Hi,
I'm testing BIG-IQ v 0.0.7028,( no the last HF but i don't see the bug fix in
the HF1) the new mngmt of F5 BIG-IP, i see that you are loggout and join to the
next link
LINK : (where $user is the user)
https://127.0.0.1/mgmt/shared/authz/users/$user/
When i open this link and try some
Description
---
The f5 is a load balancer which has several modules, one of them called ASM
works as a WAF (firewall application). The asm allow create security policy
to protect a web site for example.
For it have some methods
Create a policy automatically (recommended) - BAD IDEA
with
invalid char, the invalid char can be a , or % is important that you add
some %20 for display a white space in the url.
http://es.geocities.com/jplopezy/firefoxspoofing.html
PD : I send this to bugzilla
--
Juan Pablo Lopez Yacubian
.
--
POC/EXPLOIT
The poc is a simple code in visual basic that creates many folders with a longs
names and after this, the aplication, scans the folder and the av crash.
download here : http://es.geocities.com/jplopezy/officescan.zip
Application: BitDefender Internet Security 2009
OS: Windows Xp (All patches a day)
--
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
--
Description
BitDefender Internet Security
.
--
POC/EXPLOIT
Enter in this url
http://es.geocities.com/jplopezy/nokiacrash2.html
or make html file and insert this code
input type='checkbox' id='c'
script
r=document.getElementById('c');
a=r.setAttributeNode();
/script
System.
--
POC/EXPLOIT
you can open this url with the browser or send mms with this image.
http://es.geocities.com/jplopezy/nokiacrash.jpg
--
Juan Pablo Lopez Yacubian
in the browser of nokia n95 and this crash, only the
browser.., the bug is very inofensive
but is curious
--
POC/EXPLOIT
Enter in this url
http://es.geocities.com/jplopezy/nokiacrash.html
or make html file and insert many tags marquee
According to MS, is stack exhaustion and not overflow.
http://blogs.technet.com/swi/archive/2009/01/28/stack-overflow-stack-exhaustion-not-the-same-as-stack-buffer-overflow.aspx
Application: Internet explorer 7.0
OS: Windows xp - sp3 - full patch (windows vista don't work!)
--
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
--
Description
Internet explorer is a
hi
is very curious vulnerability...
I think I found a variant of this vulnerability, if using another protocol (eg:
https ://).
I am sure that is an variant because providing other protocolos (eg: http://)
does not work, nor the exceptions that are generated are equal to fail.
mmm sorry..
don't works this...
:(
Juan Pablo Lopez Yacubian
There is a security issue in the blue coat.
The problem lies in the Web Filter, which lets you execute an XSS.
This only affects the Internet Explorer browser.
as a result, could jump the antivirus scan or make spoofing.
POC
http://www.example.com/file.exe?script(1)/script
Juan
Application: ZoneAlarm Security Suite
OS: Windows Xp (All patches a day)
--
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
--
Description
The zonealarm is a known firewall,
which in the
another proof of concept of how to break the google chrome, there is not much
detail in reality.
the result of error in ollydbg is:
Access violation when reading []
nigun effect obviously does not cause dangerous but it is a curiosity.
Juan Pablo Lopez Yacubian
POC:
Application: Outpost Security Suite Pro ver. 2009
OS: Windows Xp (All patches a day)
--
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
--
Description
Outpost Security Suite is a
Application: Rhythmbox 0.11.5
OS: Linux - Ubuntu 8.04
--
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
--
Description
Rhythmbox is a renowned player of mp3 files that comes bundled
Application: Pidgin 2.4.1
OS: Linux - Ubuntu 8.04
--
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
--
Description
Pidgin is an instant messaging program with which you can use a
.
XSS
http://es.geocities.com/jplopezy/xss.doc
CRASH
http://es.geocities.com/jplopezy/crash.rtf
Juan Pablo Lopez Yacubian
Hello, you inform that is the only vulnerable version 7.0. In the version with
sp is not vulnerable. I apologize if generate Confucianism. The problem was
that I did the tests only in the 7.0 and then thought were also vulnerable to
the other versions.
