.2.5 and Prior Versions Multiple
  • PHP cURL 'safe mode' Security Bypass
  • ClamAV 'chmunpack.c' Invalid Memory Access Denial Of Service
  • Stash 1.0.3 Multiple SQL Injection
  • ClamAV Multiple Unspecified Memory Corruption
  • MySQL MyISAM Table Privileges Secuity Bypass
  • MySQL Rename Table Function Access Validation
  • MySQL Server RENAME TABLE System Table Overwrite
  • Computer Associates ARCserve Backup Multiple Remote
  • Avaya IP Softphone Remote Denial Of Service
  • OpenSSL 'zlib' Compression Memory Leak Remote Denial of Service
  • Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing
  • Condor Prior to 7.0.5 Multiple Security
  • D-Bus 'dbus_signature_validate()' Type Signature Denial of Service
  • Vim Insecure Temporary File Creation
  • Vim Insufficient Shell Escaping Multiple Command Execution
  • KDE Konqueror JavaScript 'load' Function Denial of Service
  • Scriptsez Easy Image Downloader 'main.php' Local File Include
  • Sun Java System Web Proxy Server FTP Subsytem Heap Based Buffer Overflow
  • Mozilla Firefox/SeaMonkey UTF-8 Stack-Based Buffer Overflow
  • Microsoft GDI+ VML Heap-Based Buffer Overflow
  • Apache Tomcat WebDav Remote Information Disclosure
  • Apache Tomcat Cookie Quote Handling Remote Information Disclosure
  • Apache Tomcat UTF-8 Directory Traversal
  • Apache Tomcat 'RequestDispatcher' Information Disclosure
  • Vim Vim Script Multiple Command Execution
  • Apache Tomcat Host Manager Cross Site Scripting
  • Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting
  • PCRE Regular Expression Heap Based Buffer Overflow
  • PCRE Character Class Buffer Overflow
  • Apache 'mod_proxy_http' Interim Response Denial of Service
  • Apache Tomcat Parameter Processing Remote Information Disclosure
  • yaSSL Multiple Remote Buffer Overflow
  • IranMC Arad Center 'news.php' SQL Injection
  • Joomtracker 'id' Parameter SQL Injection
  • DATAC RealWin SCADA Server Remote Stack Buffer Overflow
  • ModSecurity Transformation Caching Security Bypass
  • Linux Kernel s390 ptrace Denial Of Service
  • Gentoo 'sys-apps/portage' Search Path Local Privilege Escalation
  • GForge Multiple SQL Injection
  • Pre News Manager 'news_detail.php' SQL Injection
  • HP OpenView Network Node Manager 'ovtopmd' Variant Unspecified Denial of Service
  • Kusaba 'paint_save.php' Remote Code Execution
  • Avaya Communication Manager Web Administration Multiple Security
  • Avaya Communication Manager Web Server Configuration Unauthorized Access
  • Drupal Multiple Remote Access Validation and Weaknesses



    •    Latest Vulnerability Postings at BugTraq and NT Bugtraq
     

  • [USN-651-1] Ruby vulnerabilities
  • ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability
  • [SECURITY] CVE-2008-3271 - Apache Tomcat information disclosure
  • CA ARCserve Backup Multiple Vulnerabilities
  • [ GLSA 200810-02 ] Portage: Untrusted search path local root vulnerability
  • Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public.
  • Re: Token Kidnapping Windows 2003 PoC exploit
  • [security bulletin] HPSBMA02374 SSRT080046 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
  • PR07-31: Unauthenticated SQL Injection, XSS on Login Page and Username Enumeration on DPSnet Case Progress
  • News Manager Remote SQL Injection Vulnerability
  • Re: News Manager Remote SQL Injection Vulnerability
  • [security bulletin] HPSBMA02362 SSRT080044, SSRT080045, SSRT080042 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS), Execute Arbitrary Code
  • PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
  • Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
  • Re: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
  • Re[2]: PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection
  • [security bulletin] HPSBMA02376 SSRT080099 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS)
  • FC2 BLOG Cross-Site Scripting Vulnerabilities
  • ZDI-08-066: Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability
  • Token Kidnapping Windows 2003 PoC exploit
  • ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability
  • ZDI-08-064: Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability
  • ZDI-08-063: Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability
  • Re: Motorola Timbuktu's Internet Locator Service real-time data exposed to public.
  • [SECURITY] [DSA 1649-1] New iceweasel packages fix several vulnerabilities
  • [SECURITY] [DSA 1648-1] New mon packages fix insecure temporary files
  • Windows Mobile 6 insecure password handling and too short WLAN-password
  • Advisory: Graphviz Buffer Overflow Code Execution
  • Cisco Security Advisory: Authentication Bypass in Cisco Unity


