Hacktics Research Group Security Advisory
http://www.hacktics.com/#view=Resources%7CAdvisory
By Gil Cohen, Hacktics.
9-Feb-2010
===
I. Overview
===
During a penetration test performed by Hacktics' experts, certain
vulnerabilities were identified in an Oracle E-Business Suite
From: Stefan Kanthak [mailto:stefan.kant...@nexgo.de]
Sent: Monday, 08 February, 2010 16:33
Michael Wojcik wrote:
From: Stefan Kanthak [mailto:stefan.kant...@nexgo.de]
Sent: Saturday, 06 February, 2010 08:21
Since Windows 2000 NTFS supports junctions, which pretty much
resemble
==
Please excuse multiple postings of this message
==
ACM CCS 2010 --- CALL for WORKSHOP PROPOSALS
Michael Wojcik wrote:
From: Stefan Kanthak [mailto:stefan.kant...@nexgo.de]
Sent: Saturday, 06 February, 2010 08:21
Dan Kaminsky wrote:
[...]
(On a side note, you're not going to see this sort of symlink stuff
on Windows,
What exactly do you mean?
Traversing symlinks on the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Aruba Networks Security Advisory
Title: TLS Protocol Session Renegotiation Security Vulnerability
Aruba Advisory ID: AID-020810
Revision: 1.0
For Public Release on 02/08/2010
+
SUMMARY
This
Thierry Zoller thie...@zoller.lu writes:
Facts :
- Several distributions run with vulnerable settings per default
if there is a misconfiguration it is part of the vendor.
- Your not supposed to be able to traverse dirs.
What's wrong with creating $HOME/tmp - /tmp/$USER (not necessarily
Hi FD,
This is not a zero-day vulnerability in the concept of a programmatic
Flaw. But if no one, or the majority of all Samba users never knew that
This option was available, or knew that this functionality was enabled
by default I think this problem should still be highlighted in the way
that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A true 'hacker's conference' wouldn't be fun without a competition
where hackers go head to head, tears are shed, and blood is spilled,
and when we say blood we mean points. CTFs have always been about how
good and fast you are at reversing and
==
Secunia Research 09/02/2010
- Microsoft PowerPoint File Path Handling Buffer Overflow -
==
Table of Contents
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Microsoft Office Excel / Word OfficeArtSpgr Container Pointer Overwrite
Vulnerability
1. *Advisory Information*
Title: Microsoft Office Excel /
TPTI-10-02: Microsoft Office PowerPoint Viewer TextCharsAtom Record Code
Execution Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-10-02
February 9, 2010
-- CVE ID:
CVE-2010-0034
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Office PowerPoint Viewer
--
ZDI-10-015: Microsoft Windows RLE Video Decompressor Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-015
February 9, 2010
-- CVE ID:
CVE-2010-0250
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Windows XP
Microsoft Windows Vista
--
ZDI-10-016: Microsoft Windows ShellExecute Improper Sanitization Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-016
February 9, 2010
-- CVE ID:
CVE-2010-0027
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Windows XP
-- TippingPoint(TM) IPS
ZDI-10-017: Microsoft Office PowerPoint Viewer TextBytesAtom Record Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-017
February 9, 2010
-- CVE ID:
CVE-2010-0033
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Office PowerPoint Viewer
--
14 matches
Mail list logo