Insecure temporary files in Tripwire
[EMAIL PROTECTED]
$Date: 2001/07/09 05:02:02 $
Author:
In a browser environment, when you connect to an site using SSL/TLS your
browser automatically checks that the domain part of the URL matches the
domain in the X.509 certificate that the HTTPS server presents when you
connect to it.
Since SSL certificates are tamper-evident as the cryptographic
FOR PUBLIC RELEASE
Inside Security GmbH Vulnerability Notification
Revision 1.2 2001-07-09
The latest version of this document is available at
Monday 9 July 2001
eDvice Security Services Advisory - Various problems in Trend Micro
AppletTrap URL filtering
Product Background
--
Trend Micro AppletTrap is a product for blocking malicious Java applets,
malicious JavaScript and unsecured ActiveX controls at the gateway. The
On Sat, 7 Jul 2001, Morten Poulsen wrote:
Hi,
does anyone know of an email-address at Nokia where I can send
bug-reports about their mobile phones? I found a crash-bug, and i think
it's fair to tell them about it before posting anything here...
--
Morten Poulsen
In their website,
In message [EMAIL PROTECTED], ByteRage writes:
Unfortunately, QueryDosDevice is not supported on some
flavours of windows. As stated on the Xitami Web
Server Support Mailing List
(http://xitami.ec-computers.net/2001/Apr/Msgs/l2w02603.html)
[. quoting a message that I wrote on the Xitami
Apprently on Linux this is fairly easy to make happen:
Hi Darren,
It's reasonaly simple for Linux 2.4 users:
# iptables -A OUTPUT 1 -p tcp --syn -j TCPMSS --set-mss=1
Thanks to James Morris for that. To me that's a trifle obvious
but maybe it isn't going to be noticed if you've already
At 08:41 05/07/2001, you wrote:
I just got a new Cobalt Cube today and I have been poking around at it
for security issues... I noticed this minor issue in the webmail system.
Your
users are not aloud to have shell access by default however if they
malform their mailbox requests they can
Pavel Kankovsky wrote:
On Fri, 6 Jul 2001, 3APA3A wrote:
... and the problem is definitely in software, not in operation
system, because operation system behaves exactly as expected and
documented.
But it is still OS's problem when the specification / documentation it
conforms to
Since DOS devices exist in every directory (as first explained to
me in
the book 'Undocumented Dos'), we had a trick for testing for the
presence of a directory in a batch file. The test went like this:
if exist C:\DIRECTORY\MOREDIRS\NUL then .
Because 'NUL' existed in every
Hi All
Im running a Cayman-DSL Model 3220-H router with GatorSurf version 5.6.1
(build R0) .
When I use nmap (from command line or through nessus), the router crashes
after a few minutes of the beginning of the scan.
Ive recreated this in both SynScan and TCP Connect mode, and even by
Darren,
Interesting email...
If the attack is done through bad client specifying a ultra small MSS, at
least, the server should be able to track them. As doing IP spoofing with
TCP is difficult if the ISN are random enough.
If the attack is done through generated ICMP unreachable cannot
- Forwarded message from Scott Walker Register [EMAIL PROTECTED]
-
From: Scott Walker Register [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Check Point response to RDP Bypass
Date: Mon, 9 Jul 2001 10:33:42 -0500
Message-ID: Chameleon.994689280.walker@stinky
-Original Message-
From: Darren Reed [mailto:[EMAIL PROTECTED]]
Following on from this, it occurs to me that the problem with the
above can possibly be reproduced with TCP. How ? That thing called
maximum segment size. The problem? Well, the first is that there
does not
hi bugtraqers,
Background
==
i sent the following advisory to Microsoft there is about 1 month of that,
and since i did not get any reply.
The problem described below is still working on the latest MSN client
version currently available.
A bug in the Hotmail Messenger cryptographic
-BEGIN PGP SIGNED MESSAGE-
According to MSDN, NT 3.5/3.51/4.0 and Windows 2000 implement a
minimum MSS of 68 bytes (found under the discussion of PMTU and RFC
791 and 1191), as prescribed by RFC 791.
Also, there's the registry key;
Chris Adams writes:
Better yet, have your POP daemon update the access file directly, and
then you don't have any of the hokey tail the log file stuff going on
at all. All you need to add is a daemon to remove entries from the
access file.
I have patches for qpopper 2.53 and 3.1.2 (and will be
The MSN Messenger Service 1.0 Protocol draft can be found at
http://msn-transport.sourceforge.net/messenger-protocol.txt
--
Elias Levy
SecurityFocus.com
http://www.securityfocus.com/
Si vis pacem, para bellum
Sorry for the plug, but I can't help myself:
http://ps-ax.com/Relay/
This does what this thread has been speaking of via a patch to Qpopper,
versions from 2.53 to present. I think it fills the void.
-brad
Better yet, have your POP daemon update the access file directly, and
then you don't
On Sat, 7 Jul 2001, Chris Adams wrote:
Better yet, have your POP daemon update the access file directly, and
then you don't have any of the hokey tail the log file stuff going on
at all. All you need to add is a daemon to remove entries from the
access file.
All of which is an awful
-- Forwarded message --
Date: Mon, 9 Jul 2001 09:51:42 -0500
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: RE: Nokia contact information (fwd)
Hi Tina,
Thanks for the heads-up!
Here is the place to go - http://forum.nokia.com/main/1,6668,5_9,00.html
Kelly
Hi!
After doing a check on my SuSE linux 7.0 x86 i found something interesting:
hegi@faust:~ ls -la /usr/sbin/dip
-rwsr-xr-- 1 root dialout 62056 Jul 29 2000 /usr/sbin/dip
DIP: Dialup IP Protocol Driver version 3.3.7p-uri (25 Dec 96)
Written by Fred N. van Kempen, MicroWalt
Andrea Barisani wrote:
On some cobalt raq3 servers (with the poprelayd add-on packet installed )
and in general on any system running the poprelayd script with sendmail is
possible to inject this string in the syslog using sendmail logging. So
anyone can insert a fake string with his own IP
Urgent! There is a slight mistake in Revision 1.2 of this
advisory. RDP is proprietary protocol used by CheckPoint
and therefore not described by RFC908, this RFC describes
a different protocol unfortunately also called RDP.
Here is the corrected version:
FOR PUBLIC RELEASE
On Fri, Jul 06, 2001 at 09:32:36PM -, gregory duchemin wrote:
[snip]
the hash creation process is as follow:
==
say user toto has a password titan
then his client generate the string y.ytitan and the
according MD5 hash, say
On Fri, 6 Jul 2001, gregory duchemin wrote:
hi bugtraqers,
Background
==
i sent the following advisory to Microsoft there is about 1 month of
that, and since i did not get any reply. The problem described below
is still working on the latest MSN client version currently
On Mon, Jul 09, 2001 at 06:59:04PM +0100, Jason Clifford wrote:
On Sat, 7 Jul 2001, Chris Adams wrote:
Better yet, have your POP daemon update the access file directly, and
then you don't have any of the hokey tail the log file stuff going on
at all. All you need to add is a daemon to
hello,
know if the TCP silly window syndrome might be used too ?
Uploading/downloading files byte per byte to/from a remote ftp server with a
stupid window size of one byte may generate a very high overhead.
My tanenbaum book say that Clark solution consists in avoiding sender
(attacker) from
28 matches
Mail list logo