    Cartoons provided under license by the Copyright holderRandy Glasbergen


    •    K-Otik Latest Security Vulnerabilities
     

  • Sun Java System Web Proxy Server FTP Heap Overflow
  • Apple Mac OS X Code Execution and Security Bypass
  • Nortel Multimedia Communication Server Multiple
  • HP System Management Homepage Cross Site Scripting
  • CA Products Code Execution and Denial of Service
  • Avaya VP and AES LibTIFF Buffer Underflow
  • Avaya IP Softphone H.323 Remote Denial of Service
  • Avaya Communication Manager Information Disclosure
  • Avaya Products Wireshark Remote Denial of Service
  • Avaya Communication Manager Code Injection
  • Cisco Unity Security Bypass and Denial of Service
  • Symantec Gear Device Driver Local Privilege Escalation
  • Microsoft Windows Kernel Local Integer Overflow
  • Opera Remote Code Execution and Information Disclosure
  • Adobe Flash Player Clickjacking Security Bypass
  • FreeRADIUS "dialup_admin" Insecure Temporary Files
  • D-Bus Signature Validation Local Denial of Service
  • Condor Buffer Overflow and Multiple Security Bypass
  • asiCMS "[asicms][path]" Parameter File Inclusion
  • Yerba SACphp "mod" Parameter Local File Inclusion
  • IBM Lotus Quickr Denial of Service and Security Bypass
  • Wind River VxWorks NDP Information Disclosure
  • Juniper Networks Products NDP Information Disclosure
  • Force10 FTOS Routers NDP Information Disclosure
  • iseemedia LPViewer ActiveX Control Code Execution
  • HP-UX NFS/ONCplus Remote Denial of Service
  • MetaGauge HTTP Request Remote Directory Traversal
  • Serv-U Directory Traversal and Denial of Service
  • Dovecot ACL Plugin Rights Handling Security Bypass
  • Lighttpd Remote Denial of Service and Security Bypass



    •    Latest Bug Reports
       from Help-Net
     

  • Gentoo Linux Security Advisory - WordNet Execution of arbitrary code GLSA 200810-01
  • Ubuntu Security Notice - ruby1.8 vulnerabilities USN-651-1
  • Apple Security Update - APPLE-SA-2008-10-09 Security Update 2008-007
  • Gentoo Linux Security Advisory - Portage Untrusted search path local root vulnerability GLSA 200810-02
  • Cisco Security Advisory - VoIPshield Reported Vulnerabilities in Cisco Unity Server
  • SUSE Security Announcement - MozillaFirefox MozillaThunderbird seamonkey mozilla SUSE-SA2008050
  • Cisco Security Advisory - Authentication Bypass in Cisco Unity cisco-sa-20081008-unity
  • Debian Security Advisory - mono DSA-1648-1
  • Debian Security Advisory - iceweasel DSA-1649-1
  • Debian Security Advisory - squid DSA-1646-1



