All,
I think I was able to get the SAFER mechanism to block this for IE, and
any program covered under it. I know that there are other workarounds,
but I have found the SAFER approach has stopped every one of these sorts
of attacks. I have a vbscript that activates SAFER for IE, and various
other

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2005:239
http://www.mandriva.com/security/
_____________________________________________________________________

[ more ]  [ reply ]

Wow, a simple big jpeg completely crashes (and reboots) Windows XP SP2 with all the latest patches when viewed in IE6.

-> DON'T GO with Internet Explorer if you don't want to crash: http://www.geocities.com/teh_kids/index.html (no problems whatsoever in Firefox or Opera).

Is this a known unpatched

[ more ]  [ reply ]

*What's Microsoft's response to the availability of third party patches for
the WMF vulnerability?

Microsoft recommends that customers download and deploy the security update
for the WMF vulnerability that we are targeting for release on January 10,
2006.

As a general rule, it is a best practice t

[ more ]  [ reply ]

On Tue, 3 Jan 2006, Sam Munro wrote:

> I haven't seen this mentioned yet so I thought I would give you guys a
> heads-up a very good patch has been written by Ilfak
> Guilfanov<http://www.hexblog.com/2005/12/wmf_vuln.html> as
> a tempory solution until ms get their act together.
>
> Can be downloa

[ more ]  [ reply ]

Product(ONLY TESTED ON): Download Accelerator Plus 7.4.0.2 (unregistered)
Test Environment: Winxp Pro sp2 (patch level latest)
Risk Type: Rare exception
Threat Level: High
Vendor website:www.speedbit.com

POC screenshots: http://img482.imageshack.us/img482/4205/31uk.jpg
http://img425.imageshack.us/

[ more ]  [ reply ]

For those interested, Core FORCE its a free endpoint security software
currently in Beta stage. With it users can configure access control
permissions to file system objects independently of the operating
System's ACLs and security policy enforcement mechanisms.

The default security profiles of IE

[ more ]  [ reply ]

New eVuln Advisory:
Lizard Cart CMS SQL Injection Vulnerability

--------------------Summary----------------

Software: Lizard Cart CMS
Sowtware's Web Site: http://sourceforge.net/projects/lizardcart
Versions: 1.04
Critical Level: Dangerous
Type: SQL Injection
Class: Remote
Status: Unpatched
Exploit

[ more ]  [ reply ]

It looks like MS has backed off on "viewing mail" as a possible attack
vector. As of today, the advisory
(http://www.microsoft.com/technet/security/advisory/912840.mspx) reads:

"In an E-mail based attack involving the current exploit, customers
would have to be persuaded to click on a link within a

[ more ]  [ reply ]

Hi,

I like what SANS is saying about the current MS announcement to deliver a patch by Jan 10, 2006, but not earlier:
http://isc.sans.org/diary.php

This is the interesting part:
"Although the issue is serious and malicious attacks are being attempted, Microsoft's intelligence sources indicate that

[ more ]  [ reply ]

PRODUCT DESCRIPTION
Recruitment Software (http://www.recruitment-agency-software.com/) is a
free full featured web-based recruitment agency software product. An
easy to use back-end administration gives you full control over your
recruitment job listings.
It has been checked that several institu

[ more ]  [ reply ]

Hmm, has anyone else seen this new "rapidly spreading computer virus" known
as "metasploit"? ;-)

Richard

http://online.wsj.com/article/SB113630873566736620.html?mod=yahoo_hs&ru=
yaho
o

Microsoft Readies Fix As New Virus Spreads
By CHRIS REITER
DOW JONES NEWSWIRES
January 3, 2006 1:20 p.m.

Micros

[ more ]  [ reply ]

New eVuln Advisory:
phpBook PHP Code Execution

--------------------Summary----------------

Software: phpBook (http://sourceforge.net/projects/phpbook/)
Versions: 1.3.2 and earlier
Critical Level: Dangerous
Type: PHP Code Execution
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Not Av

[ more ]  [ reply ]

New eVuln Advisory:
VEGO Links Builder Authentication Bypass

--------------------Summary----------------
Vendor: VEGO
Software: VEGO Links Builder
Versions: 2.0
Critical Level: Moderate
Type: SQL Injection
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Not Available
Discovered by: Ali

[ more ]  [ reply ]

New eVuln Advisory:
PHPenpals SQL Injection Vulnerability

--------------------Summary----------------
Vendor: Jevontec (http://jevontech.com/)
Software: PHPenpals
Versions: 310704
Critical Level: Moderate
Type: SQL Injection
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Not Available

[ more ]  [ reply ]

Hi Moore et al (and All):
I was trying to understand the wmf setabortproc exploit code. I got
confused over one point. In the code, under the point "StandardMetaRecord -
Escape()", you have given the value of WORD function as 0x0026 and other
possible values can be (according to the code) 0x0626,

[ more ]  [ reply ]

I have inspected the latest XSS filter mechanism of Drupal which is included in 4.5.6 and 4.6.4 versions and onward and both the decimal and the hexadecimal version is escaped when choosing the "Filtered HTML" format. The "Full HTML" format, as its name implies, does not filter HTML and its documen

[ more ]  [ reply ]

Quite a bit of confusing and a vast amount of information coming from
all directions about the WMF 0day. Here are some URL's and generic facts
to set us straight.

The "patch" by Ilfak Guilfanov works, but by disabling a DLL in Windows.
So far no problems have been observed by anyone using this p

[ more ]  [ reply ]