Vuln Dev Mode:
(Page 13 of 75)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >
Re: IM exploitable vulnerabilities .. any pointers? 2006-07-14
Kusuriya (kusuriya gmail com)
Look at a lot of the ICQ exploits too, they are a good starting ground
on how NOT to structure a IM service. Also AIMs direct connect feature
while you are sending files and such shows your IP address on both
ends by using netstat (not really an exploit but I would consider it a
vunlrebility), but a

[ more ]  [ reply ]
IM exploitable vulnerabilities .. any pointers? 2006-06-29
nikun (nikunh gmail com)
PS: sorry for sending it to multiple lists, I want all the information I can collect.

Hi Guyz,
I am compiling a research paper for exploitable vulnerabilities with
instant messengers (not website, only IM ... client side) like yahoo,
hotmail, gmail, LCS, sametime, jabber and stuff like that. Does a

[ more ]  [ reply ]
Re[2]: Is Windows TCP/IP source routing PoC code available? 2006-06-28
"Ìèíàåâ_Àíäðåé" (angel3000 hotbox ru)
Hi All,
At the request Microsoft I have not published the additional
information. I did not think, that the ZARAZA will publish simple POC
without my consent but to that to be, that to not pass. Denis you can
check up you system simple POC code from a site of the ZARAZA, only if
configuration system

[ more ]  [ reply ]
SyScan'06 Highlight - Is Phone Banking Safe? 2006-06-28
thomas48 (thomas48 singnet com sg)
This is a brand new presentation and its going public for the very first
time in SyScan'06.

Marek Bialowlowy is a Polish security researcher based in Southeast Asia
whose expertise is researching into mobile technologies like phone
banking, wifi and bluetooth etc. In this presentation in SyScan

[ more ]  [ reply ]
Is Windows TCP/IP source routing PoC code available? 2006-06-25
Denis Jedig (seclists syneticon de) (1 replies)
Greetings to the list,

As known, Microsoft did announce a security vulnerability concerning an
overflow within the TCP/IP stack implementation when source routing
fields are used:

Is anyone aware of an exploit or POC code for this

[ more ]  [ reply ]
Re: Is Windows TCP/IP source routing PoC code available? 2006-06-27
Re: Yahoo Messenger Crash Tested 2006-06-22
Fatal_Error gmx be
It seems that any number of alternative strings will work as well:


"msg:_________________________________________iframe onload=$InlineAction()>:)" without quotes works as well.

[, -, ^, {, [alt-0160]'s all seem to work as well

Is there a cross scripting vulnerability as well? Inser

[ more ]  [ reply ]
SyScan'06 Highlight - Attacking Microsoft New Operating System (Vista) 2006-06-18
thomas48 (thomas48 singnet com sg)
This is a brand new presentation and its going public for the very first
time in SyScan'06.

Joanna Rutkowska, a senior researcher of COSEINC Research, will present
her latest technique in bypassing and attacking the latest Mircosoft
Vista operating system kernel.

The presentation will first pre

[ more ]  [ reply ]
Re: Yahoo Messenger Crash Tested 2006-06-18
Ivancool2003 yahoo com ar
Remote crash proof of concept:

1. Open messenger and log it.

2. Open a yahoo chat third party like yahelite through Ymsgr protocol and log it with another account.

3. Send a Pm to the messenger account with this string: "s: msg :---------------------------------------------iframe onload=$InlineAc

[ more ]  [ reply ]
SinFP 2.00 - a major release with many new features 2006-06-15
GomoR (vd gomor org)

Mailing list:

NEWS FOR 2.00:

- complete rewrite
- sinfp.db completely reworked
- new tests based on comparison between probe and response (TCP seq/ac

[ more ]  [ reply ]
Yahoo Messenger Crash Tested 2006-06-14
Ivancool2003 yahoo com ar
If you receive a Private message with this string "msg:---------------------------------------------iframe onload=$InlineAction()>:)"(without quotes)Yahoo messenger will Crash with a runtime error.

[ more ]  [ reply ]
Black Hat Speakers + 2005 Content on-line 2006-06-13
Jeff Moss (jmoss blackhat com)

Hash: SHA1

Hey Vuln Dev readers,

I want to make a brief announcement.

The speaker selection for Black Hat USA 2006 is now complete. We have a
fantastic line up of Briefings presentations and our largest selection of
Training this year.
Briefings: http://www.bla

[ more ]  [ reply ]
InternetExplorer & Mozilla Firefox Local File Disclosure Vulnerability PoC Exploit (Reported by Symantec) 2006-06-11
sirdarckcat gmail com
This is a sample PoC Exploit for the Internet Explorer and Mozilla Firefox security flaw explained here:

and reported by Symantec.

The subjects of the links sugested, are for forcing the user to input:




so we ca

[ more ]  [ reply ]
Suse Linux 10.0 and 10.1 (EIP Overflow Questions) 2006-06-08
Robert Hudock (rhudock gmail com) (1 replies)

For some reason on suse 10.0 and 10.1 I cannot overflow the buffer so as
to overwrite EIP no matter what. The attached code is a very simple
example to illustrate my issue. Basically the following is what I get
when the program segfaults on SuSE 10.1.

However, the attached program produ

[ more ]  [ reply ]
Re: Suse Linux 10.0 and 10.1 (EIP Overflow Questions) 2006-06-25
kladizkov001 (fabin gnu gmail com)
Exploiting stack-overflows in Unicode/XPSP2 - Further questions 2006-06-07
Ivan Stroks (ivanstroks yahoo co nz)
Hi list,

I am trying to exploit a stack overflow in an
application under Windows XP SP2.
The problem is that the content of the buffer I can
overflow is converted to Unicode, so I just can
control 2 of 4 bytes of the overwritten SEH handler
I have read all papers related to Unicode shellco

[ more ]  [ reply ]
Exploiting in Unicode and XP SP2 2006-06-06
Ivan Stroks (ivanstroks yahoo co nz) (2 replies)
I am trying to exploit a stack buffer overflow in a
Windows Application running in XP SP2.
I 'm able to overrun the buffer and modify SEH.
The problem I am facing is that the buffer that I can
overflow, is converted to Unicode before the overrun,
therefore I can only write an address for the SEH

[ more ]  [ reply ]
RE: Exploiting in Unicode and XP SP2 2006-06-07
Ben Nagy (ben iagu net)
Re: Exploiting in Unicode and XP SP2 2006-06-06
H D Moore (sflist digitaloffense net)
SyScan'06 - The Hackers' Conference in Asia 2006-06-01
thomas48 (thomas48 singnet com sg)
Dear all

SyScan'06 - The Hackers' Conference, will be held in Singapore from 20th
to 21st July 2006. This is the third year running for SyScan.

SyScan?06 Day 1 ? 20th July 2006

8:00 a.m. Registration
8:40 a.m. Welcome Speech - Thomas Lim
8:45 am Marc Maiffret ? Chief Hacking Officer, eEye - Keyn

[ more ]  [ reply ]
heap overflow foreward consolidation 2006-05-26
padre correo ugr es
Hi, im coding a heap verflow & exploit using foreward consolidation.

I've been days looking at the code,but i didnt see nothing wrong.

Why my xploit do not work?

I think the fake chunk is constructed correctly, the padding is ok, the
size is ok.

Guys,can u tell me if the code is ok?? Maybe I for

[ more ]  [ reply ]
Re: Re: Possible Overflow in MS Word 2003 2006-05-24
anasmaslouhy gmail com
Maybe , it is possible ... did u debug it ?

[ more ]  [ reply ]
argc issue 2006-05-23
padre correo ugr es (5 replies)

i' ve a code thats looks like:

------------------- code ----------------------
int main (int argc, char **argv)
char *a;
char *b;

a=malloc(char *)(100);
b=malloc(char *)(100);

if (argc)
exit (-1);
else {

free (a);

return 0;

---------------- code

[ more ]  [ reply ]
Re: argc issue 2006-05-25
jlongs2 uic edu
Re: argc issue 2006-05-25
mike davis (lists stonedcoder org)
Re: argc issue 2006-05-25
Valdis Kletnieks vt edu
Re: argc issue 2006-05-25
RE: argc issue 2006-05-25
Chris Eagle (cseagle redshift com)
Finding Function in IAT tables 2006-05-22
Andres Molinetti (andymolinetti hotmail com) (1 replies)

I want to find if a specific function is defined in a given set of dll's
IAT (Import Address Table).

Does anyone know a tool to perform this check?



¿Estás pensando en cambiar de coche? Todas los modelo

[ more ]  [ reply ]
Re: Finding Function in IAT tables 2006-05-25
Nagareshwar Talekar (tnagareshwar gmail com)
(Page 13 of 75)  < Prev  8 9 10 11 12 13 14 15 16 17 18  Next >


Privacy Statement
Copyright 2010, SecurityFocus