    •    Latest Bug Reports
       from Security Reason
     

  • pPIM 1.01 notes.php id Local File Inclusion Vulnerability
  • AdaptCMS Lite vers 1.3 Blind SQL Injection Exploit
  • Konqueror 3.5.9 font color Remote Crash Vulnerability
  • PHP Autos 2.9.1 searchresults.php catid SQL Injection Vulnerability
  • Built2Go PHP RealEstate 1.5 event detail.php SQL Injection Vuln
  • PHP Realtor 1.5 view cat.php v cat Remote SQL Injection Vulnerability
  • TorrentTrader Classic vers 1.04 Blind SQL Injection Vulnerability
  • Autodesk DWF Viewer Control / LiveUpdate Module remote code execution exploit
  • YourOwnBux 4.0 COOKIE Remote SQL Injection Vulnerability
  • Apple Mail.app stores your S/MIME encrypted emails in clear text




    •    Latest Exploit Reports
       from Security Reason
     

  • Absolute Poll Manager XE 4.1 xlacomments.php SQL Injection Vuln
  • Joomla Component ownbiblio 1.5.3 catid SQL Injection Vulnerability
  • MS Windows InternalOpenColorProfile Heap Overflow PoC MS08-046
  • Easynet4u Link Host cat id SQL Injection Vulnerability
  • MunzurSoft Wep Portal W3 kat SQL Injection Vulnerability
  • Easynet4u faq Host faq.php faq Remote SQL Injection Vulnerability
  • Ayco Okul Portali linkid SQL Injection Vulnerability tr
  • PersianTools Photo Gallery / Remote File upload Vulnerability
  • Easynet4u Forum Host forum.php SQL Injection Vulnerability
  • NoticeWare E-mail Server 5.1.2.2 POP3 Pre-Auth DoS Exploit





    •    eEye Zero Day Tracker
       
     

  • Mac OS X ARDAgent Local Privilege Escalation
  • Microsoft Word XP/2002 SP3 Exploit
  • Microsoft Access Snapshot Viewer ActiveX
  • Creative Software AutoUpdate Engine ActiveX stack buffer overflow
  • Microsoft Jet DB Multiple Vulns
  • Excel Unspecified Exploit
  • Apple QuickTime RTSP Buffer Overflow
  • RealNetworks RealPlayer ierpplug.dll Remote Code Execution
  • Macrovision secdrv.sys Local Privilege Escalation
  • Windows URI Protocol Handling




    •    Full Disclosure - Mailing List
       
     

  • Re Fwd UK government monitoring
  • Re licensing discussion
  • Re security industry software license
  • Fwd UK government monitoring
  • Re security industry software license
  • SECURITY DSA 1651-1 New ruby1.8 packages fix several vulnerabilities
  • SECURITY DSA 1650-1 New openldap2.3 packags fix denial of service
  • SECURITY DSA 1652-1 New ruby1.9 packages fix several vulnerabilities
  • Re security industry software license
  • Re security industry software license




    •    Microsoft Security Blog
       the Response Center
     

  • Update 1 Microsoft Security Advisory 951306
  • October 2008 Advanced Notification
  • Security Bulletin Webcast Questions Answers - September 2008
  • September 2008 Monthly Bulletin Release
  • September 2008 Advanced Notification
  • Security Bulletin Webcast Questions Answers - August 2008
  • August 2008 Monthly Bulletin Release
  • August 2008 Advance Notification
  • Black Hat 2008 Improving the Broader Security Ecosystem
  • Security Bulletin Webcast Questions Answers




    •    Patch Management - Mailing List
     

  • Windows Update Explained
  • Got a few reports of slow printing on XP's after last
  • Disable Data Execution Prevention (DEP) problem on XP
  • Update Rollup 4 for Exchange Server 2007 Service Pack
  • Auto reboots
  • administrivia - XP SP3 Roaming Profiles
  • XP SP3 Roaming Profiles
  • Mystery Reboot
  • Server Core 2008 and KB953631
  • Vista msu patches
  • MS08-052 SQL 2005 SP2 x64 KB954606 not offered via AU
  • Veritas NetBackup 6.5 Vaulting (UNCLASSIFIED)
  • RE: USB infection vector - use an epoxy "Patch"
  • Windows Defender Silent Uninstall String/Script
  • You Had Me At EHLO... : The case of disappearing Upda
  • After you run Internet Explorer 7 for a long time on
  • Error message when you install Windows XP Service Pac
  • Silent Uninstall String for Google Chrome Browser
  • USB infection vector
  • UPDATED: New Quicktime Available To Patch Several Vul
  • New Quicktime Available To Patch Several Vulnerabilit
  • New Microsoft Security Bulletins Released
  • Windows Vista clients reboot automatically even thoug


