Security Hero Rotating Header Image

May 25th, 2009:

4104

4104

BAT/Agent.MO, IRC/SdBot, PDF/Exploit.Pidief.ONC, Win32/Adware.Virtumonde.NFD, Win32/Agent.OSE (2), Win32/AutoRun.FakeAlert.BN, Win32/AutoRun.FakeAlert.BO (2), Win32/AutoRun.FlyStudio.JX, Win32/AutoRun.VB.DO (2), Win32/Delf.NSE, Win32/Hupigon.NCT, Win32/Injector.MW, Win32/LockScreen.M, Win32/Mebroot.Z, Win32/Pacex, Win32/PcClient, Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NMY (4), Win32/PSW.OnLineGames.NNU (2), Win32/PSW.OnLineGames.ODJ, Win32/Spy.Banker.QYI, Win32/Spy.Banker.QYJ (2), Win32/Spy.Banker.QYK, Win32/Spy.Zbot.JF (2), Win32/Spy.Zbot.NJ (2), Win32/TrojanClicker.Agent.NEB, Win32/TrojanDownloader.FakeAlert.ACQ (2), Win32/VB.OEP (4)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6070&Itemid=26

Several Metasploit plugins and tutorials

Several Metasploit plugins and tutorials

Posted by Victor DaViking on May 25

Hi list,

I’ve started collecting resources for metasploit plugins which are not necessarily included in the latest metasploit tree, as well as documents/videos/training lessons on how to use metasploit, techniques and how to use certain metasploit plugins.

You may find plugin resources at:

URL: http://seclists.org/pen-test/2009/May/0056.html

The future of online social networking?

Ning: The future of online social networking?

Whether you’re into baseball or backgammon, Harry Potter or heavy metal, Ning has an online network for you. A fast-growing, free Web site launched two years ago, Ning lets members custom build their own social-networking platforms based around their passions and pastimes.

As Facebook and MySpace connect people to friends and family, Ning gathers users around common interests. The site hosts networks for hip-hop music lovers, video gaming moms and teens obsessed with the Twilight book and movie franchise. Other popular Ning networks bring people together online for political and social causes such as “Pickens’ Plan,” which advocates wind energy.

Ning had 4.7 million unique visitors as of January and surpassed 1 million social networks — about one-fifth of them considered active — last month.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31442

Graphiks MyForum Login Multiple SQL Injection Vulnerabilities

Vuln: Graphiks MyForum Login Multiple SQL Injection Vulnerabilities

Graphiks MyForum Login Multiple SQL Injection Vulnerabilities

URL: http://www.securityfocus.com/bid/35096

MySQL MyISAM Table Privileges Secuity Bypass Vulnerability

Vuln: MySQL MyISAM Table Privileges Secuity Bypass Vulnerability

MySQL MyISAM Table Privileges Secuity Bypass Vulnerability

URL: http://www.securityfocus.com/bid/29106

Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities

Vuln: Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities

Multiple ArcaBit ArcaVir Products Multiple IOCTL Request Local Privilege Escalation Vulnerabilities

URL: http://www.securityfocus.com/bid/35100

DBD::Pg ‘pg_getline()’ and ‘getline()’ Heap Buffer Overflow Vulnerabilities

Vuln: DBD::Pg ‘pg_getline()’ and ‘getline()’ Heap Buffer Overflow Vulnerabilities

DBD::Pg ‘pg_getline()’ and ‘getline()’ Heap Buffer Overflow Vulnerabilities

URL: http://www.securityfocus.com/bid/34755

Lighttpd Trailing Slash Information Disclosure Vulnerability

Vuln: Lighttpd Trailing Slash Information Disclosure Vulnerability

Lighttpd Trailing Slash Information Disclosure Vulnerability

URL: http://www.securityfocus.com/bid/35097

Jetty Cross Site Scripting and Information Disclosure Vulnerabilities

Vuln: Jetty Cross Site Scripting and Information Disclosure Vulnerabilities

Jetty Cross Site Scripting and Information Disclosure Vulnerabilities

URL: http://www.securityfocus.com/bid/34800

Wireshark-1.0.8 released, (Mon, May 25th)

Wireshark-1.0.8 released, (Mon, May 25th)

Speaking of wireshark, a new version was released last week which fixes a vulnerability in the PCNFSD dissector.

