Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
Just for the record, this caused 2.7 gigabyte virtual memory usage on a PowerBook running OS X / Firefox 0.9, so it's not a x86 only issue. thE_iNviNciblE wrote: Hi, there is a security vulnerability in Firebox 0.92 (latest Version) http://www.4rman.com/exploits/tinybmp.htm this link causes that your virutal memory will be rise up 1,2 GB used Memory... maybe Thunderbird 0.72 is also vulnerable via HTML. credits to: StupidWhiteMan ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
This is precisely the point that almost everyone is missing completely (but still clamoring "it works on X, it doesn't work on Y"), and that Sapheriel pinpointed: the core problem lies in the Windows .bmp implementation. So, I wonder aloud, what is the purpose of publishing 'advisories' that misattribute this flaw to IE [1] or Firefox or any of the other hundreds or thousands of programs that use it and can be DoSed as a result? st3ng4h I agree when you say that it's probably a flaw in the BMP lib implementation. But as I've pointed out once already, Windows isn't the only afflicted platform: Ali-Campbells-Computer:~ alicampbell$ uname -a Darwin Ali-Campbells-Computer.local 7.4.0 Darwin Kernel Version 7.4.0: Wed May 12 16:58:24 PDT 2004; root:xnu/xnu-517.7.7.obj~7/RELEASE_PPC Power Macintosh powerpc Ali-Campbells-Computer:~ alicampbell$ top PID COMMAND %CPU TIME #TH #PRTS #MREGS RPRVT RSHRD RSIZE VSIZE 1449 firefox-bi 0.5% 0:11.84 10 191 293 18.4M 37.2M 46.9M 3.32G That's VSIZE=3.32 gigabytes. As others have also observed, there isn't any machine slowdown when I try this either on Windows or OS X, despite the large amount of virtual memory sucked up. I'm postulating that this is because memory is being malloc()ed but not actually written to, so physical page frames for it never get allocated. I could be wrong though, as my current knowledge of kernels falls squarely in the "tourist" category. Ali ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Automated SSH login attempts?
Do I take it that these things are just trying to log in using some guessed password(s) ? Out of interest, do we have any idea what these opportunistic passwords might be ? ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] write events log to CD?
Sending logs to a printer makes the most sense to me. Absolutely unhijackable, and a good use for that old 9-pin dotmatrix and 2000 sheets of traction feed paper you have in the cupboard. No idea whether it's possible on windows, though. VeNoMouS wrote: why not just log all events to a remote box like you can do in syslog, dunno if wintendo can do that or not, just and idea - Original Message - From: "BillyBobKnob" <[EMAIL PROTECTED]> To: "Full Disclosure" <[EMAIL PROTECTED]> Sent: Monday, August 30, 2004 12:12 PM Subject: [Full-Disclosure] write events log to CD? Is there a way to setup Event Log in Windows to log to a CD-R by maybe using software like Aptec DirectCD so that intruders could not erase their tracks ? Thanks Bill ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Scandal: IT Security firm hires the author of Sasser worm
[EMAIL PROTECTED] wrote: Face it, people who can break security are valuable to those trying to create it. I would agree with you if this guy had discovered the LSASS vulnerability himself. But if I remember correctly, it was discovered by those clever people at eeye. Now I don't consider myself to be the ultimate coder - the minutae of the Linux do_brk exploit, for example, went way over my head - but I reckon I could have written Sasser given the details of the vulnerability. Writing a worm for a known exploit isn't rocket science. So yes, I think this is a slap in the face to decent, law abiding programmers everywhere, particularly those who don't have a job. Ali ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Windoze almost managed to 200x repeat 9/11
Mike Nice wrote: http://www.techworld.com/opsys/news/index.cfm?NewsID=2275 Next time think twice before replacing Un*x with Voles! " The servers are timed to shut down after 49.7 days of use in order to prevent a data overload," Hee hee, someone used the "milliseconds since bootup" counter as a timer in the app. You'd think Y2K would have taught some people some things ... ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] MS04-028 Jpeg EXPLOIT with Reverse and Bind shell ...
ElviS .de wrote: the last step before the worm http://www.k-otik.com/exploits/09252004.JpegOfDeath.c.php Are securepoint giving away consultancy jobs for the first working implementation this time ? ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] IRC spying to increase
A waste of money. They won't find anything.. people are too smart to use chatrooms to discuss elite stuff. Another reason to vote Bush out. :-) Also seems like a lot of money for something I seem to remember was done singlehandedly by Steve Gibson when he was trying to track DDoS IRC bots ... ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] IRC spying to increase
> What the .gov is thinking of doing now is meant for extremely large networks > like EfNet. > I don't think Steve van singlehandedly monitor the whole of EfNet. I agree that SG couldn't possibly monitor the whole of efnet, but he *did* have some automatic analysis going on: (from grc.com) "They snagged passing URLs and quickly downloaded anything that was referenced. I even got quite fancy and built a Markov-chain finite-state statistical dialog modeller. It monitored the flow of IRC channel nicknames and automated the process of determining who was talking to whom, and who were the "bosses" who commanded the most power and respect." Ali ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] IRC spying to increase
Also seems like a lot of money for something I seem to remember was done singlehandedly by Steve G* when he was trying to track DDoS IRC bots ... What he did was nothing like what this research proposal is for. [snip] > For those that can't read English, what they want to attempt to do is > look > at timestamps of when a message from various parties (X,Y,Z) are sent > and > determine who is talking to whom given their proximity in time. I try very hard not to get involved in flames, but because of your patronising tone, and the obvious inference that you think I'm thick, I'm not prepared to let this one go. I'll post it again. (from grc.com) "I even got quite fancy and built a Markov-chain finite-state statistical dialog modeller. It monitored the flow of IRC channel nicknames and automated the process of determining who was talking to whom, and who were the "bosses" who commanded the most power and respect." Notice that he almost uses your own words. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] On Polymorphic Evasion
Does the fixed-length nature of RISC instructions make detecting a shellcode on a platform such as PPC via IDS easier ? Or does the larger availability of pseudo-NOP instructions on these platforms (owing chiefly to more combinations of registers being available) in fact make it harder ? I wrote some shellcode for OS X once, basically as an exercise, and I caught myself wondering about this. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Will a vote for John Kerry be counted by a Hart InterCivic eSlate3000 in Honolulu?
IMO i find the comments about Bush and Kerry - in Jason's original posting as well as the subsequently postings - very untastefully and very very irellevant. Yes, and it's worth pointing out this little nugget from the full-disclosure list charter at http://lists.netsys.com/full-disclosure-charter.html : "Politics should be avoided at all costs." ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] Q: Linux Command Line Encryption
Hi there, Sorry for a question which I'm sure a lot of people on this list will consider trivial, but I'm subscribed, so I might as well ask it here. I need a Linux utility which I can use to encrypt a single gzipped file via the command line. Obviously something open source would be preferable. I'm not really interested in setting up a whole suite of stuff with keyfiles and so on, and I don't need a public/private key setup, just something quick and dirty with a single secret key for encryption and decryption which is nevertheless reasonably strong. Thanks in advance. Ali ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Help, possible rootkit
BillyBob wrote: Any more suggestions ? I have seen something similar to this behaviour caused by a flaky power connector in a Si3112 mirrored RAID array. Ali ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Q: Linux Command Line Encryption
Thanks to everyone who replied to this, I appreciate your time. This issue has now been dealt with. Ali ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] I am out of here
Hugo van der Kooij wrote: Thank you all for turning a security mailinglist into a mudpool in which throwing around dirt about political candidates has become the prime objective. However that was not my objective when I came to this list so it seems this list has become rather useless to me. Quite a pity. But that is full-disclosure for you. So long and thanks for all the fish. Hugo. Me too. I'm unsubscribing. Have a nice day. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
