Posted by hyp3rlinx on Nov 06
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/WINAXE-FTP-CLIENT-REMOTE-BUFFER-OVERFLOW.txt
[+] ISR: Apparition Security
Vendor:
============www.labf.com
Product:
================
WinaXe v7.7 FTP
The X Window System, SSH, TCP/IP, NFS, FTP, TFTP and Telnet software
are built and provided in the package.
All that you need to run remote UNIX and X…
Posted by hyp3rlinx on Nov 06
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt
[+] ISR: ApparitionSec
Vendor:
============www.labf.com
Product:
=============
Axessh 4.2.2
Axessh is a SSH client. It is a superb terminal emulator/telnet client
for Windows. It provides SSH capabilities to Axessh without
sacrificing any of existing functionality. Furthermore,…
Posted by hyp3rlinx on Nov 06
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/RAPID-PHP-EDITOR-REMOTE-CMD-EXEC.txt
[+] ISR: Apparition Security
Vendor:
======================www.rapidphpeditor.com
Product:
===============================
Rapid PHP Editor IDE
rapidphp2016.exe v14.1
Rapid PHP editor is a faster and more powerful PHP editor for Windows
combining features of a…
Hartmut Goebel discovered that MAT, a toolkit to anonymise/remove
metadata from files did not remove metadata from images embededed in PDF
documents.
Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to the new upstream
version 5.5.53, which includes additional changes, such as performance
improvements, bug fixes, new features, and possibly incompatible
changes. Please see the MySQL 5.5 Release Notes and Oracle’s Critical
Patch Update advisory for further details:
Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in breakouts
of the Java sandbox or denial of service.
LanWhoIs.exe version 1.0.1.120 SEH local buffer overflow exploit.
Imperva version 11.5 suffers from a bypass vulnerability by confusing the HTTP Pollution Normalization Engine.
SweetRice version 1.5.1 suffers from a backup disclosure vulnerability.
On Thursday, we compiled a story based on research published by a British security expert reporting that some cyber criminals are apparently using Mirai Botnet to conduct DDoS attacks against the telecommunication companies in Liberia, a small African country.
In his blog post, Kevin Beaumont claimed that a Liberian transit provider confirmed him about the DDoS attack of more than 500 Gbps
