431 bytes small NULL free shellcode for windows that is a primitive keylogger that writes to a file.
Monthly Archives: April 2016
Google Releases Security Update for Chrome
Original release date: April 28, 2016
Google has released Chrome version 50.0.2661.94 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
DSA-3561 subversion – security update
Several vulnerabilities were discovered in Subversion, a version control
system. The Common Vulnerabilities and Exposures project identifies the
following problems:
HP Security Bulletin HPSBUX03583 SSRT110084 1
HP Security Bulletin HPSBUX03583 SSRT110084 1 – Potential security vulnerabilities have been identified in the HP-UX BIND service running named. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
CVE-2016-1386
The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote attackers to spoof administrative notifications via crafted attribute-value pairs, aka Bug ID CSCux15521.
CVE-2016-1389
Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuy44695.
CVE-2016-4349
Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012 allows local users to gain privileges via a Trojan horse cryptsp.dll, dwmapi.dll, msimg32.dll, ntmarta.dll, propsys.dll, riched20.dll, rpcrtremote.dll, secur32.dll, sxs.dll, or uxtheme.dll file in the current working directory, aka Bug ID CSCuy56140.
Bugtraq: Re: [ERPSCAN-16-005] SAP HANA hdbxsengine JSON â?? DoS vulnerability
Re: [ERPSCAN-16-005] SAP HANA hdbxsengine JSON â?? DoS vulnerability
Bugtraq: CVE-2015-5207 – Bypass of Access Restrictions in Apache Cordova iOS
CVE-2015-5207 – Bypass of Access Restrictions in Apache Cordova iOS
Bugtraq: [SECURITY] [DSA 3560-1] php5 security update
[SECURITY] [DSA 3560-1] php5 security update