Pulse is the need to know information about the Internet threat landscape. Aggregating and analyzing the top vulnerability and malicious code advisories from commercial, government, education, and open source sources Pulse provides a complete picture of today’s vulnerabilities that may become tomorrows exploits. Questions, concerns, suggestions: pulse [at] vulnerableminds [dot] com Pulse was created and maintained by Vulnerable Minds. home | blog   var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); var pageTracker = _gat._getTracker("UA-2815366-1"); pageTracker._initData(); pageTracker._trackPageview(); Tumblr (3.0; @vm-threats)http://pulse.vulnerableminds.com/<a href="http://seclists.org/fulldisclosure/2009/Sep/0382.html">Windows 7 Launch Party hosted by JTTF and Andrew Auernheimer</a>: Posted by David Kernell rubico on Sep 27 <p> <br/> Hello. </p> <p> My name is Gary McKinnon. I’m from the Joint Terrorism Task Force. </p> <p> I create terrorism by tricking dumb people. Further, we fulfill our goal of…</p>http://pulse.vulnerableminds.com/post/199023010http://pulse.vulnerableminds.com/post/199023010Mon, 28 Sep 2009 05:24:58 -0400<a href="http://seclists.org/fulldisclosure/2009/Sep/0374.html">Drupal Bibliography 6.x-1.6 XSS Vuln</a>: Posted by Black Packeteer on Sep 25 <p> <br/> The Drupal Bibliography Module 6.x-1.6 (<a href="http://drupal.org/project/biblio" target="_blank">http://drupal.org/project/biblio</a>) contains a cross site scripting vulnerability because it fails to sanitize the…</p>http://pulse.vulnerableminds.com/post/197425328http://pulse.vulnerableminds.com/post/197425328Sat, 26 Sep 2009 09:24:58 -0400<a href="http://seclists.org/fulldisclosure/2009/Sep/0372.html">Attacks via redirectors</a>: Posted by MustLive on Sep 25 <p> <br/> Hello participants of Full-Disclosure! </p> <p> In case if you don’t read WASC Mailing List, where I often make announcements of my articles (or even post articles directly…</p>http://pulse.vulnerableminds.com/post/197425331http://pulse.vulnerableminds.com/post/197425331Sat, 26 Sep 2009 09:24:58 -0400<a href="http://seclists.org/fulldisclosure/2009/Sep/0362.html">CFS 09October 5-6 Updated SpeakerSession List</a>: Posted by Trish M on Sep 23 <p>         </p> <p>       The Computer Forensics Show is the “Don’t miss” event of the year for all Litigation, Accounting and IT Professionals! </p> <p>       Register Now </p> <p>…</p>http://pulse.vulnerableminds.com/post/196460472http://pulse.vulnerableminds.com/post/196460472Fri, 25 Sep 2009 03:36:10 -0400<a href="http://seclists.org/fulldisclosure/2009/Sep/0366.html">PakBugs.com Aftermath.</a>: Posted by Catch Them on Sep 24 <p> </p> <p> Here are some clarifications after doing considerable reading on the internet about the PakBugs.com Hack/Crack or whatever you want to call it. I have no group, i…</p>http://pulse.vulnerableminds.com/post/196460465http://pulse.vulnerableminds.com/post/196460465Fri, 25 Sep 2009 03:36:09 -0400<a href="http://seclists.org/fulldisclosure/2009/Sep/0367.html">Cross-Site Scripting vulnerability in E107</a>: Posted by MustLive on Sep 24 <p> <br/> Hello Full-Disclosure! </p> <p> I want to warn you about Cross-Site Scripting vulnerability in E107. Which I found at 31.01.2009 and disclosed recently. </p> <p> XSS: At page for…</p>http://pulse.vulnerableminds.com/post/196460438http://pulse.vulnerableminds.com/post/196460438Fri, 25 Sep 2009 03:36:07 -0400<a href="http://seclists.org/fulldisclosure/2009/Sep/0353.html">Avast aswMon2.sys kernel memory corruption and Local Privilege Escalation</a>: Posted by evil fingers on Sep 23 <p> <br/> Source: <br/> <a href="https://www.evilfingers.com/advisory/Advisory/Avast_aswMon2.sys_kernel_memory_corruption_and_Local_Privilege_Escalation.php" target="_blank">https://www.evilfingers.com/advisory/Advisory/Avast_aswMon2.sys_kernel_memory_corruption_and_Local_Privilege_Escalation.php</a> </p> <p> —————-[Avast…</p>http://pulse.vulnerableminds.com/post/195499660http://pulse.vulnerableminds.com/post/195499660Wed, 23 Sep 2009 23:57:54 -0400<a href="http://seclists.org/fulldisclosure/2009/Sep/0356.html">Audited by Netcraft... any feedback</a>: Posted by jk3380_at_naida.org on Sep 23 <p> </p> <p> Hi </p> <p> I’m looking for feedback on the results and worthliness of the “Audited by Netcraft” service as an alternative of manye self appointed…</p>http://pulse.vulnerableminds.com/post/195499604http://pulse.vulnerableminds.com/post/195499604Wed, 23 Sep 2009 23:57:49 -0400<a href="http://www.microsoft.com/technet/security/advisory/975497.MSpx?pubDate=2009-09-23">Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution</a>: <p>Revision Note: V1.2 (September 23, 2009): Clarified the FAQ, What is Server Message Block Version 2 (SMBv2)? Also clarified the impact of the workaround, Disable SMB v2.Summary: Security Advisory</p>http://pulse.vulnerableminds.com/post/195386805http://pulse.vulnerableminds.com/post/195386805Wed, 23 Sep 2009 20:44:42 -0400<a href="http://www.milw0rm.com/exploits/9725">Winplot (.wp2 File) Local Buffer Overflow Exploit</a>http://pulse.vulnerableminds.com/post/193634477http://pulse.vulnerableminds.com/post/193634477Mon, 21 Sep 2009 17:42:41 -0400<a href="http://www.milw0rm.com/exploits/9726">cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit</a>http://pulse.vulnerableminds.com/post/193634465http://pulse.vulnerableminds.com/post/193634465Mon, 21 Sep 2009 17:42:40 -0400<a href="http://www.milw0rm.com/exploits/9727">CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability</a>http://pulse.vulnerableminds.com/post/193634442http://pulse.vulnerableminds.com/post/193634442Mon, 21 Sep 2009 17:42:38 -0400<a href="http://www.milw0rm.com/exploits/9728">ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability</a>http://pulse.vulnerableminds.com/post/193634425http://pulse.vulnerableminds.com/post/193634425Mon, 21 Sep 2009 17:42:36 -0400<a href="http://www.milw0rm.com/exploits/9729">Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities</a>http://pulse.vulnerableminds.com/post/193634395http://pulse.vulnerableminds.com/post/193634395Mon, 21 Sep 2009 17:42:33 -0400<a href="http://www.milw0rm.com/exploits/9730">WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities</a>http://pulse.vulnerableminds.com/post/193634327http://pulse.vulnerableminds.com/post/193634327Mon, 21 Sep 2009 17:42:26 -0400<a href="http://www.milw0rm.com/exploits/9731">Snort < 2.8.5 Unified1 Output Denial of Service Exploit</a>http://pulse.vulnerableminds.com/post/193634233http://pulse.vulnerableminds.com/post/193634233Mon, 21 Sep 2009 17:42:19 -0400<a href="http://www.milw0rm.com/exploits/9732">Joomla com_jinc (newsid) Blind SQL Injection Vulnerability</a>http://pulse.vulnerableminds.com/post/193634118http://pulse.vulnerableminds.com/post/193634118Mon, 21 Sep 2009 17:42:07 -0400<a href="http://www.milw0rm.com/exploits/9733">Joomla com_mytube (user_id) Blind SQL Injection Exploit</a>http://pulse.vulnerableminds.com/post/193633929http://pulse.vulnerableminds.com/post/193633929Mon, 21 Sep 2009 17:41:49 -0400<a href="http://www.milw0rm.com/exploits/9734">BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2</a>http://pulse.vulnerableminds.com/post/193633667http://pulse.vulnerableminds.com/post/193633667Mon, 21 Sep 2009 17:41:22 -0400<a href="http://seclists.org/fulldisclosure/2009/Sep/0271.html">DoS vulnerability in Mozilla Firefox</a>: Posted by MustLive on Sep 20 <p> <br/> Hello Full-Disclosure! </p> <p> This is my second letter to this list. </p> <p> Like in case of my previous letter to this list, I already sent this letter to Bugtraq (at 15th of…</p>http://pulse.vulnerableminds.com/post/193385580http://pulse.vulnerableminds.com/post/193385580Mon, 21 Sep 2009 10:48:54 -0400