Vuln Dev Mode:
(Page 26 of 75)  < Prev  21 22 23 24 25 26 27 28 29 30 31  Next >
HKLM locking 2005-01-26
Vladimir Kraljevic (vladimir_kraljevic yahoo com)
Dear list,

please inspect the following, your input is welcome. Vendors (Microsoft
and unspecified AV company) are contacted two months ago, I'm not
satisfied with their response and here is the post.
Someone from Microsoft told me that because the code needs to be
executed locally on the machine i

[ more ]  [ reply ]
Security of osCommerce 2005-01-18
Joel Merrick (joel servicestyle com)
Hi,

I'm wondering if anyone can tell me about the current security status of
the MS2.2 release of osCommerce?

I understand that there have been XSS vulnerabilities and DOS exploits,
heve these been fixed in the MS2.2 downloadable from the site?

Any help appreciated, the forums deleted my post bec

[ more ]  [ reply ]
Run-time errors and JIT debuggers 2005-01-08
EvilPacket (evilpacket gmail com)
Greetings,

I am curious to know if there is a way to force a windows program that
crashes with a Run-time error, off to a JIT debugger. The situation is
I can consitantly provide a specific application with a certain string
and cause it to crash with a Run-time error (either 5, 13 or 91). (as
soon

[ more ]  [ reply ]
NetDDE 2005-01-07
wastedimage (wastedimage gmail com)
Can anyone give me insight/help/links into decoding the NetDDE
protocol? I'm trying to figure out all the details of this
vulnerability.

Thanks,
image

[ more ]  [ reply ]
Contest for a trip to CanSecWest/core05 2005-01-05
Philippe Biondi (phil secdev org)
Hi,

Moderators, if you think this can interest the list, CSW05 organisers and
the french magazine MISC are offering a trip to CSW05. Details follow.

---------------8<--------------------------------------------

CanSecWest/core05 - MISC Magazine

Win a trip to attend CanSecWest/core05.

Conte

[ more ]  [ reply ]
ndisasm bad opcodes interpretation 2005-01-07
shadown (shadown gmail com) (2 replies)
Hi,

not a vulnerability but could be a headache while reverse ingineering
or binary auditing/interpreting, etc. (ok anything related with
disassembling)
get wrong values.

shadown@twister:/tmp$ ndisasm -b32 salida
00000000 49 dec ecx
00000001 6E outsb
00000002 7465 jz 0x69
00000004 6C insb
00000005

[ more ]  [ reply ]
Re: ndisasm bad opcodes interpretation 2005-01-07
shadown (shadown gmail com)
Re: ndisasm bad opcodes interpretation 2005-01-07
Dave Korn (davek_throwaway hotmail com)
RE: [Full-Disclosure] Multiple Backdoors found in eEye Products (IRISand SecureIIS) 2004-12-30
Marc Maiffret (mmaiffret eeye com)
Hi Lance Gusto,

It is really interesting that someone with such a disdain for my company
would go out of their way to spam out an email about a supposed backdoor
within our products, choose not to contact us ahead of time, and then
provide no real details to prove your claim... Ahhh but wait, you c

[ more ]  [ reply ]
Multiple Backdoors found in eEye Products (IRIS and SecureIIS) 2004-12-29
Lance Gusto (thegusto22 hotmail com)
Multiple Backdoors found in eEye Products (IRIS and SecureIIS)
L. Gusto <thegusto22 (at) hotmail (dot) com [email concealed]>

Summary:

During meticulous testing of both eEye's IRIS and SecureIIS products,
we (my testing team) have discovered multiple backdoors in the latest of
both mentioned products and some older versions

[ more ]  [ reply ]
WacthGuard Firebox -- Crash 2004-12-27
Jiju Susmer (jijususmer yahoo com) (1 replies)
Hi,

I am providing remote support for few watchguard
FireBox III's. For last few weeks on a regular basis
I'm getting the following errors logged.

