Detected 1 occurrence(s) of ‘CVE\-20[0-1]{1}[0-9]{1}\-[0-9]{4}’:

 ret;
	}
	return 0;
}

static void __exit wrapper_exit(void)
{
	unregister_kprobe(&kp);
}

module_init(wrapper_init)
module_exit(wrapper_exit)

MODULE_LICENSE("GPL");
MODULE_AUTHOR("Andrea Righi <andrea@betterlinux.com>");
MODULE_DESCRIPTION("Fix perf bug CVE-2013-2094");

Source: http://pastie.org/pastes/7915971/download

Detected 1 occurrence(s) of ‘CVE\-20[0-1]{1}[0-9]{1}\-[0-9]{4}’:

/* 
 * Linux Kernel <= 2.6.36-rc8 RDS privilege escalation exploit
 * CVE-2010-3904
 * by Dan Rosenberg <drosenberg@vsecurity.com>
 *
 * Copyright 2010 Virtual Security Research, LLC
 *
 * The handling functions for sending and receiving RDS messages
 * use unchecked __copy_*_user_inatomic functions without any
 * access checks on

Source: http://pastebin.com/raw.php?i=SBjLzKxx

Detected 1 occurrence(s) of ‘CVE\-20[0-1]{1}[0-9]{1}\-[0-9]{4}’:

ginx 1.4.1                                         07 May 2013

    *) Security: a stack-based buffer overflow might occur in a worker
       process while handling a specially crafted request, potentially
       resulting in arbitrary code execution (CVE-2013-2028); the bug had
       appeared in 1.3.9.
       Thanks to Greg MacManus, iSIGHT Partners Labs.


-- 
Maxim Dounin

http://nginx.org/en/donation.html

_______________________________________________
nginx-announce mailing list
nginx-announce@nginx

Source: http://pastebin.com/raw.php?i=sbvp39JU

Detected 1 occurrence(s) of ‘CVE\-20[0-1]{1}[0-9]{1}\-[0-9]{4}’:

/* 
 * Linux Kernel <= 2.6.36-rc8 RDS privilege escalation exploit
 * CVE-2010-3904
 * by Dan Rosenberg <drosenberg@vsecurity.com>
 *
 * Copyright 2010 Virtual Security Research, LLC
 *
 * The handling functions for sending and receiving RDS messages
 * use unchecked __copy_*_user_inatomic functions without any
 * access checks on

Source: http://pastebin.com/raw.php?i=VEm9yXxW

Detected 2 occurrence(s) of ‘(fopen|file)\(.*\$(GET|POST)’:

ML parser looks and change)
]>


CTF XXE injecton ? :)

<?php

if(isset($_FILES['name'])){
$get=$_FILES['name']['tmp_name'];
          $xml = simplexml_load_string(file_get_contents($get));
                 //or
          //$xml=simplexml_load_file($get);
print_r($xml);
}
?>

ctfbarxml

=>
<!DOCTYPE foo [
    <!ENTITY passwd SYSTEM "file:///etc/passwd"> = > entity name passwd (XML parser looks and change)
]>

<?xml version="1.0" encoding="ISO-8859-1"?>
<ctf>
<fla>
  <title lang="eng">Harry

Detected 1 occurrence(s) of ‘CVE\-20[0-1]{1}[0-9]{1}\-[0-9]{4}’:

-loader.php

path libxml_disable_entity_loader(true); < = "fixing" (Disable the ability to load external entities)
libxml_disable_entity_loader() function disables the ability to load external entities.

Proof = > http://www.secforce.com/blog/2012/01/cve-2011-4107-poc-phpmyadmin-local-file-inclusion-via-xxe-injection/

subject links

http://www.securityfocus.com/archive/1/297714


http://www.w3resource.com/xml/external-entities.php

http://www.w3schools.com/dtd/

Source: http://pastebin.com/raw.php?i=LH9Y9RXV