The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections. Internet Storm Center Infocon Status Internet Security Systems - AlertCon(TM)
US-CERT Cyber Security Bulletins

SB10-207: Vulnerability Summary for the Week of July 19, 2010

SB10-200: Vulnerability Summary for the Week of July 12, 2010

SB10-193: Vulnerability Summary for the Week of July 5, 2010

SB10-186: Vulnerability Summary for the Week of June 28, 2010

SB10-179: Vulnerability Summary for the Week of June 21, 2010

SB10-172: Vulnerability Summary for the Week of June 14, 2010

SB10-165: Vulnerability Summary for the Week of June 7, 2010

SB10-158: Vulnerability Summary for the Week of May 31, 2010

SB10-152: Vulnerability Summary for the Week of May 24, 2010

SB10-144: Vulnerability Summary for the Week of May 17, 2010


SecurityFocus News

News: Change in Focus

News: Twitter attacker had proper credentials

News: PhotoDNA scans images for child abuse

News: Conficker data highlights infected networks

Brief: Google offers bounty on browser bugs

Brief: Cyberattacks from U.S. "greatest concern"

Brief: Microsoft patches as fraudsters target IE flaw

Brief: Attack on IE 0-day refined by researchers

News: Monster botnet held 800,000 people's details

News: Google: 'no timetable' on China talks

News: Latvian hacker tweets hard on banking whistle

News: MS uses court order to take out Waledac botnet

Infocus: Enterprise Intrusion Analysis, Part One

Infocus: Responding to a Brute Force SSH Attack

Infocus: Data Recovery on Linux and ext3

Infocus: WiMax: Just Another Security Challenge?

Gunter Ollmann: Time to Squish SQL Injection

Mark Rasch: Lazy Workers May Be Deemed Hackers

Adam O'Donnell: The Scale of Security

Mark Rasch: Hacker-Tool Law Still Does Little

More rss feeds from SecurityFocus



SecurityFocus Vulnerabilities

Vuln: Horde Turba Contact Manager '/imp/test.php' Cross Site Scripting Vulnerability

Vuln: Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability

Vuln: Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability

Vuln: Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability

Bugtraq: [USN-957-2] Firefox and Xulrunner vulnerability

Bugtraq: Nessus Vulnerabilities

Bugtraq: [USN-958-1] Thunderbird vulnerabilities

Bugtraq: Re: Internet Explorer 8.0 Address Bar Spoofing Vulnerability

More rss feeds from SecurityFocus


Help Net Security - Advisories

Ubuntu Security Notice - likewise-open vulnerability (USN-964-1)

Ubuntu Security Notice - firefox, firefox-3.0, xulrunner-1.9.2 vulnerability (USN-930-6)

Ubuntu Security Notice - firefox, firefox-3.0, xulrunner-1.9.2 vulnerability (USN-957-2)

Ubuntu Security Notice - thunderbird vulnerabilities (USN-958-1)

Slackware Security Advisory - mozilla-firefox (SSA:2010-204-01)

Mandriva Linux Security Update Advisory - iputils (MDVSA-2010:138)

Ubuntu Security Notice - ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update (USN-930-5)

Ubuntu Security Notice - firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities (USN-930-4)

Ubuntu Security Notice - thunderbird update (USN-927-8)

Ubuntu Security Notice - firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities (USN-957-1)


SANS Internet Storm Center, InfoCON: green

Infocon: green

SophosLabs Released Free Tool to Validate Microsoft Shortcut, (Mon, Jul 26th)

Updated version of Mandiant's Web Historian, (Sun, Jul 25th)

Transmiting logon information unsecured in the network, (Sat, Jul 24th)

Mozilla advisory for Firefox...Upgrade to 3.6.8. http://www.mozilla.org/security/announce/2010/mfsa2010-48.html, (Sun, Jul 25th)

New Firefox Version, 3.6.8, (Sun, Jul 25th)

GnuPG gpgsm bug , (Sat, Jul 24th)

Types of diary: One liners vs full diary, (Sat, Jul 24th)

