Theme PMC-Crash For RavenNuke(tm) Released More about

Posted on Sunday, June 28, 2009 @ 00:41:52 CDT in RN Themes
by Raven

papamike writes:  
I released PMC-Crash today. It is a dark theme with emphasis on high gloss graphics. Comes with a matching theme, matching download and web link graphics, custom graphics in the Your Account area and DHTML mouseover main buttons. This is a premium quality theme which members can download for free.

As always you can:
Preview it live HERE
Download it: HERE


 

 

nukeWYSIWYG™ 2.6.4 released by nukeSEO.com More about Read More...

Posted on Saturday, June 27, 2009 @ 10:46:32 CDT in Add-Ons
by Raven

kguske writes:  

nukeSEO.com released nukeWYSIWYG™ 2.6.4 featuring FCKeditor. This update includes several important new and improved features:

  • File manager requires Nuke admin authentication (identified by S Electric)
  • FCKeditor 2.6.4 with new web-based spell checker
  • Browser-specific and compliance fixes

Please note that the file manager has always validated uploads to prevent files that can be used to cause harm to a site (e.g. executable files like .js and .php, as well as scripts renamed to be images).

RavenNuke™ users: The admin authentication change is already implemented in RavenNuke™ 2.30.02 available on this site. We are considering FCKeditor 2.6.4, CKeditor and other editors for future releases of RavenNuke™

 Read More...


 

 

Michael Jackson Death Prompts Malicious Spam More about Read More...

Posted on Friday, June 26, 2009 @ 09:33:44 CDT in Security: Websense
by Raven

::

From WebSense Security Labs

Michael Jackson Death Prompts Malicious Spam

Date:06.26.2009

Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs(tm) ThreatSeeker(tm) Network has discovered spam emails offering recipients links to unpublished videos and pictures of singer Michael Jackson. According to news reports Michael Jackson's death was confirmed yesterday.

The spam email appears to offer a link to a YouTube video, but instead sends the recipient to a Trojan Downloader hosted on a compromised Web site. The file offered is called Michael.Jackson.videos.scr (MD5: 664cb28ef710e35dc5b7539eb633abca). This file is located on a legitimate Web site hosted in Australia belonging to a radio broadcasting station. Upon executing the file, a legitimate Web site at http://musica.uol.com.br/ultnot/2009/06/25/michael-jackson.jhtm is opened by the default browser in order to distract the user by presenting a news article for them to read.

In the background, three further information-stealing components are downloaded and installed by the malware. One of the downloaded files is called michael.gif, which has low AV detection rates - see VT results here. The malware then installs a malicious BHO that is registered with this file %windir%Dynamic.dll and this GUID {FCADDC14-BD46-408A-9842-CDBE1C6D37EB}. Another component is bound to startup at %windir%system32kproces.exe. Another malicious file installed by the malware is %windir%system32fotos.exe.

Translation of the email is as follows:
:: Read More...


 

 

RavenNuke(tm) v2.30.02 Security Fixpack has been released More about

Posted on Thursday, June 25, 2009 @ 18:33:57 CDT in RavenNuke
by Raven

A minor security Fixpack has been released. Please read the forum post RavenNuke(tm) v2.30.02 Security Fixpack has been released for the details.

Note that this upgrade is for RavenNuke(tm) v2.30.01 only. If you are not using RavenNuke(tm) v2.30.01 then you need to FIRST upgrade to v2.30.01 and then apply this fix.

The FULL release downloads for v2.30.02 (v2.30.01 with the Fixpack already applied) are also available for downloading.

Note: 
Admin Note: The upgrade link has been fixed - Sorry!


 

 

Zen Cart Administration Security Bypass Vulnerability More about Read More...

Posted on Wednesday, June 24, 2009 @ 20:20:50 CDT in Security
by Raven

SECUNIA ADVISORY ID: SA35550

VERIFY ADVISORY: http://secunia.com/advisories/35550/

CRITICAL: Moderately Critical

DESCRIPTION: A vulnerability has been discovered in Zen Cart, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is confirmed in version 1.3.8a (full fileset 12112007). Other versions may also be affected.
 Read More...


 

 

Shockwave Player Arbitrary Code Execution Vulnerability More about

Posted on Wednesday, June 24, 2009 @ 20:12:51 CDT in Security
by Raven

SECUNIA ADVISORY ID: SA35544

VERIFY ADVISORY: http://secunia.com/advisories/35544/

CRITICAL: Highly Critical

DESCRIPTION: A vulnerability has been reported in Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is reported in versions prior to 11.5.0.600. The vulnerability is caused due to an unspecified error when processing Shockwave Player 10 content and can be exploited to execute arbitrary code.

SOLUTION: Uninstall versions prior to 11.5.0.600, restart the system, and install version 11.5.0.600: http://get.adobe.com/shockwave/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Paul Kurczaba, reported via ZDI.

ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb09-08.html


 



Page 76 of 659 (3950 total stories) [ << | < | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | > | >> ]  

News ©

Site Info

Last SeenLast Seen
  • vashd1
  • neralex
Server TrafficServer Traffic
  • Total: 513,242,839
  • Today: 55,092
Server InfoServer Info
  • Apr 24, 2025
  • 05:41 am CDT
 
 

Site Navigation