for Enterprise iOS application to 2.2.4.1659 or newer
References:
https://www.roblest.com/#research:CVE-2013-5118
Can the comunity please provide feedback and comments in order to ensure the
fix is working well
Many thanks
Mario
/*
***
*** agroMANauer.c ***
*** linux SGID-man exploit ***
*** by [EMAIL PROTECTED] 2000 ***
*** tested on RedHat 5.1 ***
*** It gives
shoots the poor messenger, ie. your cable modem,
when your Cable Provider should be, uhm, well, I guess dropping him a note
should be sufficient :)
Mario
--
Mario LorenzInternet:[EMAIL PROTECTED]
Ham Radio: DL5MLO@OK0PKL
Fyi, Any NT app can bypass the local hosts file using DnsQuery(...,...,
DNS_QUERY_NO_HOSTS_FILE, ...);
[EMAIL PROTECTED]
http://bubbler.net/outlaw/blog
-Original Message-
From: Joachim Schipper [mailto:[EMAIL PROTECTED]
Sent: April 13, 2006 8:13 PM
To:
Imo, what J Thompson _meant_ to say was, It's a pain for security ISVs who
have to find creative ways of selling features which are part of the OS; We
don't care if it's better for the end user, we care about our bottom line.
OS vendors should make no efforts at securing their products so that we,
Looks like the local name is actually more random:
var name = c:\\win+GetRandString(4)+.exe;
Kinda dumb though, as any non-admin class user won't have access to the
local folder on the root [c:\].
[EMAIL PROTECTED]
http://securitymario.spaces.live.com/
-Original Message-
From: Jose
What is WinAppDbg?
==
The WinAppDbg python module allows developers to quickly code instrumentation
scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and provides
an object-oriented abstraction layer to manipulate
Makes sense as a trick to bypass some crappy XSS filters that look
forstrings like javascript:, but I don't think it's a vulnerability
in itself.
On Fri, Dec 16, 2011 at 5:20 PM, Jann Horn jannh...@googlemail.com wrote:
2011/12/15 Bouke van Laethem vanlaet...@gmail.com:
ISSUE:
The base tag
wrote:
On Fri, Dec 16, 2011 at 9:59 PM, Mario Vilas mvi...@gmail.com wrote:
Makes sense as a trick to bypass some crappy XSS filters that look for
strings like javascript:, but I don't think it's a vulnerability in
itself.
I would consider it a browser bug (although I agree it would mostly
You make good points in the rest of the email. This one, however,
doesn't convince me...
On Sat, Dec 17, 2011 at 1:10 AM, Bouke van Laethem vanlaet...@gmail.com wrote:
Wouldn't you agree that by this definition no XSS is ever a
vulnerability: you are just using the ability to inject HTML in
What I understand from the advisory is the Squid proxy is basing its
filtering on the Host header when present, even for the CONNECT
command which doesn't allow this header at all as it makes no sense. I
haven't confirmed the bug but what's being described is definitely a
vulnerability.
There's
://analyzer.securityfocus.com/alerts/020913-Alert-Apache-mod_ssl-Exploit.pdf
The full analysis is available at:
http://analyzer.securityfocus.com/alerts/020916-Analysis-Modap.pdf
If you have any comments or concerns, please do not hesitate to contact
me.
Cheers,
Mario Van Velzen, [EMAIL PROTECTED]
DeepSight Threat
Program: PHPLD (Php link directory)
Homepage: http://www.phplinkdirectory.com/
Language: PHP
Version: 2.0
Php link directory use lib's how adodb, smarthy, phpmailer, etc., etc.
but this lib's have bug's.
Bugs:
ADOdb PostgreSQL SQL Injection Vulnerability
http://www.securityfocus.com/bid/16364
/about25749.html
--
Mario Sergio Candian
-
Live your dreams and face your fears
What is winappdbg?
==
The winappdbg python module allows developers to quickly code
instrumentation scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and
provides an object-oriented abstraction layer to manipulate
What is WinAppDbg?
==
The WinAppDbg python module allows developers to quickly code instrumentation
scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and provides
an object-oriented abstraction layer to manipulate
What is WinAppDbg?
==
The WinAppDbg python module allows developers to quickly code instrumentation
scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and provides
an object-oriented abstraction layer to manipulate
me know if you decide to give it a try, I'll help in anything I can :)
Cheers,
-Mario
On Tue, Jun 16, 2009 at 3:26 PM, Jared
DeMottjdem...@crucialsecurity.com wrote:
Can you compare/contrast with pydbg so I can understand why I might want
to give it a try? Do you have a fuzzing platform like
What is WinAppDbg?
==
The WinAppDbg python module allows developers to quickly code instrumentation
scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and provides
an object-oriented abstraction layer to
19 matches
Mail list logo