In message
<[EMAIL PROTECTED]>, Matthijs
<[EMAIL PROTECTED]> writes
By the way, if the random function can only generate numbers between 0
and 32767, won't 2 bytes be enough then? The algorithm will perform a
modulo calculation anyway, so 4 bytes won't really add anything. Of
course, it is muc
Dear [EMAIL PROTECTED],
Neither ISA Server 2004 nor Windows 2003 Basic Firewall support IPv6
filtering, IPX filtering, etc. This is different network protocol.
--Monday, April 3, 2006, 7:08:55 PM, you wrote to bugtraq@securityfocus.com:
RLGrc> When IPv6 is active on an interface of an ISA Se
RUXCON 2006 CALL FOR PAPERS
RuxCon would like to announce the call for papers for the fourth annual
RuxCon conference.
This year the conference will commence during the 30th of September and the
1st of October, over the long weekend.
As with previous years, RuxCon will be held at the University
Title: SMART Technologies SynchronEyes Remote Denial of Services
Release Date: 04. April 2006
Author: Dennis Elser (dennis backtrace de)
Vendor: SMART Technologies Inc. (http://www.smarttech.com)
Vendor Status: Notified, fixes scheduled for May
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tim wrote:
>> All it takes is to throttle traffic from the resovers to outside
>> the ISP network to a reasonably low value. Depending on the ISP
>> this is usually in the low Kbits. All it takes is a moderate
>> amount of competence in the ISP:
>
>
>
Forrest J. Cavalier III wrote:
Just a half-baked idea. Does selling software quality assurance make
sense?
If you will allow me to answer only that part of your email, I honestly
don't know - but:
Standardization and regulation is where we are all heading in many
different directions wheth
Geo. wrote:
>>1. Resolvers and Authoritative nameservers must be separate and
>>authoritative nameservers must have recursion turned off. Otherwise
>>there is no way to throttle only recursive queries.
>>
>>
>
>Great, for small ISP's you just doubled the number of machines they need to
>dedica
> We have done just this (block inbound udp/53) to certain subnets due to a
> rash of CPEs that happily proxy DNS, including recursive queries,
> from their WAN side.
What devices? Is this a default or something customers are configuring?
> Ingress/Egress filtering did not help because the traffi
###
Luigi Auriemma
Application: Doomsday engine
http://www.doomsdayhq.com
http://deng.sourceforge.net
Versions: <= 1.8.6 (and current SVN 1.9.0)
Platforms:Windows
On Tue, 4 Apr 2006, Javor Ninov wrote:
> So you mean that XSS is not trivial and difficult to spot ?
> For today code XSS is unacceptable and speaks very [poorly] for the
> author.
A lot of XSS might be "lame," but some of it is rather interesting and
complex. Our terminology might not be prec
===
Ubuntu Security Notice USN-267-1 April 03, 2006
mailman vulnerability
CVE-2006-0052
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Wartho
Sorry if i sound rude but:
Gadi Evron wrote:
> Looking even at web applications and their history one can easily tell if:
> 1. They are professionally written.
> 2. The vulnerabilities seen before and the ones we could find are not
> trivial or really say anything about the coder.
>
> That's how
--On den 30 mars 2006 16.08.51 -0500 "Geo." <[EMAIL PROTECTED]> wrote:
> Don't you think creating a control point like that is dangerous?
> Especially dangerous when it's DNS which runs virtually every function on
> the internet?
The control point is there already, as has been demonstrated by s
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200604-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
On Friday 31 March 2006 14:37, Milen Rangelov wrote:
> A lot of people configure sysklogd to collect log messages from the
> network with the "-r" option.
Why do you think a lot of people do that?
I think they don't, because the default setting usually is to not accept
network packets. So if some
Topic: Barracuda LHA archiver security bug leads to
remote compromise
Announced: 2006-04-03
Product:Barracuda Spam Firewall
Vendor: http://www.barracudanetworks.com/
Impact: Remote shell access
Af
Milen Rangelov wrote:
>I know that good IP filtering on the sysklogd box is the best fix, but
>always resolving hostnames of the log messages' sender is definitely not
>a good idea..
>
>
That's why you should use syslog-ng instead. With it you can tweak all
the DNS parameters (see below) and cre
Topic: Barracuda ZOO archiver security bug leads to
remote compromise
Announced: 2006-04-03
Product:Barracuda Spam Firewall
Vendor: http://www.barracudanetworks.com/
Impact: Remote shell access
Af
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00634759
Version: 1
HPSBPI2109 SSRT061141 rev.1 - HP Color LaserJet 2500 and 4600
Toolbox Running on Microsoft Windows Remote Unauthorized
Disclosure of Information
NOTICE: The information in t
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200604-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Hello Anton,
> This is feasible only for corporate networks where the allocations
> are constant and change once in a few years.
>
> It is not feasible in any ISP/Telco above a certain size. In fact,
> considering the consolidation over the recent years it is not feasible
> for most ISPs
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200604-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
> -Original Message-
> From: Geo. [mailto:[EMAIL PROTECTED]
> Sent: April 2, 2006 10:31
> To: bugtraq@securityfocus.com
> Subject: Re: recursive DNS servers DDoS as a growing DDoS problem
>
> > 1. Resolvers and Authoritative nameservers must be separate and
> > authoritative nameservers m
###
Luigi Auriemma
Application: [EMAIL PROTECTED]
http://www.ultravnc.com
http://ultravnc.sourceforge.net
Versions: <= 1.0.1 (and current CVS)
(tabbed_v
Erm excuse me, the seed should be 4 BYTES, not bits.
I should really check my posts better before hitting send...
On 4/4/06, Matthijs <[EMAIL PROTECTED]> wrote:
> altough it returns a number between 0 and 32767, it indeed saves a 32
> bit number, so the cycle length of this linear congruential gen
Jasper Bryant-Greene wrote:
Tõnu Samuel wrote:
Nice! I was really nervous already as I got bombed with e-mails and I
really did not knew much more than was discovered. Meanwhile I am
bit disappointed that we had nearly month such a bug in wild and
software distributors like SuSE in my cas
> > Really? Ok educate me, how do you do this with Windows 2000
> > running MS dns?
> > (telling people to use another server is not acceptable)
> If Microsoft's products are broken, why souldn't I tell people to use
> something else?
You tell them whatever you like, they aren't going to switch
Firefox 1.5.0.1 is also affected by this spoofing
ArabPortal Bugs :-
ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ]
MultBugz
BugTraqz :- D3vil-0x1 | Devil-00
Visit Palestine :- www.palestineonly.com
/*
1- /forum.php?action=view&id=1&cat_id=3&adminJump=D3vil-0x1[HTML - XSS ]
2- /forum.php
Hmm looks like I was wrong...
-snip-
/* Returns a pseudo-random number between 0 and 32767. */
static int
brand ()
{
rseed = rseed * 1103515245 + 12345;
return ((unsigned int)((rseed >> 16) & 32767)); /* was % 32768 */
}
>From bash-3.1/variables.c lines 1146-1152
-snip-
(copied from
http://ce
NOD32 local privilege escalation vulnerability
Not affected: > Version 2.51.26
Tested on: Winxp sp2
Risk: Average
To escalate the system privilage, the option 'quarentine a file' in NOD32 can
be exploited & a malicious file can be copied to the quarentine and using the
'restore to...' option it
Jasper Bryant-Greene wrote:
Moriyoshi Koizumi wrote:
Jasper Bryant-Greene wrote:
I very much doubt there are many applications at all containing code
like this. It is illogical to be decoding html entities from user
input. Therefore I would not call this a "very serious problem" and
certainl
DESCRIPTION
Attacker alse can spoof the address bar with another HTML page instead of the
shockwave-flash file by continuing make to window.location
If you use a very large SWF file, the last page will be display as long as SWF
loading time with the original address bar.
This exploit code will tr
Tõnu Samuel ,
There are different PHP applications are vulnerable to this exploit but
this is not their fault.
Agreed. But why are they html_entity_decode in the first place? Users don't
supply HTML. Databases don't contain HTML.
As Stefan Esser says, and your exploit demonstrates, it is re
A cumulative patch is available on www.limboforge.org - it should prevent the
known attacks on Limbo.
On Thu, 30 Mar 2006, Geo. wrote:
> Don't you think creating a control point like that is dangerous?
> Especially dangerous when it's DNS which runs virtually every function
> on the internet?
Yeah, it could be indeed...
It's not directly related to the discussion topic, but i just wanted to
in
On 3/29/06, Jeff Rosowski <[EMAIL PROTECTED]> wrote:
> It also doesn't affect all versions of PHP. on 5.0.5, it returns \0
> followed by however many Ss you put after it. And your right you wouldn't
> trust user imput like that.
>
> ___
I get this beha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey BugTraq readers,
This is just a quick note to let you know that Black Hat USA 2006 registration
and Call for Papers is now open.
We expect another outstanding program, and with the addition of more floor
space at Caesars Palace we are able to br
Hi,
I am releasing the first public version of PIRANA.
PIRANA is an exploitation framework that tests the security of a email
content filter. By means of a vulnerability database, the content
filter to be tested will be bombarded by various emails containing a
malicious payload intended to compr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1022-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
April 4th, 2006
Geo. wrote:
>> What is stopping you from running your own local DNS server?
>
> What is stopping you from running your own SMTP server? A port 25 block?
> Well if an ISP doesn't want to play whack-a-mole with unsecured dns servers
> popping up every day do you not think it likely that they will re
> All it takes is to throttle traffic from the resovers to outside the
> ISP network to a reasonably low value. Depending on the ISP this is
> usually in the low Kbits. All it takes is a moderate amount of
> competence in the ISP:
I don't believe this would help the problem. One of the notable
gboyce wrote:
I haven't heard anyone talk about requiring that users use their ISP's
DNS server. Just that they should not be able to use any random DNS
server on the internet.
What is stopping you from running your own local DNS server? My
system at home runs named in a configuration tha
\_ _/\_ ___ \ / | \\_ \
|__)_ /\ \//~\/ | \
|\\ \___\Y/|\
/___ / \__ /\___|_ /\___ /
\/ \/ \/ \/
.OR.ID
ECHO_ADV_27$2006
--
SEC-1 LTD
www.sec-1.com
Security Advisory
Advisory Name: HP Colour LaserJet 2500 and 4600 Toolbox Directory
Traversal Vulnerability
Release Date: 04/04/2006
Application: HP
___ ___
\_ _/\_ ___ \ / | \\_ \
|__)_ /\ \//~\/ | \
|\\ \___\Y/|\
/___ / \__ /\___|_ /\___ /
\/ \/ \/ \/
.OR
46 matches
Mail list logo
