Tag Archive | "vulnerability"


31 August 2007 | 46,364 views

Download pwdump6 and fgdump version 1.6.0 available now.

New versions of the excellent pwdump6 and fgdump have been released (1.6.0 for both!). For those that don’t know what pwdump or gfdump are.. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on […]

Continue Reading


18 July 2007 | 9,602 views

Intel Core 2 Duo Vulnerabilities Serious say Theo de Raadt

The scariest type of all, hardware vulnerabilities. Security guru and creator of OpenBSD Theo de Raadt recently announced he had found some fairly serious bugs in the hardware architecture of Intel Core 2 Duo processors. He goes as far as saying avoid buying a C2D processor until these problems are fixed. A prominent software developer […]

Continue Reading


18 April 2007 | 8,372 views

IE 7 Flaw Could Help Phishers – Error Message Processing

Ah another way for phishers and people wanting to steal login credentials to con IE7 users. Yet another reason to use Firefox or Opera? Not saying these browsers are perfect…but look at the amount of problems Internet Exploder Explorer has had. The flaw lies in the way IE7 processes a locally stored HTML error message […]

Continue Reading


21 December 2006 | 11,312 views

Skype Worm in the Wild – W32.Chatosky

A new worm is spreading fast on the Skype network, it’s activated by a malicious Skype Chat link and it has been seen in the wild in numerous places. Apparently the dangerous link starts with “Check this!” pointing to a .org/.biz address, if you click the link you’ll become infected. There have been no reports […]

Continue Reading


14 July 2006 | 15,349 views

Linux Kernel 2.6.x PRCTL Core Dump Handling – Local r00t Exploit ( BID 18874 / CVE-2006-2451 )

A working version of the exploit used to escalate privileges to root in the recent Debian breakin, ah another root kernel exploit. It’s to do with the way the kernel handles file permissions (or lack of) on core dumps. Linux kernel is prone to a local privilege-escalation vulnerability. A local attacker may gain elevated privileges […]

Continue Reading


10 May 2006 | 6,287 views

MORE Sendmail Problems – Signal Handling Vulnerability

OH MY GOD, NOT ANOTHER SENDMAIL FLAW? What’s that? Yah number 1001010102121. Recently, Mark Dowd of ISS discovered a signal handling vulnerability in Sendmail. We don’t see major bugs in software that’s as popular as Sendmail very often (at least, in the Unix world anyways), and that’s probably a good thing. According to sendmail.com, Sendmail […]

Continue Reading


02 May 2006 | 6,711 views

Proof of Concept for Internet Explorer Modal Dialog Exploit

Pretty interesting and imaginative way to exploit the flaw in IE…yeah I know linked to ActiveX again, all the more reason to use Firefox right? It just shows that the browser really is a point of entry, this could be useful for a penetration test, another way to show how easy it is to get […]

Continue Reading


26 April 2006 | 12,242 views

MS and the new IE vulnerability – Object Tag

Can you see the irony? Just after 2 weeks that M$ released the Internet Explorer security makeover, Michal Zalewski came up with a highly critical exploit, as called by Secunia… based on a mishandling of the OBJECT tag…. Security alerts aggregator Secunia flagged the issue as “highly critical” and stressed that it can be exploited […]

Continue Reading


25 April 2006 | 39,032 views

Penetration Testing vs Vulnerability Assessment

There seems to be a certain amount of confusion within the security industry about the difference between Penetration Testing and Vulnerability Assessment, they are often classified as the same thing when in fact they are not. I know Penetration Testing sounds a lot more exciting, but most people actually want a VA not a pentest, […]

Continue Reading


13 April 2006 | 4,704 views

New Critical MEGApatch fixes 10 Vulnerabilities in Internet Explorer

Well how many does that leave unpatched? 30+ if I remember correctly from the PivX page that got taken down mysteriously. Microsoft on Tuesday released a “critical” Internet Explorer update that fixes 10 vulnerabilities in the Web browser, including a high-profile bug that is already being used in cyberattacks. The Redmond, Wash., software giant sent […]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·