[Full-disclosure] Re: BBCode [IMG] [/IMG] Tag Vulnerability

2005-08-22 Thread Christoph Frick 
On Mon, Aug 22, 2005 at 12:34:56AM -0400, Paul Laudanski wrote:

> So there are a couple avenues one can take in assessing if the file that 
> [IMG][/IMG] is rendering is indeed an image.
> Problem solved.

no its not solved. there are at least as many "avenues" to circumvent
your checks.  mr. blackhat's index.php just have to check, if youre
script is checking for an image by e.g. check the header of the request
``X-Powered-By'' or something like that, that identifies the requests
origin from a php script. the poor mens solution is just to check for
the REMOTE_ADDR. then return a nice image and the server is happy -
anybody else gets the "real" code.  best thing to prevent this, disable
[IMG] and friends - or do something proxyisch, that protects your users.

-- 
cu
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Wine, the implicit Microsoft Windows Genuine Advantage

2005-08-12 Thread Christoph Frick 
On Fri, Aug 12, 2005 at 11:30:56AM +0200, Christian Khark Lauf wrote:

> ... running on the system, it will notify users that they are running
> non-genuine Windows, and will not allow genuine Windows downloads for
> that system. Users of WINE should consult the WINE community for WINE
> updates. ...

the tool contains a check for a certain registry key. this key changed
recently due to changes in the way one configures WINE (~/.wine/config
-> completely registry driven). now the tool no longer "sees" the WINE-key
and works happily ever after.

-- 
cu


pgpZrykyPu6kC.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/