Harvie's Live Information Security OverWiev

(Whole security world in one page!)

DEFCON LEVEL

US Government: National Threat Level:

ONLINE VIRUS SCANNERS

LATEST VULNERABILITIES, EXPLOITS, NEWS

(Cache reloaded at least once per hour...)

MilW0rm.com

BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2
Joomla com_mytube (user_id) Blind SQL Injection Exploit
Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
Snort < 2.8.5 Unified1 Output Denial of Service Exploit
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities
ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability
CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit
Winplot (.wp2 File) Local Buffer Overflow Exploit

Secunia.com

LinuxSecurity.com

Debian: 2394-1: libxml2: Multiple vulnerabilities
Ubuntu: 1349-1: X.Org vulnerability
Ubuntu: 1348-1: ICU vulnerability
Ubuntu: 1342-1: Linux kernel (Oneiric backport) vulnerability
Ubuntu: 1347-1: Evince vulnerability
Debian: 2393-1: bip: buffer overflow
Ubuntu: 1263-2: OpenJDK 6 regression
Red Hat: 2012:0062-01: t1lib: Moderate Advisory
Red Hat: 2012:0060-01: openssl: Moderate Advisory
Red Hat: 2012:0059-01: openssl: Moderate Advisory
Red Hat: 2012:0058-01: glibc: Moderate Advisory
Ubuntu: 1346-1: curl vulnerability

Security.Debian.org

DSA-2396 qemu-kvm - buffer underflow
DSA-2395 wireshark - buffer underflow
DSA-2394 libxml2 - several vulnerabilities
DSA-2393 bip - buffer overflow
DSA-2392 openssl - out-of-bounds read
DSA-2301 rails - several vulnerabilities
DSA-2391 phpmyadmin - several vulnerabilities
DSA-2390 openssl - several vulnerabilities
DSA-2389 linux-2.6 - privilege escalation/denial of service/information leak
DSA-2388 t1lib - several vulnerabilities
DSA-2387 simplesamlphp - insufficient input sanitation
DSA-2386 openttd - several vulnerabilities
DSA-2385 pdns - packet loop
DSA-2384 cacti - several vulnerabilities
DSA-2383 super - buffer overflow
DSA-2382 ecryptfs-utils - multiple vulnerabilities
DSA-2381 squid3 - invalid memory deallocation
DSA-2380 foomatic-filters - shell command injection
DSA-2379 krb5 - several vulnerabilities
DSA-2378 ffmpeg - several vulnerabilities
DSA-2377 cyrus-imapd-2.2 - NULL pointer dereference
DSA-2376 ipmitool - insecure PID file

Blackhole.sk

DDoS na web strany 99percent
V kauze Megaupload.com padli obvinenia
S�kromn� m�zeum po?�ta?ov v San Franciscu
Prednaska Bitcoin - virtualna mena
?R- policia sa nedostane k lokaliza?n�m �dajom MO
SLSP si spravilo z klientov pred?asn� Silvestvsk� ?art�k - a nasrat� klienti zv�?azili
GEERS, K - Strategic Cyber Security
Ako sa tuneluj� weby alebo kauza 'avantgardn� minimalistick� dielo'
Kauza NBU skoncila.
WUG Kosice - System Center Service Manager - utorok 13.12.