Some of our favourite sysinternals tools have been updated. TCPview, Autoruns, ProcDump and Disk2vhd have changed. More here http://blogs.technet.com/b/sysinternals/archive/2010/07/22/updates-tcpview-v3-0-autoruns-v10-02-procdump-v1-81-disk2vhd-v1-61.aspx, (Fri, Jul 23rd)

Firefox 3.6.8 is out. Yes it only seems like yesterday when you installed FF 3.6.7 (it was for me). The release notes say a stability issue has been fixed in this release. , (Fri, Jul 23rd)


Help Net Security - Vulnerabilities

D-Link DAP-1160 Web Administration Interface "formFilter()" Function Buffer Overflow

Acc Autos "Description" Parameter HTML Injection

Saurus CMS Multiple Remote File Include Vulnerabilities

Calendarix "cal_cat.php" SQL Injection

SAP J2EE Engine Core Unspecified Cross-Site Scripting issue

Novell GroupWise WebAccess Cross-Site Scripting issue

Apple iTunes "itpc:" URI Remote Buffer Overflow

Novell GroupWise Agents HTTP Interface HTTP Header Injection Issue

IBM SolidDB "solid.exe" Handshake Remote Code Execution Issue

IBM AIX FTP Server "NLST" Command Information Disclosure


CA Security Advisor Threat Alerts

Microsoft Windows DNS Server RPC interface remote code execution vulnerability

Microsoft Windows MsgBox remote code execution vulnerability

Microsoft Windows Animated Cursor remote code execution vulnerability

Microsoft UPnP HTTP Request arbitrary code execution vulnerability

Microsoft Agent URL Parsing remote code execution vulnerability


Packet Storm Security Exploits

qqplayersmi-overflow.txt

oscommercemax-backup.txt

xaoscms-sql.txt

ballettinforum-sql.txt

freewaycms-sql.txt

cmsignition-sql.txt

3dlammtxklrr-sqlxss.txt

joomlayoutube-sql.txt

snews-sql.txt

whiteboard-sql.txt


Packet Storm Security Headlines

Transcript - Wikileaks Afghanistan Docs Alarming

UK Seeks Next Generation Of Cyber Security Specialists

National Crime Agency Could Replace Soca

EFF Wins New Legal Protections For Video Artists, Cell Phone Jailbreakers, And Unlockers

LAPD Questions Google Apps Security Credentials

Hacker Shut Down EU Carbon-Trading Website

Australian Hacker Pleads Guilty

How Hackers Snoop On Private Web Browsing

Hackers With Enigmatic Motives Vex Companies

Baidu Lawsuit Against Domain Register Approved

Dell Blames Staff For Malware Infection

Microsoft - No Plans To Pay For Security Vulnerabilities


Packet Storm Security Advisories

USN-964-1.txt

USN-930-6.txt

USN-957-2.txt

LWSA-2010-011.txt

nessus-xssdisclose.txt

macosxwebdav-dos.txt

foofus-20100726.txt

USN-958-1.txt

MDVSA-2010-138.txt

USN-930-5.txt


Packet Storm Security Tools

fuzzdiff.py.txt

dff-0.7.0-src.tar.gz

RewriteProxy.tar.gz

watobo_0.9.2rev149.zip

PHPJackal.php.gz

skipfish-1.52b.tgz

webenum-0.1.py.gz

gnupg-2.0.16.tar.bz2

nmap-5.35DC1.tar.bz2

bluelog-0.9.6.tar.gz


WVE Recent Entries

WVE-2008-0013: TKIP Replay and Plaintext Discovery

WVE-2008-0012: Active Https Cookie Hijacking

WVE-2008-0011: Auto Immune Attack

WVE-2008-0010: Marvell Null SSID Association Request

WVE-2008-0009: Marvell EAPOL-Key Length Overflow

WVE-2008-0008: Atheros IE Tag Overflow

WVE-2008-0007: Weaknesses in the A5/1 Cipher

WVE-2008-0006: Block ACK DoS

WVE-2008-0005: GF Mode WIDS Rogue AP Evasion

WVE-2008-0004: HT Intolerant Degradation of Service


eEye Digital Security - Zero-Day Tracker

Excel Invalid Object

Adobe PDF Buffer Overflow

Creative Software AutoUpdate Engine ActiveX stack buffer overflow

Internet Connection Sharing DoS

RPC Memory Exhaustion

   
US-CERT Technical Alerts and Bulletins

SB10-207: Vulnerability Summary for the Week of July 19, 2010

SB10-200: Vulnerability Summary for the Week of July 12, 2010

TA10-194B: Oracle Updates for Multiple Vulnerabilities

TA10-194A: Microsoft Updates for Multiple Vulnerabilities

SB10-193: Vulnerability Summary for the Week of July 5, 2010

SB10-186: Vulnerability Summary for the Week of June 28, 2010

SB10-179: Vulnerability Summary for the Week of June 21, 2010

SB10-172: Vulnerability Summary for the Week of June 14, 2010

SB10-165: Vulnerability Summary for the Week of June 7, 2010

TA10-162A: Adobe Flash and AIR Vulnerabilities


US-CERT Technical Cyber Security Alerts

TA10-194B: Oracle Updates for Multiple Vulnerabilities

TA10-194A: Microsoft Updates for Multiple Vulnerabilities

TA10-162A: Adobe Flash and AIR Vulnerabilities

TA10-159B: Microsoft Updates for Multiple Vulnerabilities

TA10-159A: Adobe Flash, Reader, and Acrobat Vulnerability

TA10-131A: Microsoft Updates for Multiple Vulnerabilities

TA10-103C: Adobe Reader and Acrobat Vulnerabilities

TA10-103B: Oracle Updates for Multiple Vulnerabilities

TA10-103A: Microsoft Updates for Multiple Vulnerabilities

TA10-089A: Microsoft Internet Explorer Vulnerabilities


SecuriTeam

HP Small Form Factor PC's with Broadcom Integrated NIC Firmware Vulnerability

HP-UX running ONCplus rpc.pcnfsd Denial of Service and Increase in Privilege Vulnerabilities

HP Performance Manager Multiple vulnerabilities

HP StorageWorks Storage Mirroring Unauthorized Access Vulnerability

HP-UX Running BIND Denial of Service Vulnerability

Netifera - Modular Open Source Platform for Security Tools

WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems

Webshag - Web Server Audit Tool

Browser Fuzzer

FSpy - Linux Filesystem Activity Monitoring

Skype Client for Mac Chat Unicode Denial of Service vulnerability

Multiple Sourcefire Products Static Web SSL Keys Vulnerability

Samba 3.3.12 Memory Corruption Vulnerability

HP-UX Running BIND compromise of NXDOMAIN Responses

Ziproxy Multiple Integer Overflow Vulnerabilities

HP MFP Digital Sending Software Running on Windows Unauthorized Access Vulnerability

Microsoft Office Access ActiveX Controls Code Execution Vulnerabilities

Microsoft Canonical Display Driver Code Execution Vulnerability

Microsoft Windows Help and Support Center Code Execution Vulnerability

Microsoft Office Outlook Remote Code Execution Vulnerability

Trango Broadband Wireless Rogue SU Authentication Bug

Exposing HMS HICP Protocol and Intellicom NetBiterConfig.exe Remote Buffer Overflow

Family Connections Multiple Remote Vulnerabilities

VideoCache vccleaner Root Vulnerability

QuickHeal Antivirus 2010 Local Privilege Escalation

Why Silent Updates Boost Security

PDF Silent HTTP Form Repurposing Attacks

Frame Pointer Overwrite Demonstration (Linux)

Format String Exploitation Demonstration (Linux)

Hacking SOHO Routers


Security Central - Infoworld

NAC decisions you need to make now to secure your network

5 big security themes to watch for at Black Hat and Defcon

Free Sophos tool blocks Windows shortcut attacks

Google and Mozilla bug bounties don't buy much more security

Defcon hackers target cell phone security

Cyber crime costs businesses each $3.8 million per year

Mozilla re-patches Firefox 3.6 to fix plug-in problem

Tech worker: 'Blue screen of death' on oil rig's computer

The quiet threat: Cyber spies are already in your systems

The quiet threat: Cyber spies are already in your systems

Internet Explorer deemed least vulnerable browser

Microsoft calls for 'coordinated disclosure' of bugs

New malware variants exploit Windows attack

Safari reveals personal info to potential hackers

Epic fail: Auto-deleting files based on their 'reputation'

Dell revamps hardware testing in wake of malware issue

Google hikes Mozilla's bug bounty for Chrome flaws

Unpatched Windows shortcut flaw leaves users open to drive-by attacks

Google vs. Microsoft: The battle of Ormandy

Dell's response to motherboard malware causes confusion


Help Net Security - Linux Software

Snort 2.8.6.1

GnuPG 2.0.16

ntop 4.0

Shorewall 4.4.11

Nmap 5.35 DC1

Kismet 2010-07-R1

DazukoFS 3.1.3

TrouSerS 0.3.6

TuxFrw 3.00

John the Ripper 1.7.6


Microsoft Security Bulletins

MS10-045 - Important: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)

MS10-044 - Critical: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)

MS10-043 - Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)

MS10-042 - Critical: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593)

MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)

MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)

MS10-039 - Important: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)

MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)

MS10-037 - Important: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218)

MS10-036 - Important: Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)

MS10-035 - Critical: Cumulative Security Update for Internet Explorer (982381)

MS10-034 - Critical: Cumulative Security Update of ActiveX Kill Bits (980195)

MS10-033 - Critical: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)

MS10-032 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (979559)

MS10-031 - Critical: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213)

MS10-030 - Critical: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542)

MS10-029 - Moderate: Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338)

MS10-028 - Important: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094)

MS10-027 - Critical: Vulnerability in Windows Media Player Could Allow Remote Code Execution (979402)

MS10-026 - Critical: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816)

MS10-025 - Critical: Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858)

MS10-024 - Important: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832)

MS10-023 - Important: Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (981160)

MS10-022 - Important: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)

MS10-021 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)


SecurityDOT Articles

Using TAR with Bunzip2 files

Setting the SUID/SGID bits: Giving a program YOUR permissions when it runs

Setting up hamachi on linux

How to disable opera 9 torrents support

How Shellcodes Work

How To Automate Spamcop Submissions

How To Save Traffic With Apache2's mod_deflate

How to scan your Linux-Distro for Root Kits

How To Test Your Linux Firewall

Optimizing DSPAM + MySQL 4.1


SecurityDOT Exploits

XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability

XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability

XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability

Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)

Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)

Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)

Safari 3 for Windows Beta Remote Command Execution PoC

Ace-FTP Client 1.24a Remote Buffer Overflow PoC

MoviePlay 4.76 .lst File Local Buffer Overflow Exploit

e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit


Help Net Security - Windows Software

Password Gorilla 1.5.3.1

Password Safe 3.23

L0phtCrack 6.0.9

Outpost Security Suite Pro 7.0.1 (3377.514.1238)

McAfee AVERT Stinger 10.0.1.972

Rising PC Doctor 6.0.2.8

Anti Tracks 7.4.5

RegRun Reanimator 6.9.6.96

AVG Anti-Virus Free Edition 9.0 Build 851a3009

Kaspersky Anti-Virus Personal 2011 11.0.1.400


WindowSecurity.com

Dissecting the Pass the Hash Attack

Attaching Tasks to Event Viewer Logs and Events

Painless Encryption:Intel Advanced Encryption Standard New Instructions (AES-NI)

Windows 7 Security Primer (Part 3)

Kaspersky Security for Mail Server - Voted WindowSecurity.com Readers' Choice Award Winner - Email Anti Virus

Group Policy Resource Guide

Understanding Man-In-The-Middle Attacks - Part 4: SSL Hijacking

Better Security through Sandboxing

   
VulnWatch

milw0rm.com

BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2

Joomla com_mytube (user_id) Blind SQL Injection Exploit

Joomla com_jinc (newsid) Blind SQL Injection Vulnerability

Snort < 2.8.5 Unified1 Output Denial of Service Exploit

WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities

Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability

CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability

cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit

Winplot (.wp2 File) Local Buffer Overflow Exploit


Bugtraq

iKAT - Interactive Kiosk Attack Tool v3 : Defcon 18 Edition

Nessus Vulnerabilities

[USN-957-2] Firefox and Xulrunner vulnerability

[USN-958-1] Thunderbird vulnerabilities

Re: Internet Explorer 8.0 Address Bar Spoofing Vulnerability

[LWSA-2010-001] Likewise Open 5.4 & 6.0

Mac OS X WebDAV kernel extension local denial-of-service

QQplayer smi File Processing Buffer Overflow Vulnerability

WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities

Multiple vulnerabilities in MC Content Manager

Call For Papers - Hackers 2 Hackers Conference 7th Edition - Brazil

DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit

Internet Explorer 8.0 Address Bar Spoofing Vulnerability

Foofus.net Security Advisory: Symantec AMS Intel Alert Handler service Design Flaw

[USN-927-6] NSS vulnerability




SecurityDot Vulnerabilities

Oracle Highly Interactive Client CVE-2009-1981 Unspecified Local Vulnerability

Oracle E-Business Suite CVE-2009-1986 Remote Oracle Applications Manager Vulnerability

Oracle PeopleSoft CVE-2009-1989 Remote PeopleSoft Enterprise FMS Vulnerability

Oracle Database CVE-2009-1020 Network Foundation Remote Vulnerability

Oracle Database CVE-2009-1969 Remote Auditing Vulnerability

Oracle PeopleSoft Enterprise HRMS eProfile Manager CVE-2009-1988 Remote Vulnerability

Oracle E-Business Suite CVE-2009-1982 Remote Oracle Applications Framework Vulnerability

Oracle Database CVE-2009-1973 Remote Virtual Private Database Vulnerability

Oracle Database CVE-2009-1015 Remote Core RDBMS Vulnerability

Oracle Database CVE-2009-1019 Remote Network Authentication Vulnerability

Oracle E-Business Suite CVE-2009-1980 Remote Vulnerability

Oracle Config Management CVE-2009-1967 Remote Unspecified Vulnerability

Oracle Complex Event Processing CVE-2009-1523 Remote Vulnerability

Oracle Secure Backup CVE-2009-1978 Remote Oracle Secure Backup Vulnerability

Oracle Database CVE-2009-1968 Remote Secure Enterprise Search Vulnerability


Hack In The Box

Android 3.0 might already be in the wild

Whatever happened to Perl?

Cyber spies are already in your systems

Three Steps to a MITM'ed Android Device

Australian hacker in guilty plea over banking info stealing software

Microsoft Updates Bug Reporting Process

Black Hat too commercial for you?

U.S. Government: iPhone Jailbreaking Is Fair Use

Automated cloud-based phishing kit revealed

Human Error the Number One Cause of Data Loss

Android and Apps

Hackers shut down EU carbon-trading website

Talk On High-Speed Trading Hacks Pulled From Security Conference

Yahoo Will Invest in Hackers With Good Ideas

Shortened URL Spam Increases

Do Identity-Theft Protection Services Work?

1.2m computers hit using Eleonore Exploit Toolkit

IE8 stops one billionth malware download

Wikileaks releases massive set of Afghan war files

iPhone 4 loses 90 per cent signal strength

Researchers discover new WPA2 vulnerability - Hole 196

FTC wants to hold firms responsible for privacy

Mozilla re-patches Firefox 3.6 to fix plug-in problem

Ways to snoop 'private' web sessions identified

UTA data on 27,000 people possibly exposed


Infosec Writers Latest Security Papers

Experimental Review of IPSec Features to Enhance IP Security

Cloud Computing – Storm Clouds or is it Smooth Flying?

The Evolving World of Computer Security and Laws

Web Access Management and Single Sign-On

Reverse Honey Trap

The Phishing Guide

Shedding Light on Quantum Cryptography

Securing a Virtual Environment

Investigating the SANS/CWE Top 25 Most Dangerous Programming Errors List

Hacking Tools & Techniques and How to Protect Your Network from Them


This page should reload every hour to keep this information up to date.
If your browser does not support automatic reloads, you will need to reload your browser manually.

Copyright © 2010 Dave Moats.  All rights reserved.  Links: Copyright © by their respective owners.
NO WARRANTIES EXTENDED.  Void where prohibited by law.  Please report any issues or broken links.
You may link to this site freely from your own site.  You may quote from this site, but please include a link to the original source on the originating site.