==
Secunia Research 25/02/2009
- SHOUTcast DNAS Relay Server Buffer Overflow -
==
Table of Contents
Affected
==
Secunia Research 25/02/2009
- ksquirrel-libs Radiance RGBE Buffer Overflows -
==
Table of Contents
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1727-1secur...@debian.org
http://www.debian.org/security/ Steffen Joeris
February 26th, 2009
Don't open the pcap file in wireshark ! Is exploiting a hole in the
whireshark you will pe pwned !!!
On Wed, Feb 25, 2009 at 9:56 PM, julio sanchez pete.sanc...@gmail.comwrote:
Here's the cap file
10.240 is the A-V server.
You can see various ARP loop scan
Regards Pete
===
Ubuntu Security Notice USN-724-1 February 25, 2009
squid vulnerability
CVE-2009-0478
===
A security issue affects the following Ubuntu releases:
Ubuntu 8.10
This advisory
Hi All,
Well, it's been a busy month... thanks to pytey, I came across TikiTags,
which proved to be rather more interesting than they at first seemed...
http://hackerati.com/post/57314994/rfid-on-the-cheap-hacking-tikitag
These devices contain an NXP PN532 reader chip, which, it turns out, is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yes, it's yet another CCK related module with XSS vulnerabilities. It's
lame, but it should be reported since the Drupal security team has
already made an announcement about the issue in these modules. Drupal
security and module maintainer have been
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:057
http://www.mandriva.com/security/
Just because a bug class can crash an application
doesn't make it a security issue.
A remotely triggerable DoS condition is a security issue per se, my
opinion about the trend to remove the A in CIA for statisitca reasons
can be read here :
also keep in mind that null ptr deref's can sometimes be exploitable--
especially on certain processors that store important things at 0x0;
of which, from what i recall, the iphone is one.
On Thu, 26 Feb 2009, Thierry Zoller wrote:
Date: Thu, 26 Feb 2009 16:21:18 +0100
From: Thierry Zoller
The fun times of security semantics! I'd have to argue that DoS conditions
have the potential to be security issues. Then again, I'd also prefer not to
remove A from CIA, but this is not from the standpoint of a developer or
software vendor. I understand how that opinion changes based on
Dear Michael,
I understand your point, however consider that
your examples are showing the different *impacts* of a DoS condition.
A bug becomes a security problem once it violates at least one of the three
letters C or I or A. That's the point. The impact and risk assesement
is to be done
iPhone is not affected by this issue.
jf wrote:
also keep in mind that null ptr deref's can sometimes be exploitable--
especially on certain processors that store important things at 0x0;
of which, from what i recall, the iphone is one.
On Thu, 26 Feb 2009, Thierry Zoller wrote:
The fun times of security semantics!
Old debates never die...
Vulnerabilities are a subset of software engineering bugs. As the name
implies, they are defined strictly by the impact they have; if a bug
does not render the victim appreciably susceptible to anything that
would be of value to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Version Tested:
Taxonomy Theme 5.x-1.1 (http://drupal.org/project/taxonomy_theme)
Drupal 5.15 (http://drupal.org)
Module maintainer and Drupal security team notified
The taxonomy_theme module allows you to change the theme of a given
node based on
On Wed, Feb 25, 2009 at 11:57 AM, Adriel T. Desautels
ad_li...@netragard.com wrote:
I'm not sure if its appropriate for this list but it is related to
penetration testing and vulnerability disclosure (moderators decide).
The irony of Kevin (don't make fun of my complexion) Finisterre
I guess these days it isn't so amazing that people can type, and even hit
send, rarely sharing their views face to face. Hiding in your grandmother's
closet with your indestructable, glow-in-the-dark keyboard from Best Buy is
sooo in. Anyways, free Kev.. speech!
On Thu, Feb 26, 2009 at 5:22 PM,
No virus in there, it's a normal cap file...
2009/2/26 srl security.research.l...@gmail.com
Don't open the pcap file in wireshark ! Is exploiting a hole in the
whireshark you will pe pwned !!!
On Wed, Feb 25, 2009 at 9:56 PM, julio sanchez pete.sanc...@gmail.comwrote:
Here's the cap file
On Fri, Feb 27, 2009 at 10:54 AM, jf j...@danglingpointers.net wrote:
also keep in mind that null ptr deref's can sometimes be exploitable--
especially on certain processors that store important things at 0x0;
of which, from what i recall, the iphone is one.
Can you please give one example
Hi Bob,
Thank you for your concerns. The truth is that I've been incredibly
busy lately both in my personal and professional life and therefore I
am not so active at the moment. I am also taking the time to think
about new ideas and wrap up some old projects.
In fact, the Agile Hacking project
Not all are practically exploitable, but exploitation seems to be
possible at least on ARM, XScale, and possibly PowerPC as
www.juniper.net/solutions/literature/white_papers/Vector-Rewrite-Attack.pdf
points out. As for examples.. doesn't look like they are public.
On Thu, Feb 26, 2009 at 6:52 PM,
Can you please give one example of a NULL deref that was exploitable?
http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
http://www.ruxcon.org.au/files/2006/unusual_bugs.pdf
___
Full-Disclosure - We believe in it.
Charter:
http://olylug.org/read.php?73,13757
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Dear JT
On Wed, Feb 25, 2009 at 9:09 PM, Jubei Trippataka
vpn.1.fana...@gmail.com wrote:
Why
are these bugs even published to a security mailing list and not privately
dealt with by the vendor?
What's this list's name again?
--
Marcio Barbado, Jr.
lol you must work for selinux
On Thu, Feb 26, 2009 at 5:52 PM, Jubei Trippataka
vpn.1.fana...@gmail.comwrote:
On Fri, Feb 27, 2009 at 10:54 AM, jf j...@danglingpointers.net wrote:
also keep in mind that null ptr deref's can sometimes be exploitable--
especially on certain processors that
BM_X-Force_WP_final.pdf is called Application-Specific Attacks:
Leveraging the ActionScript Virtual Machine and if you haven't read it,
you should. It'll make you smile.
On Fri, Feb 27, 2009 at 08:10:10AM +, jf wrote:
Can you please give one example of a NULL deref that was exploitable?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:058
http://www.mandriva.com/security/
On Fri, Feb 27, 2009 at 12:26 PM, ne...@feelingsinister.net wrote:
BM_X-Force_WP_final.pdf is called Application-Specific Attacks:
Leveraging the ActionScript Virtual Machine and if you haven't read it,
you should. It'll make you smile.
OK, and what about this vulnerability makes use of a
Better yet, name two.
On Thu, Feb 26, 2009 at 9:22 PM, Jubei Trippataka
vpn.1.fana...@gmail.comwrote:
On Fri, Feb 27, 2009 at 12:26 PM, ne...@feelingsinister.net wrote:
BM_X-Force_WP_final.pdf is called Application-Specific Attacks:
Leveraging the ActionScript Virtual Machine and if you
On Fri, Feb 27, 2009 at 01:22:36PM +1100, Jubei Trippataka wrote:
On Fri, Feb 27, 2009 at 12:26 PM, ne...@feelingsinister.net wrote:
BM_X-Force_WP_final.pdf is called Application-Specific Attacks:
Leveraging the ActionScript Virtual Machine and if you haven't read it,
you should. It'll
I'll clarify for everyone since you seem lost.
EVERYONE, THE NULL POINTER DOES NOT GET DEREFERENCED. It only
gets referenced. And Jubei isn't even sure a null pointer is involved
at all =)
With that out of the way, I'd just like to say that I only meant to
encourage people to check out an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
VMware Security Advisory
Advisory ID: VMSA-2009-0003
Synopsis: ESX 2.5.5 patch 12 updates service console package ed
Issue date:
On Fri, Feb 27, 2009 at 03:19:29PM +1100, Jubei Trippataka wrote:
I'd even go to say that while this paper is a must-read, please also spend
some time understanding it, otherwise don't bother.
--
ciao
JT
Does having the last word make you feel better?
Neeko
--
Description:
There exists a vulnerability in SHOUTcast, which can be exploited via
script insertion attacks. Input passed to the incoming SHOUTcast web
interface (default is port 8000) is not properly sanitized.
Therefore, the input can
KL0209ADV-poppeeper_uidl-bof.txt
02.27.2009
Krakow Labs Research [www.krakowlabs.com]
POP Peeper 3.4.0.0 UIDL Remote Buffer Overflow Vulnerability
-
==
http://uninformed.org/?v=4a=5t=sumry
On Thu, Feb 26, 2009 at 10:19 PM, Jubei Trippataka
vpn.1.fana...@gmail.comwrote:
I'll clarify for everyone since you seem lost.
EVERYONE, THE NULL POINTER DOES NOT GET DEREFERENCED. It only
gets referenced. And Jubei isn't even sure a null pointer is
I'm didn't even comment on Mark's paper, it is definitely a great piece of
research, there is no doubt. It's just that some people have read this paper
and thought, wow, all those NULL bugs are now exploitable. It's important to
separate these bug classes.
sorry to interrupt your
On Fri, Feb 27, 2009 at 5:04 PM, bob jones bhold...@gmail.com wrote:
http://uninformed.org/?v=4a=5t=sumry
This exploitation relies on the ability to have the top-level UEF point to
an arbitrary address which hopefully you have the ability to control. The
NULL pointer is only used as a
Hi Friends,
Can someone give me some pointers on an effective and new user-mode
keyboard logging and system-call interception techniques?
Thanks.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
39 matches
Mail list logo