PRODUCT: GroupWise 7.0
OS: Windows Xp
The scheme mailto is vulnerable if one takes as default mail client to
GroupWise, the fault is to implement the scheme followed by an extensive
argument and this causes the buffer overflow. This brings the consequence that
can overwrite the EIP and is
to select it and copy it to an Excel
spreadsheet and may see vulnerability.
(will have to see the source code of the page because txt files in geocities
interpret tags ...)
http://es.geocities.com/jplopezy/excelxss.txt
greetings!
Juan Pablo Lopez Yacubian
if we send the file with this extension html penalties to visualize the
mail is broken, in the case of other extensions is necessary to preview the
attachment.
I leave here with a zip and two files created, to test the concept.
http://es.geocities.com/jplopezy/groupwise.zip
greetings.
Juan
what happens is that you can inject code because the excel interprets the tag
html for example if pasted into the excel h1 hello / h1 that it does is
show the text in bold .. does nothing, but if pasted html h1 hello / h1
appears in bold text.
Juan Pablo Lopez Yacubian
I found a flaw in the trillian 3.1 for Windows.
It is that on receipt of a nickname too long with some characters, this leads
to break the program, the failure of the curious is that when the abri with
ollydbg tries to read the argument of the message such as whether to wear the
nickname long
as a result fails
Access violation when reading [0004]
Good will leave the proof of concept
http://es.geocities.com/jplopezy/pruebasafari3.html
And the greetings!
Juan Pablo Lopez Yacubian
fuzzertina.blogspot.com
I was testing the flaw found in the safari with firefox and also fails .. But
it takes a little more to react, defective version of firefox 3.0 beta 5, I
left the proof of concept.
http://es.geocities.com/jplopezy/pruebamozilla.html
Test on : window vista and xp
Juan Pablo Lopez Yacubian
Dear w0lfd33m:
Not fail in firefox, these poorly understood failure.
The fault is not that they are both directions numeral (#) if it is that when
you create a popup with this small sample size the end of the address complete
numeral only makes what is behind it is irrelevant to the The
that's more serious an attack that a proof of concept.
Here I leave the proof of concept.
http://es.geocities.com/jplopezy/iespoof.html
Greetings from Argentina!
Juan Pablo Lopez Yacubian
fuzzertina.blogspot.com
the following exception.
Acess violation when writing to [9c236d62]
Below left the proof of conceptÂ… greetings and continue well !!!
POC
http://es.geocities.com/jplopezy/pruebasafari2.html
Juan Pablo Lopez Yacubian
fuzzertina.blogspot.com
command more to say greetings from Argentina !!!
http://es.geocities.com/jplopezy/pruebasafari.html
Juan Pablo Lopez Yacubian
fuzzertina.blogspot.com
in the text file by precautions that just copy and
paste it into the subject of the mail to test concept
http://es.geocities.com/jplopezy/SmarterMailXSS.txt
I hope that will be useful greetings!
Juan Pablo Lopez Yacubian
fuzzertina.blogspot.com
A, that causes the
publisher fails, when you open with a debugger like ollydbg I strip the
following exception
Access violation when reading [0046]
Here I leave the proof of concept
Http://es.geocities.com/jplopezy/prueba.pub
The following causes the crash programme. We make a new
down exactly from the
direction 14E0 to 2A80.
I leave a proof of concept
es.geocities.com/jplopezy/prueba.doc
Juan Pablo Lopez Yacubian
fuzzertina.blogspot.com
/jplopezy/PRUEBA.zip
Thank you for your time
Greetings
Juan Pablo Lopez Yacubian
http://fuzzertina.blogspot.com/
Apparently this SMTP server crashes when creating a mail poorly trained causing
a denial of service.
Proof-of-concept
HELO ../A/ * 950
MAIL FROM: ../A/ * 950
RCPT TO: ../A/ * 950
data
../A/ * 950
.
Juan Pablo Lopez Yacubian
http://fuzzertina.blogspot.com/
The program is vulnerable to attacks of the kind xss the parameter about:
scripts without authorization in the example that I am presenting is a page
that runs a while with a msgbox infinity.
Create an html file and paste the following code
html
frameset rows=100%
frame
the source
code when lowering the bar to visualize the end of the east document promouth
that the navigator fails I leave a test of concept down
I leave a test of concept down
http://es.geocities.com/jplopezy/index.htm
38 matches
Mail list logo