Day: August 27, 2013

Packet Storm Advisory 2013-0827-1 – Oracle Java ByteComponentRaster.verify()

The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of “dataOffsets[]” boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was…


Packet Storm Exploit 2013-0827-1 – Oracle Java ByteComponentRaster.verify() Memory Corruption

The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of “dataOffsets[]” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program…….


oclHashcat+ Advanced GPU Hash Cracking Utility 0.15

oclHashcat+ is an advanced GPU hash cracking utility that includes the World’s fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more…….


NASA successfully tests 3D printed rocket components

The use of printers in space to make everything from food and tools to rocket parts aims to reduce costs and improve safety…….


POC2013 Call For Papers

The Call For Papers for POC2013 has been released. The 8th POC “POC2013” will be held in Seoul, Korea November 7th through the 8th…….


IBM iNotes Cross Site Scripting

IBM Lotus iNotes suffered from four cross site scripting vulnerabilities…….


Atlassian Confluence 3.x / 4.x Information Disclosure

Atlassian Confluence versions 3.x and 4.x allow for anonymous users to list all registered users of the system. The vendor does not believe this is a security concern…….


Twitter, NY Times in domain hijack

‘Syrian Electronic Army’ claims responsibility, registrar MelbourneIT fingered as vector……


Twitter: No data breach from possible Syrian Electronic Army hack

The hackers group reportedly took over the site and prevented users from seeing images, but no personal information was affected, according to Twitter…….


Red Hat Security Advisory 2013-1181-01

Red Hat Security Advisory 2013-1181-01 – The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red…