Vuln Dev Mode:
(Page 20 of 75)  < Prev  15 16 17 18 19 20 21 22 23 24 25  Next >
Oracle 10g - emagent.exe Stack-Based Overflow 2005-10-20
SPI Labs (Spi Labs spidynamics com)
Oracle 10g - emagent.exe Stack-Based Overflow
http://www.spidynamics.com/spilabs/advisories/oracle-emagentoverflow.htm

l

Release Date: October 18, 2005
Severity: Critical

Systems Affected
----------------
For a complete list of products and components affected, please visit
http://www.oracle.com/t

[ more ]  [ reply ]
Vulnerability Buyer Company 2005-10-19
mpycube yahoo com (1 replies)
Hello,

i already worked with iDefense but i have seen t hat also 2 other companies are buying 0day:
- www.zerodayinitiative.com
- www.digitalarmaments.com

The offer of the second one look really interesting. Does anyone has worked with those company? which one is better? does exist others company

[ more ]  [ reply ]
Re: Vulnerability Buyer Company 2005-10-20
KF (lists) (kf_lists digitalmunition com)
Announcement: New SecurityFocus Mailing Lists 2005-10-19
Dave McKinney (dm securityfocus com)

(forwarding this announcement to vuln-dev)

All,

As a result of the poll conducted on the existing SecurityFocus mailing
lists, we identified a need from the security community for new discussion
forums related to distinct areas of topic.

We are pleased to announce the addition of 5 new lists on

[ more ]  [ reply ]
Re: Solaris sparc newbie exploit coding misc questions 2005-10-14
Marco Ivaldi (raptor 0xdeadbeef info)
Hey ework0,

> I gather together some misc questions about designing buffer overflows
> PoC's for the solaris sparc architecture:

I apologize for not being able to thoroughly answer your questions, but
i'm in a hurry at the moment. Just wanted to point out some of my code
that i bet you'll find use

[ more ]  [ reply ]
Solaris sparc newbie exploit coding misc questions 2005-10-12
ework0 (ework0 gmail com) (2 replies)
Hello,

I gather together some misc questions about designing buffer overflows
PoC's for the solaris sparc architecture:

1. Basically, what is the stack address? how can be the same among
different process? stack base addr is not related to memory locations?
How can I get the stack base address?

[ more ]  [ reply ]
Re: Solaris sparc newbie exploit coding misc questions 2005-10-13
backblue (backblue tvtel pt)
Re: Solaris sparc newbie exploit coding misc questions 2005-10-14
Valdis Kletnieks vt edu
[SEC-1 Advisory] GFI MailSecurity 8.1 Web Module Buffer Overflow 2005-10-12
Gary Oleary-Steele (garyo sec-1 com)
SEC-1 LTD.
www.sec-1.com

Security Advisory

Advisory Name: GFI MailSecurity 8.1 Web Module Buffer Overflow
Release Date: 12/October/2005
Application: GFI MailSecurity For SMTP version 8.1

Platform:

[ more ]  [ reply ]
[SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability 2005-10-12
Gary Oleary-Steele (garyo sec-1 com)
SEC-1 LTD.
www.sec-1.com

Security Advisory

Advisory Name: Collaboration Data Objects Buffer Overflow Vulnerability
Application: Multiple Applications that implement CDO
Platform: Windows 2000 (All

[ more ]  [ reply ]
XSS in fotolog.net 2005-10-08
scolachado hotmail com
Fotolog.net has a XSS bug in login area...

http://my.fotolog.net/login.html?u_name=%22%3E%3Cscript%3Ealert(%22XSS%2
2)%3C/script%3E

Bye

[ more ]  [ reply ]
PullThePlug Contest: Call For Papers 2005-10-10
announcements pulltheplug org
Hi,

The PullThePlug Contest is a unique opportunity for individuals in the
information security community to share their knowledge in the form of
interesting and innovative papers and win a prize in the process.

All the papers will be reviewed by our Contest Voting Panel and the best
entries will

[ more ]  [ reply ]
PAKCON II: Call for Paper (CfP), Final Call! 2005-10-05
Ayaz Ahmed Khan (ayaz pakcon org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folks:

This is second round for the Call for Papers (CfP) for PAKCON II. We
have couple of speaking slots left for the PAKCON II, Pakistan's Cyber
Security Convention. It will be happening on 29th and 30th November,
2005 in Karachi, Pakistan.

If you

[ more ]  [ reply ]
Re: PocketPC exploitation 2005-10-04
Jerome Athias (jerome athias free fr) (1 replies)
Hi guys,

first i would like to thank you guys for your nice papers and comments
on this subject.
After some vacations, a big update of the firmware of my iPAQ (thank you
HP; i've just waited 4 months to have a good RAS connection...), i've
worked a little on the wininet APIs on Windows CE.
If some

[ more ]  [ reply ]
Re: PocketPC exploitation 2005-10-19
Jerome Athias (jerome athias free fr)
Citrix Metaframe Presentation Server bypassing policies 2005-09-30
gustavog grupoitpro com ar
DESCRIPTION:
============

Vulnerability in Presentation Server allow to user bypass citrix policy
which is applied to client name.

SOFTWARE: Citrix Metaframe Presentation Server 3.0 / 4.0
=========

INFO:
=====

Citrix Presentation Server policy is used for admins to restrict the user
environme

[ more ]  [ reply ]
Upcoming Black Hat events announcement 2005-09-28
Jeff Moss (jmoss blackhat com)
Dear Vuln Dev readers,

I want to keep you up to date with what Black Hat is up to. Currently there is a stand alone training in Seattle
in October, a Briefings in Tokyo in October, and a Federal Training and Briefings in Crystal City in January. Black
Hat returns to Amsterdam at the end February

[ more ]  [ reply ]
Re: MS05-039 2005-09-29
A A (hd78432 yahoo com)
Does anyone know the memory address in umpnpmgr.dll
where the overflow exception is thrown in the
exception block (in windows 2000)? I don't have a
windows 2000 box that I can buffer overflow with a
debugger.
I'm testing in an environment other than Windows 2000
and I have been able to determine it

[ more ]  [ reply ]
PacSec05 2005-09-26
Dragos Ruiu (dr kyx net)
English url: http://pacsec.jp/index.html?LANG=ENGLISH
Japanese url: http://pacsec.jp/index.html?LANG=JAPANESE

Myamoto Musashi famous swordsman and author
of "Go Rin No Sho" (the Book of Five Rings) wrote
"Study the Way of all professions."

In the way of computer networks, one must understand
attac

[ more ]  [ reply ]
Canonicalization and apache/PHP-attacks 2005-09-26
tapio_niemela1 yahoo com (1 replies)
Hello, could I have a piece of advice about this thing called "Canonicalization" and how it can used to attack PHP. I understand that characters can be presented in multiple ways. For example, '/' can be presented as '/', 0x2F, or even 0xc0xAF (="Overlong sequence") or even something else. Now, I've

[ more ]  [ reply ]
Re: Canonicalization and apache/PHP-attacks 2005-09-27
Sverre H. Huseby (shh thathost com)
looking for vuln researchers who worked on routers 2005-09-26
Gadi Evron (ge linuxbox org)
And there aren't that many out there to compare notes with.

Please ping me off list if you are one of them.

Gadi.

[ more ]  [ reply ]
Re: PocketPC exploitation 2005-09-23
Ratter (ratter atlas cz) (1 replies)
JM> I would like to contribute to the list a paper i just had published that
JM> discusses the vulnerabilities of current virus detectors for pocket pc's, it
JM> is scary to think that such simplistic detectors are the current state of
JM> the art for such powerfull devices, it leads one to think th

[ more ]  [ reply ]
Re: PocketPC exploitation 2005-09-23
Jose Morales (mrjoemango2 hotmail com)
Re: PocketPC exploitation 2005-09-22
dennis backtrace de
> > i would like to know if some of you have experience with exploitation of
> > PocketPCs and could give me some ways and tools (debugger...).
> > since some vulns come ( http://www.securityfocus.com/bid/13807 )
> > I know that writing a DLL (Fuser) is quite easy with eVC++ (Embedded),
> > so a "do

[ more ]  [ reply ]
PocketPC exploitation 2005-09-21
Jose Morales (mrjoemango2 hotmail com)
I would like to contribute to the list a paper i just had published that
discusses the vulnerabilities of current virus detectors for pocket pc's, it
is scary to think that such simplistic detectors are the current state of
the art for such powerfull devices, it leads one to think that the lesson

[ more ]  [ reply ]
Whitepaper - Writing small shellcode 2005-09-19
Dafydd Stuttard (daf ngssoftware com)
I have written a short whitepaper describing techniques for writing small
shellcode. This can be downloaded from:

http://www.ngssoftware.com/papers/WritingSmallShellcode.pdf

Abstract
This paper describes an attempt to write Win32 shellcode that is as small as
possible, to perform a common task sub

[ more ]  [ reply ]
RUXCON 2005 Update 2005-09-19
cfp ruxcon org au (RUXCON Call for Papers)
Hi,

RUXCON is quickly approaching yet again. This e-mail is to bring you up
to date on the latest developments on this years conference.

Our speakers list is complete [1] and our timetable has been finalised
[2]. Below is a list of presentations for RUXCON 2005 (in order of
acceptance):

1. Bre

[ more ]  [ reply ]
(Page 20 of 75)  < Prev  15 16 17 18 19 20 21 22 23 24 25  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus