There are 194 unregistered users and 0 registered users on-line.

You can log-in or register for a user account here.

Security White Papers:

· Home

Sub Menu
· Latest Comments
· HITB@AvantGo
· HITB@Tradepub
· HITB E-Zine Archive
· HITB Merchandise
· HITB Lite
· HITB GFX
· Members List
· Recommend Us
· Search
· Stats
· Contact Us
· Top 50

[392] Windows XP SP3 Sows Havoc, Users Complain
[200] How to Regain Access to Your Admin Account in Vista using System Restore
[162] Microsoft shares more IE8 security details
[153] Windows Vista More Vulnerable To Malware Than Windows 2000
[129] HSBC loses server stuffed with customer records
[117] Yahoo Adds Security Warnings To Search Results
[116] China refuses to guarantee open Internet during Olympics
[111] DARPA Plans Cyberwar 'Matrix'
[99] Belgium accuses China of cyber-attacks
[96] Hollywood wants $15 million from Pirate Bay

View the Top 50 articles

[2005] WiFi keygen tool for BT Home Hubs released

[1672] Your 10 Biggest Network Security Worries

[1428] Do You Need a Mini-Notebook as a Second PC?

[1209] Hackers look to hardware viruses

[1085] Windows XP SP3 completes Microsoft's NAC architecture

[959] Alleged webcam hacker accused of spying on girls

[923] Microsoft warns of IE7 lock-in with XP SP3

[813] Dell Vostro keyboards cause confusion

[801] Miley Cyrus Takes Heat Over Sexy Photos Leaked Online

[769] Five important security apps for Linux, Mac OS X and Windows

[714] Nigerian duped gullible NASA employee

[712] New techniques hide PDF malware

[696] 'Muslims' hack into Bank of Israel site

[692] Microsoft Board Fails to Decide on Yahoo

[641] Microsoft Gives Backdoor to Law Enforcement -- Well, Not Really

[610] Microsoft Patch Process Called Security Risk

[604] Microsoft denies fault in hacks

[603] Coldplay to give new single away for free

[573] Nokia Gives Widgets Superpowers

[570] Web-based e-mail may be exposing you to privacy and security problems you didn't expect

Issue #1 - #37
Issue #38

Thursday, May 08
·	Comcast mulling metered access, 250GB monthly bandwidth caps (0)
·	Unlocked and pricey, iPhone is coveted in Israel (0)
·	Internet Explorer Zero-Day Treasure Hunt (0)
·	Acunetix says they could have stopped DHS SQL attacks (0)
Wednesday, May 07
·	Hacker kept on NDS payroll after accused of piracy (0)
·	Microsoft warns of IE7 lock-in with XP SP3 (0)
·	Human error and complacency biggest IT security threats (0)
·	Hacking American Idol (0)
·	Hackers harpoon US executives with phony email subpoenas (0)
·	Should security modules be dynamically loadable? (0)
·	Oracle architect says there ought to be one Linux distribution: Red Hat (0)
·	Rumor: AMD May Divide Itself Into Two Companies (0)
·	Cell Phone Spying: Is Your Life Being Monitored? (0)
·	Isohunt Founder at Center of U.S. Torrent-Tracking Legal Battle (0)
·	Linux Shootout: 7 Desktop Distros Compared (0)
·	Windows Vista SP1 Disaster Recovery Guide (0)
·	Musicians embrace Blu-ray format (0)
·	Security Researchers Find Trove of Stolen Data (0)
·	Cisco Quarterly Results Top Expectations (0)
Tuesday, May 06
·	GNUCITIZEN sets up House of Hackers (0)
·	Evolving Cyber Attacks Pose Challenges (0)
·	EBay not budging on PayPal proposal (0)
·	Echoworx launches Windows file-based encryption tool (0)
·	Cisco: Networking Is Hot Again (0)
·	Google Concerned About Verizon's Open Access (0)
·	Monster.com Founder Starts Social Networking Site for the Dead (0)
·	Zibri says 3G iPhone has no copy/paste and no MMS (0)
·	Hacking NASA: One small step for man, one giant leap for hackers? (0)
·	Storm bot's stranglehold slipping (0)
·	Cross-Site-Scripting with Morse code (0)
	Older articles

XSSed.com
Wiretapped.net
2600.org.au
Shmoo Group
WBG Links
insecure.org
linuxlinks.com
c4i.org
active-security.org
infosurge
SecureMac
FMA
madirish.net
middlesyde.com
Webtechgeek
SK-Web
FS Hot
Evil-Ware
Overclockers Club
sorgonet.com
Earizer.com
ByteBot
TrimMail
Network Security Tech
Network Security Archive
The Hackademy
Secumania.org
Want us to add your page to our links list? Drop us a line

· HITBSecConf2008 - Dubai (Post Conference Party)
· HITBSecConf2008 - Dubai (Conference Day 1 and Day 2)
· HITBSecConf2008 - Dubai (Training Day 1 and Day 2)
· HITBSecConf2008 - Dubai (Setup and Misc)

 User name

Password

 Remember me


 Log in Problems?
 New User? Sign Up!

Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Metasploit Framework v3.1 .pm file support
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Re: Mysterious problem...
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?
Re: What is your personal favorite *nix text editor?

· onecms25-sql.txt
OneCMS version 2.5 remote blind SQL injection exploit that makes use of asd.php.
· galleristic-sql.txt
Galleristic version 1.0 remote SQL injection exploit that makes use of index.php.
· 05.07.08-3.txt
iDefense Security Advisory 05.07.08 - Remote exploitation of an integer signedness vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reallocating dynamic buffers. The rdesktop xrealloc() function uses a signed comparison to determine if the requested allocation size is less than 1. When this occurs, the function will incorrectly set the allocation size to be 1. This results in an improperly sized heap buffer being allocated, which can later be overflowed. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected.
· 05.07.08-2.txt
iDefense Security Advisory 05.07.08 - Remote exploitation of a BSS overflow vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reading in an RDP redirect request. This request is used to redirect an RDP connection from one server to another. When parsing the redirect request, the rdesktop client reads several 32-bit integers from the request packet. These integers are then used to control the number of bytes read into statically allocated buffers. This results in several buffers located in the BSS section being overflowed, which can lead to the execution of arbitrary code. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected.
· 05.07.08-1.txt
iDefense Security Advisory 05.07.08 - Remote exploitation of an integer underflow vulnerability in rdesktop, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists within the code responsible for reading in an RDP request. When reading a request, a 16-bit integer value that represents the number of bytes that follow is taken from the packet. This value is then decremented by 4, and used to calculate how many bytes to read into a heap buffer. The subtraction operation can underflow, which will then lead to the heap buffer being overflowed. iDefense confirmed the existence of this vulnerability in rdesktop version 1.5.0. Previous versions may also be affected.
· google-spam.txt
It appears that manipulating the forwarding functionality in Google's GMail service allows people to spam.
· glsa-200805-05.txt
Gentoo Linux Security Advisory GLSA 200805-05 - Multiple Denial of Service vulnerabilities have been discovered in Wireshark. Versions less than 1.0.0 are affected.
· glsa-200805-04.txt
Gentoo Linux Security Advisory GLSA 200805-04 - A vulnerability has been reported in FCKEditor due to the way that file uploads are handled in the file editor/filemanager/upload/php/upload.php when a filename has multiple file extensions (CVE-2008-2041). Another vulnerability exists in the _bad_protocol_once() function in the file phpgwapi/inc/class.kses.inc.php, which allows remote attackers to bypass HTML filtering (CVE-2008-1502). Versions less than 1.4.004 are affected.

· All topics
· AMD News (May 07, 2008)
· Apple News (May 08, 2008)
· Articles (Feb 13, 2006)
· Ask Us (Feb 01, 2003)
· Audio/Video (May 07, 2008)
· Encryption (May 08, 2008)
· Games (May 08, 2008)
· Hardware (May 03, 2008)
· HITB News (Dec 03, 2007)
· Industry News (May 09, 2008)
· Intel News (Apr 29, 2008)
· Law and Order (May 09, 2008)
· Linux (May 07, 2008)
· Microsoft (May 09, 2008)
· Networking (May 06, 2008)
· PDAs (Feb 09, 2007)
· Privacy (May 09, 2008)
· Red Hat (May 07, 2008)
· Science (Apr 28, 2008)
· Security (May 09, 2008)
· Software & Programming (May 08, 2008)
· Spam (Apr 11, 2008)
· Technology (May 03, 2008)
· Transmeta (Jul 07, 2007)
· Viruses & Malware (May 08, 2008)
· Wireless (May 01, 2008)

HardlineNews.com
ITDefence.ru
DarkMindz
SecGeeks.com
Elite Hackers
Xatrix Computer Security
Root Compromise
Help Net Security
shellcity.net
techfocus.org
EyeonSecurity
eBCVG
Illmob.org
HackerStickers.com
Mac Shadows
Local Area Security
Astalavista
Phoronix.com
Modding World Windows Security
Secom Group
GaryMckinnon.com
HERT.org
Segfault.net

Ubuntu Linux: Firefox vulnerabilities

---

Red Hat: Ruby safe-level vulnerability

---

Red Hat: Seamonkey critical security vulnerabilities

---

Debian: Drupal several remote vulnerabilities

---

Debian: Kernel local race condition

---

SUSE: Kernel local privilege escalation

---

Ubuntu Linux: Update introduced regression

---

Ubuntu Linux: Mozilla-Thunderbird vulnerabilities

---

Mandriva: Perl log flaw

---

Ubuntu Linux: Mozilla various vulnerabilities