On Tue, 17 Oct 2006, [EMAIL PROTECTED] wrote:
http://lcamtuf.coredump.cx/ffoxdie.html
this exploit still works with the latest Firefox 2.0 RC3
also caused FFox 1.5.0.7 on OS X i386 to die.
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http
ch in part.
____
jose nazario, ph.d. http://monkey.org/~jose/
have some form
of js obfuscation going on).
i hope this helps.
____
jose nazario, ph.d. http://monkey.org/~jose/
supported by IMP, MSWordView
Severity: Moderate -- anyone can view Word document attachments
processed by IMP/MSWordView,users can fill up the disk
and DoS the IMP server
Author: Jose Nazario ([EMAIL PROTECTED])
Vendor Status: Contacted, fix
welcome. this was
originally submitted to Summercon '01 in Amsterdam, but was not
accepted. perhaps i'll shop it around after some further tweaking.
the paper follows my .sig,
____
jose nazario[EMAIL PROTECTED]
Passive System Fingerprinting using Netw
you trick
them into processing an untrusted and untrustworthy .mc file.
________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
-1
Versions: At least ssh-1.2.27 and 1.2.30
Not Affected: OpenSSH
Severity: Medium to High
Author: Jose Nazario <[EMAIL PROTECTED]>
Website: http://www.crimelabs.net/
Vendor Status: Contacted 1 February, 2001
y i don't have an IPAD box to test it on (care to share one?) but try
that out. it's been the real problem before.
____
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA
these
features. at least the last time i looked at the code (eons ago) it did.
3] move to xinetd or other similar programs which have rate limiting.
solar designer has a neat-o patch for xinetd that can do max-per-IP
limits. very nice ... :)
anyhow, old, mitigations are alreay in place, just le
t be available on the consumer market for some time. i'm just not
comfortable with DES for the obvious reasons, and 3DES seems to have its
occassional implementation problem, as well.
(in the meantime i have been using OpenBSD IPSec VPNs with Blowfish
encryption.)
http://www.heiho.net/bbs100/bbs_shell.txt
hope that helps some people solve a part of this problem. i agree totally
with markus, though, that the real issues are configuration errors.
___
jose nazario, ph.d. [EMAIL PROTECTED]
i'm missing something, but why not pull a PRNG seed from
/dev/random?
_______
jose nazario, ph.d. [EMAIL PROTECTED]
http://www.monkey.org/~jose/
t of many recent discussion,
including standards drafts. no excuses for not attempting to adhere to
these best practices for either side of the issue.
_______
jose nazario, ph.d. [EMAIL PROTECTED]
http://www.monkey.org/~jose/
filter) identd on that host. enjoy.
___
jose nazario, ph.d. [EMAIL PROTECTED]
http://www.monkey.org/~jose/
hanks.
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
Vulnerability R
available, they appear to be.
thanks.
____
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
ectivity
and are vulnerable to this annoying DoS.
sincerely,
jose nazario[EMAIL PROTECTED]
PGP 2.6.2 key fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc
use the address
secur...@arbor.net to establish communications. Arbor Networks take these
reports very seriously and seeks to work with security researchers when
possible to remedy any such issue.
-
jose nazario, ph.d
.
-
jose nazario, ph.d.
manager of security researcharbor networks
v: (734) 821 1427 http://asert.arbor.net/
s
that have had security bulletins over the years. i'm sure a few more
languages could easily be added to that list.
bear in mind i'm no PHP (or Perl, or C) bigot. but really, if you're going
to complain about PHP, at least make your argument on reasonable grounds.
jo
On Tue, 24 Jan 2006, Gadi Evron wrote:
> The CME entry should appear on their site shortly:
> http://cme.mitre.org
it already has, several days ago in fact:
http://cme.mitre.org/data/list.html#24
____
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org
{w|=3D(t[x.charCodeAt(p++)-48])<>=3D8;s-=3D2}else{s=3D6}}document.write(r)}}dc('wfNDs5kfAsYOsLkoHSrcj0bqiRbvJGbvF96vK3Qqrzbq4h8aHukE3Ugc82waGEgDFUkoj9woifNDs5kfAMT'))">
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http://infosecdaily.net/
http://www.wormblog.com/
fuscated) this is what your browser would see and load. unless
your spam/scam detection engine also ran the javascript, it wouldn't see
that. hence, obfuscation.
hopefully this helps people out there decode questionable javasript in the
future.
jose nazario, ph.d.
he FTP server to
be read.
jose nazario, ph.d. [EMAIL PROTECTED]
http://monkey.org/~jose/http://infosecdaily.net/
http://www.wormblog.com/
24 matches
Mail list logo