Archives

TOOLS
injectso 0.2.1 – Inject shared libraries into running processes under Solaris and Linux
shiva 0.95 – An executable encryptor for ELF binaries on Linux

PAPERS
A Study In Scarlet – Exploiting Common Vulnerabilities in PHP Applications (English) (Spanish) (French) – Shaun Clowes

PRE ADVISORIES
(SRPRE00001) phpMyAdmin 2.1.0 and phpPgAdmin 2.2.1
(SRPRE00002) phpSecurePages 0.23 Beta
(SRPRE00003) SquirrelMail 1.4
(SRPRE00004) WebCalendar 0.9.26


SECURITY ADVISORIES
(SRADV00001) Arbitrary file disclosure through PHP file upload
(SRADV00002) Remote root compromise through pam_smb and pam_ntdom
(SRADV00003) Arbitrary file disclosure through IMP
(SRADV00004) Remote and local vulnerabilities in pam_mysql
(SRADV00005) Remote command execution vulnerabilities in MailMan Webmail
(SRADV00006) Remote command execution vulnerabilities in phpGroupWare
(SRADV00007) Local root compromise through Lexmark MarkVision printer drivers
(SRADV00008) Remote command execution vulnerabilities in phpMyAdmin and phpPgAdmin
(SRADV00009) Remote command execution vulnerabilties in phpSecurePiages
(SRADV00010) Remote command execution vulnerabilities in SquirrelMail 1.4