|
|
Colapse all |
Post message
Poster.Version:Two Setup Vulnerability 2003-08-15 DarkKnight (mbuzz04 yahoo com) Author: DarkKnight My site: http://www.insecureonline.com Product: Poster.version:two Side Note: This is my first post ever on bugtraq, so bear with me. Vendors: Contacted A vulnerability exists within Poster.version:two that allows a remote attacker to add accounts to a Poster.version:t [ more ] [ reply ] Best Buy Employee Toolkit Vulnerability 2003-08-14 cmthemc yahoo com Title: URL Parsing and Plain Text Password disclosure in Best Buy Employee Toolkit Software Provided by: cm` ---------------- Best Buy Employee Toolkit Interactive is a software program used nationally by Best Buy Terminal Systems. The software allows employees the ability to check mu [ more ] [ reply ] Fusen News 3.3 Account Add Vulnerability 2003-08-15 DarkKnight (mbuzz04 yahoo com) Author: DarkKnight My site: http://www.insecureonline.com Product: Fusen News 3.3 (maybe lower) Side Note: This vulnerability is for an OLD VERSION of Fusen News. The only reason I'm posting this is because I still see people using Fusen News 3.3. Vendors: Not contacted (Upgrade available [ more ] [ reply ] Linux-sec-uk mailing list 2003-08-15 James Davis (jamesd jml net) Linux-sec-uk is a new mailing list for the discussion of Linux Security. Apart from technical and practical advice on Linux security at all levels, the list also aims to cover UK-centric issues relevant to security technology and policy. Thanks to lug.org.uk for hosting the list. You can subscribe [ more ] [ reply ] Re: Buffer overflow prevention 2003-08-14 noir (noir gsu linux org tr) I believe that Mr. Raadt meant PAX by W^X. We all enjoy ascii art but I wanted to note that renaming somebody elses work is not so ethical. so for the real thing please consider checking: http://pageexec.virtualave.net/ my linux box have 0 remotely exploitable vulnerabilities in its default i [ more ] [ reply ] Re: PST Linux Advisor--------Dsh-0.24.0 in debian has a home env Buffer Overflow Vulnerability 2003-08-14 Vade 79 (v9 fakehalo deadpig org) In-Reply-To: <20030810011227.5888.qmail (at) www.securityfocus (dot) com [email concealed]> > ssize_t buflen = 50 * strlen(fmt); /* pick a number, any number >*/.............lol > *strp = malloc(buflen); > > if (*strp) > { > va_list ap; > va_start(ap, fmt); > vsnprintf(*strp, buflen, fmt, ap);.......... [ more ] [ reply ] Re: MSBlast complete recode / analysis 2003-08-14 H D Moore (sflist digitaloffense net) On Thursday 14 August 2003 01:19 am, Rolf Rolles wrote: > MSBlast was compiled with LCC 1.x, which made it particularly easy to > analyze. The exploit encrypts itself via XOR. A few simple > modifications to the "Ripper" IDC on datarescue's site takes care of > this "protection". The "encryption" [ more ] [ reply ] [ paper + project release ] kless - connecting to void and getting out alive 2003-08-14 setuid (s3tuid violating us) hello list, For the last couple of months i've been researching some peculiarites of the transport layer protocol which deflowered into a project of mine. The name is kless, and its goal is to be able to communicate using transport layer protocols (tcp/udp) without opening any ports ( at leas [ more ] [ reply ] RE: Buffer overflow prevention 2003-08-14 Brian Glover (brian centurionservice com) (1 replies) On RedHat 9, gcc version 3.2.2 20030222, it is not included. [brian@WashingMachine brian]$ gcc -fstack-protector -o testfile testfile.c cc1: unrecognized option `-fstack-protector' -----Original Message----- From: Patrick Dolan [mailto:dolan (at) cc.admin.unt (dot) edu [email concealed]] Sent: Wednesday, August 13, 2003 6:3 [ more ] [ reply ] |
|
Privacy Statement |
I have developed an application, which I believe can provide 100%
security against various attacks.I can hear people laughing. Hmm..
The applications is called Execution Flow Control (EFC).
Details of software can be found at http://203.197.88.14/efc
Now the help part:
I have put up a site
[ more ] [ reply ]