Alle 21:54, sabato 10 febbraio 2007, Andrea Purificato - bunker ha scritto:
Version affected: qdig-1.2.9.3, qdig-devel-20060624
Bug fixed by 1.2.9.4 and devel-20070210
Thanks to haganafox for his work,
--
Andrea bunker Purificato
+++[+++
Folks,
During the last few years a couple of vulnerability advisories were
published about a number of blind attacks against TCP.
These attacks required the attacker to guess or know the four-tuple
that identifies the TCP connection to be attacked.
Clearly, of the IP addresses and port numbers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I - TITLE
Security advisory: Arbitrary file disclosure vulnerability in
php rrd browser (prb)
II - SUMMARY
Description: Arbitrary file disclosure vulnerability in
php rrd browser 0.2.1
Author: Sebastian Wolfgarten (sebastian at wolfgarten dot
Multiple vulnerabilities in phpMyVisites
Application : phpMyVisites prior to 2.2 stable
Release Date : 11 February 2007
Author : Nicob nicob at nicob.net
Abstract :
==
Several vulnerabilities were identified in phpMyVisites. This software
is a free and powerful open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Publisher Name: OpenPKG GmbH
Publisher Home: http://openpkg.com/
Advisory Id (public):OpenPKG-SA-2007.009
Advisory Type: OpenPKG Security
The fact that you actually have the time in your day to write such trash
clearly demonstrates that you have no social life. It must really suck to be
a friendless loser. I truly feel bad for you.
On 2/10/07 3:56 PM, Pedro Martinez
[EMAIL PROTECTED] wrote:
Darknet is a next generation black-hat
There is an interesting logic flaw in Mozilla Firefox web browser.
The vulnerability allows the attacker to silently redirect focus of
selected key press events to an otherwise protected file upload form
field. This is possible because of how onKeyDown / onKeyPress events are
handled, allowing
On Sun, 11 Feb 2007, pdp (architect) wrote:
IE is vulnerable too, since I used to play around with this bug long
time ago.
Possibly MS00-093, but that's long fixed. But yes, MSIE variant is
possible, though more contrived.
/mz
___
Full-Disclosure -
On Sun, 11 Feb 2007, pdp (architect) wrote:
here is an idea... we can combine both techniques into a single
attack... the hardest part of your hack is to force the user to type
:// plus several other /
Actually, MSIE doesn't require drive specification in the filename, and
will probably
what's up Michal,
IE is vulnerable too, since I used to play around with this bug long
time ago. It is a variation of your exploit but the principles are the
same. I don't remember where I've read about it... hmm I guess
securityfocus.com... very nice demo.
On 2/11/07, Michal Zalewski [EMAIL
try this
input id=foo type=text/
script
setInterval(function () {
document.getElementById('foo').focus();
},1);
/script
:) the address bar is disabled...
On 2/11/07, pdp (architect) [EMAIL PROTECTED] wrote:
phh :), I found something very interesting when testing your IE
example... every time
here is an idea... we can combine both techniques into a single
attack... the hardest part of your hack is to force the user to type
:// plus several other / but if we steel the focus from the address
bar, unaware users will type something like this http://www.google.com
for example, which is what
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I - TITLE
Security advisory: Arbitrary file disclosure vulnerability in
IP3 NetAccess leads to full system compromise
II - SUMMARY
Description: Arbitrary file disclosure vulnerability in IP3 NetAccess
leads to full
On Sun, 11 Feb 2007, Michal Zalewski wrote:
http://lcamtuf.coredump.cx/focusbug/index.html (FF)
http://lcamtuf.coredump.cx/focusbug/ieversion.html (MSIE)
Paul Szabo pointed out that this is related to exploits posted by Charles
McAuley and Bart van Arnhem in June 2006 (CVE-2006-2894). These
Hey full-disclosure folks, i found several Wordpress flaws:
- Redirection Script in every Wordpress installation out there
- XSS in every wordpress.com blog (only accessible for the admin, but
that's probably the main aim of the attacker)
http://mybeni.rootzilla.de/mybeNi/blog/3/
- directory
On Sun, 11 Feb 2007, Michal Zalewski wrote:
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html
Oh, and Secunia doesn't credit the Firefox variant to Charles, either:
NOTE: A variant of this vulnerability was reported in a Mozilla Bugzilla
bug entry back in year 2000.
Thanks for the report, Michal.
Filed as bug 370092 https://bugzilla.mozilla.org/show_bug.cgi?id=370092
BTW: Your last bug (popup blocker + XMLHttpRequest + srand() = oops) was
filed as bug 369390 https://bugzilla.mozilla.org/show_bug.cgi?id=369390
The factors of the bug are filed as separate
On Sun, 11 Feb 2007, pdp (architect) wrote:
this is a design problem that is not easy to fix.
That argument would work for a patch deferred by a month or two - not for
seven years.
And it's not really that much of an issue: disallow script-assisted
focusing on file input fields, or a) prevent
pdp (architect) wrote:
try this
input id=foo type=text/
script
setInterval(function () {
document.getElementById('foo').focus();
},1);
/script
:) the address bar is disabled...
Funny. Filed as bug 370094
https://bugzilla.mozilla.org/show_bug.cgi?id=370094
Ben Bucksch [EMAIL PROTECTED] wrote:
Filed as bug 370092 https://bugzilla.mozilla.org/show_bug.cgi?id=370092
Please see also:
https://bugzilla.mozilla.org/show_bug.cgi?id=290478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894
https://bugzilla.mozilla.org/show_bug.cgi?id=56236
Michal Zalewski wrote:
And it's not really that much of an issue: disallow script-assisted
focusing on file input fields, or a) prevent event target from being
changed in onKeyDown (this is what MSIE does) + b) prevent scripts from
reading file input field value (really no reason for them to).
On Mon, 12 Feb 2007, Paul Szabo wrote:
https://bugzilla.mozilla.org/show_bug.cgi?id=304480
https://bugzilla.mozilla.org/show_bug.cgi?id=56236
https://bugzilla.mozilla.org/show_bug.cgi?id=258875
This probably explains why the core of the problem wasn't fixed for
Firefox: reports were
After some research, I can offer this clarification:
1) The MSIE 7 attack vector I described is a distinctive, new
vulnerability that differs from the attack reported by Charles
McAuley and Bart van Arnhem. Attacks described by them were
fixed in MSIE7 (although MSIE6 is still
Well, :) I cannot see how you can force someone to type / at least
twice. Even if the targeted user writes a blog entry it is very
unlikely that he/she will use / . I guess this vector works well on
wikies and other systems that allow you to specify the text format
through meta-characters.
The
this is a design problem that is not easy to fix.
On 2/11/07, Michal Zalewski [EMAIL PROTECTED] wrote:
On Sun, 11 Feb 2007, Michal Zalewski wrote:
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html
Oh, and Secunia doesn't credit the Firefox variant to Charles,
Hi,
On Saturday 10 February 2007 21:56, Pedro Martinez wrote:
Darknet is a next generation black-hat data transport
protocol. This is an RFC Proposal.
from http://ibiblio.org/:
Through history, the powers of single black men flash here and there like
falling stars, and die sometimes before
Hatred is one thing that will always lead to downfall!
On 2/11/07, Marcello Barnaba [EMAIL PROTECTED] wrote:
Hi,
On Saturday 10 February 2007 21:56, Pedro Martinez wrote:
Darknet is a next generation black-hat data transport
protocol. This is an RFC Proposal.
from http://ibiblio.org/:
Hi all.
This may be old news, regardless over the weekend I wrote up my observations on
the digital mechanical locks that are around:
http://c.mills.ctru.auckland.ac.nz/DigiMechLock/
It was a bit of an excuse to play with YouTube also! :)
Cheers... Clark
28 matches
Mail list logo