Valdis,
> No, that's how to do it *hardline*. There's many in the
> security industry that will explain to you that it's also
> doing it *wrong*. Hint - the first time that HR sends out a
> posting about a 3-day window next week to change your
> insurance plan without penalty, signs it with
Good points, Valdis, but I think we know how to do this right: an
invalid/untrusted/unmatching certificate is not a cause for user-waivable
warning but
for a fatal you-shall-not-pass error. By allowing users to even go past the
warning
we're nurturing the automation of okaying such warning as we
Hi Jeff,
> I don't believe a PE/PE+ executable needs a DLL extension to
> be loaded by LoadLibrary and friends.
True, any file can be loaded this way, but our pretty extensive experimenting
showed
extremely few cases where legitimate applications (in this case mostly
installers)
loaded anythi
> Java updates bundle McAfee crap
> Adobe updates bundle toolbars
> Heck, even FoxIT Reader bundles Ask toolbar.
As an aside - Reading the name 'FoxIT reader' and can't help but wonder
- does it have anything to do with security company Fox-IT
https://www.fox-it.com/en/home ?
American express also utilizing case-insensitive password storing.
On 10/5/2011 11:55 PM, John Doe wrote:
http://qnrq.se/full-disclosure-american-express/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-chart
Hi Mikhail,
> Innovating hacks beyond and above "black
> hats" does not really help people being more secure.
Whether the first part of this statement was meant as a compliment or not, I
would
give black hats much more credit than that. Whatever we're able to find with our
small-scale effort, h
Hi Paul,
These two changes have been introduced earlier (sometime between April and
August).
We haven't noticed any mention of them in Microsoft's public documents.
Cheers,
Mitja
> -Original Message-
> From: paul.sz...@sydney.edu.au [mailto:paul.sz...@sydney.edu.au]
> Sent: Friday, Sep
-up
> Mission" and where do they mention you as having anything to
> do with it?
>
> If you are going to claim MSFT's actions as substantive
> to your agenda, how about provide some details?
>
> t
>
> > -Original Messag
where do they mention you as having anything to do with it?
>
> If you are going to claim MSFT's actions as substantive to
> your agenda, how about provide some details?
>
> t
>
> > -Original Message-
> > From: ACROS Security Lists [mailto:li...@ac
Hey Chris,
> I bet Microsoft actually like stating they just fixed yet
> another severe bug.
> Zero-day fixing is big business, you knoweven if "zero"
> is past a few "days".
I don't think Microsoft gains much from being able to say they fixed yet
another bug
- maybe if it were a bug they
esearch that falsely created security concerns and confusion
> where time was better spent really doing just about anything
> else, but it would have been a missed opportunity to get our
> names in the media to sell our security services."
>
> t
>
> >-Original
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2011-08-18-1
-
ASPR #2011-08-18-1: Remote Binary Planting in Mozilla Firefox
=
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2011-08-18-2
-
ASPR #2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird
=
figuration?
>
> On Thu, Jun 2, 2011 at 7:52 AM, ACROS Security Lists
> wrote:
> >
> > We published a remote/local proof of concept for the COM
> Server-Based
> > Binary Planting exploit presented at the Hack in the Box
> conference in Amsterdam.
> &g
The latest security updates from Microsoft fix binary planting issues (loading
of
dwmapi.dll) in the following applications (and probably many more):
1. Autodesk 3ds Max 2010 Release 12.0
2. Autodesk 3ds Max 2011 Release 13.0
3. Avast! Free Antivirus 5.0.545
4. Avira Premium Security Suite 10.0.
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2011-02-11-1
-
ASPR #2011-02-11-1: Remote Binary Planting in Adobe Reader
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2011-02-11-2
-
ASPR #2011-02-11-2: Remote Binary Planting in Adobe Flash Player
==
=[BEGIN-ACROS-REPORT]=
PUBLIC
===
ACROS Security Problem Report #2011-01-11-1
-
ASPR #2011-01-11-1: Remote Binary Planting in Multiple F-Secure Produ
After our Online Binary Planting Exposure Test became defunct as a result of
Microsoft fixing the Windows Address Book binary planting bug, we updated the
test
with two unfixed vulnerabilities. Everyone is welcome to keep testing their
Windows
computers for Internet-based binary planting attacks
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-12-14-1
-
ASPR #2010-12-14-1: Remote Binary Planting in Windows Address Book
Roughly 100 days after the Binary Planting (a.k.a. DLL hijacking, DLL
preloading,
Insecure Library Loading) vulnerability has been (re)discovered in hundreds of
Windows applications (and likely undiscovered in thousands more), we've taken a
unique opportunity to compare software vendors' fixing o
Microsoft patched three binary planting bugs in Office 2010 yesterday:
PowerPoint: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-1-PUB.txt
Word: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-2-PUB.txt
Excel: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-3-PUB.txt
We're making some ad
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-11-10-1
-
ASPR #2010-11-10-1: Remote Binary Planting in Microsoft PowerPoint
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-11-10-2
-
ASPR #2010-11-10-2: Remote Binary Planting in Microsoft Word 2010
=
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-11-10-3
-
ASPR #2010-11-10-3: Remote Binary Planting in Microsoft Excel 2010
An old unfixed Windows functional bug was just upgraded to a security bug. Our
researchers have discovered that Windows' inability to consistently expand
environment variables in user and system PATH breaks the binary planting
protection
provided by the SetDllDirectory function. The article descr
Hi Thor,
Thanks to Microsoft's "defense in depth," double-clicking an .exe from a remote
share
pops up a security warning. In contrast, double-clicking a data file that opens
a
vulnerable application (which downloads and executes a .dll from the same share)
doesn't trigger such security warning
Microsoft Visual Studio makes it possible to develop a binary planting-positive
(i.e., vulnerable) application without you having to write a single line of
code.
Every MFC application seems to be automatically made vulnerable, with those
statically linking MFC libraries actually having the vulnera
ACROS Security is presenting an analysis of many different delivery methods for
binary planting attacks, providing a hopefully more comprehensive view on the
feasibility of such attacks. We looked at some of the most popular web
browsers, most
popular e-mail clients and most popular document read
Title: Hacking Etico
Author: Carlos Tori
Details & free material: www.hackingetico.com
Best regards,
Carlos Tori
PGP ID 0x7F81D818
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponso
"Knock knock"[EMAIL PROTECTED] or [EMAIL PROTECTED] : "who's there?"FBI: "We're here to clean the "gene" pool."On 4/25/06,
MR BABS <[EMAIL PROTECTED]> wrote:
These files are worthless, they aren't even classified.Thanks alot for the offer asshole. Spam -> Full Disclosure.
On 4/25/06,
[EMAIL PROTE
Sorry, I don't see this as amplification in your example, because YOUR
dns servers are 100% of the traffic. 1:1 ratio.
Now, if you get the world to cache your text records, and have THEM
flood with source-spoofed UDP (unrelated to the victim's DNS servers),
that'd work, and is actually a good
You can try DSNIFF (http://www.monkey.org/~dugsong/dsniff/faq.html) but
it will present a self-signed cert to the user.
I think you can use Achilles (http://www.digizen-security.com) and not
even use SSL on the back half and the user might not notice.
-Mark C.
Alehandro Dias wrote:
Hi,
Since nobody else replied to you I'll throw in my limited experience.
I have associates who use it. Seems to work very well except
Hybernate/Suspend functions cease to work (a good side effect actually).
One nice thing it does is simulates a hard drive failure as the login
prompt (optional)
34 matches
Mail list logo