Colapse all |
Post message
RE: QuickTime exploited by media-handling flaw 2007-11-28 Hayes, Bill (Bill Hayes owh com) (1 replies) The Trend Micro blog reported today that three exploits have been released and outlined the following illustrated scenario for QuickTime exploitation: "The attacker executes the exploit on his/her own computer, listening on port 554 (port 554 - default port for RTSP protocol). The attacker's mach [ more ] [ reply ] QuickTime exploited by media-handling flaw 2007-11-27 Todd Woodward (todd_woodward symantec com) (1 replies) "A Polish researcher published on Friday exploit code for a previously unknown vulnerability in Apple's QuickTime media player, which can be triggered by a call to a real-time streaming server..." Read the rest here: http://www.securityfocus.com/brief/633 Also see: http://www.securityfocus.com/b [ more ] [ reply ] RE: QuickTime exploited by media-handling flaw 2007-11-28 Todd Woodward (todd_woodward symantec com) (1 replies) RE: QuickTime exploited by media-handling flaw 2007-11-28 Todd Woodward (todd_woodward symantec com) iChat 4 with OpenSSH Dynamic Proxy? 2007-11-26 Chris Adams (chris improbable org) Has anyone successfully used iChat 4 with the OpenSSH dynamic proxy mode? I've been attempting to use this to bypass a broken firewall config and it appears to be broken in 10.5. I haven't done this recently but it used to work in previous versions and all of the other apps which I've tried [ more ] [ reply ] New QuickTime (7.2, 7.3) RTSP Vulnerability 2007-11-25 Sûnnet Beskerming (info beskerming com) (1 replies) Hi List, I know it's slightly poor form to point at your own site for reference material, but there isn't much else out there at the moment about the new(-ish looking) RTSP vulnerability in Quicktime 7.2 and 7.3 (at least) on Windows, complete with exploits. Nice timing of the hackers who fo [ more ] [ reply ] RE: New QuickTime (7.2, 7.3) RTSP Vulnerability 2007-11-25 Todd Woodward (todd_woodward symantec com) iPhone virus or spyware "80-90% likely", says security expert 2007-11-23 Todd Woodward (todd_woodward symantec com) (1 replies) Quoting F-Secure Security Labs' Security Response Manager, Runald, APC Magazine reports that "[It's] only a matter of time before malicious software targets the iPhone, which could trigger a wave of mobile malware - with made-for-Mac viruses, spyware and more all soon to follow." Full article here: [ more ] [ reply ] Re: iPhone virus or spyware "80-90% likely", says security expert 2007-11-23 Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (1 replies) RE: iPhone virus or spyware "80-90% likely", says security expert 2007-11-24 David Harley (david a harley gmail com) Heise warns of flaw in Apple Mail 2007-11-20 Michael Dalling (mtdalling gmail com) (1 replies) "The bug in Apple Mail makes it possible for attackers to run malicious code on a victim's machine by disguising an executable program as an image or other type of innocuous file, said Juergen Schmidt, editor-in-chief at Heise Security. A user can become infected simply by clicking on an attachm [ more ] [ reply ] Re: Heise warns of flaw in Apple Mail 2007-11-21 Indy (ind cca smith gmail com) (1 replies) Re: Heise warns of flaw in Apple Mail 2007-11-21 Derek Chesterfield (dez mac com) (1 replies) Re: Heise warns of flaw in Apple Mail 2007-11-21 Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (1 replies) Re: Good Mac Specific Security & Enterprise Blogs & Websites? 2007-11-20 kirkmc mac com (1 replies) Intego has a blog with lots of useful info: http://blog.intego.com Kirk Author of: The Mac OS X Command Line: Unix Under the Hood http://www.mcelhearn.com/unix.html - - - - - - Read my blog: Kir [ more ] [ reply ] RE: Good Mac Specific Security & Enterprise Blogs & Websites? 2007-11-20 David Harley (david a harley gmail com) Good Mac Specific Security & Enterprise Blogs & Websites? 2007-11-19 Todd Woodward (todd_woodward symantec com) I've been compiling a list of websites and blogs that I frequently visit for "Macs in the enterprise" or "Mac security" specific news, information and analysis. Although this is no official endorsement on behalf of Symantec, in my personal capacity I would like to start off by suggesting a blog tha [ more ] [ reply ] |
Privacy Statement |
http://isc.sans.org/diary.html?storyid=3690
--
Joel Esler
http://www.joelesler.net
The Trend Micro blog reported today that three exploits have been
released and outlined the following illustrated scenario for QuickTime
exploitation:
"The attacker executes the exploit on his/
[ more ] [ reply ]