Vuln Dev Mode:
(Page 21 of 75)  < Prev  16 17 18 19 20 21 22 23 24 25 26  Next >
Re: "tinyurl" url masking 2005-09-13
Lincoln Yeoh (lyeoh pop jaring my)

>Which shows that Gmail (which I use to write this email) is badly
>designed, logout should be used via a POST only...

Well I prefer to use url/form "signing" for certain actions in some of my

Fake example:

[ more ]  [ reply ]
Re: [framework] Help whit EXITFUNC 2005-09-12
mmiller hick org
On Mon, Sep 12, 2005 at 02:06:30PM -0400, Hugo Vinicius Garcia Razera wrote:
> Hi every one, I would like to now if any one can help me whit this little
> problem.
> I'm trying to use the win32_bind shell code that come whit the metasploit
> Framework in one exploit that I'm writing in c++

[ more ]  [ reply ]
"tinyurl" url masking 2005-09-10
Lincoln Yeoh (lyeoh pop jaring my) (1 replies)

A number of sites allow minimally controlled 3rd parties to post links to
images which other 3rd parties can view, and the only filtering used is
some pattern matching to ensure that a url has the "correct" extension.

However such filtering has problems if the "image" url actuall

[ more ]  [ reply ]
Re: "tinyurl" url masking 2005-09-12
Laurian Gridinoc (laurian gmail com)
Snort <= 2.4.0 SACK TCP Option Error Handling 2005-09-11
"A. Alejandro Hernández" (nitrous vulnfact com)

Snort <= 2.4.0 SACK TCP Option Error Handling

Package: Snort 2.4.0 (And previous versions)
Vendor url:
Class: Error Handling Exceptional Conditions
Risk: High
Credits: A. Alejandro Hernández Hernández
Contact: nitrous[at]vulnfact[dot]com

Snort is an open sour

[ more ]  [ reply ]
MS05-039 2005-09-09
A A (hd78432 yahoo com) (2 replies)
The HOD exploit for ms05-39 has been tested on windows
2000 sp4. Based upon the comments in the machine code
for the rpc call I am assuming the return address for
the buffer overflow to be 0x767a1567. Is this memory
address the return address for the buffer overflow?

If it is the case that thi

[ more ]  [ reply ]
Re: MS05-039 2005-09-13
A A (hd78432 yahoo com)
RE: MS05-039 2005-09-12
Ben Nagy (ben iagu net)
Re: Linux free software auditing 2005-09-02
Mauro Flores (almauri cs com uy)
Ups! Now I'm reading the second part of your mail (sorry, I'm doing
multitasking here :).
I don't know any good tool to analyze software security, when I have to
do that kind of work I basically do this:
- Build a fast schema of the objects/functions dependencies and
functionalities identifien the

[ more ]  [ reply ]
Re: Linux free software auditing 2005-09-02
Mauro Flores (almauri cs com uy)
This was published by CERT. I sometimes uses it as a guideline.

regards, Mauro Flores

On Wed, 2005-08-31 at 12:52 +0000, anceky (at) (dot) br [email concealed] wrote:
> Can anyone tell me some references (sites, articles) about Linux free software auditing ?
> I need

[ more ]  [ reply ]
Re: Linux free software auditing 2005-09-02
Mauro Flores (almauri cs com uy)
You can use Bastille linux as a security auditing tool. Use the -a
You can also take a look at,
but above all, found a person that knows Linux Security. The tools are
just a help and can't replace human knowledge :)

regards, Mauro Flores

On Wed, 2

[ more ]  [ reply ]
RE: Linux free software auditing 2005-09-01
Ronen Gottlib (ronen xpert com)

You can check the Center for Internet Security,

They have great benchmarks/tools, among them for Linux too.


CIS_RHLinux_Benchmark_v1.0.3.pdf - the Benchmark document contains detailed
instructions for implementing the steps necessary for CIS Level-I security

[ more ]  [ reply ]
Linux free software auditing 2005-09-06
luka.research (luka research gmail com)
look here...


[ more ]  [ reply ]
Xcon2005 papers released 2005-08-29
alert7 (alert7 xfocus org)
hi all:

Xcon2005 closed successful on Aug 20th, 2005

Those papers released in
Chinese version papers in

Hacking Windows CE..............................................-- by San
Windows Kernel Pool Overflow Exploitation ......................-- by

[ more ]  [ reply ]
Windows Multi-Languages OPcodes DB 2005-08-26
Jerome Athias (jerome athias free fr) (2 replies)

as you probably all know, Windows DLLs have different base addresses
across Windows/SP/languages
so i think it could be usefull to try to build a multi-lang opcodes
database, isn't it?
so, i have done VERY QUICKLY a little package based on a .BAT and some
tools :

Files included in the package

[ more ]  [ reply ]
help with EXITFUNC 2005-09-12
Hugo Vinicius Garcia Razera (hviniciusg gmail com)
Re: Windows Multi-Languages OPcodes DB 2005-08-28
Michael Boman (michael boman gmail com)
22nd Chaos Communication Congress 2005: Call for Papers 2005-08-26
fukami (fukami berlin ccc de)
Call for Papers

22C3 - Private Investigations
22nd Chaos Communication Congress
December 27th to 30th, 2005
Berlin, Germany


The 22nd Chaos Communication Congress (22C3) is a four-day conference on
technology, society and utopia. The Congress o

[ more ]  [ reply ]
rm fileutils Segmentation fault 2005-08-26
Carlos Carvalho (h4sh globo com)
Yesterday while trying another vuln i`ve got SIGSEGV from rm (fileutils)
4.1 while
trying to rm`ing a huge directory tree. I haven`t seen an advisory like
this before so i released it that can be found at:

Best regards.

[ more ]  [ reply ]
osx bugs in realplayer, grapher, and garage band 2005-08-25
new security gmail com
a couple of bugs i found in os x applications:

real player for os x:
realplayer's proxy preference contains an overflow when filled with a
large string of characters.
gdb output:
Program received signal EXC_BAD_ACCESS, Could not access memory.

[ more ]  [ reply ]
ToorCon 7 Lineup Finalized & Pre-Registration Ending 2005-08-20
h1kari (at) toorcon (dot) org [email concealed] (h1kari toorcon org)

ToorCon 7 has finalized its speaker lineup with over 30 talks spanned
across 2 days. ToorCon will be taking place this year at the San Diego
Convention Center on September 16th-18th.

ToorCon is just around the corner again this ye

[ more ]  [ reply ]
Exploiting heap overflows on XP SP2 2005-08-18
nicolas falliere gmail com

I describe a new way to exploit heap-based buffer overflows in the following paper:

Basically, one can use critical section related linking structures stored on the process?s default heap to produce a n*4-byte

[ more ]  [ reply ]
Advice On FireFox Bug 2005-07-30
John Cobb (johnc nobytes com) (1 replies)
Hello All,

After the recent increase of Internet Browser exploits I couldn't help but
give it a quick play.
After a bit of playing I found a bug with the latest version of FireFox
which seems to work on Win2K & WinXP.

I believe the bug to be with one of the plugins but since im not a

[ more ]  [ reply ]
Re: Advice On FireFox Bug 2005-08-01
Michal Zalewski (lcamtuf dione ids pl)
font book crash os x 2005-07-31
new security gmail com
font book allows users to add new "collections" of fonts with a name of thier choice. When the name of the collection is a very very very large string of characters it crashes. here is the gdb output:
(gdb) run
Starting program: /Applica

[ more ]  [ reply ]
CSR: challenge update... 2005-07-23
Steven Hill (steve covertsystems org)
Hash: SHA1

***Exploitation Challenge***

Submissions for the CSR challenge have trickled in, one by one.

With some submissions containing a satisfactory exploit that meet
the demands for successful exploitation of csr-inject_v1.tgz ...

It appears that a rando

[ more ]  [ reply ]
Re: CSR: Exploitation Challenge 2005-07-20
supers0nic redwhitearmy com
Is it really possible? I compiled it, and for ex, looking for the address of printf. However gdb said:

gdb> p printf
$2 = {<text variable, no debug info>} 0xb7e93758 <printf>

actually its address varies according to the application even if it's dynamically linked. Or am I missing a point

[ more ]  [ reply ]
Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2 2005-07-15
SPI Labs (spilabs spidynamics com)
Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2

Release Date: July 15 2005
Severity: Medium

A vulnerability has been discovered in Sybase EAServer. If exploited,
this can result in
user-specified code being executed under the

[ more ]  [ reply ]
ASP.NET RCP/Encoded Web service DOS 2005-07-11
SPI Labs (spilabs spidynamics com)
ASP.NET RCP/Encoded Web service DOS

Release Date: July 11, 2005
Severity: High

[System Affected]
* IIS Servers exposing ASP.NET Web services that consume arrays in
RCP/Encoded mode
* Applications using System.Xml.Serialization to consume un

[ more ]  [ reply ]
PacSec/core05 Call For Papers 2005-07-12
Dragos Ruiu (dr kyx net)

English url:
Japanese url:


World Security Pros To Converge on Japan November 15/16

TOKYO, Japan -- To address the increasing importance of information
security in Japan, the b

[ more ]  [ reply ]
(Page 21 of 75)  < Prev  16 17 18 19 20 21 22 23 24 25 26  Next >


Privacy Statement
Copyright 2010, SecurityFocus