Vuln Dev Mode:
(Page 30 of 75)  < Prev  25 26 27 28 29 30 31 32 33 34 35  Next >
No body emails and Norton antivirus 2004-09-25
zerozero controcultura net
Hello,
we're getting reports from our customers about
Outlook + Norton Antivirus crashing on certain messages.
We tryed to track the problem down, and it seems like that
emails without body and without the \n separating the body
from the headers crashes them. We had not the time to track
the pro

[ more ]  [ reply ]
ALPHA2 C Source 2004-09-22
Berend-Jan Wever (skylined edup tudelft nl)
As promissed before, the C sources for ALPHA 2: Zero tolerance, a shellcode encoder that produces alphanumeric code, optionally uppercase-only and unicode-proof.

Happy hacking,
SkyLined

[ more ]  [ reply ]
Help on hardware flaws 2004-09-23
Suroop sum22+ (at) pitt (dot) edu [email concealed] (sum22+ pitt edu) (1 replies)
Hey, I needed some help for some research. Could anyone tell me where I can
get resources for
Someone taking advantage of a hardware flaw to breach the security of a
system. I can imagine that Router flaws can be one category. But any others?
Suroop

[ more ]  [ reply ]
Re: Help on hardware flaws 2004-09-26
GuidoZ (uberguidoz gmail com)
New XSS vulnerabilities in paFileDB 3.1 final 2004-09-22
alireza hassani (trueend5 yahoo com)
Another XSS Vulnerability has been found in paFileDB!

paFileDB is designed to allow webmasters have a
database of files for download on their site.

Vulnerable:

Software: email & category & file paFileDB modules

Just Tested on: paFileDB 3.1 Final , but likely works
on another versions.

Exploit

[ more ]  [ reply ]
Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products 2004-09-22
Mike Sues (msues rigelksecurity com)

Rigel Kent Security & Advisory Services Inc
http://www.rigelksecurity.com

Advisory # RK-001-04

Mike Sues
September 22, 2004

"Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Securit

[ more ]  [ reply ]
And More Advanced SQL Injection... 2004-09-20
Stefano Di Paola (stefano dipaola wisec it)
Good morning,
I'm proud to announce that a new White Paper has been released.
English version can be downloaded on : http://www.wisec.it/docs.php

Title:
"...and More Advanced Sql Injection
SiXSS, SiHRS and the Client Side SQL Injection"

Abstract:
How much a Sql Injection is a hard vulnerability?
I

[ more ]  [ reply ]
FreeBSD shellcode 2004-09-19
Joshua Davis (jdavis transient-iss com) (1 replies)

Hi. I developed some simple shellcode and sent it to my FreeBSD box along
with a custom format string to exploit Qpop 2.53. When the shellcode didn't
work and GDB reported 'illegal instruction', I compared and contrasted. To
my suprise, Qpop or FreeBSD had taken the bytes 0x80, 0x88, and 0x

[ more ]  [ reply ]
Re: FreeBSD shellcode 2004-09-21
Bruno Morisson (morisson genhex org)
Problem with keyboard forwarding to cmd.exe shellcode 2004-09-14
Berend-Jan Wever (skylined edup tudelft nl) (1 replies)
Hi guys,

I'm working on a "shellcode client" that'll forward I/O to a cmd.exe shellcode on a remote computer. I ran into two problems:
- To forward ^C and ^Z, I'm catching interrupt and terminal stop signals and send a 0x03 or 0x1A respectively. This doesn't seem to work: if you'd type "copy con fi

[ more ]  [ reply ]
More problems with handling remote cmd.exe shell 2004-09-21
Berend-Jan Wever (skylined edup tudelft nl)
Re: challenge 2004-09-14
Marco Ivaldi (raptor 0xdeadbeef info) (2 replies)
> Hopefully I shall get responses to this challenge,...

Hey fuzzy,

Find attached a working C exploit (with detailed comments) for your sample
vulnerable code.

Of course, it's possible to modify it to automagically get the needed
addresses. It should also be possible to use pipe() and write() t

[ more ]  [ reply ]
Re: challenge 2004-09-14
Marco Ivaldi (raptor 0xdeadbeef info)
Re: challenge 2004-09-14
Marco Ivaldi (raptor 0xdeadbeef info)
New Security paper released 2004-09-13
shadown (shadown gmail com)
Hi,

I've just released 'Win32 Stack BufferOverFlow Real Life Vuln-Dev
Process' paper.
Which covers the hole process of vuln-dev, from discovering the bug
till exploiting it.
You can download it from: http://hack3rs.org/~shadown/Twister/
I hope you'll enjoy it.
Cheers,
shadown
--
Ser

[ more ]  [ reply ]
Apache 1.3 2004-09-14
aley consolbyexpotel com (1 replies)
Anybody know of any code/tools to exploit the Apache chunking integer
overflow with Apache 1.3.9 on digital Unix? I'm looking for a bit of
assistance with a pen-test.

Regards,
Andy Ley

[ more ]  [ reply ]
Re: Apache 1.3 2004-09-14
Yves Younan (yyounan fort-knox org)
ALPHA 2: Zero-tolerance 2004-09-14
Berend-Jan Wever (skylined edup tudelft nl)
Hi all,

I'm proud to announce the upcoming release of a new version of ALPHA: "ALPHA 2: Zero-tolerance"
Like ALPHA, it is a shellcode encoder that outputs 100% alphanumeric code. In the new version a lot of the code has been improved and it can now output UNICODE-proof code too. As a pre-release te

[ more ]  [ reply ]
challenge 2004-09-11
fuzzy (at) bonbon (dot) net [email concealed] (fuzzy bonbon net)
//----=[ Challenge ]=----//

Having been with the vulndev mailing list for a while now without
seeing an exploit challenge, I thought I would offer one up for
the masses... However this vulnerability is simple in design yet
appears to be difficult to exploit in C...

I have supplied a working bash

[ more ]  [ reply ]
Cross-Site Scripting Vulnerability in Newtelligence DasBlog 2004-09-01
Dominick Baier (seclists leastprivilege com)
ERNW Security Advisory

Cross-Site Scripting Vulnerability in Newtelligence DasBlog

Author:
Dominick Baier <dbaier (at) ernw (dot) de [email concealed]>

1. Summary:
A XSS (Cross-Site-Scripting) Vulnerability in DasBlog's Event and Activity
Viewer allows to inject and execute code on the client's machine. This
allows an attac

[ more ]  [ reply ]
[SHATTER Team Security Alert] Multiple vulnerabilities in Oracle Database Server 2004-09-02
SHATTER (Application Security, Inc.) (vrathod appsecinc com)
AppSecInc Advisory: Multiple vulnerabilities in Oracle Database Server

Date:
August 31, 2004

Detailed Information Provided Online At:
http://www.appsecinc.com/resources/alerts/oracle/2004-0001/

Credit:
These vulnerabilities were researched and discovered by Cesar Cerrudo
and Esteban Martinez Fayo

[ more ]  [ reply ]
Open Source Vulnerability Database Opens Vendor Dictionary 2004-08-31
Jake (jkouns opensecurityfoundation org)
Open Source Vulnerability Database

Press release: 2004.08.31 2

Open Source Vulnerability Database Opens Vendor Dictionary

The Open Source Vulnerability Database, a project to catalog and describe the
world's security vulnerabilities, has expanded its offering and opened a vendor
dictionary that s

[ more ]  [ reply ]
ToorCon 2004 Pre-Registration Closing 2004-08-31
h1kari toorcon org
Hey everyone,

ToorCon is approaching fast this year and we wanted to make sure that all
of you know that we're trying hard to make ToorCon 6 the best ToorCon
yet. We're still in the process of finalizing our second keynote, but
otherwise the lineup is complete with over 30 talks this year! We just

[ more ]  [ reply ]
21st Chaos Communication Congress 2004: Call for Papers 2004-08-26
fukami (fukami c3d2 de)
21st Chaos Communication Congress 2004: Call for Papers
=======================================================

21C3 - 21st Chaos Communication Congress
"The Usual Suspects"
December 27th to 29th, 2004
Berliner Congress Center, Berlin, Germany

http://www.ccc.de/congress/2004/

Overview
--------

[ more ]  [ reply ]
app: protocol in Help Center and Support - allow run???!!!??? 2004-08-21
Bartosz Kwitkowski (bartosz wb pl)


In HCS is a protocol app: . When we use this protocol in HCS we can run local program without params.

EXAMPLE:

<a href="app:%WINDIR%\system32\cmd.exe"> calc </a>

Where we can find source of it?

C:\WINDOWS\PCHEALTH\HELPCTR\System\HomePage__DESKTOP.htm

Regards,

Bartosz

[ more ]  [ reply ]
[tool] (dum(b)ug) and ltrace for Windows 2004-08-22
FX (fx phenoelit de)
Finally released, the fully open source debugger core for Windows including a
ltrace for Windows implementation:
http://www.phenoelit.de/dumbug/

Enjoy,
FX

--
FX <fx (at) phenoelit (dot) de [email concealed]>
Phenoelit (http://www.phenoelit.de)
672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564

[ more ]  [ reply ]
GADU-GADU Instant messanger - long file name 2004-08-21
Bartosz Kwitkowski (bartosz wb pl) (1 replies)


Well, this thing is similar to vuln in IE.

We can create file with long name and remote user can notice only safe extension.

Example file name:

bartek2.jpg

[ more ]  [ reply ]
RE: GADU-GADU Instant messanger - long file name 2004-08-24
hilton de meillon (hiltond hotpop com)
GADU-GADU - long file name... part 2 2004-08-22
Bartosz Kwitkowski (bartosz wb pl)


I'd like to present next screenshot.

http://wb.pl/bartosz/gg/screengg2.jpg

This is view from remote computer - receiver.

Something about file name:

File name can't be too long because GG's server won't send it.

It can't be 255 chars, for sure. You have to find correct size of it.

A

[ more ]  [ reply ]
(Page 30 of 75)  < Prev  25 26 27 28 29 30 31 32 33 34 35  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus