Latest Security Threads

Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.

+ Motorola Timbuktu Pro Stack Based Buffer Overflow

Remote exploitation of a stack-based buffer overflow vulnerability in Motorola Inc.'s Timbuktu Pro could allow attackers... + more

+ Unisys Business Information Server Stack Buffer Overflow

Remote exploitation of a stack based buffer overflow vulnerability in Unisys's Business Information Server could allow... + more

+ Adobe Shockwave Player Director File Parsing Pointer Overwrite

This vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User... + more

+ Cisco Physical Access Gateway Denial of Service Vulnerability

A denial of service (DoS) vulnerability exists in the Cisco Physical Access Gateway. There are no workarounds available... + more

+ Cisco ASA Web VPN Multiple Vulnerabilities

The ASA's DOM wrapper can be rewritten in a manner to allow Cross-Site Scripting (XSS) attacks.... + more

+ Netifera - Modular Open Source Platform for Security Tools

+ WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems

+ Webshag - Web Server Audit Tool

+ Browser Fuzzer

+ FSpy - Linux Filesystem Activity Monitoring

+ Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User... + more

+ Pivot Cross Site Scripting and HTML Injection

Pivot has been found to contain vulnerabilities in the following functions: url, menu, sort, check[], edituser, edit,... + more

+ IBM AIX ToolTalk Database Server Buffer Overflow Vulnerability

There exists a vulnerability within a function of the ToolTalk database server (rpc.ttdbserverd), which when properly... + more

+ Webmedia Explorer Cross Site Scripting Vulnerability

Webmedia Explorer's search, tag, bookmark parameters have been found to contain a security vulnerability that allows... + more

+ phpMyAdmin Code Injection

This vuln can only be exploited against environments where the administrator has chosen to install phpMyAdmin following... + more

+ Microsoft Office Excel Malformed Records Stack Buffer Overflow (MS09-021)

A remotely exploitable vulnerability has been discovered in Microsoft Office Excel products. Specifically, the vulnerability... + more

+ Microsoft Excel Record Parsing Array Indexing Vulnerability (MS09-021)

Microsoft Excel can be exploited through an array-indexing error when processing certain records. This can be exploited... + more

+ Microsoft Excel String Parsing Integer Overflow Vulnerability (MS09-021)

The vulnerability is caused due to an integer overflow error when processing the number of strings in a file and can... + more

+ libpurple MSN Protocol SLP Message Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of messaging... + more

+ CA ARCserve Backup Message Engine Denial of Service Vulnerabilities

CA ARCserve Backup contains multiple vulnerabilities in the message engine that can allow a remote attacker to cause... + more

+ Sun Java System Identiy Manager Users Enumeration

The following exploit is a proof of concept for the enumerations of users vulnerability of Sun Java System Access Manager and... + more

+ Microsoft Internet Explorer XML Buffer Overflow (Exploit)

The following exploit utilizes the XML vulnerability in Internet Explorer to execute arbitrary code under Vista.... + more

+ Opera file:// Overflow

A vulnerability in Opera's browser allows attackers that can inject and open an HTML file to overflow an internal buffer used... + more

+ Stack-Based Buffer Overflow in the Network Manager of Castle Rock Computing (SNMPc)

Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause... + more

+ PacketTrap TFTPD DoS

A vulnerability in PacketTrap's TFTPD allows remote attackers to cause the TFTP server to fail by sending it a pipe (|) character... + more

+ Why Silent Updates Boost Security

Thomas Duebendorfer Google Switzerland GmbH and Stefan Frei Communication Systems Group, ETH Zurich, Switzerland looked into the... + more

+ PDF Silent HTTP Form Repurposing Attacks

This paper sheds light on a modified approach to triggering web attacks through JavaScript protocol handler in the context of... + more

+ Frame Pointer Overwrite Demonstration (Linux)

This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please... + more

+ Format String Exploitation Demonstration (Linux)

This paper assumes you have read the proper background information and/or technical details about the above subject. If not, please... + more

+ Hacking SOHO Routers

The purpose of this paper is to outline the security measures being taken by vendors to prevent such attacks in their home routing... + more