be next you can follow-up your humors eMail with a spoofed
advisory about a backdoor you found in Rudolph "the red nosed reindeer".
At least then you could promote yourself from being a coward to a
comedian.
Thank you, please drive through.
Signed,
Marc Maiffret
Chief Hacking Offi
Tiny Personal Firewall 6.0 was tested immediately after we had discovered the
Kerio bug and the issue did/does not exist in the current version of Tiny
Personal Firewall 6.0. Only versions of Kerio Personal Firewall 4.0.0 - 4.1.1
are affected by the IP Options bug.
Signed,
Marc Maiffret
Chief
Kerio Personal Firewall Multiple IP Options Denial of Service
Release Date:
November 9, 2004
Date Reported:
October 30, 2004
Severity:
High (Remote Denial of Service)
Vendor:
Kerio
Systems Affected:
Kerio Personal Firewall 4.1.1 and prior
Overview:
eEye Digital Security has discovered a sever
RealPlayer Zipped Skin File Buffer Overflow
Release Date:
October 27, 2004
Date Reported:
October 11, 2004
Severity:
High (Code Execution)
Vendor:
RealNetworks
Systems Affected:
For Microsoft Windows
RealPlayer 10.5 (6.0.12.1053 and earlier)
RealPlayer 10
RealOne Player v2
RealOne Player v1
O
RealPlayer pnen3260.dll Heap Overflow
Release Date:
October 1, 2004
Date Reported:
August 09, 2004
Severity:
High (Remote Code Execution)
Vendor:
RealNetworks
Systems Affected:
Windows:
RealPlayer 10.5 (6.0.12.1040 and earlier)
RealPlayer 10
RealPlayer 8 (Local Playback)
RealOne Player V2
Real
Symantec Multiple Firewall NBNS Response Processing Stack Overflow
Release Date:
May 12, 2004
Date Reported:
April 19, 2004
Severity:
High (Remote Kernel Code Execution)
Vendor:
Symantec
Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec No
Symantec Multiple Firewall Remote DNS KERNEL Overflow
Release Date:
May 12, 2004
Date Reported:
April 19, 2004
Severity:
High (Remote Kernel Access)
Vendor:
Symantec
Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec Norton Internet Securit
Symantec Multiple Firewall DNS Response Denial-of-Service
Release Date:
May 12, 2004
Date Reported:
April 19, 2004
Severity:
High (Remote Denial of Service)
Vendor:
Symantec
Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec Norton Internet
Symantec Multiple Firewall NBNS Response Remote Heap Corruption
Release Date:
May 12, 2004
Date Reported:
April 19, 2004
Severity:
High (Remote Kernel Code Execution)
Vendor:
Symantec
Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec Norto
ies in
applications that ran on top of the OS. But I digress... If you want to
read about some real OS flaws then check out:
http://www.eeye.com/html/Research/Advisories/AD20040413D.html
Signed,
Marc Maiffret
Co-Founder/Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
Apple QuickTime (QuickTime.qts) Heap Overflow
Release Date:
May 02, 2004
Date Reported:
February 18, 2004
Severity:
High (Code Execution)
Vendor:
Apple
Systems Affected:
Apple QuickTime 6.5
Apple iTunes 4.2.0.72
Description:
The Apple QuickTime media player is used for playing, interacting wi
Windows VDM TIB Local Privilege Escalation
Release Date:
April 13, 2004
Date Reported:
February 9, 2004
Severity:
Medium (Local Privilege Escalation to Kernel)
Vendor:
Microsoft
Systems Affected:
Windows NT 4.0
Windows 2000
Description:
eEye Digital Security has discovered a second local priv
Windows Expand-Down Data Segment Local Privilege Escalation
Release Date:
April 13, 2004
Date Reported:
November 21, 2003
Severity:
Medium (Local Privilege Escalation to Kernel)
Vendor:
Microsoft
Systems Affected:
Windows NT 4.0
Windows 2000
Description:
eEye Digital Security has discovered a
Microsoft DCOM RPC Race Condition
Release Date:
April 13, 2004
Date Reported:
September 10, 2003
Severity:
High (Remote Code Execution)
Vendor:
Microsoft
Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edit
Microsoft DCOM RPC Memory Leak
Release Date:
April 13, 2004
Date Reported:
September 10, 2003
Severity:
High (Remote Code Execution)
Vendor:
Microsoft
Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server Edition
Windows Local Security Authority Service Remote Buffer Overflow
Release Date:
April 13, 2004
Date Reported:
October 8, 2003
Severity:
High (Remote Code Execution)
Vendor:
Microsoft
Systems Affected:
Windows 2000
Windows XP
Description:
eEye Digital Security has discovered a remote buffer ove
Internet Security Systems PAM ICQ Server Response Processing
Vulnerability
Release Date:
March 18, 2004
Date Reported:
March 8, 2004
Severity:
High (Remote Code Execution)
Vendor:
Internet Security Systems
Systems Affected:
RealSecure Network 7.0, XPU 22.11 and before
RealSecure Server Sensor
RealSecure/BlackICE Server Message Block (SMB) Processing Overflow
Release Date:
February 26, 2004
Date Reported:
February 18, 2004
Severity:
High (Remote Code Execution)
Vendor:
Internet Security Systems
Software Affected:
RealSecure Network 7.0, XPU 20.15 through 22.9
Real Secure Server Sens
ZoneLabs SMTP Processing Buffer Overflow
Release Date:
February 18, 2004
Date Reported:
February 13, 2004
Severity:
Medium (Local Privilege Escalation/Remote Code Execution)
Vendor:
ZoneLabs Inc.
Software Affected:
ZoneAlarm 4.0 and above
ZoneAlarm Pro 4.0 and above
ZoneAlarm Plus 4.0 and abo
Microsoft ASN.1 Library Length Overflow Heap Corruption
Release Date:
February 10, 2004
Date Reported:
July 25, 2003
Severity:
High (Remote Code Execution)
Systems Affected:
Microsoft Windows NT 4.0 (all versions)
Microsoft Windows 2000 (SP3 and earlier)
Microsoft Windows XP (all versions)
Sof
Microsoft ASN.1 Library Bit String Heap Corruption
Release Date:
February 10, 2004
Date Reported:
September 25, 2003
Severity:
High (Remote Code Execution)
Systems Affected:
Microsoft Windows NT 4.0
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Description:
eEye Dig
mply speak for themselves.
This flaw shouldn't have been left to be fixed for almost a year. Microsoft should not
have knowingly left customers vulnerable for almost a year. Microsoft fucked up.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
Yah hopefully nobody took my blunt email as any knock on Dan. I have a lot
of respect for the guy and am sure he'll do just fine with life after
@stake.
Its a sad ordeal all around.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEy
They are going to need to update Dan Geers title in the report...
Microsoft critic loses job over report
http://www.msnbc.com/news/971914.asp?0si=-
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
, therefore
quickest to the market is not always good in the long run. so with that you
should always want to strive for accuracy, although knowing not everything
will be perfect. that is at least what i think...
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F
ure vendors did not
(yet again) screw up and release a patch that does not truly fix a system.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEy
1.0.4 is not the latest version. Version 1.1.0 is the latest. Upgrade to
that.
Again, if you think you have found a bug just contact us and we can help you
out.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network
Here we go again. :-o
-Marc
Microsoft RPC Heap Corruption Vulnerability - Part II
Release Date:
September 10, 2003
Severity:
High (Remote Code Execution)
Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Ser
Try
our RPC scanner, I think you'll find it is much more accurate than Foundstones
and Microsofts. http://www.eeye.com/html/Research/Tools/RPCDCOM.html
Signed,Marc MaiffretChief Hacking OfficereEye
Digital SecurityT.949.349.9062F.949.349.9538http://eEye.com/Retina - Network
Security Scan
The first time I sent this email it included example HTML code. That HTML
code would have no affect on eMail clients as this is not a HTML email nor
was the data properly formatted, etc..., etc... However, due to VERY POORLY
written mail gateways, this eMail was being blocked at most gateways as
be
Internet Explorer Object Data Remote Execution Vulnerability
Release Date:
August 20, 2003
Reported Date:
May 15, 2003
Severity:
High (Remote Code Execution)
Systems Affected:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Microsoft Internet Exp
your
just wanting to be overly paranoid or something?
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS
://www.eeye.com/html/Research/Advisories/AL20030811.html
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown
pread method is not optimal, your wrong in your statement that its always
random. It actually does use the "local subnet" 40% of the time...
Also tftp/ftp etc... a decent worm would be direct from IP >to> IP, no
retarded connect back to grab your payload stuff. That only makes mo
d have been incomplete or just plain
incorrect. Like people failing to mention that "Disabling DCOM" on Windows
2000 SP0, SP1, SP2, does not actually work. Or that Microsoft fails to
mention, in their advisory, that you must restart your system after
disabling DCOM. etc
Signed,
Marc Mai
Transfers are done from the infected host.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS
khat/Defcon tequila are belong to us.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnera
s ARE needed to help
the good guys.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS
://www.cnhonker.net/Files/show.php?id=167
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
SQL Sapphire Worm Analysis
Release Date:
1/25/03
Severity:
High
Systems Affected:
Microsoft SQL Server 2000 pre SP 2
Description:
Late Friday, January 24, 2003 we became aware of a new SQL worm spreading
quickly across various networks around the world.
The worm is spreading using a buffer ove
PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability
Release Date:
December 11, 2002
Severity:
High (Code Execution)
Systems Affected:
We have specifically tested the following software and verified the
potential for exploitation:
Microsoft Internet Explorer 5.01
Microsoft Inter
41 matches
Mail list logo