    •    Latest Microsoft Security Bulletins and Updates
     

  • Microsoft SQL Server Could Allow Elevation of Privilege (941203): MS08-040
  • Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747): MS08-039
  • Windows Explorer Could Allow Remote Code Execution (950582): MS08-038
  • DNS Could Allow Spoofing (953230): MS08-037
  • Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762): MS08-036
  • Active Directory Could Allow Denial of Service (953235): MS08-035
  • WINS Could Allow Elevation of Privilege (948745): MS08-034
  • DirectX Could Allow Remote Code Execution (951698): MS08-033
  • Cumulative Security Update of ActiveX Kill Bits (950760): MS08-032
  • Cumulative Security Update for Internet Explorer (950759): MS08-031
  • Bluetooth Stack Could Allow Remote Code Execution (951376): MS08-030
  • Microsoft Malware Protection Engine Could Allow Denial of Service (952044): MS08-029
  • Microsoft Jet Database Engine Could Allow Remote Code Execution (950749): MS08-028
  • Microsoft Publisher Could Allow Remote Code Execution (951208): MS08-027
  • Microsoft Word Could Allow Remote Code Execution (951207): MS08-026
  • Windows Kernel Could Allow Elevation of Privilege (941693): MS08-025
  • Cumulative Security Update for Internet Explorer (947864): MS08-024
  • Security Update of ActiveX Kill Bits (948881): MS08-023
  • VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338): MS08-022
  • GDI Could Allow Remote Code Execution (948590): MS08-021
  • DNS Client Could Allow Spoofing (945553): MS08-020


    •    InfoSecNews
       Misc. Security News
     

  • Buyer beware after TradeMe crime
  • Linux Advisory Watch - October 10th 2008
  • Facing down cyber threats
  • Sipera Develops VoIP Spy Program - to Prove a Point
  • Inside Operation Highlander the NSAs Wiretapping of Americans Abroad
  • Cyber-warfare between Sunnis and Shiites new take on an old game
  • IT security sector facing major upheaval in 2009
  • Secunia Weekly Summary - Issue 2008-41
  • Two reasons to worry about citys WiFi connections
  • No/Low/High-Tech Hacking It All Matters



    •    Latest Security News
       from eWeek
     

  • The Risks In Wildcard Certificates
  • Apple Releases Mega Patch Security Update
  • Check Point Adds Virtualization to Security Lineup
  • Symantec Google Spotlight Security For SAAS
  • Microsoft Preps 11 Security Bulletins for Patch Tuesday
  • IT Security`s 2008 Acquisition Spree
  • Economic Woes Unlikely to Slow Acquisitions Among IT Security Companies
  • Son of Tennessee Lawmaker Pleads Not Guilty in Sarah Palin E-Mail Hack
  • Symantec Purchases Security Vendor MessageLabs to Build Out SaaS Business
  • Security by the Book


    • Front Page NewsPage 1Page 2Page 3Page 4Page 5Page 6Page 7Page 8
    SNP HomeAbout SNPSubmit NewsForumsChat RoomsPollsComicContact SNP
    Security News Portal - Computer Network Virus Security News Main IndexCopyrights and trademarks pertaining to news articles are the property of their respective owner, comments posted by users are the property of the poster and all the rest of SecurityNewsPortal.com (1998-2008 )

    Click here to read our Privacy Policy    		  InfoSysSec.com   
    SecurityChatX.com   
    SecurityForumX.com   
    SecurityNewsPortal.com   
    HomelandSecurityX.com