Vuln: PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
If it’s about security, you heard it here first
PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
Dual-core central processing units (CPUs) were considered a breakthrough in the personal computer industry back in 2005. In 2010, dual-core chips, albeit powered by processors with different micro-architecture, are set to enter the market of mobile phones, according to ARM, a leading developer of processors for portable electronics.
“We don¡¦t need silly GHz speeds. With our dual-core A9, we can get two times the performance, without the speed draining the battery, so by the time you get home your phone is dead,¡¨ said Rob Coombs, director of mobile solutions for ARM, in an interview with TechRadar web-site.
Mr. Coombs added that ARM hopes that actual implementers would introduce dual-core processors for mobile phones sometime in 2010, but still, delays to 2011 were possible.
URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=33626
Acer has been a busy little bee today, revealing various products like the Windows 7 Multitouch notebook and the 11.6-inch Aspire Timeline CULV notebook. Acer also displayed the world’s first mainstream 3D laptop during the press conference today as well, the oddly-named Acer Aspire 5738PG.
According to Pocket Lint’s hands-on report, the device doesn’t use hardware-based 3D acceleration like Nvidia’s 3D Vision GPU, but rather relies on a software solution called Acer 3D CineReal and the TriDef suite. However the software works in conjunction with a special 3D coating on the laptop’s screen and a pair of polarized glasses.
URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=33377
IRC/SdBot, JS/Exploit.Pdfka.NLC, Win32/AutoRun.ABH, Win32/AutoRun.FakeAlert.AF (2), Win32/AutoRun.FakeAlert.CV (2), Win32/AutoRun.FlyStudio.PJ, Win32/Flyagent.NBT, Win32/FlyStudio.NRL (2), Win32/Httpbot.XS, Win32/IRCBot.AMQ (2), Win32/KillAV.NEQ (2), Win32/KillAV.NER, Win32/Kryptik.AEP, Win32/PcClient (2), Win32/PSW.Consgra.A (2), Win32/SpamTool.Tedroo.AB (2), Win32/Spy.Banbra.NPZ, Win32/Spy.Banker.RMQ, Win32/Spy.Banker.SAA, Win32/Spy.Banker.SAD, Win32/Spy.Zbot.JF (3), Win32/TrojanClicker.Agent.NGR
URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6367&Itemid=26
HACKERS have defaced the website of the Melbourne Film Festival over a documentary about an exiled separatist leader accused by China of plotting riots.
Messages attacking Uighur leader Rebiya Kadeer, along with images of the Chinese flag, were posted on the festival’s site over the weekend.
Festival director Richard Moore said the intruders were using a Chinese IP address and he had reported the matter to police. Mr Moore said the attacks came after pressure from the Chinese Government to remove the film from the festival.
URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=32449
Posted by YEHG Group on Jul 26
Thanks, I’ll update the database of
http://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project
On Sat, Jul 25, 2009 at 3:57 PM, SmOk3<smok3f00_at_gmail.com> wrote:
> Original advisory at:
> …
VBS/Slogod.NAB (2), Win32/Adware.Gamevance.AB (5), Win32/Adware.Gamevance.AC, Win32/FlyStudio.NPY, Win32/Injector.TW, Win32/PSW.OnLineGames.OMB (4), Win32/PSW.OnLineGames.OMC, Win32/Spy.Delf.NQV, Win32/TrojanDownloader.FakeAlert.AFK (2)
URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6295&Itemid=26
INF/Autorun, Win32/AdClicker.NAF (2), Win32/Agent.PWO, Win32/AutoRun.FakeAlert.AF, Win32/Flyagent.NBP, Win32/Flyagent.NBQ, Win32/Injector.TU, Win32/Peerfrag.CP, Win32/Protector.C, Win32/PSW.Delf.NQU (2), Win32/Spy.Banbra.NSA (2), Win32/Spy.Banbra.NSB (2), Win32/Spy.Banbra.NSC (2), Win32/Spy.Banbra.NSD (2), Win32/Spy.Banbra.NSE (2), Win32/Spy.Banker.OXC, Win32/Spy.Banker.PBI (3), Win32/Spy.Delf.NWK (2), Win32/Spy.Zbot.JF (4), Win32/Spy.Zbot.TK, Win32/Spy.Zbot.TL, Win32/TrojanDownloader.FakeAlert.AEL, Win32/TrojanDropper.Agent.OFY (2), Win32/VB.OJJ (2)
URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6292&Itemid=26
Win32/Adware.UnVirex.A (2), Win32/Agent.NYU (6), Win32/AutoRun.ABH, Win32/Delf.NNN, Win32/Injector.TK, Win32/Injector.TM, Win32/Injector.TQ, Win32/KillAV.NEG, Win32/Kryptik.AAB, Win32/Kryptik.AAE, Win32/Olmarik.JV, Win32/PSW.Delf.NQR (2), Win32/Spy.Banbra.NQX, Win32/Spy.Banker.QSP, Win32/Spy.Banker.QTE, Win32/Spy.Banker.RFK, Win32/Spy.Banker.RFM, Win32/Spy.Banker.RFP, Win32/Spy.Banker.RGW, Win32/Spy.Delf.NUL, Win32/TrojanDownloader.FakeAlert.AAA, Win32/TrojanDropper.Agent.OFW
URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6291&Itemid=26
phpDirectorySource SQL Injection and Cross Site Scripting Vulnerabilities
Posted by Jerome Athias on Jul 20
Hi,
you should be interested by OAT (OCS Assessment Tool) (
http://voat.sf.net ) (v1.0)
And for sure, by OCS Assessment Tool v2, presented at FRHACK by Abhijeet
Hatekar (Sipera Systems <http://www.sipera.com/>)
http://www.frhack.org/frhack-conference.php#Unified-Communications-Security…
Dan Hesse, CEO at Sprint-Nextel Corp. took home 30 percent bigger of a bonus for 2008 than expected, raking in $2.6 million. His overall compensation package came in at $15.5 million, with a base salary of $1.2 million.
Sprint shares have lost more than 70 percent of their value since the beginning of 2008.
It also lost 4.6 million customers during 2008, losing $2.8 billion, but Sprint spokesman James Fisher told the Wall Street Journal that the carrier has actually shown improvement, including cutting $1 billion in costs and renegotiating its credit position¡Xa position with which many analysts agree.
URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31544
Psystar has had a rather lackluster showing in its attempt to sell unauthorized Mac clones¡Xbesides Apple suing the pants off the company, Psystar has also filed for bankruptcy after just a year in existence. Now, a new company in Los Angeles hopes to somehow escape the wrath of Apple Legal by¡Xget this¡Xopening a brick and mortar retail store. Quo Computer is set to open for business next Monday, June 1.
“It’s exciting. We are trying to stay as close to Apple as we can with our products,” Rashantha De Silva, Quo founder, told CNET. “We are trying to mimic things as much as we can. I’m hoping that Apple sees the value in what we are doing.”
Here in Orbiting HQ, we’re approximately 100 percent certain Apple will not see the value in a company that has the stated purpose of mimicking Apple’s hardware as closely as possible. There’s a word for trying to duplicate another company’s products as closely as possible and then trying to sell them: rip-off.
URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31543
The Xvid developers have released version 1.2.2 of their MPEG-4 codec to fix three security-related issues. One of the flaws reportedly prevents a function of the xvidcore library from checking the resync marker range correctly.
In its short announcement, Xvid Solutions do not mention whether the flaws can be exploited for injecting code via specially crafted videos. However, the developers highly recommend that users update. The update also offers various minor improvements, for example more precision for RGB-to-YUV colour conversions.
URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31542