Vuln Dev Mode:
(Page 10 of 75)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >
RE: IE7 SELECT Tag 2006-11-02
Damhuis Anton (DamhuisA aforbes co za)

Stupid question....

Is IE7 not more reliant on well formed HTML?
Maybe it expects the </option> tags.

Don't have IE7, so I can not check.

However it would still be a bug, either way.

Regards
Anton

SIG: "Great opportunities to help others
seldom come, but small ones surround
us

[ more ]  [ reply ]
IE7 SELECT Tag 2006-10-31
dan ross picbusiness com
I just installed IE7 this morning, then promptly found my first bug.

Now, imagine instead of fruit, you're picking which bank account to transfer money to/from...

Sample Code:
<html>
<body>
<B>Please choose one:</B>  
<SELECT onchange=alert('hi') size=1 name=favorite>
<OPTION value="">
<OPTI

[ more ]  [ reply ]
Re: Asterisk ignoring replayed libpcap sessions 2006-10-30
Stefano Zanero (s zanero securenetwork it) (1 replies)
nnp wrote:
> SIP is carried over UDP.

Yes, that's true, but is it only SIP that you are talking about ? And
even in that case... it's not so simple.

TCPReplay also replays UDP packets, but if for instance those packets
contain nonces, identifiers that can be changed from either side, or
other elem

[ more ]  [ reply ]
Re: Asterisk ignoring replayed libpcap sessions 2006-10-31
nnp (version5 gmail com)
Re: Asterisk ignoring replayed libpcap sessions 2006-10-30
nnp (version5 gmail com)
Forgot to mention, I have solved this problem using a python script
that just replays the packets from the saved ethereal dump.

On 10/30/06, nnp <version5 (at) gmail (dot) com [email concealed]> wrote:
> SIP is carried over UDP.
>
> And now I hear you asking, why oh why am I using a tool called
> TCPreplay. The answer being I

[ more ]  [ reply ]
Metasploit Framework 3.0 Beta 3 Released 2006-10-30
H D Moore (sflist digitaloffense net)
The Metasploit Framework is an advanced open-source exploit development
platform. The 3.0 tree represents a complete rewrite of the 2.0 codebase
and provides a scalable and extensible framework for security tool
development. The 3.0 Beta 3 release includes support for exploit
automation[1], 802.

[ more ]  [ reply ]
Asterisk ignoring replayed libpcap sessions 2006-10-28
nnp (version5 gmail com) (4 replies)
Hey,
I'm currently testing the Asterisk PBX for vulnerabilities but I just
encountered an interesting problem when trying to recreate a crash.
Using a fuzzer I can crash it in the exact same place every time. I am
recording these session using ethereal (wireshark) and then replaying
them using tcpre

[ more ]  [ reply ]
Re: Asterisk ignoring replayed libpcap sessions 2006-10-30
Aaron Turner (synfinatic gmail com)
Re: Asterisk ignoring replayed libpcap sessions 2006-10-30
Stefano Zanero (s zanero securenetwork it) (1 replies)
Re: Asterisk ignoring replayed libpcap sessions 2006-10-30
nnp (version5 gmail com)
Re: Asterisk ignoring replayed libpcap sessions 2006-10-30
Pravin (shindepravin gmail com)
Re: Asterisk ignoring replayed libpcap sessions 2006-10-29
gaurav saha (gauravsaha007 yahoo com)
Call for Participation - EC2ND 2006 2006-10-26
Blyth A J C (AT) (ajcblyth glam ac uk)
2nd European Conference on Computer Network Defense (EC2ND)

14th/15th December 2006, School of Computing, University of Glamorgan,
UK.

Call for Participation

The 2nd European Conference on Computer Network Defense will take place
in December 2006 at the School of Computing, University of Glamo

[ more ]  [ reply ]
Re: Re: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-24
mr dan friedman gmail com
XP SP2 Eng Pr :

EAX 00130041
ECX 00140000 ASCII "Actx "
EDX 0013FDF4 UNICODE
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
EBX 77C47FCC msvcrt.wcslen
ESP 0013E4C8
EBP 0013E4C8
ESI 00000000
EDI 00158D60
EIP 77C47EA2 msvcrt.77C47EA2
C 0 ES 00

[ more ]  [ reply ]
Re: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-23
Bernardo Wernesback (bernardosw gmail com)
Reproduced the problem on Windows XP SP2 + All Patches English Version.

EventType : BEX P1 : cmd.exe P2 : 5.1.2600.2180 P3 : 41107ebe
P4 : unknown P5 : 0.0.0.0 P6 : 00000000 P7 : 00410041
P8 : c0000005 P9 : 00000008

DEP went into action and generated a dump to be sent t

[ more ]  [ reply ]
Fwd: HP Tru64 dtmail bug - Really exploitable? 2006-10-22
Roman Medina-Heigl Hernandez (roman rs-labs com)
Hi,

Perhaps somebody with more skills at Tru64 exploitation could comment on
this and prove me that I'm wrong / right. Any tip when exploiting Tru64
will be appreciated. Thanks.

--

Saludos,
-Roman

PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available

[ more ]  [ reply ]
[semi-OT] code crunching, crazy asm tricks? - code crunchers mailing list 2006-10-20
Gadi Evron (ge linuxbox org)
The Code-Crunchers mailing list has just been established.

Got an asm trick? Got a cool code crunching thingie going? Want to help
crunch things further with others?

Just saw the most amazing exploit?

This is the place.

Open to anyone, not directly security related. To subscribe:
http://whitesta

[ more ]  [ reply ]
Windows Command Processor CMD.EXE Buffer Overflow 2006-10-19
gregory_panakkal (gregory_panakkal fastmail fm) (2 replies)

Windows Command Processor CMD.EXE Buffer Overflow
Tested on WinXP SP2
Impact - Very Low

Copy-paste the following line in cmd.exe and execute it..
(it is a single command, has been split into multiple lines for
readability sake).

%COMSPEC% /K "dir
\\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

[ more ]  [ reply ]
RE: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-20
Osvaldo Casagrande (ocasagrande diviserv com) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-21
RockyH (rocky he g-wizinnovations com)
RE: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-20
Marvin Simkin (Marvin Simkin asu edu) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-21
gregory_panakkal (gregory_panakkal fastmail fm) (2 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-23
Marvin Simkin (Marvin Simkin asu edu)
Re: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-22
Dan Yefimov (dan ns15 lightwave net ru) (2 replies)
Re: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-22
Danux (danuxx gmail com)
RE: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-22
Luis Alberto Cortes Zavala (napasn securitynation com) (1 replies)
Re: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-23
Dan Yefimov (dan ns15 lightwave net ru)
RE: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-20
Marvin Simkin (Marvin Simkin asu edu)
Re: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-20
The SNiFF (thesniff gmail com) (1 replies)
RE: Windows Command Processor CMD.EXE Buffer Overflow 2006-10-20
Luis Alberto Cortes Zavala (napasn securitynation com)
(Page 10 of 75)  < Prev  5 6 7 8 9 10 11 12 13 14 15  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus