Vuln Dev Mode:
(Page 22 of 75)  < Prev  17 18 19 20 21 22 23 24 25 26 27  Next >
How to trigger the bug in Adobe Acrobat Reader for Unix 2005-07-11
Martin Bernhard (woas_nix gmx net)
Hi list,

Does anyone know how to trigger the bug in Adobe Acrobat Reader for
Unix? I'm currently preparing a presentation on client-side vulnerabilites
and thought this weakness serves as a good example for Linux operating
systems.

thanks in advance
Martin

--
5 GB Mailbox, 50 FreeSMS http://www

[ more ]  [ reply ]
USENIX Security Symposium, July 31, Baltimore, Maryland, USA 2005-07-08
Peter Mui (pmui usenix org)
=================================================
(EARLY BIRD REGISTRATION ENDS July 11 -- Register Now!!)
(JUST ADDED: Panels on National Identity Cards and Packet Sniffing at
Conferences)

Register for the 14th USENIX Security Symposium July 31-August 5,
2005, Baltimore, MD

It happens here first

[ more ]  [ reply ]
ToorCon 2005 Call for Papers 2005-07-07
h1kari (at) toorcon (dot) org [email concealed] (h1kari toorcon org)
TOORCON 2005 CALL FOR PAPERS - issued July 7th 2005

Papers and presentations are being accepted for ToorCon 2005 to be held
at the Convention Center in San Diego, CA on September 24th-26th. Please
email your submissions to cfp (at) toorcon (dot) org [email concealed], submissions will be accepted
until August 15th 2005.

AB

[ more ]  [ reply ]
CSR: Exploitation Challenge 2005-07-07
Steven Hill (steve covertsystems org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

***Exploitation Challenge***

Covertsystems Research is seeking submissions for the successful
exploitation of a 2.6.x kernel based standard TCP/IP server...

http://www.covertsystems.org/challenges/csr-inject_v1.tgz

The server is a typical TCP/IP se

[ more ]  [ reply ]
Re: Exploit development in Per 2005-07-01
Marco Ivaldi (raptor 0xdeadbeef info)
> I am searching for some papers and helpful stuff (all I can get) about
> exploit coding in Perl.

Hey vuln-dev,

First of all, sorry for the extremely late reply: i've been far from the
Internet for a couple of weeks...

Amongst other stuff, you can find some basic examples of exploits written
in

[ more ]  [ reply ]
Call for Paritipation: C.I.P.H.E.R Contest 2005-06-29
Maximillian Dornseif (dornseif informatik rwth-aachen de)
We are organizing an CTF-alike contest which might be of interest to
the readers of this group:

http://lufgi4.informatik.rwth-aachen.de/news/show/31

RWTH hosts international contest on IT-Security
The Laboratory for Dependable Distributed Systems at RWTH Aachen,
headed by Prof. Dr. Felix Freilin

[ more ]  [ reply ]
PocketPC exploitation 2005-06-24
Jerome Athias (jerome athias free fr)
Hi there,

i would like to know if some of you have experience with exploitation of
PocketPCs and could give me some ways and tools (debugger...).
since some vulns come ( http://www.securityfocus.com/bid/13807 )
I know that writing a DLL (Fuser) is quite easy with eVC++ (Embedded), so a
"download

[ more ]  [ reply ]
Re: tools for searching potential BO in binary code 2005-06-24
Jeremy Richards (dyngnosis gmail com)
I am currently in talks with Security Innovation about doing a product
review on their flagship product called Holodeck Enterpries Edition.
It is an interesting product that sets up a layer between defined APIs
(your strcpy's, etc) and lets you inject at will...

There is a review of a trial versio

[ more ]  [ reply ]
exploiting/debuggin SetUnhandledException filter 2005-06-20
RaMatkal hotmail com
Hi,

I am working on a Win heap overflow that gives me control of eax and ecx and hence allows me to write a double word of memory to an arbitrary location...

I overwrite the SetUnhandledException filter with an address that will bounce me back to my shellcode.

the only problem is, that the unhand

[ more ]  [ reply ]
Black Hat Briefings Announcements 2005-06-17
Jeff Moss (jmoss blackhat com)
Hey VulDev,

I just wanted to let you know we got some new content on-line as well as a reminder about upcoming registration deadlines. Hope to see you there!

REMINDER: Register before July 1st to take advantage of the earlier pricing!
http://www.blackhat.com/html/bh-usa-05/bh-usa-05-index.html

S

[ more ]  [ reply ]
[Fwd: RE: the possibility of jumping back to code in an exploited program] 2005-06-16
Jonathon Giffin (giffin cs wisc edu)
Jonas Yorg wrote:
> So I heard somewhere once that supposedly a buffer-overflowing program
> can jump back into the code it's exploiting in order to call some
> system call (after setting up the appropriate stack/register
> environment I would suppose). I think that whoever I read heard from
> was m

[ more ]  [ reply ]
RE: tools for searching potential BO in binary code 2005-06-15
Syversen, Jason M (US SSA) (jason syversen baesystems com) (1 replies)
As mentioned below Bugscan was sold to LogicLibrary and is not called
LogicScan. They are not selling Icebox as a product but they are selling
Inspector, which is kind of an integrator for Ollydbg and IDA Pro with
some plugins. Like Bugscan, really not cheap though. Halvar Flake will
have something

[ more ]  [ reply ]
Re: tools for searching potential BO in binary code 2005-06-19
Aviram Jenik (aviram beyondsecurity com)
the possibility of jumping back to code in an exploited program 2005-06-15
Jonas Yorg (jonasyorg gmail com) (1 replies)
So I heard somewhere once that supposedly a buffer-overflowing program
can jump back into the code it's exploiting in order to call some
system call (after setting up the appropriate stack/register
environment I would suppose). I think that whoever I read heard from
was maybe thinking of return to l

[ more ]  [ reply ]
RE: the possibility of jumping back to code in an exploited program 2005-06-16
Omar Herrera (oherrera prodigy net mx)
RE: Exploit development in Per 2005-06-13
Altheide, Cory B. (IARC) (AltheideC nv doe gov)
> -----Original Message-----
> From: Julian Schweizer [mailto:julianschweizer (at) yahoo (dot) de [email concealed]]
> Sent: Monday, June 13, 2005 7:30 AM
> To: vuln-dev (at) securityfocus (dot) com [email concealed]
> Subject: Exploit development in Per
>
> Hi,
>
> I am searching for some papers and helpful stuff (all I can
> get) about exploit coding

[ more ]  [ reply ]
RE: tools for searching potential BO in binary code 2005-06-13
Kyle Quest (Kyle Quest networkengines com)
It all depends on how much money you are
willing to pay. There was something called Bugscan
and it was definitely not cheap from what i understand.
The program was originally developed
by the company called HBGary (the name
Greg Hoglund should ring the bell :-] ).
It seems like it was spun off into

[ more ]  [ reply ]
Exploit development in Per 2005-06-13
Julian Schweizer (julianschweizer yahoo de) (1 replies)
Hi,

I am searching for some papers and helpful stuff (all I can get) about
exploit coding in Perl.

Would you please recommend something??

Thanks,

Julian

___________________________________________________________
Gesendet von Yahoo! Mail - Jetzt mit 1GB S

[ more ]  [ reply ]
Re: Exploit development in Per 2005-06-14
Ricardo Abraham Aréchiga Cervantes (rabrahamac gmail com)
reconsidering physical security: pod slurping 2005-06-13
Abe Usher (abe usher sharp-ideas net)
pod slurping
------------

I've written a report that explores an idea that has been known by the
security community for decades: physical security is important to
information system security.

A year ago a report was published by the Gartner Group warning that
iPods <http://www.apple.com/ipod/>

[ more ]  [ reply ]
New IE6 security hole 2005-06-08
Development SeniorenNet (development seniorennet be) (1 replies)
Hi,

I discovered a NEW security hole / exploit in IE6 with SP2 and all the
latest security patches.

Overview of the exploit:

a.. Bug for all Microsoft Internet Explorer users
b.. Can be abused by hackers to run harmful JavaScript code and can be
abused to mislead existing protection aga

[ more ]  [ reply ]
Re: New IE6 security hole 2005-06-10
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net)
Local Overflow Vulnerability in MS Outlook 2000....right or wrong, donno :-) 2005-06-07
dgr8hunt (dhruv_ymca yahoo com)
heya,
Last night I thought to play a bit with Outlook. So
started flooding
the To: field in outlook 2000. It can take upto a max
of 62000 alphabets
as input, and when I tried only with around 30000
alphabets it was
crashing the box. I thought it as some machine
specific problem so tried
the same

[ more ]  [ reply ]
tools for searching potential BO in binary code 2005-06-01
Nix Yog (yognix gmail com)
hi all,
something like bugscam, but more functional?

[ more ]  [ reply ]
Citrix security contact 2005-05-27
Eyal Udassin (eyal swiftcoders com) (1 replies)
Hello,

I'm looking for a security contact at Citrix. Anyone?

Thanks,

Eyal Udassin - Swift Coders
POB 1596 Ramat Hasharon, 47114
972+547-684989
eyal (at) swiftcoders (dot) com [email concealed]

[ more ]  [ reply ]
Re: Citrix security contact 2005-05-27
Scott Robinson (scott tranzoa com)
Re: AlphaNumeric Exploitation Help 2005-05-26
6d79676d61696c6163636f756e74 gmail com
In-Reply-To: <20050526113825.537.qmail (at) www.securityfocus (dot) com [email concealed]>

read this:
http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027147.h
tml
=======================
void Encode2AlnumUsage()
{
fprintf(stderr, ENC2ALNUM_COPYRIGHT);
fprintf(stderr, "ERROR in Encode2Alnum (invalid input_reg)\

[ more ]  [ reply ]
RE: AlphaNumeric Exploitation Help 2005-05-26
Stejerean, Cosmin (cstejere cs depaul edu)
Here are some ideas that I have read about but never tested, although they
might be worth exploring.

If you know the offset of your jmp instruction you might be able to get away
with adding or subtracting from it to get the value you need.

You can also try an ASCII shellcode encoder such as the on

[ more ]  [ reply ]
(Page 22 of 75)  < Prev  17 18 19 20 21 22 23 24 25 26 27  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus