[SECURITY] [DSA 1878-1] New devscripts packages fix remote code execution

2009-09-02 Thread Florian Weimer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1878-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer September 02, 2009

[SECURITY] [DSA 1877-1] New mysql-dfsg-5.0 packages fix arbitrary code execution

2009-09-02 Thread Sebastien Delafond
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1877-1 secur...@debian.org http://www.debian.org/security/ Sebastien Delafond September 02, 2009

International Hacking & Security Conference "POC2009" and Call for Paper

2009-09-02 Thread pocadm
The 4th international hacking and security conference "POC2009" by hackers will be held in Seoul, Korea on November 5 ~ 6. 'POC' means ‘Power of Community”. We believe that the power of community can make the world safer. POC doesn’t pursue money. So we are free to show real hacking and sec

Re: [Full-disclosure] Microsoft Internet Information Server ftpd zeroday

2009-09-02 Thread Guido Landi
no, MKDIR is *not* required, also write access is *not* required. Assuming a directory with a name that starts with "A" exists and that is at least 14 chars long, this pattern will trigger the overflow: NLST [Ax206]*/../A*/../A*/../A*/../A*/../A*/../A*/../A*/\r\n At least on win2k3. Therefore,

Re: [Full-disclosure] Microsoft Internet Information Server ftpd zeroday

2009-09-02 Thread Guido Landi
Dear Vladimir, "almost" is often enough :) btw, it was about triggering the vuln, not about exploiting it. Guido Landi Vladimir '3APA3A' Dubrovin wrote: > Dear Guido Landi, > > For DoS - yes, you can use existing file, but it's (almost) impossible > to create reliable code excution exp

[ADVISORY] NetCache URL DoS - Argentinian ISP

2009-09-02 Thread Arturo 'Buanzo' Busleiman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Research by Hernan Pereira and associates. No response from Speedy in the past 15 days. Proceeding with disclosure. A DoS vulnerability exists in NetCache proxies of at least some areas of Speedy Argentina ISP (201.255.64/18), by which a URL could b

Re[2]: [Full-disclosure] Microsoft Internet Information Server ftpd zeroday

2009-09-02 Thread Vladimir '3APA3A' Dubrovin
Dear Thierry Zoller, I think yes, MKDIR is required. It should be variation of S99-003/MS02-018. fuzzer should be very smart to create directory and user both oversized buffer and ../ in NLST - it makes path longer than MAX_PATH with existing directory. --Monday, August 31, 20

Re: [Full-disclosure] Microsoft Internet Information Server ftpd zeroday

2009-09-02 Thread Thierry Zoller
Confirmed. Ask yourselves why your fuzzers haven't found that one - Combination of MKDIR are required before reaching vuln code ? -- http://blog.zoller.lu Thierry Zoller

[USN-810-2] NSS regression

2009-09-02 Thread Kees Cook
=== Ubuntu Security Notice USN-810-2 September 02, 2009 nss regression https://launchpad.net/bugs/409864 === A security issue affects the following Ubuntu releases: Ubuntu 8.04

Re[2]: [Full-disclosure] Microsoft Internet Information Server ftpd zeroday

2009-09-02 Thread Vladimir '3APA3A' Dubrovin
Dear Guido Landi, For DoS - yes, you can use existing file, but it's (almost) impossible to create reliable code excution exploit since you can not (fully) control return address, like required in JMP ESP technique used in this exploit. --Wednesday, September 2, 2009, 12:33:47 PM, you wr

[USN-827-1] Dnsmasq vulnerabilities

2009-09-02 Thread Jamie Strandboge
=== Ubuntu Security Notice USN-827-1 September 01, 2009 dnsmasq vulnerabilities CVE-2009-2957, CVE-2009-2958 === A security issue affects the following Ubuntu releases: Ubuntu 8