[Full-disclosure] ANNOUNCE: Apache-SSL release, version 1.3.37+ssl_1.57
Apache-SSL version 1.3.37+ssl_1.57 is released. There are no code changes in this version - just bringing into line with Apache. http://www.apache-ssl.org Enjoy, Adam -- Adam Laurie Tel: +44 (0) 1304 814800 The Bunker Secure Hosting Ltd. Fax: +44 (0) 1304 814899 Ash Radar Station Marshborough Road Sandwichmailto:[EMAIL PROTECTED] Kent CT13 0PL UNITED KINGDOM PGP key on keyservers ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability
Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability
Description:
Rhapsody is a text console IRC client for Unix operating systems. It
is small, fast, portable, easy to use and full featured. An intuitive
menu-driven user interface makes rhapsody ideal for beginner to
intermediate users.
Found buffer overflow in various functions.
source: http://sourceforge.net/projects/rhapsody/
Source error:
#define MAXDATASIZE 1024
char nick[MAXDATASIZE];
- command request overflow
if (!sscanf(buffer, /%s %[^\n], command, parameters)){
return(E_NONE);
}
- connect and server request overflow
if (strcasecmp(command, connect) == 0 || strcasecmp(command, server) == 0){
pnum = sscanf(parameters, %s %d, server, port);
if (pnum 1){
vprint_all(Usage: /%s server [port]\n, command);
return(E_OTHER);
}
- nick request overflow
else if (strcasecmp(command, nick) == 0){
pnum = sscanf(parameters, %s, nick);
if (pnum 1){
vprint_all(Usage: /nick nick\n);
}
else{
sendcmd_server(currentserver, NICK, nick, ,
currentserver-nick);
strcpy(currentserver-lastnick, currentserver-nick);
strcpy(currentserver-nick, nick);
}
return(E_OTHER);
}
- ctcp request overflow
else if (strcasecmp(command, ctcp) == 0){
if (sscanf(parameters, %s %[^\n], nick, message) == 2){
sendcmd_server(currentserver, PRIVMSG,
create_ctcp_message(message), nick, currentserver-nick);
}
else vprint_all(Usage: /ctcp nick message|command\n);
return(E_OTHER);
}
- dcc chat/send request overflow
if (strcasecmp(subcommand, chat) == 0){
pnum = sscanf(subparameters, %s %[^\n], nick, message);
if (pnum 1){
vprint_all(Usage: /dcc chat nick\n);
return(E_OTHER);
}
- notice request overflow
else if (strcasecmp(command, notice) == 0){
pnum = sscanf(parameters, %s %[^\n], nick, message);
if (pnum 2){
vprint_all(Usage: /%s nick|channel message\n, command);
return(E_OTHER);
}
sendcmd_server(currentserver, NOTICE, message, nick,
currentserver-nick);
return(E_OTHER);
}
- msg and message request overflow
else if (strcasecmp(command, msg) == 0 || strcasecmp(command,
message) == 0){
pnum = sscanf(parameters, %s %[^\n], nick, message);
if (pnum 2){
vprint_all(Usage: /%s nick message\n, command);
return(E_OTHER);
}
else if (strcmp(nick, currentserver-nick) == 0) print_all(You can
not chat with yourself.\n);
else if (!currentserver-active) print_all(Must be connected to a
server to chat.\n);
else {
sendcmd_server(currentserver, PRIVMSG, message, nick,
currentserver-nick);
return(E_OTHER);
}
}
- chat and query request overflow
else if (strcasecmp(command, chat) == 0 || strcasecmp(command,
query) == 0){
chat *C;
pnum = sscanf(parameters, %s %[^\n], nick, message);
if (pnum 1){
vprint_all(Usage: /%s nick message\n, command);
return(E_OTHER);
}
- me and ctcp request format string
comm.c: 472
char *create_ctcp_message(char *message, ...){
static char buffer[MAXDATASIZE];
va_list ap;
char string[MAXDATASIZE];
va_start(ap, message);
vsprintf(string, message, ap);
va_end(ap);
sprintf(buffer, %c%s%c, 1, string, 1);
return(buffer);
}
and other: whois, mode, topic..
--
.original http://intel.shacknet.nu/
~ starcadi
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 1268-1] New libwpd packages fix arbitrary code execution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1268-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze March 17th, 2007http://www.debian.org/security/faq - -- Package: libwpd Vulnerability : integer overflow Problem type : local (remote) Debian-specific: no CVE ID : CVE-2007-0002 iDefense reported several integer overflow bugs in libwpd, a library for handling WordPerfect documents. Attackers were able to exploit these with carefully crafted Word Perfect files that could cause an application linked with libwpd to crash or possibly execute arbitrary. For the stable distribution (sarge) these problems have been fixed in version 0.8.1-1sarge1. For the testing distribution (etch) these problems have been fixed in version 0.8.7-6. For the unstable distribution (sid) these problems have been fixed in version 0.8.7-6. We recommend that you upgrade your libwpd package. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.1-1sarge1.dsc Size/MD5 checksum: 771 3f766aab2c2c0ff76feb561e51e17350 http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.1-1sarge1.diff.gz Size/MD5 checksum:12523 9cd210c306a22900d77afbc3e62b3557 http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.1.orig.tar.gz Size/MD5 checksum: 487187 75eabcc479c23461715ee58813c4b9b5 Architecture independent components: http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-doc_0.8.1-1sarge1_all.deb Size/MD5 checksum: 523184 0c9bfe4ac1b79688d408b1685246138e Alpha architecture: http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_alpha.deb Size/MD5 checksum:10200 8457ae23ea4638ecbf774198676e62b6 http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_alpha.deb Size/MD5 checksum:25800 94c9d4fd23fdac66ddf368e74761690e http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_alpha.deb Size/MD5 checksum: 148594 8af570673eddd1d436eb0befb40b5ef9 http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_alpha.deb Size/MD5 checksum: 286542 b7aae6d0dc6f3f3618e2613d3136c456 AMD64 architecture: http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_amd64.deb Size/MD5 checksum: 9998 076ff186f2150afd40318ac9b0764cfe http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_amd64.deb Size/MD5 checksum:24214 1c75a6141ca3e9b5c9247cad1994a814 http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_amd64.deb Size/MD5 checksum: 137528 c804cc0ebc56eae0b4af35aac2b8dce2 http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_amd64.deb Size/MD5 checksum: 231074 785d0bbf7fc34e7a592843145d55520f ARM architecture: http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_arm.deb Size/MD5 checksum: 9872 502b16e468b369c865f68036651f25c8 http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_arm.deb Size/MD5 checksum:21736 3c8862d95e911fa3e96527def67271a9 http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_arm.deb Size/MD5 checksum: 134440 cae03d0c40607eb2e09abe3a7aafdc9f http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_arm.deb Size/MD5 checksum: 233142 9c9bf1780e7337a6e3c68ed2fcecf052 HP Precision architecture: http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_hppa.deb Size/MD5 checksum:11058 cc181a60e7d528ca531b2967bebd29ff http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_hppa.deb Size/MD5 checksum:29762 236721a143d8514e1d961c1570664a0f http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_hppa.deb Size/MD5 checksum: 174812 9531c09294d4450e77dc0052a5b6cb04
[Full-disclosure] Xbox live accounts are being stolen
There have been rumor going around that Bungie.net was hacked and that a portion of Xbox live has been taken over because of it. Some folks are having their Microsoft points stolen and or points purchased via their stolen gamer tag. I just got off the phone with a Microsoft Tech for Xbox live that has confirmed this to with me and they have stated that accounts are being stolen and that Hackers have control of Xbox live and there is nothing we can do about it If anyone else has experienced their Xbox live account info being stolen let me know. I am trying to archive as much info on this as possible. During the conversations I have had with Xbox live support I would certainly say that Microsoft staff is more than negligent in dealing with this issue especially with regard to the potential theft of personal information. -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Xbox live accounts are being stolen
I'm sorry but I find this funny actually. :-P Seems Microsoft has a weakness. On 3/17/07, Kevin Finisterre (lists) [EMAIL PROTECTED] wrote: There have been rumor going around that Bungie.net was hacked and that a portion of Xbox live has been taken over because of it. Some folks are having their Microsoft points stolen and or points purchased via their stolen gamer tag. I just got off the phone with a Microsoft Tech for Xbox live that has confirmed this to with me and they have stated that accounts are being stolen and that Hackers have control of Xbox live and there is nothing we can do about it If anyone else has experienced their Xbox live account info being stolen let me know. I am trying to archive as much info on this as possible. During the conversations I have had with Xbox live support I would certainly say that Microsoft staff is more than negligent in dealing with this issue especially with regard to the potential theft of personal information. -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] fabios ultra vulnerability extravaganza
fabios ultra vulnerability extravaganza
[wireshark buffer over flow]
sscanf (data,
%6d %1s %6d %d:%d:%d.%d %12s %12s
ETHV2 Type: %s,
pktnum, direction, cap_len, hr, min, sec, csec,
destmac,
srcmac, type);
donot open iseries capturefiles!
[apache buffer over flow]
static void usage(process_rec *process)
{
const char *bin = process-argv[0];
char pad[MAX_STRING_LEN];
unsigned i;
for (i = 0; i strlen(bin); i++) {
pad[i] = ' ';
}
this routin will fly over buffer but only with the spaces
watch out for: MONTH OF FABIO! i get many attentions every
day
in month!
[nagios plugins(they are real nagios not just a extra]
-check_http: many many overflow possibillys here course im the dj
supremo:
#define URI_HOST %[-
..abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]
#define HD1 URI_HTTP URI_HOST URI_PORT URI_PATH
addr = malloc (MAX_IPV4_HOSTLENGTH + 1);
if (sscanf (pos, HD1, type, addr, port, url) == 4) {
-check_snmp: overflows to when understanding snmpget resullt:
char perfstr[MAX_INPUT_BUFFER] = ;
while (ptr) {
foo = strstr (ptr, delimiter);
strncat(perfstr, ptr, foo-ptr);
strcat(perfstr, =);
strcat(perfstr, show);
loved the vulnerabilitys? buy also my nice nude calendar!!
greats to zybadawg333 (i call u frend ),omid,sapheal,hasadya
raed,born to kill
by fabio dance dj supreme
(i'm fabio with darklong hair and i'm gotta make you M-O-V-E-move
to the G-R-O-V-E-grove)
--
Click for free info on getting an MBA and make $200K/ year
http://tagline.hushmail.com/fc/CAaCXv1I83CeqRUuciNVIIqk41z7nLAB/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Xbox live accounts are being stolen
why ?? Is there not a secondary layer of economics for points ?? WoW and SL has virtual $$ being bartered into real world value... On 3/17/07, Jason Miller [EMAIL PROTECTED] wrote: I'm sorry but I find this funny actually. :-P Seems Microsoft has a weakness. On 3/17/07, Kevin Finisterre (lists) [EMAIL PROTECTED] wrote: There have been rumor going around that Bungie.net was hacked and that a portion of Xbox live has been taken over because of it. Some folks are having their Microsoft points stolen and or points purchased via their stolen gamer tag. I just got off the phone with a Microsoft Tech for Xbox live that has confirmed this to with me and they have stated that accounts are being stolen and that Hackers have control of Xbox live and there is nothing we can do about it If anyone else has experienced their Xbox live account info being stolen let me know. I am trying to archive as much info on this as possible. During the conversations I have had with Xbox live support I would certainly say that Microsoft staff is more than negligent in dealing with this issue especially with regard to the potential theft of personal information. -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Xbox live accounts are being stolen
Funny, I've always kinda figured that MS was it's own weakness. - ATR Jason Miller wrote: I'm sorry but I find this funny actually. :-P Seems Microsoft has a weakness. On 3/17/07, Kevin Finisterre (lists) [EMAIL PROTECTED] wrote: There have been rumor going around that Bungie.net was hacked and that a portion of Xbox live has been taken over because of it. Some folks are having their Microsoft points stolen and or points purchased via their stolen gamer tag. I just got off the phone with a Microsoft Tech for Xbox live that has confirmed this to with me and they have stated that accounts are being stolen and that "Hackers have control of Xbox live and there is nothing we can do about it" If anyone else has experienced their Xbox live account info being stolen let me know. I am trying to archive as much info on this as possible. During the conversations I have had with Xbox live support I would certainly say that Microsoft staff is more than negligent in dealing with this issue especially with regard to the potential theft of personal information. -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Xbox live accounts are being stolen
I find it funny too... there is nothing more than I love to hear than an Microsoft employee telling me that their network is pwned and there is nothing they can do about it. -KF On Mar 17, 2007, at 7:33 PM, Jason Miller wrote: I'm sorry but I find this funny actually. :-P Seems Microsoft has a weakness. On 3/17/07, Kevin Finisterre (lists) [EMAIL PROTECTED] wrote: There have been rumor going around that Bungie.net was hacked and that a portion of Xbox live has been taken over because of it. Some folks are having their Microsoft points stolen and or points purchased via their stolen gamer tag. I just got off the phone with a Microsoft Tech for Xbox live that has confirmed this to with me and they have stated that accounts are being stolen and that Hackers have control of Xbox live and there is nothing we can do about it If anyone else has experienced their Xbox live account info being stolen let me know. I am trying to archive as much info on this as possible. During the conversations I have had with Xbox live support I would certainly say that Microsoft staff is more than negligent in dealing with this issue especially with regard to the potential theft of personal information. -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Xbox live accounts are being stolen
Microsoft points are directly tied to $$$ 2000 points is about the equivalent of $25 dollars. Zune Market Place and Xbox live share the same system for points / dollars. -KF On Mar 17, 2007, at 8:49 PM, Peter Dawson wrote: why ?? Is there not a secondary layer of economics for points ?? WoW and SL has virtual $$ being bartered into real world value... On 3/17/07, Jason Miller [EMAIL PROTECTED] wrote: I'm sorry but I find this funny actually. :-P Seems Microsoft has a weakness. On 3/17/07, Kevin Finisterre (lists) [EMAIL PROTECTED] wrote: There have been rumor going around that Bungie.net was hacked and that a portion of Xbox live has been taken over because of it. Some folks are having their Microsoft points stolen and or points purchased via their stolen gamer tag. I just got off the phone with a Microsoft Tech for Xbox live that has confirmed this to with me and they have stated that accounts are being stolen and that Hackers have control of Xbox live and there is nothing we can do about it If anyone else has experienced their Xbox live account info being stolen let me know. I am trying to archive as much info on this as possible. During the conversations I have had with Xbox live support I would certainly say that Microsoft staff is more than negligent in dealing with this issue especially with regard to the potential theft of personal information. -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Xbox live accounts are being stolen
Here is someone on youtube with the same problem using a capture card to get the guy on video talking about it. He blatantly says he can steal any account on your xbox with just your IP address. One side of the conversation has been cut out but you can clearly hear the gentleman talking about stealing the account. http://www.youtube.com/watch?v=1QdG_xwkPH4 Your shit is getting jacked just so ya know -KF ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
