this is exploit from search module for phpnuke 6.9 and below (possibly 7.x)

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A typo was quickly identified in the URL below from my original
posting yesterday. Please use the following URL instead, if any
eTrust Antivirus or InoculateIT customers are wanting to report any
problems they feel may be related to this, or wish to

[ more ]  [ reply ]

Advisory attached.

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrake Linux Security Update Advisory
_______________________________________________________________________

Package name: mutt
Advisory ID:

[ more ]  [ reply ]

From the MS04-07 bulletin, Windows 9x is not mentioned. Someone has asked
whether Windows 98 is vulnerable to this attack or not. It could be that
Windows 98/ME are vulnerable to this attack through the installation of
Office suite.

The following link refers to the msasn1.dll on Windows ME. But, Wi

[ more ]  [ reply ]

In some mail from der Mouse, sie said:
>
> > Signed applications and signed DLLs and signed drivers [...] coming
> > to a Unix near you SOONER rather than later.
>
> > Or is that the kind of thing you disable upon installation because it
> > gets in the way of you being able to install whatever "y

[ more ]  [ reply ]

On Wed, 2004-02-11 at 19:51, Mark Litchfield wrote:
> Whilst examining what was going on in the world of security, I came across
> an update by Checkpoint in regards to some recently reported vulnerabilities
> in their products, specifically CheckPoint FW-1 and CheckPoint VPN-1.
>
> For more info -

[ more ]  [ reply ]

> Right. On Unix "WEB-INF" and "WEB-INF.." are two different, legal file
> names. On Windows, trailing dots seem to be ignored, so "WEB-INF" and
> "WEB-INF.." are just two names for the same file. This also works if the
> filename already has an extension, so for example "foo.html" and
> "foo.html..

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Computer Associates has been investigating the vulnerability claims
from the recent Bugtraq posting, related to eTrust Antivirus 6.0 for
Linux. Though it is too early to determine the accuracy of this
claim, and the platforms it may cover, Computer As

[ more ]  [ reply ]

> It looks like some postmasters are in the virus distribution business pretty
> much like the MyDoom virus itself. Perhaps these postmasters need to review
> their bounce message policies and remove all attached files from messages
> being bounced.

the mails probably bounced (were rejected by th

[ more ]  [ reply ]

I am not, nor is NGS a partner of Checkpoint, so we were not privy to the
'partners security' bulletin.. I would be interested however in seeing the
full posting by Checkpoint.

Mark

----- Original Message -----
From: "Nicob" <nicob (at) nicob (dot) net [email concealed]>
To: "Mark Litchfield" <mark (at) ngssoftware (dot) com [email concealed]>
Cc: <bugt

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrake Linux Security Update Advisory
_______________________________________________________________________

Package name: netpbm
Advisory ID:

[ more ]  [ reply ]

>> Depends. Does it include the tools necessary to sign my own code?
>> If not, yes, I will disable it, to the point of running a different
>> OS if necessary.
> So you will disable a function that provides you with a trusted,
> secure, computing base because you cannot sign things yourself ?

Yes.

[ more ]  [ reply ]

In some mail from der Mouse, sie said:
>
> > How does anyone know that you're not a virus/worm writer ?
>
> Anyone? Well, _I_ do.
>
> Anyone else? The same way they know that of anyone: look at my record.

That's not good enough. Sooner or later, the software industry is
going to have to change

[ more ]  [ reply ]

On Feb 10, 2004, at 4:16 PM, Tim Eddy wrote:

> Marc,
>
> If we remove the default exemptions for Kerberos & RSVP from IPSEC with
> the "NoDefaultExempt" registry key, this still passes IKE. Therefore is
> IKE vulnerable to the ASN bug?

Very likely, as IKE data is marshaled into ASN.1 format. The

[ more ]  [ reply ]

> That's not good enough. Sooner or later, the software industry is
> going to have to change and declare that "no warranty" software
> should be confined to isolated systems.

It is not the software industry's place to decide that; that is for
software consumers to decide...or not.

> Tell me, can

[ more ]  [ reply ]

On 2004-02-05 19:12:54 -0000, Wang Yun wrote:
> Analyze:
> ========
> 1.Apache think "/WEB-INF../" unequal to "/WEB-INF/" So find this Directory by itself.
> 2."/WEB-INF/" Directory not Forbidden in Apache Config files.
> 3."d:\resin\doc\>cd WEB-INF.." legit in Windows Systems.

On 2004-02-09 13:4

[ more ]  [ reply ]

> -----Original Message-----
> From: Rainer Gerhards [mailto:rgerhards (at) hq.adiscon (dot) com [email concealed]]
> Sent: Wednesday, February 11, 2004 1:11 AM
> To: Tina Bird
> Cc: BUGTRAQ (at) securityfocus (dot) com [email concealed]
> Subject: RE: EEYE: Microsoft ASN.1 Library Length Overflow
> Heap Corruption
>
<snip>

> But I think the bottom

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200402-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
~

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200402-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
~

[ more ]  [ reply ]

On Wed, Feb 11, 2004 at 09:16:40AM +1100, Tim Eddy wrote:
> Marc,
>
> If we remove the default exemptions for Kerberos & RSVP from IPSEC with
> the "NoDefaultExempt" registry key, this still passes IKE. Therefore is
> IKE vulnerable to the ASN bug?

It would appear that it is indeed. The Internet

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________
______

SCO Security Advisory

Subject: OpenLinux: slocate local user buffer overflow
Advisory number: CSSA-2004-001.0
Issue date: 2004 February 10
Cross reference: sr88603

[ more ]  [ reply ]

Hello Marc,

Tuesday, February 10, 2004, 12:47:29 PM, you wrote:
MM> For example we setup a totally IPSEC secured network and we broke
MM> into that network via our ASN bug which is called by the Kerberos.
MM> We also have written exploits that take advantage of ASN via
MM> NTLMv2 authentica

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200402-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
~

[ more ]  [ reply ]

On Tue, 10 Feb 2004, Frank Louwers wrote:

> I think his point is this:
>
> Image you have a user account luser on box foo. You do not have root on
> foo. However, you do have root on box bar. If you are allowed to
> smbmount stuff on foo as user luser, (which is a BadThing(tm), but
> default behav

[ more ]  [ reply ]

Whilst examining what was going on in the world of security, I came across
an update by Checkpoint in regards to some recently reported vulnerabilities
in their products, specifically CheckPoint FW-1 and CheckPoint VPN-1.

For more info - http://www.checkpoint.com/corporate/iss.html

Mark

[ more ]  [ reply ]

I have had little success in finding information on the AIM worm that
seems to be going around now.

It affects the official AOL Instant Messenger client only, it seems.
Once you click on this link (and there are different endings to the
URL each time, in place of the YUAF):

http://www.wgutv.co

[ more ]  [ reply ]

On Tue, 10 Feb 2004 20:14:08 PST, morning_wood <se_cur_ity (at) hotmail (dot) com [email concealed]> said:

> did you try exploit code to verify? that should dispel any ambiguity
> across scanner reports, it would be real easy to load your network
> hosts into a batch file or shell script and see how many "roots" you get.

Giv

[ more ]  [ reply ]

Hi all,

badpack3t wasn't totally wrong when he called it a BoF because the
formatstring can cause BoFs. Anyway, it's a nice little formatstring to
exploit, with multiple possible attack vectors. I found it easiest to
overwrite the exception handler code (since it's RWE) and then cause an
exception.

[ more ]  [ reply ]

> -----Original Message-----
> From: Rainer Gerhards [mailto:rgerhards (at) hq.adiscon (dot) com [email concealed]]
> Sent: Tuesday, February 10, 2004 3:36 PM
>
> I think Microsoft is using wording to keep the typical end user in a
> warm and cozy state.

How so, exactly? It _is_ marked as a Critical Security Update. What a

[ more ]  [ reply ]