Interesting paper.
Certain apps (notably java virtual machines) manipulate stack return
addresses. I understood that one of the advantages of Immunix's product
StackGuard was that you could still run these types of apps by
statically linking them against a normal libc (and chrooting them or
othe

[ more ]  [ reply ]

> It's probably too late, but rather then removing user:password support
> altogether, maybe Microsoft could replace it with a dialog that informs the
> user they are about to visit "session-arhuz.ru" with the username
> "www.herbank.com", and an appropriate warning about not revealing sensitive
> i

[ more ]  [ reply ]

Introduction
############

rxgoogle.cgi is..."Provide your website visitors with
your own net search program. This script allows your
visitor to perform web search within your site without
redirecting. You can set up RxGoogle search engine in
just minutes and it's FREE!".

rxgoogle.cgi is vulnerable

[ more ]  [ reply ]

He was saing that the worm installed Serv-U.
There is no connection to that exploit.

----- Original Message -----
From: "Michael Marziani" <marziani (at) oasis (dot) com [email concealed]>
To: "Chuck Rock" <carock (at) epcusa (dot) com [email concealed]>; <bugtraq (at) securityfocus (dot) com [email concealed]>
Sent: Tuesday, February 03, 2004 22:16
Subject: RE: CoDeX-W0rm - what hap

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

iDEFENSE Security Advisory 02.04.04

GNU Radius Remote Denial of Service Vulnerability
http://www.idefense.com/application/poi/display?id=71
February 4, 2004

I. BACKGROUND

Radius is a server for remote user authentication and accounting. More
informat

[ more ]  [ reply ]

ZH2004-04SA (security advisory): Multiple Sql Injection Vulnerabilities in ReviewPost PHP Pro

Published: 04 february 2004

Released: 04 february 2004

Name: ReviewPost PHP Pro

Affected Systems: current and prior versions

Issue: Sql Injection Vulnerability

Author: G00db0y from Zone-

[ more ]  [ reply ]

* langtuhaohoa caothuvolam <trungonly (at) yahoo (dot) com [email concealed]> wrote:

> Deny From All: In this way they can access from outside the server.

You mean: An attacker needs to place such a script on the server, which
includes the requested uri.
If he's able to do so, he can

(a) read the file anyway
(b) simply open

[ more ]  [ reply ]

>
>
>> -----Original Message-----
>> From: Daniele Orlandi [mailto:daniele (at) orlandi (dot) com [email concealed]]
>
>> I use amavisd-new which has support for listing viruses/worms
>> that fake
>> the sender's email address. Unfortunatelly the list is external to the
>> actual virus scanner and has to be updated manually.

[ more ]  [ reply ]

On 2 Feb 2004 at 23:02, rsh (at) idirect (dot) com [email concealed] wrote:

> >On Fri, 23 Jan 2004 Daniel.Capo (at) tco.net (dot) br [email concealed] wrote:
> >
> >> > Which means the Democrats screwed up setting up their own
> >> > share point and allowed public access to it. There was no
> >> > "computer glitch" which was "exploited". This was
> >> >

[ more ]  [ reply ]

On Tue, 3 Feb 2004, Gadi Evron wrote:

> 3. I think we look at the whole problem in the wrong way, allow me to
> elaborate:
>
> The AV industry is built on reaction rather than prevention. Adding
> new signatures is still the #1 tool in the fight against malware.
>
> With spam and mass mailers c

[ more ]  [ reply ]

Has anyone tried to replicate this from Windows?
(ie create a windows batch file which does the
same thing)? Or is the windows batch file language
too restricted to allow this sort of script?

Forgive my windows ignorance...

> -----Original Message-----
> From: full-disclosure-admin (at) lists.netsys (dot) co [email concealed]

[ more ]  [ reply ]

Application: TYPSoft FTP Server
http://www.typsoft.com

Version: 1.10

Bug: Denial Of Service

Author: intuit
e-mail: intuit (at) linuxmail (dot) org [email concealed]
web/forum: http://code.unixserver.at

**********************************************************

[ more ]  [ reply ]

In-Reply-To: <20040203063933.12546429.nd (at) perlig (dot) de [email concealed]>

>From: =?ISO-8859-15?Q?Andr=E9?= Malo <nd (at) perlig (dot) de [email concealed]>

>

>

>Deny from all (in conclusion with some other) denies HTTP access on some

>criteria. It doesn't suppose to protect against access from inside the

>server.

>

Deny From All: In this w

[ more ]  [ reply ]

Announced: 2004-02-02
Type: Denial of Service Attack on Windows
Impact: smbmount can stop Windows from sharing files
Writer: Daniel Kabs, Germany (daniel.kabs (at) gmx (dot) de [email concealed])
Credits: Thanks to Steve Ladjabi (steve.ladjabi (at) web (dot) de [email concealed])

Contents:
1. Abstract
2. Affected Systems
3. Attack Setup
4. Symptoms
5. Wo

[ more ]  [ reply ]

On Tue, 3 Feb 2004 12:09:58 ,<rslade (at) sprint (dot) ca [email concealed]> wrote:
> OK, obvious question. Can you do the same thing with md, rd,
> and a BAT file, or
> is a specific smbmount quirk necessary?

I've posted the Windows Batch File to Full-Disclosure on
Tue, 03 Feb 2004 11:45:25 +0100.

Here's the _corrected_ b

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 433-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 4th, 2004

[ more ]  [ reply ]

This is a previously published Vulnerability and not something that is
yet to be reported.
Shaun was referring to the patch itself.

Truthless.

--

Micheal Cottingham wrote:

>
> If you think you have found a security hole with phpBB, contact the
> security email address ... I assure you they won

[ more ]  [ reply ]

On Tue, 2004-02-03 at 09:47, Joseph S. Myers wrote:

> On Fri, 30 Jan 2004, Stefan Nordhausen wrote:
> > Solution:
> > Updating to libtool 1.5.2 (the current stable release) will eliminate
> > the vulnerability. If you want to stick with your old version of libtool
> > you can easily fix this bug yo

[ more ]  [ reply ]

> > A bounce should *always* include a MIME attachment of type
> > message/rfc822-headers which contains the full headers from the original
> > mail. This makes it relatively easy to check on the receiving side if the
> > original "Received: from" headers are valid, and simply drop bounces that

[ more ]  [ reply ]

In-Reply-To: <000501c226a1$c0f58060$e62d1c41 (at) kc.rr (dot) com [email concealed]>

>When I informed Summit Computer Networks' Scott

>Slater about the Urlcount.cgi vulnerability, he replied to

>me that the application was property of PowerBASIC,

>and that he would forward it on. Hearing nothing from

>either Slater, or Po

[ more ]  [ reply ]

Title: Multiple Vulnerabilities in PHPX

By: Manuel López ( manegts (at) hotmail (dot) com [email concealed] ) FROM #IST libres.irc-hispano.org,
#IST Efnet.

Url: http://www.phpx.org

Description:
PHPX is a web portal system, blog, Content Management System (CMS),
forums, and more. PHPX is designed to allow everyone to be able

[ more ]  [ reply ]

> On Fri, 23 Jan 2004 Daniel.Capo (at) tco.net (dot) br [email concealed] wrote:

> > > Which means the Democrats screwed up setting up their own
> > > share point and
> > > allowed public access to it. There was no "computer glitch" which was
> > > "exploited". This was completely a human screw-up. And there was no
> > > h

[ more ]  [ reply ]

Christian Vogel wrote:

>
> i think "technical" people often think of the law-system as something
> as C-code, as it's written there is only one way for a standard
> compliant compiler to interpret it. I think the judges are more flexible
> than gcc in this regard, they can also assume that one per

[ more ]  [ reply ]

Here's a summary of the responses I've received.

1) RFC2616 does not define the user:password@host scheme specifically
for HTTP URL's. Though its use has been supported in most if not all
popular browsers until now.
2) Other RFC's do define this scheme in general with the caveat that
using this syn

[ more ]  [ reply ]

On Mon, 2 Feb 2004 21:01:45 -0700
"Dave Warren" <dave.warren (at) devilsplayground (dot) net [email concealed]> wrote:
> The safety concerns of http://user:pass@www aren't technical, they're
> user/training issues.. How do you explain to your grandmother that
> http://www.herbank.com:login.asp (at) session-arhuz (dot) ru [email concealed]/ isn't safe but

[ more ]  [ reply ]

On Tue, 3 Feb 2004, Fergus Brooks wrote:

snipped ...
> Also I have found that often to get to an FTP server on the Internet
> (depending on the proxy, connection, firewall etc) that you need to use
> this format. Taking this functionality away will certainly make it
> harder for a lot of support

[ more ]  [ reply ]

[SNIP]

>
> i think "technical" people often think of the law-system as something
> as C-code, as it's written there is only one way for a standard
> compliant compiler to interpret it. I think the judges are more flexible
> than gcc in this regard, they can also assume that one perfectly knows
>

[ more ]  [ reply ]

Web Crossing 4.x/5.x Denial of Service Vulnerability

###################################################

Credit:
Author : Peter Winter-Smith

Software:
Package : Web Crossing
Versions : 4.x/5.x
Vendor : WebCrossing, Inc.
Vendor Url : http://www.webcrossing.com/

Vulnerability:
Bug Typ

[ more ]  [ reply ]

>>> Anyone have any comments regarding legitimate
>>> uses of this syntax and Microsoft removing it
>>> from their browser? (and presumably the OS since
>>> the browser IS the OS).

It always was a bad idea to put plaintext passwords in URLs because it
encouraged users to give away pas

[ more ]  [ reply ]

On Tue, Feb 03, 2004 at 07:36:55AM -0500, Dave Paris composed:
> I'm not sure I understand the economics involved here. Taking the
> worst-case (software) cited at an 8.3% performance hit, this says a 3.2GHz
> P4 will give approximately the same performance as a 2.9GHz machine. Or put
> another wa

[ more ]  [ reply ]