On Mon, 4 Oct 1999 07:52:53 +0200, Aviram Jenik wrote:
>Buffers passed to a COM object (or ActiveX control: it's the same thing) are
>marshaled by the COM subsystem [snip]
Scuse me for butting in, but I have to say that this is only partially
correct.
YES, the com subsystem will marshall data se
-- =_NextPart_001_01BF0FC4.D7D3AB60
Content-Type: text/plain
Even though .rain.forest.puppy has cancelled RFP9903 I think it's worth
making a couple of comments...
>>1) Find a machine with 139 listening
>
>This is typically an issue when attacking remotely through the Internet.
>However, th
Just for random value I will mention a change in the NetScreen line of
firewalls that occured in v1.62 of the firmware.
They disabled the forwarding of non-IP traffic in transparent mode.
Yes, prior to this, if operating as a transparent device, which was
the default and suggested configuration,
>Seems that at least some Unix versions of Netscape treat characters 0x8b
>and 0x9b (NOT the strings "0x8b" and "0x9b" but the characters with these
>ascii values) just like < and > respectively...
Confirmed on Communicator 4.61/Solaris 2.7 (RISC).
RGF
Robert G. Ferrell
Internet Technologist
Na
> It has always been my understanding of UNIX sockets that they need
>not appear in the filesystem at all; whether inodes and directory
>entries are allocated for them is an implementation detail. The only
>guarantee is that if one process is listen()ing on a socket, and
>another process connect
This problem isn't unique to this program/screen saver, a short while ago I
downloaded a "Stressed Eric" (not rude for the US readers :) ) screen saver
from www.beeb.com who's password could be bypassed in a similar way. Would I
be right in thinking that the password dialog box was not the standar
I just tested this on Linux 2.0.34, Netscape Communicator 4.61 and the
same problem exists.
On Tue, 5 Oct 1999, Tymm Twillman wrote:
> Seems that at least some Unix versions of Netscape treat characters 0x8b
> and 0x9b (NOT the strings "0x8b" and "0x9b" but the characters with these
> ascii valu
KSR[T] Security Advisories http://www.ksrt.org
Contact Account: [EMAIL PROTECTED]
Advisory Subscription: Send an empty message to:
[EMAIL PROTECTED]
KSR[T] Advisory #012
Quoting Jan Szumiec ([EMAIL PROTECTED]) from Mon, Oct 04, 1999 at 12:14:42PM +0200:
> I don't know whether anyone wrote about this, so here it goes.
>
> It is possible to bring down the XServer remotely ...
>
> $ telnet 192.168.1.2 6000
> Connected to 192.168.1.2
> Escape character is ^[
> djkfh
Hello folks,
Since the subject is the matrix screensaver, let´s talk about it!
Under NT and Windows 9x, if you ´CTRL-ALT-DEL´ and kill the process, even
when it is password protected!
Best wishes,
Aylton
"Boyce, Nick" <[EMAIL PROTECTED]> on 10/04/99 07:26:04 PM
Please respond to "Boyce,
The most common way of passing parameters in ActiveX controls is
through
BSTRs, which include the size of the string in their first
character.
There's no way to overflow a BSTR. The buffer overflows you
discovered arise
from a situation where the programme
First of all, let´s get one thing clear, this problem has been known for about 2 or 3
months by now, but I guess no one actually cared.
Secondly, If you are runnig this screensaver on a NT-Server, your´e just plain stupid,
because a server is still a server, and with microdick NT installed it w
Auto_FTP.pl v0.2 Advisory 10/5/99
Nightfall Security Group (www.nfsg.org)
Auto_FTP.pl is a perl script that utilizes a shared directory, anytime
something new is put into the shared directory it transfers it to the
specified ftp site. Auto_FTP is available via freshmeat.net at
http://apps.freshme
On Mon, 4 Oct 1999, Jan Szumiec wrote:
| It is possible to bring down the XServer remotely ...
No it isn't. I got the same results on my machine, except the server isn't
crashing. It is simply rejecting bogus input on the port and continuing on
its merry way, apparently no harm done to any aspec
Get free email and a permanent address at http://www.netaddress.com/?N=1
Hi Brock,
Thanks for pointing out the vulnerability problem with our rpmmail package.
We have fixed this problem and posted new versions on our FTP s
On Sat, 10 Jul 1999, Michal Zalewski wrote:
> (Surprisingly, you'll see directory instead of broken symlink. No need
> to do anything, immediately quit from Midnight Commander)
everything was the same up till this point.. looked feasable
>
> ~$ ls -l PROVE-IT
> -rw--- 1 lcamtuf lcamtuf
Faulty software
---
Omni-NFS/X Enterprise version 6.1
Product
-
Omni-NFS/X Enterprise is a X, NFS server solution for win32 systems.
It is written by XLink Technology ( http://www.xlink.com ) .
Vulnerability
-
The nfs daemon ( nfsd.exe ) used by Omni-NFS/X wil
-BEGIN PGP SIGNED MESSAGE-
On Mon, 4 Oct 1999, Eivind Eklund wrote:
> On Sat, Oct 02, 1999 at 06:38:46PM -0400, Scott Gifford wrote:
> > I've put together a patch that lets ssh work around the OS bug that
> > allows bind to follow symlinks.
>
> There isn't general consensus that this is
L0pht Security Advisory
Advisory Released Oct 4 1999
Application: Cactus Software's shell-lock
Severity (a): Users can de-obfuscate and retrieve
the hidden shell code
At 12:25 AM 10/2/99 -0500, .rain.forest.puppy. wrote:
>
> >the following
> >registry key holds the program to execute as a debugger:
>
> >\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
> > \AeDebug\Debugger
As a matter of course, I nuke the whole AEDebug key. Try it.
:)
I
David LeBlanc <[EMAIL PROTECTED]> writes:
> At 12:25 AM 10/2/99 -0500, .rain.forest.puppy. wrote:
> >the following
> >registry key holds the program to execute as a debugger:
>
> >\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
> > \AeDebug\Debugger
> [...]
>
> >This means any
Please note that the version that does not work is the one created with
MacroMedia software. There is another version available that is not
affected by this.
Glenn
-Original Message-
From: Bugtraq List [mailto:[EMAIL PROTECTED]]On Behalf Of Boyce,
Nick
Sent: Monday, October 04, 1999 11:
Greetings,
A vulnerability exists in the /usr/lib/merge/dos7utils program (suid root by
default) which allows any user to execute any command as root. The dos7utils
program gets its localeset.sh exec path from the environment variable
STATICMERGE. By setting this to a directory writable by us a
Going to respond to bits of 3 replies -
At 11:49 PM 10/3/99 -0500, .rain.forest.puppy. wrote:
>> True, but you have to get something to crash that is running as a
>> higher-level user than you are. I understand that this may be possible,
>> but it is a precondition.
>Understood. Hmm, now if w
Jan Szumiec wrote:
> I don't know whether anyone wrote about this, so here it goes.
>
> It is possible to bring down the XServer remotely ...
>
> $ telnet 192.168.1.2 6000
> Connected to 192.168.1.2
> Escape character is ^[
> djkfhgjksdhgjklhgjklsdhgjklehrslhgsd
> Connection closed by remote host.
-- Forwarded message --
Date: Tue, 5 Oct 1999 10:54:52 -0600
From: Doug Lemaire <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
Subject: SecurityFocus - reference: bugtraq id 689
A customer of ours pointed out that this item was in your database.
http://www.secu
Scott Gifford:
> I don't think it is reasonable to expect user programs to jump
> through this many hoops (in my SSH patch, I had to make a temporary
> directory, stat the directory, chdir() into it, stat my current
> directory, bind() the socket, rename the socket, chdir() back out of
> my temp
On Mon, 04 Oct 1999 06:58:42 EDT, Olaf Seibert writes:
> On Sat, 2 Oct 1999, Scott Gifford wrote:
>
> > + /* OK, now we know we're in the directory we created. Nobody can
> > +* rmdir() this because we are in it. Nobody besides root can have
> > +* made a symlink in here, because they
28 matches
Mail list logo