=========================================
             title: Microsoft ASP.NET Forms Authentication Bypass
           product: Microsoft .NET Framework
 vulnerable version: Microsoft .NET Framework Version:4.0.30319;
                    ASP.NET Version:4.0.30319.237 and below
     fixed version: MS11-100
               CVE: CVE-2011-3416
            impact: critical
          homepage: http://www.microsoft.com/net
        &... Read more »

#2011-003 multiple implementations denial-of-service via hash algorithm
collision

Description:

A variety of programming languages suffer from a denial-of-service (DoS)
condition against storage functions of key/value pairs in hash data
structures, the condition can be leveraged by exploiting predictable
collisions in the underlying hashing algorithms.

The issue finds particular exposure in web server applications and/or
frameworks. In particular, the lack of sufficient limits for the number of
parameters in POST requests in conjunction with the predictable collision
properties in the hashing functions of the underlying languages can render web
applications vulnerable to the DoS condition. The attacker, using specially
crafted HTTP requests, can lead to a 100% of CPU usage which can last up to
several hours depending on the targeted application and server performance,
the amplification effect is con... Read more »

Trustwave's SpiderLabs Security Advisory TWSL2011-019:
Cross-Site Scripting Vulnerability in phpMyAdmin

https://www.trustwave.com/spiderlabs/advisories/TWSL2011-019.txt

Published: 12/22/11
Version: 1.0

Vendor: phpMyAdmin (http://www.phpmyadmin.net/)
Product: phpMyAdmin
Version affected: 3.4.8 and prior

Product description:
An open source tool developed in PHP to manage and administer MySQL
databases remotely.  The web browser interface allows creating, modifying
or deleting databases, tables, fields or rows, executing SQL statements,
and other database functions.

Credit: Jason Leyrer of Trustwave SpiderLabs

Finding 1: Cross-Site Scripting (XSS) Vulnerability in Setup Interface
CVE: CVE-2011-4782

Affected versio... Read more »

snarf.php:

170.   // If the user specified a more specialized regex
171.   if ( isset($params['regex']) && isset($params['regexres']) && preg_match('/^(.)(.)+\1[^e]*$/', $params['regex']) ) {
172.      $snarf = preg_replace( $params['regex'], $params['regexres'], $snarf );
173.   }

input passed through $_REQUEST['regex'] is checked by a regular expression at line 171 to prevent
execution of arbitrary PHP code using the  'e'  modifier in a call to preg_replace() at line 172.
But  this  check  could  be  bypassed  with a  null byte ... Read more »

Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. This can be done within 40 to 512-bit WEP and password just once encrypted packets "have been collected. Aircrack can also attack WPA 1 or 2 networks using advanced cryptographic methods or forcing rough. The suite includes airodump (an 802.11 packet taker program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP / WPA for decision-file).

AirSnort
802.11 WEP Encryption Cracking Tool
is a wireless LAN (WLAN) tool which is used to recover the password encryption. It was developed by the shmoo group passive and operated by monitoring transmissions, computing the encryption password will be made if the package has been collected. You may also be interested in this AirSnort.

CoWPAtty
this is a good tool to force cracking WPA-PSK, considered the "New WEP" for Wireless Home Security. This progr... Read more »