Awesome, we get it, you found a new class of vulnerability and we should
totally hire you for our next pentest and shower you in monies. What
about a good ol' fashioned Vendors: multiple advisory, though? Instead
of this spamming?
___
Full-Disclosure -
modversion ha scritto:
PREfast can only work with the Visual Studio,any standalone tools
can make it ?
just run the command line compiler with the /analyze switch, no need to
use Visual Studio
___
Full-Disclosure - We believe in it.
Charter:
modversion ha scritto:
I want a free static analysis tool for c/c++ code in win32
platform,which do not need to compile the codes.
have you tried Microsoft's PREfast?
___
Full-Disclosure - We believe in it.
Charter:
Adolf Hitler ha scritto:
This man is a danger to the community at large. He's stated on several
occasions that he accepts pedophiles and is willing to work with them.
GB2HD2K, dimbulb. We don't give a shit about goon justice
___
Full-Disclosure - We
I)ruid ha scritto:
MD5:89ec9df95c1315dcb1a668e35b051b07
SHA1: 9f351ae9a3fbbbadaf10fea91384a32ed9836d36
SHA256: 02acfbfe892a47de50273f367f98cc2b5023dec34e668ca3ffbaa42c7dcbd5eb
let me introduce you to http://www.itconsult.co.uk/stamper.htm
___
Guy Fawkes is the new Luther Blisset
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
H D Moore ha scritto:
...because letting developers choose to bind their query parameters has
worked so well before ;-)
HDM, why don't join the HTML5 working group? you or GNUcitizen? With
your experience and credentials, you should have no problem getting your
opinions heeded
KJK::Hyperion ha scritto:
Previous scanning worms, such as Code Red, spread via many threads,
each invoking connect() to probe random addresses.
what the hell is this? visiting the iniquity of the applications upon
the protocols? Winsock is probably the only API that lets you connect
sub ha scritto:
Previous scanning worms, such as Code Red, spread via many threads,
each invoking connect() to probe random addresses.
what the hell is this? visiting the iniquity of the applications upon
the protocols? Winsock is probably the only API that lets you connect()
asynchronously
Tonnerre Lombard ha scritto:
Isn't the FTP client compiled with stack overflow protection?
If so, how is that supposed to help?
By terminating the program before the payload is executed
May I suggest that this protection is not perfect? I was hoping that
people on this mailing list consider
Rajesh Sethumadhavan ha scritto:
Microsoft FTP Client Multiple Bufferoverflow
Vulnerability
Isn't the FTP client compiled with stack overflow protection?
___
Full-Disclosure - We believe in it.
Charter:
Tonnerre Lombard ha scritto:
Microsoft FTP Client Multiple Bufferoverflow
Vulnerability
Isn't the FTP client compiled with stack overflow protection?
If so, how is that supposed to help?
By terminating the program before the payload is executed
___
KJK::Hyperion ha scritto:
The present patch is dramatically under-tested and it has underwent no
quality assurance procedure whatsoever, so please deploy with the
greatest care.
Indeed, I just found a gruesome memory leak in it. A silly bug, brown
paperbag-grade shame. If you installed my
KJK::Hyperion ha scritto:
ShellExecute is not called ExecuteUri [...]
This function isn't, either, but it should be close enough:
/* --- 8 -- 8 -SNIP- 8 -- 8 -- 8 -SNIP- 8 --- */
/*
* Helper functions to unambiguously execute URLs with ShellExecute(Ex).
* Author: KJK::Hyperion
Reposted for better visibility (I love attention). Have a nice week.
Hope this makes you feel less vulnerable 3
http://spacebunny.xepher.net/hack/shellexecutefiasco/
ShellExecuteFiasco - third-party patch for CVE-2007-3896
Copyright (C) 2007 KJK::Hyperion [EMAIL PROTECTED]
http
And of course Thunderbird now preserves the thread references when you
edit as new and now I look like an idiot.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
KJK::Hyperion ha scritto:
Since this issue is a great big rats nest, I promise a third-party patch
for it by tomorrow. Deal?
And tomorrow turned out to be whenever it's done. Here is it, have a
temporary, third-party patch for CVE-2007-3896, by yours truly:
http://spacebunny.xepher.net/hack
Since this issue is a great big rats nest, I promise a third-party patch
for it by tomorrow. Deal?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Paul Szabo ha scritto:
Windows already does special %-decoding to URL protocol handlers as per
http://msdn2.microsoft.com/en-us/library/aa767914.aspx
(whereas I do not think it does that to most other application launch
registry keys). It should also protect blanks and quote characters, and
Glynn Clements ha scritto:
Modifying individual programs to protect against a shell-injection bug
in Windows' URI handler is a workaround (mitigation strategy), not a
fix.
I repeat. Nowhere is said that ShellExecute (the default run stuff
function) takes URLs. It takes strings. A desktop
Geo. ha scritto:
2) That said program can protect itself against overtly malicious input.
Ok then, I can mark you down as one who believes that all the php exploits
blamed on bad code writing are actually the fault of php and not the
application coded using it's powerful functionality?
No
Geo. ha scritto:
I don't agree. Whatever program takes input from an untrusted source, it's
that programs duty to sanitize the input before passing it on to internal
components. It's like a firewall, you filter before it gets inside the
system.
NO! wrong! stop the input sanitization
Paul Szabo ha scritto:
What I see as root cause, is not what IE7 has changed. Windows was
always confused about quoting, may parse and re-parse a command an
unspecified number of times. Compared to Unix, it confuses system(3)
with execl(3).
You cannot compare them, Windows doesn't have
iDefense Labs wrote:
WinPcap NPF.SYS Local Privilege Escalation Vulnerability
iDefense Security Advisory 07.09.07
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 09, 2007
I. BACKGROUND
WinPcap is a software package that facilitates real-time link-level
network access for
PSYOP HARRY POTTER wrote:
Hehe, you don't even know what can be done with PSYOP.
Hey, knock it off, you are overdoing it. My recent post? the one about
dismal social skills and crippling lack of subtlety among IT security
people? yeah.
Come on, admit it: the Harry Potter thing was a
Eitan Caspi wrote:
I'm confused.
It escapes me, really. There is no excuse not to know exactly when, why
and how anything happens on a Windows machine, not with the excellent,
affordable tracing tools we have at our disposal in this time and age. I
loathe the term security researchers - it
26 matches
Mail list logo