Ascii for Breakfast

Register here Blog about Xen, IT-Security, Linux and other stuff.


valentin@xenuser.org

Recent Posts

• Xen ported to ARM architecture
• New articles published in the German Linux Magazine and Android User
• XCP 1.1 released
• Comments are now open for everyone
• Real-time system monitoring with Dag Wieers’ dstat

Active projects

• Xen Admin

Blogroll

• Bionix' Blog
• h4ckb0x.org
• Jonas
• Official Xen Blog
• Robert
• RTFM (romanian blog)

Archives

• November 2011
• October 2011
• September 2011
• August 2011
• July 2011
• June 2011
• May 2011
• April 2011
• March 2011
• February 2011
• January 2011
• December 2010
• November 2010
• October 2010
• September 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010

Tag cloud

Files ≈ Packet Storm

• Zero Day Initiative Advisory 12-039
• Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution
• Return-Oriented Programming Na Unha!
• D-Link DSL-2640B Authentication Bypass
• AlegroCart 1.2.7 Command Execution
• Snop IP Phone Privilege Escalation
• Zero Day Initiative Advisory 12-038
• Zero Day Initiative Advisory 12-037
• Joomla Dtregister SQL Injection
• Interspire Shopping Cart Insecure Permissions
• Zero Day Initiative Advisory 12-036
• Sagem F@ST 2604 Cross Site Request Forgery
• BRIM SQL Injection
• Mandriva Linux Security Advisory 2012-023
• Linux/x86 BackShell-TCP bash[/dev/tcp],execve(/bin/sh) Shellcode
• Zero Day Initiative Advisory 12-035
• WordPress Magn WP Drag And Drop Shell Upload
• DFLabs PTK 1.0.5 Cross Site Request Forgery
• Philip Abbey Cross Site Scripting
• Limesurvey Blind SQL Injection

Exploit-DB updates

• [webapps] - DFLabs PTK <= 1.0.5 Multiple Vulnerabilities (Steal Authentication Credentials)
• [dos] - Unity 3D Web Player <= 3.2.0.61061 Denial of Service
• [webapps] - D-Link DSL-2640B Authentication Bypass
• [webapps] - WebcamXP and Webcam 7 Directory Traversal Vulnerability
• [webapps] - Dlink DCS series CSRF Change Admin Password
• [webapps] - Limesurvey (PHPSurveyor v.1.91+ stable) Blind SQL Injection
• [dos] - DAMN Hash Calculator v1.5.1 Local Heap Overflow PoC
• [webapps] - BRIM < 2.0.0 SQL Injection
• [webapps] - ForkCMS 3.2.5 Multiple Vulnerabilities
• [webapps] - Sagem F@ST 2604 CSRF Vulnerability (ADSL Router)
• [webapps] - Cisco Linksys WAG54GS CSRF Change Admin Password
• [webapps] - PlumeCMS <= 1.2.4 CSRF Vulnerability
• [local] - DJ Studio Pro 5.1.6.5.2 SEH Exploit MSF - [CVE: 2009-4656]
• [local] - Blade API Monitor Unicode Bypass (Serial Number BOF)
• [webapps] - D-Link DSL-2640B (ADSL Router) CSRF Vulnerability
• [webapps] - 4PSA CMS SQL Injection Vulnerabilities
• [webapps] - SyndeoCMS <= 3.0 CSRF Vulnerability
• [webapps] - almnzm 2.4 <= CSRF Vulnerability (Add Admin)
• [webapps] - Mitra Iranian CMS Remote File Upload
• [webapps] - Pandora FMS v4.0.1 - Local File Include Vulnerability

blog.xen.org

• Initial patches for Xen ARMv7 with Virtualization Extensions applied to xen-unstable.
• XCP 1.5 Beta now available
• 4 weeks to Xen Hackathon in Santa Clara, CA, USA
• Jobs in the Xen Community
• Give us input for the new Xen.org website
• XenSummit 2012: Dates, Location, PMC & CFP
• Please welcome Ian Campbell as Committer for Xen Hypervisor Project (ARMv7+VE)
• Xen 3.4.4 Update Release
• Xen in Linux 3.2, 3.3 and Beyond
• 2012 Xen Event Calendar

Author Links