[FD] Executable installers are vulnerable^WEVIL (case 11): Nmap <7.01 and Nmap-WinPcap <4.13

Hi @ll, the executable installers of Nmap-7.00 and prior versions (see ) as well as WinPcap-Nmap-4.12 and prior versions (included in nmap-7.00-win32.zip and prior versions) are built with the vulnerable Nullsoft Scriptable Install System (NSIS) (see

[FD] Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta)

Hi @ll, several McAfee "security" products, most notably their Security Scan Plus (see for a previous advisory) which Adobe pushes to unsuspecting users of Adobe Reader and Flash Player, are offered as executable installers built with the vulnerabl

[FD] User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello List, This ([1]) is a short article how to use the setgid directory /var/cache/man to escalate privileges from man/man to man/root on Ubuntu Vivid and to root/root via the "catman" cron job [2]. In my opinion this is not a really big issue, but

[FD] Two bytes change and you have a zero day

Hello everyone, The details of MS15-130 is now public. http://blogs.flexerasoftware.com/vulnerability-management/2015/12/vulnerability-in-microsofts-unicode-scripts-processor-allows-execution-of-arbitrary-code.html If interested, you can find more analyzing in the following links: Yet Another Wi

[FD] libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507)

Overview Libnsbmp[1] is a decoding library for BMP and ICO files. It is primarily developed and used as part of the NetSurf project. As of version 0.1.2, libnsbmp is vulnerable to a heap overflow (CVE-2015-7508) and an out-of-bounds read (CVE-2015-7507). CVE-2015-7508 =

[FD] libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506)

Overview Libnsgif[1] is a decoding library for GIF images. It is primarily developed and used as part of the NetSurf project. As of version 0.1.2, libnsgif is vulnerable to a stack overflow (CVE-2015-7505) and an out-of-bounds read (CVE-2015-7506) due to the way LZW-compressed GIF data

[FD] Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370]

Hi everyone, A vulnerability in Grub2 (Back to 28) has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords)

[FD] #BadWinmail: The "Enterprise Killer" Attack Vector in Microsoft Outlook

Hi All, I have released a paper & demo describing a novel/serious attack vector I discovered in Microsoft Outlook. Paper: https://sites.google.com/site/zerodayresearch/BadWinmail.pdfDemo: https://www.youtube.com/watch?v=ngWVbcLDPm8 Reference:https://technet.microsoft.com/en-us/library/security/ms

[FD] ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS

Application:SAP NetWeaver Versions Affected: SAP NetWeaver J2EE Engine 7.40 Vendor URL: http://SAP.com Bugs: Cross-Site Scripting Send: 13.07.2015 Reported: 13.07.2015 Vendor response: 14.07.2015

[FD] [ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability

Application:SAP NetWeaver Versions Affected: SAP NetWeaver J2EE Engine 7.40 Vendor URL: http://SAP.com Bugs: SQL injection Send:13.07.2015 Reported: 13.07.2015 Vendor response: 14.07.2015 Date of Pu

[FD] [CFP] Speak About Your Cyberwar at PHDays VI

​Positive Hack Days VI, the international forum on practical information security, opens Call For Papers (http://www.phdays.com/call_for_papers/​). Our international program comittee (http://www.phdays.com/program/review-board/)  consisting of very competent and experienced experts will conside

[FD] OLE DB Provider for Oracle multiple DLL side loading vulnerabilities

OLE DB Provider for Oracle multiple DLL side loading vulnerabilities Yorick Koster, August 2015 ---

[FD] Shockwave Flash Object DLL side loading vulnerability

Shockwave Flash Object DLL side loading vulnerability Yorick Koster, August 2015 --

[FD] Shutdown UX DLL side loading vulnerability

Shutdown UX DLL side loading vulnerability Yorick Koster, November 2015 Abstra