References:
Announcement: http://www.wireshark.org/news/20090521.html

Advisory: http://www.wireshark.org/security/wnpa-sec-2009-03.html

Release notes: http://www.wireshark.org/docs/relnotes/wireshark-1.0.8.html
Download: http://www.wireshark.org/download.html

URL: http://isc.sans.org/diary.php?storyid=6457&rss

More tools for (US) Memorial Day, (Mon, May 25th)

More tools for (US) Memorial Day, (Mon, May 25th)

For those of you (in the US anyway) enjoying a day off and BBQ-ing, here is another cool new tool I came across earlier today over on Malware Forge, called nPeID. Like my packerid.py, it uses Ero Carrera’s pefile package. I’ll be checking it out later this afternoon.

URL: http://isc.sans.org/diary.php?storyid=6454&rss

Police defend concert crackdown

UK: Police defend concert crackdown

Police have defended their use of a controversial form that requires live music venues to hand over details of performers, promoters and fans.

…. Around 70 London pubs and clubs are currently required to complete the form.

It asks for the names, dates of birth, addresses and phone numbers of promoters and artists, for details of the target audience and for the style of music, “eg bashment, R’n’B, garage”.

Source – BBC

Reddit It | Digg This | Add to del.icio.us

URL: http://www.pogowasright.org/article.php?story=20090525183016661

Soulseek * P2P Remote Distributed Search Code Execution

Soulseek * P2P Remote Distributed Search Code Execution

Posted by laurent gaffie on May 25

=============================================
– Release date: May 24th, 2009
– Discovered by: Laurent Gaffié
– Severity: critical
=============================================

I. VULNERABILITY

Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs

Bugtraq: PAPER: Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs

PAPER: Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs

URL: http://www.securityfocus.com/archive/1/503800

Arcade Trade Script XSS

Arcade Trade Script XSS

<!– Envelope-to: email@address Delivery-date: Mon, 25 May 2009 21:53:41 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M8hAz-0007vV-Gl for email@address; Mon, 25 May 2009 21:53:41 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id DD642237312; Mon, 25 May 2009 14:25:34 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 9038 invoked from network); 25 May 2009 19:04:36 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=UY5c3uHb4WRBetAJyXsHDJLmc2eIr1T6HqQBXHQ1je8=; b=dtZLp+VZ6rO41Aufd7cORsxbTIlCcdn4l63M0i3liiJhoebkczXNNaVfVKwP0Myj/t +toj1lW+d+XD2+oGQGHwyTkYCTiONkffGm4E2YDtuM6gUE9P671gb0CELQxN/p7NWGEA 12e0S9GVCkjJ6XGIFwbfav+kwOpRusy8c9tzU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=n0nTMWY2oSQPyydcn/i2OiydPODaVZr//s4FZqWn1+shc2RL/s/ILp7nRtpPiw9wMy C2nz3Vftjh5YQwX9Zl5En7u4XjctguByqnTN1LnXHPdIWpwtjVVtMogz63eYNJoicrrc 2f3DR/MxUaQvn8lhfUF3tOFdnntFpEC8ZwlDw= MIME-Version: 1.0 Message-ID: <1f9bad3a0905251203ib8df5c7g3774953653eecd9b@mail.gmail.com> vuln@secunia.com, SecurityTracker <help@securitytracker.com>, bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable X-IMAPbase: 1176125385 9185 Status: O X-UID: 9185 Content-Length: 975 X-Keywords: