SecurityReason.com - Our Reason is

Security

	SecurityReason
IT News

Search

SecurityAlert Database

About SecurityAlert

ExploitAlert Database

SecurityReason Research

	WLB
WLB Database

Send to WLB

About WLB

	Services
Security Audit

Schedule

Prices of services

Contact

	RSS
SecurityReason IT News

SecurityAlert

World Laboratory of Bugtraq

ExploitAlert

Apache

PHP

	Corporate
Contact

About SecurityReason



	Note
If you have found a vulnerability, please send to our SecurityAlert Database : secalert()securityreason()com Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive : exploit()securityreason()com

IT News: SecurityReason

Multiple Vendors libc/gdtoa printf(3) Array Overrun

New advisory about vulnerabilities in libc for BSD Operating Systems "Multiple Vendors libc/gdtoa printf(3) Array Overrun ". A Array Overrun vulnerability has been identified in new gdtoa implementation in libc library.

PHP 5.2.9 safe_mode and open_basedir bypass

libc:fts_*():multiple vendors, Denial-of-service

PHP 5.2.8 bug free

IT News: World

Hackers target outsourced app development

Many firms fail to think about security when they outsource application development.

Three in five (60 per cent) organisations overlook procedures to mandate security in software development outsourcing, according to a study by analysts Quocirca. One in five (20 per cent) fail to consider security even when building applications in-house.

Security researchers show how to hook phishers

Symantec and Trend grapple with buffer overflow bugs

Veteran defence hacking suspect cuffed in Greece

IT News: Virus

Growing virus production taxes security firms

The volume - if not the variety - of malware samples has undergone almost exponential growth over the last three years.

Malware samples reached 5,490,960 in 2007, five times more than the 972,606 recorded in 2006; which was itself almost three times more than the 333,425 recorded in 2005. The figures, compiled by AV-Test.org, represent a growth in the number of variants of the same piece of malware rather than the creation of numerous new malware strains.

	SecurityAlert: Mo	nitor
	04.07.2009 -	eZ Publish < 3.9.5/3.10.1/4.0.1 Privilege Escalation Exploit

	04.07.2009 -	MDPro Module CWGuestBook <= 2.1 Remote SQL Injection Vulnerability

	04.07.2009 -	Netgear DG632 Router Authentication Bypass Vulnerability

	04.07.2009 -	Bopup Communications Server 3.2.26.5460 Remote SYSTEM

	04.07.2009 -	Zen Cart 1.3.8 Remote Code Execution Exploit

	WLB: Monitor
	04.07.2009 -	Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass"

	04.07.2009 -	ARD-9808 DVR Card Security Camera Passwords View Bug

	03.07.2009 -	Sourcefire 3D Sensor and DC, privilege escalation vulnerability

	03.07.2009 -	Multiple Flaws in Axesstel MV 410R

	03.07.2009 -	eAccelerator encoder files backup Vulnerability

	ExploitAlert:	Monitor
	05.07.2009 -	Avactis Shopping Cart CSRF Vulnerability

	05.07.2009 -	Sourcefire 3D Sensor & Defense Center 4.8.x Privilege Escalation Vuln

	05.07.2009 -	Almnzm (COOKIE: customer) Remote SQL Injection Vulnerability

	04.07.2009 -	Apple Safari 4.x JavaScript Reload Remote Crash Exploit

	04.07.2009 -	Opial 1.0 (Auth Bypass) Remote SQL Injection Vulnerability

Virus: Monitor

» 4 Jul 2009 Troj/FakeAv-VE

» 4 Jul 2009 Troj/Bifrose-XP

» 4 Jul 2009 Troj/BdrPclt-A

» 4 Jul 2009 Troj/Bckdr-QWK

» 4 Jul 2009 Troj/Bckdr-QWL

» 4 Jul 2009 Mal/WaledPak-G

» 4 Jul 2009 Troj/Agent-KKK

» 4 Jul 2009 Troj/Clsldr-I

» 4 Jul 2009 Troj/Renos-DE

» 4 Jul 2009 Troj/Waled-CS

	Alert
Multiple Vendors libc/gdtoa printf(3) Array Overrun - 2009-05-30 SecurityReason realised new advisory about vulnerabilities libc/gdtoa...


	Apache
» Apache Tomcat RequestDispatcher directory traversal vulnerability

» Apache mod_dav / svn Remote Denial of Service Exploit

» Apache Tomcat Information disclosure

» Apache Tomcat User enumeration vulnerability with FORM authentication



	PHP
» PHP 5.2.9 curl safe_mode & open_basedir bypass

» PHP 5.2.6 SAPI php_getuid() overload

» PHP ZipArchive::extractTo() Directory Traversal Vulnerability

» PHP 5.2.6 dba_replace() destroying file