Clam AntiVirus ClamAV CAB File Unstore Buffer Overflow Vulnerability
iDefense Security Advisory 04.16.07
http://labs.idefense.com/intelligence/vulnerabilities/
Apr 16, 2007
I. BACKGROUND
Clam AntiVirus is a multi-platform GPL anti-virus toolkit. ClamAV is
often integrated into e-mail gateways
:: :::
:: :: :: : ::
:: :: : :
:: :: ::: ::: :: :: :: ::::
:: :: :: : : : :: ::
Xmor$ Security Vulnerability Research TM
Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability
iDefense Security Advisory 04.16.07
http://labs.idefense.com/intelligence/vulnerabilities/
Apr 16, 2007
I. BACKGROUND
Akamai Technologies, Inc's provides distributed computing platform for
global Internet content caching and
By Hasadya Raed
Contact : [EMAIL PROTECTED]
Israel
--
Script : download_engine_V1.4.3
Dork : (c) 2002 AlexScriptEngine
--
B.Files :
addmember.php
class.phpmailer.php
colorpicker.php
--
Exploits :
:: :::
:: :: :: : ::
:: :: : :
:: :: ::: ::: :: :: :: ::::
:: :: :: : : : :: ::
Xmor$ Security Vulnerability Research TM
:: :::
:: :: :: : ::
:: :: : :
:: :: ::: ::: :: :: :: ::::
:: :: :: : : : :: ::
Xmor$ Security Vulnerability Research
He compromised the server(s) at the ad network we were using at the
time, and simply served up his ad instead of the usual ones.
BB
Ryan Barnett wrote:
I believe that the SecurityFocus defacement by FluffiBunni a few
years back would be an example of the
One question. Is BIND any better at preventing this type of attack?
Roger
*
*Roger A. Grimes, InfoWorld, Security Columnist
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
*email: [EMAIL PROTECTED] or [EMAIL
I believe that the SecurityFocus defacement by FluffiBunni a few
years back would be an example of the defacement attack that Michael
listed in his article. The concept was that SF had a trust
relationship with the company that was rotating their banners and FB
replaced the expected image with
On Tue, 17 Apr 2007, Michal Bucko wrote:
Function of a prototype isChecked (char*) (in toolbar.dll) is vulnerable
to buffer overrun. Arbitrary code execution might be possible.The
problem occurs when
767B49 MOV ECX,[EAX+140]
data is being copied into the buffer of an insufficient size.
webMethods Security Advisory
Glue console directory traversal vulnerability
Announced: 2007-04-17
Affects: webMethods Glue 4.x, 5.x, 6.x
Severity: High
I. Description
On April 11
Synopsis: Netsprint Toolbar 1.1 arbitrary remote code vulnerability
Product: Netsprint Toolbar
Version: 1.1
Author:Michal Bucko (sapheal)
Issue:
==
Function of a prototype isChecked (char*) (in toolbar.dll) is vulnerable to
buffer
overrun. Arbitrary code execution might be
PHP Nuke = 8.0.0.3.3b SQL Injections and Bypass SQL Injection Protection
vulnerabilities
PROGRAM: PHP-Nuke
HOMEPAGE: http://phpnuke.org/
VERSION: All version
BUG: PHP Nuke = 8.0.0.3.3b Bypass SQL Injection Protection and SQL Injections
vulnerabilities
AUTHOR: Aleksandar
By Hasadya Raed
Contact : [EMAIL PROTECTED]
Israel
---
Script : phphd_downloads
Download Script : http://www.hintondesign.org
Dork : Copyright 2006 (c) Hinton Design All Rights Reserved
---
B.File :
common.php
---
Exploit :
How does BIND stop this sort of attack?
Can a BIND expert respond?
Roger
*
*Roger A. Grimes, InfoWorld, Security Columnist
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
*email: [EMAIL PROTECTED] or [EMAIL
variable $content_php is set in php code and should overwrite any user made
inserts in url. i think this is not a vulnerability, is it?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Product: Internet Explorer Version 7.0.5730.11
Impact: Browser crash possibly more
Author: Jesus Oquendo
echo @infiltrated|sed 's/^/sil/g;s/$/.net/g'
I. BACKGROUND
Why bother? Who doesn't know what Internet Explorer and Microsoft are.
II.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00967144
Version: 1
HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and
BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
NOTICE: The information in
Synopsis: Multiple Ask IE Toolbar denial of service vulnerabilities
Product: Netsprint Toolbar
Version: 1.1
Author:Michal Bucko (sapheal)
Issue:
==
Multiple functions (in askPopStp.dll) suffer from improper
memory handling, which results in denial of service conditions.
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
Gizzar = (basePath) Remote File Include Vulnerability
Download:
http://mesh.dl.sourceforge.net/sourceforge/gizzar/gizzar-03162002.tar.gz
Discover: BorN To K!LL
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
Bug in:
index.php
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Symantec Vulnerability Research
http://www.symantec.com/research
Security Advisory
Advisory ID: SYMSA-2007-003
Advisory Title: Macrovision
Actually, this also crashes Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:1.8.1.3) Gecko/20070310 Iceweasel/2.0.0.3 (Debian-2.0.0.3-1)
I would think that Firefox and most browsers implementing javascript
would die an horrible OOM death on this.
A.
On Tue, Apr 17, 2007 at 01:09:13PM -0400, J.
Michal Majchrowicz wrote:
Due to security reasons many Web Browsers doesn't allow cross
domain XMLHttpRequests.
[..]
hi Michal, personally i don't get your point (to me it seems just
an hybrid implementation using both server side and client side
scripting) but i'm sure you can better explain
The Web Application Security Consortium is proud to present 'The Importance of
Application Classification in Secure Application Development' by Rohit Sethi.
In this article Rohit describes the importance of Application Classification
during the secure development process.
This document can be
Is this in anyway surprising? I think we all know the answer is no. Many
Fortune 500 companies have more employees than some ISPs have customers.
Should we really expect differently?
Also, as a side note, I would like to add that just because SPAM is coming
from a certain gateway does not
Hi all,
BlueArc Titan 2x00 devices running firmware version 4.2.944b are
susceptible to FTP bounce attacks. The vendor has confirmed this, and
a fix is available in the 4.3 firmware.
Example:
First connect to SSH, success
Then to MySQL, no success
Then to telnet, no success
[EMAIL PROTECTED]
Dear Roger A. Grimes,
DNS spoofing attack in general can not be 'patched', because this is a
weakness of DNS protocol itself.
As for birthday attack applicability, this problem was discussed in
2002. In 2003 problem still exist in both bind 8 and 9. According to
CERT (US-CERT) as
On 13/04/07, Steven Adair [EMAIL PROTECTED] wrote:
Is this in anyway surprising? I think we all know the answer is no. Many
Fortune 500 companies have more employees than some ISPs have customers.
Should we really expect differently?
Yes! Off the top of my head:
1. Corporations should have
On 13/04/07, Steven Adair [EMAIL PROTECTED] wrote:
Is this in anyway surprising? I think we all know the answer is no.
Many
Fortune 500 companies have more employees than some ISPs have customers.
Should we really expect differently?
Yes! Off the top of my head:
1. Corporations should
n.runs AG
http://www.nruns.com/ security at
nruns.com
n.runs-SA-2007.007
18-Apr-2007
___
Vendor: Sun Microsystems, Inc., http://www.sun.com
Affected Products:
?/*
File: shoutbox.php
Affects: ShoutPro 1.5.2 (may affect earlier versions)
Date: 17th April 2007
Issue Description:
===
ShoutPro 1.5.2 fails to fully sanitize user input ($shout) that it writes
to the shouts.php file when
Hi Steven,
I believe security of an organisation is orthogonal to the number of
employees/users and how savvy they are. It depends more on the will
and resources to secure the network properly. Two, corporations do
have many financial incentives to make sure they are secure - if they
are doing
Roger,
This is what I know about it, since no one else seems to be giving you
more info...
As described above, Windows DNS is vulnerable to the cache poisoning
attack through the forwarder DNS server. This seems because Windows DNS
blindly trusts replies from forwarder DNS and caches every
Just to add my two cents...
The fact is that the cost in damages of a single compromise is usually far
greater than the cost of implementing and maintaining good security. TJX is
a golden example of that.
On 4/13/07 11:05 AM, Jamie Riden [EMAIL PROTECTED] wrote:
Hi Steven,
I believe
=
Mambo/Joomla Component New Article Component = 1.1 (absolute_path) Multiple
RFI
=
Found By : C-W-M
Special Thnx ; Eskobar, Poizonb0x, eno7, DoubleKickx
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200704-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Due to security reasons many Web Browsers doesn't allow cross
domain XMLHttpRequests. In fact this is only troublesome for web
developers and not for virus coders/crackers/etc. Some time ago there
was presetened a technic which used cssText property to perform some
cross domain requests. After
37 matches
Mail list logo