While I haven't done anything specifically with SMB, I did come up with the
following a few years back: it might prove useful in your research:
http://www.adminprep.com/articles/default.asp?action=showarticleid=52
It covers taking an ethereal data cap, and taking portions of it to come up
with
[EMAIL PROTECTED] wrote:
SEC Consult Security Advisory 20070226-0
===
title: File Disclosure in Pagesetter for PostNuke
program: Pagesetter page creation module
vulnerable version: 6.2.0
Path traversal security vulnerability in Kiwi CatTools TFTP up to 3.2.8
server can lead to information disclosure and remote code execution
Risk: High
DISCUSSION
Kiwi CatTools TFTP server doesn't properly verify filename in PUT and GET
request which can be used to download/upload any file
Hello list,
The website of TCS (Tata Consultancy Services) is prone to multiple SQL
injection bugs. I already sent them an email back in December 2006. They have
not fixed the bug just yet, so Iam going to disclose the details here.
http://kishfellow.blogspot.com
The scripts are prone to
Not SMB specific, however it should do the job.
http://tcpxtract.sourceforge.net/
Regards,
ZQ
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Jim O'Gorman wrote:
Does anyone have good sources of examples on pulling files out of SMB
packet captures I can use as a reference? Tools or write ups would be
great.
search for smbspy
http://www.google.com/search?q=smbspy
/rl
___
On Tue, 27 Feb 2007, Richard Moore wrote:
html
body onunload=location = self.location
a href=http://slashdot.org/;http://slashdot.org//a
/body
/html
Yeah, and the other way round: http://lcamtuf.coredump.cx/ietrap/, when
used with FF 2.0.0.2, puts you on a page that:
1) Has URL bar data
Probably, it's same or related issue for reported by nicob at nicob.net.
http://securityvulns.com/news/KIWI/CatTools/DT.html
CVE-2007-0888
--Wednesday, February 28, 2007, 12:47:17 AM, you wrote to
bugtraq@securityfocus.com:
n Path traversal security vulnerability in Kiwi CatTools TFTP up to
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200702-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200702-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Resent as I realised I'm not subscribed here
Michal Zalewski wrote:
I can't really comment on whether
this fixes the problem once and for all, because I haven't really examined
the changes implemented for 364692, but yeah, my example no longer crashes
the browser for me.
I think there are
GDS Desktop Link and Google.com Integration -
Bad Design or Necessary Evil?
The recent security advisory on Google Desktop Search (GDS) published by
Watchfire did not really surprised me as I was expecting more like this in
past 2 years. However, the fact that intrigued me to write this article
Michal Zalewski wrote:
I can't really comment on whether
this fixes the problem once and for all, because I haven't really examined
the changes implemented for 364692, but yeah, my example no longer crashes
the browser for me.
I think there are still underlying problems in the code as the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wordpress 2.1.1 - Multiple Script Injection Vulnerabilities
scip AG Vulnerability ID 2962 (02/27/2007)
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2962
I. INTRODUCTION
WordPress is a state-of-the-art semantic personal publishing platform
with a
+- -- - -
| Discovered by: Samenspender
| Released: 20070227
| SaMuschie Release Number: 2
+--- - -- -
Searching for a single ,,comma,, generates a sql error message.
e.g.:
http://wordpress-deutschland.org/?s=,
results
not tested)
| Vuln./Exploit Type: Persistant XSS
| Status: -0day
+- -- - -
| Discovered by: Muschiemann
| Released: 20070227
| SaMuschie Release Number: 3
+--- - -- -
It is possible to inject scriptcode into the applications logfile
Computer Associates eTrust Intrusion Detection Denial of Service
Vulnerability
iDefense Security Advisory 02.27.07
http://labs.idefense.com/intelligence/vulnerabilities/
Feb 27, 2007
I. BACKGROUND
Computer Associates eTrust Intrusion Detection is a network intrusion
management and prevention
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Netragard, L.L.C Advisory* ***
Strategic Reconnaissance Team
http://www.netragard.com
Justin Frydman - Thinkweb Media wrote:
Can't replicate this in 2.0.7. Is this only for the 2.1.x branch then?
i have the same feeling
tested on multiple wp instances and can't reproduce on = 2.0.1 = 2.0.7
regards, Francesco 'ascii' Ongaro
http://www.ush.it/
rPath Security Advisory: 2007-0043-1
Published: 2007-02-27
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote System User Deterministic Unauthorized Access
Updated Versions:
php=/[EMAIL PROTECTED]:devel//1/4.3.11-15.9-1
php-mysql=/[EMAIL
. . .
+--- -- - -
| Application: wordpress
| Version: = 2.1.1
| Vuln./Exploit Type: SQL-Injection
| Status: 0day
+- -- - -
| Discovered by: Samenspender
| Released: 20070227
| SaMuschie Release Number: 2
21 matches
Mail list logo
