Vuln Dev Mode:
(Page 33 of 75)  < Prev  28 29 30 31 32 33 34 35 36 37 38  Next >
FW: Returned post for vuln-dev (at) securityfocus (dot) com [email concealed] 2004-06-01
josh gilmour (joshg conqwest com)
I sent it to bugtraq...
>>>>> -------------------- >>>>>
Since there are no direct security consequences here, this probably needs
some further analysis so I am going to reject it. Vuln-Dev
(vuln-dev (at) securityfocus (dot) com [email concealed]) is a suitable forum for this post and I
encourage you to post it there.
<<<<< --

[ more ]  [ reply ]
Bypassing "smart" IDSes with misdirected frames? (long and boring) 2004-05-27
Michal Zalewski (lcamtuf ghettot org) (4 replies)
Morning,

I have a question regarding smart IDS or IPS systems (either working in
parallel mode, or, in some cases, as an in-line bridge - but not as a
gateway). The question is a result of a thought experiment, and perhaps is
worth some further research, for which I regrettably do not have time at

[ more ]  [ reply ]
Re: Bypassing "smart" IDSes with misdirected frames? (long and boring) 2004-05-28
Jim Bauer (jfbauer nfr com) (2 replies)
Re: Bypassing "smart" IDSes with misdirected frames? (long and boring) 2004-05-28
Oliver Friedrichs (oliver_friedrichs symantec com) (1 replies)
!! Conference Program Computer Security Mexico 2004 !! 2004-05-23
Seguridad en Computo - UNAM (seguridad seguridad unam mx)
-----BEGIN PGP SIGNED MESSAGE-----

========================================================================

Computer Security Mexico 2004
"10th Years celebrating Computer Security Mexico"

Antiguo Colegio de San Ildefonso
May

[ more ]  [ reply ]
Re: [Format String vulnerabilities] 2004-05-23
DownBload (downbload hotmail com)
In-Reply-To: <200405221248.i4MCmwxO081759 (at) mailserver1.hushmail (dot) com [email concealed]>

If you wanna reach your input (AAAA), you must pad stack with few %x, or use direct access with %N$x (N is number for element location in memory).

Example:

[root@laptop TEST]# ./fmt "AAAA%x.%x.%x.%x.%x"

AAAAbffffbbb.400.0

[ more ]  [ reply ]
[Format String vulnerabilities] 2004-05-22
auto198368 hushmail com (2 replies)
Hello vuln-dev,
Query regarding format string vulnerabilities..

The majority of tutorials give an example of the following form:

(taken from NN-formats.txt [NOP Ninjas - Format String Technique])
fmt1.c ----------------------------------------------------

int main(int argc, char *argv[]) {
c

[ more ]  [ reply ]
Re: [Format String vulnerabilities] 2004-05-28
Gerardo Richarte (gera corest com) (1 replies)
RE: [Format String vulnerabilities] 2004-05-29
Chris Eagle (cseagle redshift com)
Re: [Format String vulnerabilities] 2004-05-28
Frank Knobbe (frank knobbe us)
Re: Stealing NT passwords through WiFi? 2004-05-19
Ugen (ugen xonix com)
hypronix wrote:

> But that requires the user to either have his TCP/IP protocol enabled
> by default in the WiFi card settings [in which case Win will
> automatically try to connect to any and all APs it finds] or to have
> the network in his/her Preferred Networks list to automatically join.
>

[ more ]  [ reply ]
Stealing NT passwords through WiFi? 2004-05-19
Ugen (ugen xonix com) (1 replies)
Microsoft supplicant for wireless connections supports either TLS
(certificate)
or PEAP using MS-CHAP v1. and v2. as modes of authentication. When using
PEAP/MS-CHAP, it is designed to use regular NT login credentials.
In various organizations the latter is being chosen as a de-facto
standard due

[ more ]  [ reply ]
Re: Stealing NT passwords through WiFi? 2004-05-20
3APA3A (3APA3A SECURITY NNOV RU) (1 replies)
Re: Stealing NT passwords through WiFi? 2004-05-20
Ugen (ugen xonix com) (1 replies)
Re[2]: Stealing NT passwords through WiFi? 2004-05-20
3APA3A (3APA3A SECURITY NNOV RU)
Re: IE Crash - Anyone Seen This Before? 2004-05-15
Nick Benson (cryptic_mauler linuxmail org) (2 replies)
Windows 2000 Professional
Internet Explorer
Version : 6.0.2800.1106
Update Versions: SP1, Q832894, Q330994, Q837009, Q831167

It crashs on that. I had some friends with XP test and for some it didnt crash them.

--
______________________________________________
Check out the latest SMS services @ h

[ more ]  [ reply ]
Re: IE Crash - Anyone Seen This Before? 2004-05-16
Berend-Jan Wever (SkyLined edup tudelft nl)
Re: IE Crash - Anyone Seen This Before? 2004-05-15
Adam [Onet] (silentsupporter poczta onet pl)
IE Crash - Anyone Seen This Before? 2004-05-14
Nick Benson (cryptic_mauler linuxmail org) (1 replies)
<script type="text/javascript">
Wnd = window.createPopup();
Wnd.document.body.innerHTML='<meta http-equiv="imagetoolbar" content="no">';
</script>

It crashs the latest Internet Explorer with all patches. Dont see why it only seems to work with only that META tag. Has anyone seen this before wi

[ more ]  [ reply ]
Re: IE Crash - Anyone Seen This Before? 2004-05-15
xarabas (news_security_reader email it)
RE: unpacking UPX or PE-packed binaries 2004-05-10
Kayne Ian (Softlab) (Ian Kayne softlab co uk)
The problem with that process is that you're leaving yourself
open to self-modifying code. For example, if UPX stub unpacks
the rest of the worm, then the first call is to some self-
modifying/polymorphic code, you're at the worm's mercy. You're
also dumping a point-in-time image of the exe, not the

[ more ]  [ reply ]
Basic authentication with IIS 5, IE 6.0 on Windows 2000 serv 2004-05-07
Randhir Vayalambrone (vayalambrones yahoo com)
Anyone ever noticed this error message "The data area
passed to a system call is too small." with Microsoft
IIS when using Basic authentication? Here's some
details on how to reproduce this,

Operating system: Windows 2000 server, service pack4
(Running all the latest patches)
Software: Microsoft II

[ more ]  [ reply ]
(Page 33 of 75)  < Prev  28 29 30 31 32 33 34 35 36 37 38  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus