Vuln Dev Mode:
(Page 14 of 75)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >
tiffsplit (libtiff <= 3.8.2) bss & stack buffer overflow... 2006-05-24
"A. Alejandro Hernández" (nitrous conthackto com mx)
Affected product: tiffsplit (libtiff <= 3.8.2)

tiffsplit from libtiff (http://www.remotesensing.org/libtiff/)
is vulnerable to a bss-based and stack-based overflow, but, I just
wrote the concept c0de for stack-based b0f 'cause I don't know how
to take advantage of the overwritten bss data (after th

[ more ]  [ reply ]
Re: Re: Re: Buffer overflow? 2006-05-19
ivancool2003 yahoo com ar
Yes i had winzip 8.0 but now i upgrade to the last version and i fix the problem. Thanks for the help.

[ more ]  [ reply ]
Re: Re: Buffer overflow? 2006-05-18
Mike Sues (msues rigelksecurity com)

That DLL named in the event viewer info is a WinZip component.
Are you running WinZip 8.0? Check out,

http://support.microsoft.com/?kbid=320321

--------------------------------------------
Mike Sues, GCIH
CEO & Ethical Hack Specialist
Rigel Kent Security & Advisory Services Inc
ph :613.233.HACK

[ more ]  [ reply ]
RE: Re: Buffer overflow? 2006-05-18
Silcock, Stephen (stephen silcock cleanaway com au)
"wzshlex1.dll"...

I'd say that James has hit the nail on the head - that's WinZip's shell
extensions.

S. :)

> -----Original Message-----
> From: ivancool2003 (at) yahoo.com (dot) ar [email concealed] [mailto:ivancool2003 (at) yahoo.com (dot) ar [email concealed]]
> Sent: Friday, 19 May 2006 8:48 AM
> To: vuln-dev (at) securityfocus (dot) com [email concealed]
> Subject: Re: Re:

[ more ]  [ reply ]
Re: Re: Buffer overflow? 2006-05-18
ivancool2003 yahoo com ar
Here is the event viewer information

0000: 41 70 70 6c 69 63 61 74 Applicat

0008: 69 6f 6e 20 46 61 69 6c ion Fail

0010: 75 72 65 20 20 65 78 70 ure exp

0018: 6c 6f 72 65 72 2e 65 78 lorer.ex

0020: 65 20 36 2e 30 2e 32 38 e 6.0.28

0028: 30 30 2e 31 31 30 36 20 00.1106

0030: 69

[ more ]  [ reply ]
Skype 2.0.0.97 Major BUG 2006-05-18
Burak ÞEKERCÝOÐLU (bsekercioglu bt gmail com) (2 replies)
Last day i found a new security hole on Skype 2.0. It is a major bug
for skype users.

For example; if you have a skype account you can login with your
account on two different pc at the same time.
And skype program don't alert "about another user logged in with your
account on different pc".

And t

[ more ]  [ reply ]
Re: Skype 2.0.0.97 Major BUG 2006-05-19
Alice Bryson (abryson bytefocus com)
Re: Skype 2.0.0.97 Major BUG 2006-05-18
Eliah Kagan (degeneracypressure gmail com) (1 replies)
Re: Skype 2.0.0.97 Major BUG 2006-05-19
Dalibor Straka (dast panelnet cz) (1 replies)
Re: Skype 2.0.0.97 Major BUG 2006-05-19
Eliah Kagan (degeneracypressure gmail com)
Re: Buffer overflow? 2006-05-18
john fellers gmail com
Windows supports filenames of up to 255 characters in length. Here is an article about file names from microsoft:

http://support.microsoft.com/?kbid=142982

Does the filename contain any special characters?

How is the file created (through code, an application, etc)?

[ more ]  [ reply ]
Buffer overflow? 2006-05-13
Ivancool2003 yahoo com ar (3 replies)
I have windows xp service pack 2 and if i create a file with a 253

Characters long and i press it with the right button, the shell is stopped;

explorer.exe and another aplications are reinitiated. What has

happened?

(sorry my bad english)

[ more ]  [ reply ]
Re: Buffer overflow? 2006-05-18
Disco Jonny (discojonny gmail com)
Re: Buffer overflow? 2006-05-18
3APA3A (3APA3A SECURITY NNOV RU)
Re: Buffer overflow? 2006-05-18
Alexander Sotirov (asotirov determina com) (1 replies)
Re: Buffer overflow? 2006-05-18
GulfTech Security Research (security gulftech org)
Re: Re: Digg Security. 2006-05-12
steve quicksilverscreen com
You must run the html on an SSL enabled server, when traveling from an 'https' to an 'http' address web browsers do not send an http referer. This is how my example works.

Some version of flash, and java can also be used to stop the referer being sent if you do not have access to an ssl server.

[ more ]  [ reply ]
Digg Security. 2006-05-11
steve quicksilverscreen com (1 replies)
I accidently discovered a gaping security hole at digg.com the other day, and like any conscientious white-hatter I reported it to the Digg crew via the 'report a web site bug' link, and by emailing abuse (at) digg (dot) com. [email concealed]

Details of the flaw, and a proof of concept can be found here:

http://www.quicks

[ more ]  [ reply ]
Re: Digg Security. 2006-05-12
Jon Keating (jonkeating gmail com) (1 replies)
RE: Digg Security. 2006-05-12
Rocky (rocky he g-wizinnovations com)
Cracking Tutorial - LinuxWorld 2006-05-09
John Mark Walker (johnmark johnmark org) (1 replies)
Hi folks,

I'm looking for a good 3-hour tutorial teaching how to break
commonly-used security methods, install rootkits, etc. LinuxWorld San
Francisco is on August 14, and I really want a good tutorial on this. My
impression is that a lot of administrators are complacent thinking that
open sour

[ more ]  [ reply ]
Re: Cracking Tutorial - LinuxWorld 2006-05-11
The Jabberwock (jabberwock tenebrous com)
INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities 2006-05-08
infocus (infocus infigo hr)

INFIGO IS Security Advisory #ADV-2006-05-03
http://www.infigo.hr/

Title: Multiple FTP Servers vulnerabilities
Advisory ID: INFIGO-2006-05-03
Date: 2006-05-05
Advisory URL: http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03
Impact: Remote code exec

[ more ]  [ reply ]
DIA file name handling format string 2006-05-06
king_purba yahoo co uk
Author : KaDaL-X

http://kandangjamur.net

Software tested

Dia v 0.94 on fedora Core 4

Dia v 0.94 on Mandriva

http://www.gnome.org/projects/dia

PoC :

------

[ph03n1x@kaiten ~]$ touch %p%p%p%p.bmp

Now, open %p%p%p%p.bmp using dia then error something like this will happen

Failed to lo

[ more ]  [ reply ]
Re: FTP Fuzzer 2006-05-03
Alice Bryson (abryson bytefocus com) (1 replies)
hi, could you provide more spec of using this fuzz tool, i use it to
fuzz several ftp server , but it alway crashed before ftp server does.

2005/11/13, infocus <infocus (at) infigo (dot) hr [email concealed]>:
> Hi,
>
> We have released simple and user friendly GUI FTP fuzzer tool for stress
> testing FTP server implementatio

[ more ]  [ reply ]
Re: FTP Fuzzer 2006-05-03
Leon Juranic (leon juranic infigo hr)
Re: Possible Overflow in MS Word 2003 2006-04-29
Guilherme Martini Dalpian (gmdalpian gmail com)
Well, definitely, this bug seems very specific. I've confirmed this
bug in 4 different machines, with different configurations, and all
have the same problem with MS Word 11.6568 SP2 PT_BR.
Does anyone else here use this version of Word to confirm?

2006/4/28, Rocky <rocky.he@g-wizinnovation

[ more ]  [ reply ]
Googling or Google Hacking Security Conference slides 2006-04-30
newslist (at) security-briefings (dot) com [email concealed] (newslist security-briefings com) (1 replies)
Hello all,

Some time to be able to get slides from security events; you need to
wait for a long period... because of the delay for conference organizer
to upload them to their web site or, even worth, sometime they don't
publish any slides.

So, we decided to implement and develop some "Googlin

[ more ]  [ reply ]
Re: Googling or Google Hacking Security Conference slides 2006-05-01
Alexander Sotirov (asotirov determina com)
(Page 14 of 75)  < Prev  9 10 11 12 13 14 15 16 17 18 19  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus