Vuln Dev Mode:
(Page 1 of 75)  1 2 3 4 5 6 7 8 9 10 11  Next >
HITBSecConf2009 - Malaysia: Call for Papers 2009-04-15
S. Praburaajan (prabu hackinthebox org)
The Call for Papers for HITB Security Conference 2009 Malaysia is now open!

Talks that are more technical or that discuss new and never before seen
attack methods are of more interest than a subject that has been covered
several times before. Summaries not exceeding 1250 words should be
submitted (

[ more ]  [ reply ]
ClubHack2008 [India] - CFP Closing Soon 2008-10-27
ClubHack (seclist clubhack com)
This is a gentle reminder that the Call for Papers for ClubHack2008 is
closing on the 10th of November.

Papers are expected to be of 40 minutes each. The schedule time for
each presenter would be 50 minutes out of which 40 minutes are for the
presentation & 10 for

[ more ]  [ reply ]
Is the memory map of a process different when executed in GDB? 2008-09-23
Florencio Cano (florencio cano gmail com) (2 replies)
I'm beggining studying deeply exploits. Now I have a problem. I'm
trying a return-to-libc exploit but I get a segmentation fault when
executed in the terminal and I get the code correctly executed when I
run it inside GDB. Does GDB alter the memory map of a process when
executed inside it? In wh

[ more ]  [ reply ]
Re: Is the memory map of a process different when executed in GDB? 2008-09-23
Kristian Erik Hermansen (kristian hermansen gmail com)
Re: Is the memory map of a process different when executed in GDB? 2008-09-23
Chris McCulloh (list chrismcculloh com)
Re: Version-independent IOS shellcode 2008-09-18
kdl_1998 hotmail com
I tried this code on c2600-I-M 12.3(6c),but it did not it really version independent?

[ more ]  [ reply ]
Version-independent IOS shellcode 2008-08-21
Andy Davis (iosftpexploit googlemail com)

One of the biggest problems with IOS exploitation is that on every
different version of IOS, the addresses required to execute useful
shellcode are different. Therefore, hard-coded addresses were inserted
into shellcode and this made exploits very version-dependent.

I have been working on a wa

[ more ]  [ reply ]
ToorCon 10 Call For Papers 2008-08-20
David Hulton (0x31337 gmail com)

9 years have gone by since we released our first CFP and crammed into
a couple of small rooms at UCSD, but we're very proud to have come
this far and to be finally accepting submissions for the 10th ToorCon.
I could go on and on talking about how great this year's event is
going to be, bu

[ more ]  [ reply ]
Step-by-step instructions for debugging Cisco IOS using gdb 2008-08-12
Andy Davis (iosftpexploit googlemail com)
Step-by-step instructions for debugging IOS using gdb - Andy Davis,
2008 (iosftpexploit "at" googlemail <dot> com):

I have been asked by many people for a simple step-by-step guide for
setting up an IOS exploit development environment, which includes
connecting to a Cisco router using gdb, so here

[ more ]  [ reply ]
Re: Tool Release: ProcL - Detect Hidden Process 2008-08-01
Pallav Khandhar (nightrover gmail com)

I am glad to release ProcL v1.0. ProcL employs many different methods
to detect hidden processes. Essentially, ProcL detailed and
implemented a mechanism to embed all these different approaches in one
tool to detect hidden processes. Our methods of detecting hidden
processes req

[ more ]  [ reply ]
Atmail Remote Authentication Bypass, Full DB Compromise 2008-07-30
free_julie_amero hush com
@Mail PHP Version 5.41 patch Release

The default install of Atmail 5.41 creates the following
file in the atmail/ directory: build-plesk-upgrade.php

If that file is called via http, such as:
it will execute

[ more ]  [ reply ]
Heaps About Heaps 2008-07-08
Brett Moore (brett moore insomniasec com)
Just back from SyScan Singapore, which once again
was filled with great speakers on a variety of topics.

If you were not there, and are in the Singapore area
then I highly recommend going along next year.

Our presentation detailing some heap exploitation
techniques for Windows 2003 can be found

[ more ]  [ reply ]
[TOOL] SSL Capable NetCat (and more) 2008-04-27
GomoR (vd gomor org)
Hello list,

I updated a tool I wrote a long time ago. This time, it

- full SSL support (client and server with certificates)
- port proxying (TCP and UDP)
- SSL proxying
- IPv4/IPv6 proxying
- IPv4 and IPv6 support

To know more:


[ more ]  [ reply ]
Re: 5 char XSS? 2008-04-26
Kristian Erik Hermansen (kristian hermansen gmail com) (1 replies)
Yes, you make a good point :-). However, the purpose of the email was
that we can't inject anything useful in 5 chars, so the XSS I posted
merely corrupts the page a little, and does not execute any scripts on
you. Honest! Go click the links and see ... Hehe

On 4/26/08, Serg B <sergeslists@gmai

[ more ]  [ reply ]
Re: 5 char XSS? 2008-04-29
kuza55 (kuza55 gmail com)
5 char XSS? 2008-04-23
Kristian Erik Hermansen (kristian hermansen gmail com) (1 replies)
Just been noticing all the talk about Obama and Clinton sites and how
the media keeps making a big deal out of all these XSS vulns, heh.
However, I have a rather technical question about what, if anything,
you can do when you have such a small buffer to exploit XSS? Check
out this one I found and i

[ more ]  [ reply ]
Re: 5 char XSS? 2008-04-26
Serg B (sergeslists gmail com)
Re: OpenSSH 4.X DoS (maybe...) 2008-04-22
christian perone gmail com
Look at python PoC...

[ more ]  [ reply ]
Re: Aztech ADSL2/2+ 4 Port default password 2008-04-21
zdsiegel1 yahoo com
Thanks sipherr i test can i succeed thanks

[ more ]  [ reply ]
SyScan'08 Singapore - Call for Paper 2008-04-20
organiser (at) syscan (dot) org [email concealed] (organiser syscan org)
the Call for Paper for SyScan'08 Singapore will close in 10 days' time
on 30th April 2008.

the program for SyScan'08 Hong Kong is out. do not miss the first hacker
conference in this exotic "pearl of the orient" city.


SyScan'08 Singapore

[ more ]  [ reply ]
Aztech ADSL2/2+ 4 Port default password 2008-04-18
sipherr gmail com
Playing around with the configuration files will reveal?..even though the admin accounts password has been changed, there is still another administrative account burried in there.

username: isp

password: isp

*Sneaks one past*

sipherr (at) gmail (dot) com [email concealed]

[ more ]  [ reply ]
Foxit Reader 2.2 two potentially exploitable bugs 2008-04-16
j v vallejo gmail com
Hi all,

I would like to post here some

problems that i found in Foxit

Reader 2.2 software.

I sent to the company support

two depthly detailed descriptions

about these bugs with both pdfs

causing them. The answer

from the company was:


Both Foxit Reader and Adobe Read

[ more ]  [ reply ]
Potential OOo security problem 2008-04-15
Andriy Rysin (arysin gmail com)
There's a bug in OOo which make it crash if number of styles in a
document > 65535

Seems like the problem is in the framework so it could potentially
affect other areas in a document. I am wondering if this can be
potential security problem too

[ more ]  [ reply ]
EUSecWest CFP Closes April 14th (conf May 21/22 2008) 2008-04-10
Dragos Ruiu (dr kyx net)
(We've moved the conference this year to the a club
in Leicester Square in the heart of London and SoHo.
We'll be putting speakers up across the square at the
Radisson Edwardian Hampshire, but there are lots of
hotels in the region there in the center of London
for those who want to attend (the ve

[ more ]  [ reply ]
Re: Windows Vista winsat.exe Integer Overflow 2008-04-04
Valdis Kletnieks vt edu
On Thu, 03 Apr 2008 10:58:14 PDT, "Thor (Hammer of God)" said:
> Hey Valdis -
> > > So, if you have someone who is going to run as administrator anyway,
> > > download the untrusted .exe, execute it, and then confirm the
> > > execution of the program without concern for what happens, we can't

[ more ]  [ reply ]
Windows Vista winsat.exe Integer Overflow 2008-03-28
jose eyeos org (1 replies)
There is a flaw in windows vista benchmarking tool, called winsat.exe, that runs withs administrative privileges.

The problem, is an integer overflow in -totalobj argument, example:

winsat d3d -texshader -totalobj 2147483648

this result in a overflow of the signed int that stores the totalo

[ more ]  [ reply ]
Re: Windows Vista winsat.exe Integer Overflow 2008-03-29
Steve Shockley (steve shockley shockley net) (1 replies)
Re: Windows Vista winsat.exe Integer Overflow 2008-03-31
Valdis Kletnieks vt edu (1 replies)
RE: Windows Vista winsat.exe Integer Overflow 2008-04-02
Thor (Hammer of God) (thor hammerofgod com) (1 replies)
Re: Windows Vista winsat.exe Integer Overflow 2008-04-03
Valdis Kletnieks vt edu
(Page 1 of 75)  1 2 3 4 5 6 7 8 9 10 11  Next >


Privacy Statement
Copyright 2010, SecurityFocus