TOOLS
injectso 0.2.1 - Inject shared libraries into running processes under Solaris and Linux
shiva 0.95 - An executable encryptor for ELF binaries on Linux
PAPERS
A Study In Scarlet - Exploiting Common Vulnerabilities in PHP Applications (English) (Spanish) (French) - Shaun Clowes
PRE ADVISORIES Disclaimer
(SRPRE00001) phpMyAdmin 2.1.0 and phpPgAdmin 2.2.1
(SRPRE00002) phpSecurePages 0.23 Beta
(SRPRE00003) SquirrelMail 1.4
(SRPRE00004) WebCalendar 0.9.26
SECURITY ADVISORIES
(SRADV00001) Arbitrary file disclosure through
PHP file upload
(SRADV00002) Remote root compromise through
pam_smb and pam_ntdom
(SRADV00003) Arbitrary file disclosure through
IMP
(SRADV00004) Remote and local vulnerabilities
in pam_mysql
(SRADV00005) Remote command execution vulnerabilities
in MailMan Webmail
(SRADV00006) Remote command execution vulnerabilities
in phpGroupWare
(SRADV00007) Local root compromise through Lexmark
MarkVision printer drivers
(SRADV00008) Remote command execution vulnerabilities in phpMyAdmin and phpPgAdmin
(SRADV00009) Remote command execution vulnerabilties in phpSecurePiages
(SRADV00010) Remote command execution vulnerabilities in SquirrelMail 1.4
The content provided on this page and any linked pages are copyrighted
by Secure Reality Pty Ltd are protected under Australian legislation.
Advice, directions and instructions on security vulnerabilities on these
pages do not constitute: an endorsement of illegal behaviour; a guarantee
that protection measures will work; an endorsement of any product or solution
or recommendations on behalf of Secure Reality Pty Ltd. Content is provided
as is and Secure Reality does not accept responsibity for any damange
or injury caused as a result of accessing these pages, following the advice
or ignoring the advice placed here.