12/23/04 08:53:40 fail-over-standby[86] error getting
/proc/net/mpfstats
12/23/04 08:53:40 fail-over-standby[86] error opening
/ptmp/mpfstats

somtimes

[ more ]  [ reply ]
Re: WacthGuard Firebox -- Crash 2004-12-30
xyberpix (xyberpix xyberpix com)
Re: Exploiting network services question 2004-12-21
just-a-nick gmx net (1 replies)
James Longstreet wrote:
> On Mon, 13 Dec 2004 just-a-nick (at) gmx (dot) net [email concealed] wrote:
>
>
>>I have a question regarding the exploitation of network services.
>>If I send the following string to a service
>>
>>["A"x78]["abcd"][junk - up to 430 bytes]

> I'm not sure I understand your question. Does the value you

[ more ]  [ reply ]
Re: Exploiting network services question 2004-12-24
James Longstreet (jlongs2 uic edu)
Re: Exploiting network services question 2004-12-19
James Longstreet (jlongs2 uic edu)
On Mon, 13 Dec 2004 just-a-nick (at) gmx (dot) net [email concealed] wrote:

> I have a question regarding the exploitation of network services.
> If I send the following string to a service
>
> ["A"x78]["abcd"][junk - up to 430 bytes]
>
> I can control eip with "abcd". How can I exploit this? Is there a good
> tutorial that I

[ more ]  [ reply ]
HyperTerminal - Buffer Overflow In .ht File 2004-12-14
Brett Moore (brett moore security-assessment com)
========================================================================

= HyperTerminal - Buffer Overflow In .ht File
=
= MS Bulletin posted:
= http://www.microsoft.com/technet/security/bulletin/MS04-043.mspx
=
= Affected Software:
= Microsoft Windows NT Server 4.0 SP 6a
= Microsoft Win

[ more ]  [ reply ]
Re: Exploiting network services question 2004-12-13
Vade 79 (v9 fakehalo deadpig org)
In-Reply-To: <5495.1102965153 (at) www20.gmx (dot) net [email concealed]>

>Hi everyone,

>

>I have a question regarding the exploitation of network services.

>If I send the following string to a service

>

>["A"x78]["abcd"][junk - up to 430 bytes]

>

>I can control eip with "abcd". How can I exploit this? Is there a good

[ more ]  [ reply ]
Exploiting network services question 2004-12-13
just-a-nick gmx net
Hi everyone,

I have a question regarding the exploitation of network services.
If I send the following string to a service

["A"x78]["abcd"][junk - up to 430 bytes]

I can control eip with "abcd". How can I exploit this? Is there a good
tutorial that I should read? Unfortunately I did not find anyt

[ more ]  [ reply ]
MS IE User's Authentication Details (userid/password) Sharing Issue 2004-12-12
Debasis Mohanty (mail hackingspirits com)
I would like to highlight an issue with IE which I have verified with
Microsoft before posting it here. This issue of IE has got very limited
security implications. I have also included the reply from Microsoft in this
post for reference.

The details of this IE issue can be found below:

Microsof

[ more ]  [ reply ]
Enemy of the State (breaking Stateful Inspection based fw's) 2004-12-11
J. Oquendo (sil infiltrated net)

Conceptual, theoretical, proof of concept thought on breaking Stateful
Inspection based failover firewall sessions. Still working on this, and
will re-do the wording when I have some free downtime but thought others
would like to get an idea of how it might/can be broken...

http://www.infiltrated.

[ more ]  [ reply ]
RE: trusted solaris pen testing 2004-12-06
Clemens, Dan (Dan Clemens healthsouth com)


>There are two possibilities: either find out the trusted hosts, and take

>their IP (DoS that box first) or go for the spoofing idea.

>Spoofing is hard, especially on a switched network. I currently don't

>know of any pre-written source that does this well. (I'm currently in

>the proc

[ more ]  [ reply ]
Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ] 2004-12-06
Brett Moore (brett moore security-assessment com)
Quick update on the winamp issue.

A new version 5.07 has been released and includes a fix for
the buffer overflow in the IN_CDDA.dll module.

Change Log
http://www.winamp.com/player/version_history.php

New Release
http://www.winamp.com/player/

Regards

Brett Moore
Network Intrusion Specialist, CT

[ more ]  [ reply ]
RE: IRFTP possible woes 2004-12-03
Brewis, Mark (mark brewis eds com)
Hi,

See: Infrared Vulns on laptops
http://www.securityfocus.com/archive/101/333323/2003-08-08/2003-08-14/1
for a previous discussion on this.

As a means of hacking, IR has some serious limitations.

<SNIP>

>>[RECENTLY] I ran across what I believe is an irftp based worm. While
>>cleaning two lap

[ more ]  [ reply ]
(Page 26 of 75)  < Prev  21 22 23 24 25 26 27 28 29 30 31  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus