I brought this question up on another mailing list, but didn't get any
good answers...
How common is it that a router does not decrement the TTL of packets,
such that it is unable to be identified using traceroute? Choosing
not to decrement the TTL causes the next router to appear as the hop,
This flaw
http://kaneda.bohater.net/security/20070111-firefox_2.0.0.1_bypass_phishing_protection.php
remains
upatched since months!!!
Firefox 2.0.0.1, 2.0.0.2, 2.0.0.3 are still vulnerable!
https://bugzilla.mozilla.org/show_bug.cgi?id=367538
___
On Wed, 18 Apr 2007, Kristian Hermansen wrote:
Hi,
All better firewalling equipment offers a stealth-routing feature;
patches also exist for the Linux kernel. They can be detected using
DF-bit and certain other fields within the IP hdr, depending on
implementation and setup. Not decrementing TTL
Dear carl hardwick,
Do you know examples of phishing sites exploiting this vulnerability?
--Wednesday, April 18, 2007, 1:47:03 PM, you wrote to
full-disclosure@lists.grok.org.uk:
ch This flaw
ch
http://kaneda.bohater.net/security/20070111-firefox_2.0.0.1_bypass_phishing_protection.php
ch
NameBypass Oracle Logon Trigger (7826485) [DB05]
Systems AffectedOracle 8-10g Rel. 2
Severity High Risk
CategoryBypass Security Feature Database Logon Trigger
Vendor URL http://www.oracle.com/
Author
Name SQL Injection in package SYS.DBMS_AQADM_SYS [DB04]
Systems AffectedOracle 8i-10g Rel. 2
SeverityHigh Risk
CategorySQL Injection
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust (ak at
NameShutdown unprotected TNS Listener via Oracle Discoverer Servlet
[AS01]
Systems AffectedOracle Discoverer Servlet
SeverityLow Risk
CategoryRemote D.o.S.
Vendor URL http://www.oracle.com/
Author Alexander
NameCross-Site-Scripting Vulnerability in Oracle Secure
Enterprise Search
Systems AffectedOracle Secure Enterprise Search 10.1.6- SES
Severity Medium Risk
CategoryCross Site Scripting (XSS/CSS)
Vendor URL http://www.oracle.com/
Author Alexander
NameSQL Injection in package SYS.DBMS_UPGRADE_INTERNAL (6980753)
[DB07]
Systems AffectedOracle 8i-10g Rel. 2
SeverityHigh Risk
CategorySQL Injection
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust (ak
Hi,
On Wed, 18 Apr 2007 04:24:37 -0400
Kristian Hermansen [EMAIL PROTECTED] wrote:
How common is it that a router does not decrement the TTL of packets,
such that it is unable to be identified using traceroute? Choosing
not to decrement the TTL causes the next router to appear as the hop,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Let's keep in mind that publishing most security information
borders extortion. There isn't any other industry where fat nerds
try to strongarm large corporations into admitting there are
weaknesses in their products, defaming them publicly, causing
Greetings from sunny Malaysia! This is a reminder that the Call for
Papers for the upcoming HITBSecConf2007 - Malaysia is closing on the 1st
of May.
HITBSecConf2007 - Malaysia is set to take place from the 3rd till the
6th of September in Kuala Lumpur. Our event last year attracted over 600
So far this morning we seen 4 customers infected with what appears to be an
MS DNS RPC based worm.
Anyone seen any news on this yet?
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
http://www.sophos.com/security/analyses/w32delbotak.html
http://www.sophos.com/security/analyses/w32delbotaj.html
http://www.sophos.com/security/analyses/w32delbotai.html
W32/Delbot-AK is a worm with backdoor functionality for the Windows
platform.
W32/Delbot-AK spreads to other network
- Dr. Neal Krawetz, PhD [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED BS-
All I can utter after reading your post is, It's so simple to be wise. Just
think of something stupid to say and the opposite should have been said.
Ummm... the above applies to me as well. Sorry, hope you wont
On 18-Apr-07, at 6:01 AM, Dr. Neal Krawetz, PhD wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Let's keep in mind that publishing most security information
borders extortion. There isn't any other industry where fat nerds
try to strongarm large corporations into admitting there are
Call for Papers Hack.lu 2007
The purpose of the hack.lu convention is to give an open and free playground
where people can discuss the implication of new technologies in society.
hack.lu is a balanced mix
Extortion is AFAIK the demand for money or valuables without legal
authority. I do not believe fame qualifies, and in any event one who
points out a bug in public has his fame or infamy independently of what
a company does.
At a former employer (an OS vendor) the general line was to ask customers
Hey all,
I've just posted an analysis of the Oracle April 2007 Critical Patch Update
to
http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf
(URL may line wrap)
Cheers,
David Litchfield
--
E-MAIL DISCLAIMER
The information contained in this email and any subsequent
Integrigy has released additional information on the Oracle E-Business Suite
11i and R12 security vulnerabilities in the April 2007 Oracle Critical Patch
Update. This analysis includes details (type, impact, etc.) regarding the
vulnerabilities, a review of the required patches, and advice on
This also works under Konqueror.
There should be an implimentation on ALL browsers that a loop such large is
unacceptable and refuse to even run it. There is no viable reason for a
client-side to run a loop through so many itterations.
This DoS technique could be abused and iframes with the
On Wed, 18 Apr 2007 12:31:57 EDT, Kradorex Xeron said:
There should be an implimentation on ALL browsers that a loop such large is
unacceptable and refuse to even run it. There is no viable reason for a
client-side to run a loop through so many itterations.
There's this thing called the
rPath Security Advisory: 2007-0072-1
Published: 2007-04-18
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
lighttpd=/[EMAIL PROTECTED]:devel//1/1.4.15-0.1-1
References:
rPath Security Advisory: 2007-0073-1
Published: 2007-04-18
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote System User Deterministic Unauthorized Access
Updated Versions:
php=/[EMAIL PROTECTED]:devel//1/4.3.11-15.10-1
php-mysql=/[EMAIL
rPath Security Advisory: 2007-0074-1
Published: 2007-04-18
Products: rPath Linux 1
Rating: Informational
Exposure Level Classification:
Local User Deterministic Information Exposure
Updated Versions:
dovecot=/[EMAIL PROTECTED]:devel//1/1.0.0-0.1-1
References:
A simple man page based fuzzer
http://www.cipher.org.uk/projects/downloads/fuzzman.tar.gz
and an example
http://www.cipher.org.uk/index.php?p=news/Man_page_based_fuzzing.news
___
Full-Disclosure - We believe in it.
Charter:
There should be an implimentation on ALL browsers that a loop such
large is
unacceptable and refuse to even run it. There is no viable reason for a
client-side to run a loop through so many itterations.
It's an unsolvable problem in computer science: a program (the browser) cannot
calculate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
n3td3v! your postings have become much more articulate. i didnt
know that you could use big words. by the way - does Dr. Neal
Krawetz, PhD even know youre pretending to be him? does dave aitel
know that your doing this on company time or did he fire
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Title: Oracle Database Buffer overflow vulnerabilities in package
DBMS_SNAP_INTERNAL
Risk Level: Medium
Affected versions:
Oracle Database Server versions 8i, 9i and 10gR1
Remote exploitable: Yes (Authentication to Database Server is needed)
ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-015.html
April 18, 2007
-- CVE ID:
CVE-2007-2171
-- Affected Vendor:
Novell
-- Affected Products:
Groupwise WebAccess
-- TippingPoint(TM) IPS
ZDI-07-016: Oracle E-Business Suite Arbitrary Node Deletion
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-016.html
April 18, 2007
-- CVE ID:
CVE-2007-2170
-- Affected Vendor:
Oracle
-- Affected Products:
Oracle E-Business Suite
-- TippingPoint(TM) IPS Customer
ZDI-07-017: Oracle E-Business Suite Arbitrary Document Download
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-017.html
April 18, 2007
-- CVE ID:
CVE-2007-2135
-- Affected Vendor:
Oracle
-- Affected Products:
Oracle E-Business Suite
-- TippingPoint(TM) IPS
ZDI-07-018: IBM Tivoli Monitoring Express Universal Agent Heap Overflow
Vunlerability
http://www.zerodayinitiative.com/advisories/ZDI-07-018.html
April 18, 2007
-- CVE ID:
CVE-2007-2137
-- Affected Vendor:
IBM
-- Affected Products:
IBM Tivoli Monitoring Express 6.1
-- Vulnerability
ZDI-07-019: BMC Patrol PerformAgent bgs_sdservice Memory Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-019.html
April 18, 2007
-- CVE ID:
CVE-2007-2136
-- Affected Vendor:
BMC
-- Affected Products:
Patrol
-- TippingPoint(TM) IPS Customer Protection:
ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-020.html
April 18, 2007
-- CVE ID:
CVE-2007-1972
-- Affected Vendor:
BMC
-- Affected Products:
Performance Manager
-- TippingPoint(TM) IPS Customer Protection:
===
Ubuntu Security Notice USN-453-1 April 18, 2007
libx11 vulnerability
CVE-2007-1667
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:087
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:088
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:089
http://www.mandriva.com/security/
39 matches
Mail list logo