Jose Carlos Luna Duran writes:
> In my opinion the drop of privs in bash was mostly a "help" measure
> for poorly written setuid programs executing system() calls. I don't
> think is the role of bash to do this ...
True, but it is a slight help and I'm in favour of keeping it.
> Correct me if I'
Evernote Android Insecure Password Change (one-click setup)
Product: Evernote (Android)
Project Homepage: evernote.com
Internal Advisory ID: c22-2013-05
Vulnerable Version(s): Android version 5.5.0 (and prior)
Tested Version: Android 5.x (Android 4.2/4.3)
Vendor Notification: Aug 13, 2013
Public D
Evernote Android Insecure Storage of PIN data / Bypass of PIN protection
Product: Evernote (Android)
Project Homepage: evernote.com
Internal Advisory ID: c22-2013-03 / c22-2013-04
Vulnerable Version(s): Android version 5.5.0 (and prior)
Tested Version: Android 5.x (Android 4.2/4.3)
Vendor Notifica
Sense of Security - Security Advisory - SOS-13-001
Release Date. 03-Apr-2013
Last Update. -
Vendor Notification Date. 03-Sep-2012
Product. Google Active Directory Sync (GADS) Tool
Platform. Windows, Linux, Solaris
Affected versions.
Hello folk,
The btrfs file system, part of the linux kernel, is vulnerable to a
trivial hash-DoS attack. More details can be found here:
http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs/
Enjoy!
Pascal Junod
--
http://crypto.junod.info
@cryptopathe
Sense of Security - Security Advisory - SOS-12-010
Release Date. 10-Oct-2012
Last Update. -
Vendor Notification Date. 14-Aug-2012
Product. FileBound On-Site
Platform. Windows
Affected versions. All versions prio
Sense of Security - Security Advisory - SOS-12-009
Release Date. 05-Sep-2012
Last Update. -
Vendor Notification Date. 07-May-2012
Product. Ektron CMS
Platform. ASP.NET
Affected versions. Ektron CMS version 8.5.0
Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security
Advisory - SOS-12-008
Release Date. 24-Aug-2012
Last Update. -
Vendor Notification Date. 28-Oct-2011
Product. Elcom CMS - Community Manager
Platform. ASP.NE
Sense of Security - Security Advisory - SOS-12-007
Release Date. 14-Jun-2012
Last Update. -
Vendor Notification Date. 02-Apr-2012
Product. Squiz CMS
Platform. Independent
Affected versions. Squiz 4.6.3 (verified
Sense of Security - Security Advisory - SOS-12-006
Release Date. 13-Jun-2012
Last Update. -
Vendor Notification Date. 12-Mar-2012
Product. QNAP
Platform. Turbo NAS (verified) and possibly others
Affected versions.
Sense of Security - Security Advisory - SOS-12-004
Release Date. 12-Mar-2012
Last Update.-
Vendor Notification Date. 24-Nov-2011
Product.Aurora WebOPAC
Platform. Independent
Affected versions. 3
Sense of Security - Security Advisory - SOS-12-003
Release Date. 06-Mar-2012
Last Update.-
Vendor Notification Date. 28-Jul-2011
Product.Iciniti Store
Platform. Windows
Affected versions. 4.3.36
Sense of Security - Security Advisory - SOS-12-002
Release Date. 05-Mar-2012
Last Update. -
Vendor Notification Date. 24-Feb-2012
Product.Symfony2
Platform. PHP
Affected versions. 2.0.x - 2.0.10
Sever
Sense of Security - Security Advisory - SOS-11-012
Release Date. 17-Oct-2011
Vendor Notification Date. 14-Oct-2011
Product. BackWPUp
Platform. WordPress
Affected versions. 2.1.4
Severity Rating. High
Impact.Sys
Sense of Security - Security Advisory - SOS-11-011
Release Date. 20-Sep-2011
Last Update. -
Vendor Notification Date. 22-Mar-2011
Product. NETGEAR Wireless Cable Modem Gateway
CG814WG
Affected versions.
Sense of Security - Security Advisory - SOS-11-010
Release Date. 19-Sep-2011
Last Update. -
Vendor Notification Date. 21-Feb-2011
Product. Cisco TelePresence Series
Platform. Cisco
Affected versions. C
-up
> Mission" and where do they mention you as having anything to
> do with it?
>
> If you are going to claim MSFT's actions as substantive
> to your agenda, how about provide some details?
>
> t
>
> > -Original Messag
where do they mention you as having anything to do with it?
>
> If you are going to claim MSFT's actions as substantive to
> your agenda, how about provide some details?
>
> t
>
> > -Original Message-
> > From: ACROS Security Lists [mailto:li...@ac
Hey Chris,
> I bet Microsoft actually like stating they just fixed yet
> another severe bug.
> Zero-day fixing is big business, you knoweven if "zero"
> is past a few "days".
I don't think Microsoft gains much from being able to say they fixed yet
another bug
- maybe if it were a bug they
esearch that falsely created security concerns and confusion
> where time was better spent really doing just about anything
> else, but it would have been a missed opportunity to get our
> names in the media to sell our security services."
>
> t
>
> >-Original
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2011-08-18-1
-
ASPR #2011-08-18-1: Remote Binary Planting in Mozilla Firefox
=
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2011-08-18-2
-
ASPR #2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird
=
Sense of Security - Security Advisory - SOS-11-009
Release Date. 19-Jul-2011
Last Update. -
Vendor Notification Date. 23-Mar-2011
Product. Oracle Sun GlassFish Enterprise
Server
Platform.
figuration?
>
> On Thu, Jun 2, 2011 at 7:52 AM, ACROS Security Lists
> wrote:
> >
> > We published a remote/local proof of concept for the COM
> Server-Based
> > Binary Planting exploit presented at the Hack in the Box
> conference in Amsterdam.
> &g
We published a remote/local proof of concept for the COM Server-Based Binary
Planting
exploit presented at the Hack in the Box conference in Amsterdam.
Feel free to try it out online if WebDAV works through your firewall, or
download it
and test it in your local network or simply on your comput
Our new blog post describes in detail how the binary planting exploits we
presented
at Hack In The Box Amsterdam work. Watch a user on IE8/XP getting pwned by two
single
clicks on a web page, and a user on IE9/Win7 getting pwned by selecting an
option
from a context menu.
http://blog.acrossecu
Sense of Security - Security Advisory - SOS-11-007
Release Date. 20-May-2011
Last Update.-
Vendor Notification Date. 04-Apr-2011
Product.Securimage / PHPCaptcha
Platform. PHP
Affected versions. 1.0.4 - 2.0.2
Severity
Sense of Security - Security Advisory - SOS-11-006
Release Date. 18-May-2011
Last Update. -
Vendor Notification Date. 28-Feb-2011
Product. Cisco Unified Operations Manager
Common Services Framework Help Se
Sense of Security - Security Advisory - SOS-11-005
Release Date. 03-May-2011
Last Update. -
Vendor Notification Date. 28-Apr-2011
Product. Proofpoint Protection Server
Platform. Appliance
Affected versions.
Abstract
In 2009 we examined the effects of manipulating synchronization
objects in security software suites frequently found on personal
computers running Windows XP and Vista. The synchronization objects
were mutexes and events, and the security software included products
from AVG, Avast, Avira,
Sense of Security - Security Advisory - SOS-11-004
Release Date. 15-Apr-2011
Last Update. -
Vendor Notification Date. 7-Mar-2011
Product. Collaborative Passwords Manager (cPassMan)
Platform. Independent (PHP)
Affec
The latest security updates from Microsoft fix binary planting issues (loading
of
dwmapi.dll) in the following applications (and probably many more):
1. Autodesk 3ds Max 2010 Release 12.0
2. Autodesk 3ds Max 2011 Release 13.0
3. Avast! Free Antivirus 5.0.545
4. Avira Premium Security Suite 10.0.
Sense of Security - Security Advisory - SOS-11-003
Release Date. 28-Mar-2011
Last Update. -
Vendor Notification Date. 25-Mar-2011
Product. Wordpress Plugin BackWPup
Platform. Independent
Affected versions.
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2011-02-11-2
-
ASPR #2011-02-11-2: Remote Binary Planting in Adobe Flash Player
==
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2011-02-11-1
-
ASPR #2011-02-11-1: Remote Binary Planting in Adobe Reader
=[BEGIN-ACROS-REPORT]=
PUBLIC
===
ACROS Security Problem Report #2011-01-11-1
-
ASPR #2011-01-11-1: Remote Binary Planting in Multiple F-Secure Produ
After our Online Binary Planting Exposure Test became defunct as a result of
Microsoft fixing the Windows Address Book binary planting bug, we updated the
test
with two unfixed vulnerabilities. Everyone is welcome to keep testing their
Windows
computers for Internet-based binary planting attacks
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-12-14-1
-
ASPR #2010-12-14-1: Remote Binary Planting in Windows Address Book
Roughly 100 days after the Binary Planting (a.k.a. DLL hijacking, DLL
preloading,
Insecure Library Loading) vulnerability has been (re)discovered in hundreds of
Windows applications (and likely undiscovered in thousands more), we've taken a
unique opportunity to compare software vendors' fixing o
Microsoft patched three binary planting bugs in Office 2010 yesterday:
PowerPoint: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-1-PUB.txt
Word: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-2-PUB.txt
Excel: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-3-PUB.txt
We're making some ad
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-11-10-2
-
ASPR #2010-11-10-2: Remote Binary Planting in Microsoft Word 2010
=
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-11-10-3
-
ASPR #2010-11-10-3: Remote Binary Planting in Microsoft Excel 2010
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-11-10-1
-
ASPR #2010-11-10-1: Remote Binary Planting in Microsoft PowerPoint
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-11-05-01
-
ASPR #2010-11-05-01: Remote Binary Planting in Adobe Flash Player
An old unfixed Windows functional bug was just upgraded to a security bug. Our
researchers have discovered that Windows' inability to consistently expand
environment variables in user and system PATH breaks the binary planting
protection
provided by the SetDllDirectory function. The article descr
Hi Thor,
Thanks to Microsoft's "defense in depth," double-clicking an .exe from a remote
share
pops up a security warning. In contrast, double-clicking a data file that opens
a
vulnerable application (which downloads and executes a .dll from the same share)
doesn't trigger such security warning
Microsoft Visual Studio can automatically make an application binary
planting-positive (i.e., vulnerable) even when the developer makes no
programming
errors. Every MFC application seems to be automatically made vulnerable, with
those
statically linking MFC libraries actually having the vulnerabl
ACROS Security is presenting an analysis of many different delivery methods for
binary planting attacks, providing a hopefully more comprehensive view on the
feasibility of such attacks. We looked at some of the most popular web
browsers, most
popular e-mail clients and most popular document read
For everyone interested in binary planting vulnerabilities, here's some new
information on the EXE vector from our research.
http://blog.acrossecurity.com/2010/09/binary-planting-goes-exe.html
Pleasant reading,
Mitja Kolsek
CEO&CTO
ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-09-08-1
-
ASPR #2010-09-08-1: Remote Binary Planting in Apple Safari for Wind
ACROS Security has made the Online Binary Planting Exposure Test publicly
accessible
for the benefit of all Windows users. This test should make it easy for users
and
administrators to assess their exposure to binary planting attacks originating
from
the Internet.
URL: http://www.binaryplantin
The CoreTex Team from Core Security is happy to announce the *1st Open
Backdoor Hiding & Finding Contest* to be held at DEFCON 0x12 this year!
Hiding a backdoor in open source code that will be subjected to the
scrutiny of security auditors by the hundredths may not be an easy task.
Positively and
i...@securitylab.ir wrote:
> Vul in stable versions now isn't work.
> Original Advisory:
> http://blog.pouya.info/userfiles/vul/NginX.rar
http://www.coresecurity.com/content/filename-pseudonyms-vulnerabilities
Multiple Vulnerabilities with 8.3 filename pseudonyms in Web servers
"Nginx Web Server
Both variables ($app_path and $puntal_path) are defined in the index.php
file. As such they will never be overridden when the variables are passed
via POST or GET. POST and GET variables are populated and placed into the
global scope before the page is processed by the PHP processor engine
(assumin
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-04-12-1
-
ASPR #2010-04-12-1: Remote Binary Planting in VMware Tools for Wind
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2010-04-12-2
-
ASPR #2010-04-12-2: Local Binary Planting in VMware Tools for Windo
Apache mod_isapi Dangling Pointer Vulnerability - Security Advisory -
SOS-10-002
Release Date. 5-Mar-2010
Last Update. -
Vendor Notification Date. 9-Feb-2010
Product. Apache HTTP Server
Platform. Microsoft Windows
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
o PROBLEM DETAILS
The Juniper Secure Access (SA) web interface allows users to manage the
bookmarks on their landing page. This bookmark management functionality
does not filter user input properly and can allow cross site scripting
attacks.
Upon
TheGreenBow VPN Client Local Stack Overflow Vulnerability - Security
Advisory - SOS-10-001
Release Date. 21-Jan-2010
Vendor Notification Date. 11-Dec-2009
Product. TheGreenBow VPN Client
Platform. Microsoft Windows
Affected versi
=[BEGIN-ACROS-REPORT]=
PUBLIC
=
ACROS Security Problem Report #2009-10-30-1
-
ASPR #2009-10-30-1: HTML Injection in Oracle WebLogic Server Consol
SafeNet SoftRemote Local Buffer Overflow - Security Advisory - SOS-09-008
Release Date. 30-Oct-2009
Vendor Notification Date. 20-Jul-2009
Product. SafeNet SoftRemote
Platform. Microsoft Windows
Affected versions. 10.8.5
Aras "Russ" Memisyazici wrote:
>
> How effective is what Tom Grace suggests? Unless I'm misunderstanding, he's
> suggesting switching to an iptables based protection along with a registry
> tweak... ahh the good ol' batch firewall :) Would this actually work as a
> viable work-around? I realize M$
Piwigo SQL Injection Vulnerability - Security Advisory - SOS-09-007
Release Date. 17-Aug-2009
Last Update. -
Vendor Notification Date. 15-Jun-2009
Product. Piwigo
Platform. Independent
Affected versions. 2.0.0 (verified), possibly others
Severity Rating. Medium
Impact. Manipulation of data
Attack
Plume CMS Multiple SQL Injection Vulnerabilities - Security Advisory -
SOS-09-006
Release Date. 12-Aug-2009
Vendor Notification Date. 16-Jun-2009
Product. Plume CMS
Platform. Independent
Affected versions. 1.2.3 (verified), possibly others
Severity Rating. High
Impact. Manipulation of data
Attac
XOOPS Multiple Cross-Site Scripting Vulnerabilities - Security Advisory -
SOS-09-005
Release Date. 31-Jul-2009
Vendor Notification Date. 15-Jun-2009
Product. XOOPS
Platform. Independent
Affected versions. 2.3.3 (verified), possibly others
Severity Rating. Medium
Impact. Cookie/credential theft, i
26C3: Here Be Dragons
26th Chaos Communication Congress
December 27th to 30th, 2009
Berlin, Germany http://events.ccc.de/congress/2009/
Overview
is the annual four-day conference organized by the Chaos Computer Club
(CCC) in Berlin, Germany.First held in 1984, it since has estab
While we are at it... quite a few Thin Clients based on Windows XPe
deply with Administrator / Administrator and User / User as default
user / pass combinations. By default User is part of the
Administrator group. For an Aded bonus there is a VNC password of Wyse
or viewonly with the defau
Say hello to a new security tool called Surf Jack which demonstrates a
security flaw found in various public sites. The proof of concept tool allows
testers to steal session cookies on HTTP and HTTPS sites that do not set the
Cookie secure flag.
Tool: http://surfjack.googlecode.com/
Short p
Must stop the flash backs stripey where are you!
-KF
On Aug 6, 2008, at 7:08 PM, Shaun Colley wrote:
sup bugtraq.
Since a group of lads are giving a talk on Hacking OpenVMS at defcon
I figured I'd release a vulnerability in the OpenVMS finger service
(part of the MultiNet package) to
Partial disclosure rocks...
-KF
On Sep 21, 2007, at 3:53 PM, Thierry Zoller wrote:
Dear All,
pa> http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
Is this the way responsible disclosure works these days ?
"Adobe’s representatives can contact me from the usual place."
Wow, now that's coord
OSX client is also vulnerable and exploitable.
-KF
On May 29, 2007, at 7:26 AM, NGSSoftware Insight Security Research
wrote:
===
Summary
===
Name: Mac OS X vpnd local format string
Release Date: 29 May 2007
Reference: NGS00496
Discover: Chris Anley <[EMAIL PROTECTED]>
Vendor: Ap
Make this javascript for Safari show me the saved key for another
application (Like a stored WEP key) and I'll be impressed.
-KF
On May 18, 2007, at 9:23 AM, poplix wrote:
On 17 May 2007, at 7:50 PM, [EMAIL PROTECTED] wrote:
It is also why I don't leave my machine logged in and accessible
Safari thinks it is sexy
(gdb) r
Starting program: /Applications/Safari.app/Contents/MacOS/Safari
Reading symbols for shared
libraries ..
... done
Reading symbols for shared libraries . done
Reading symbols f
expw0rm dude? That is a pretty weak attempt at mirroring milw0rm.com
you pretty much copied str0kes layout except you added your own
crappy colors. how nice of you.
-KF
On Apr 9, 2007, at 9:40 AM, [EMAIL PROTECTED] wrote:
http://victim.com/[path]/richedit/keyboard.php?
first=../../../../.
Dates indicate thread start date not necessarily the offending post
date.
Clan Homepages of *some* of those that are responsible for the
attacks on Xbox live accounts.
3-19-2007 (See the blacklist and member list)
o InFamOuS o clan
http://www.oinfamouso.moonfruit.com/
3-19-2007
This Site
http://www.petitiononline.com/31337OSX/petition.html
-KF
This is very true... and in some cases rather than do either you chose
to sit on the bug. Its almost a cache 22... some folks invest time
upfront putting work into various vulnerabilities and have no way to get
back that investment. That in essence amounts to free QA for vendor X,Y
or Z and not
No offense to iDefense as I have used their services in the past... but
MY Q1 2007 Challenge to YOU is to start offering your researchers more
money in general! I've sold remotely exploitable bugs in random 3rd
party products for more $$ than you are offering for these Vista items
(see the h0n0
I've been subject to a few DoS attacks as of late so these did not quite
make it out. Enjoy the typos as usual. =P
-KF
DMA[2007-0109a] - 'Apple Finder Disk Image Volume Label Overflow / DoS'
Author: Kevin Finisterre
Vendor(s): http://www.apple.com
Product: '<= OSX 10.4 (?)'
References:
http://w
DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability'
Author: Kevin Finisterre
Vendor(s): http://www.apple.com
Product: 'iLife 06 (?)'
References:
http://www.digitalmunition.com/DMA[2007-0104a].txt
http://www.apple.com/ilife/iphoto/features/photocasting.html
http://projects.in
Just in case you are drunk / hungover / out of town or whatever... this is a friendly reminder that MOAB has begun.
http://projects.info-pull.com/moab/index.html
-KF
DMA[2006-1115a] - 'Kerio WebSTAR local privilege escalation'
Author: Kevin Finisterre
Vendor(s): http://www.kerio.com/webstar_home.html
Product: 'Kerio WebSTAR <= 5.4.2 (?)'
References:
http://www.digitalmunition.com/DMA[2006-1115a].txt
Description:
Kerio WebSTAR is an easy-to-use web server fo
I think the list spam trap ate this message a few weeks ago.
--- Begin Message ---
#!/usr/bin/perl
#
# http://www.digitalmunition.com
# written by kf (kf_lists[at]digitalmunition[dot]com)
#
# <= ftp://www.openbase.com/pub/OpenBase_10.0 (vulnerable) ?
#
# This is some fairly blatant and retarded
I think the list spam trap ate this message a few weeks ago.
--- Begin Message ---
This was supposed to go out on Halloween but it didn't... but either way
all you Mac users can get scared or something. OOGA BOOGA!
pwntego.tar.gz
Description: GNU Zip compressed data
DMA[2006-1031a] - 'Intego
As requested by several of the folks that went to hack.lu - 2006 I have
posted the code for the 'GenerationTwo' InqTana variant at
http://www.digitalmunition.com/hacklu.html
For those that missed it Thierry Zoller of nruns demonstrated a remote
exploitation of CVE-2005-1333 as a means to compro
DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow'
Author: Kevin Finisterre
Vendor: http://www.apple.com/
Product: 'Mac OSX <=10.4.7'
References:
http://www.digitalmunition.com/DMA[2006-0801a].txt
http://www.digitalmunition.com/getpwnedmail-x86.pl
http://www.digitalmunition.com/getpwnedmail
Overview
Check Point Firewall-1 R55W contains a hard coded web server, which runs on
TCP port 18264. This server is there to deal with PKI requirements for Check
Point's VPN functionality.
During a routine penetration test of a client, Sec-Tec discovered a
directory traversal vulnerability that a
You couldn't be more wrong if you called it a Canadian Goose!
-KF
#!/usr/bin/perl
# http://www.digitalmunition.com/FailureToLaunch.pl
# Code by Kevin Finisterre kf_lists[at]digitalmunition[dot]com
#
# This is a practical application of Non Executable Stack Lovin -
http://www.digitalmunition.com
Non eXecutable Stack Lovin on OSX86
kf[at]digitalmunition[dot]com
05/18/06
After my obligatory Cinco De Mayo Corona hangover had passed, I decided it was
time to score
DMA[2006-0514a] - 'ClamAV freshclam incorrect privilege drop'
Author: Kevin Finisterre
Vendor: http://www.clamav.net
Product: 'ClamAV freshclam'
References:
http://www.digitalmunition.com/DMA[2006-0514a].txt
http://www.markallan.co.uk/clamXav/
Description:
Tomasz Kojm of the ClamAV team describe
DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'
Author: Kevin Finisterre
Vendor: http://www.motorola.com
Product: 'Motorola PEBL U6, Motorola V600, other Motorola P2k based phones?'
References:
http://www.digitalmunition.com/DMA[2006-0321a].txt
http://www.motorol
DMA[2006-0313a] - 'Apple OSX Mail.app RFC1740 Real Name Buffer Overflow'
Author: Kevin Finisterre
Vendor: http://www.apple.com/macosx/
Product: 'Mac OSX 10.4.5 with Security Update 2006-001'
References:
http://www.digitalmunition.com/DMA[2006-0313a].txt
http://rfc.net/rfc1740.html
http://cve.mit
Sorry, I don't see this as amplification in your example, because YOUR
dns servers are 100% of the traffic. 1:1 ratio.
Now, if you get the world to cache your text records, and have THEM
flood with source-spoofed UDP (unrelated to the victim's DNS servers),
that'd work, and is actually a good
Thanks to those folks that helped edit this.
InqTana Through the eyes of Dr. Frankenstein.
kf_lists[at]digitalmunition[dot]com
This sole intent of this paper is to address both FUD and Rumors surrounding
the release of detaile
Here is a lexmark related local Security issue... I never got anywhere
with regard to disclosure... enjoy
Lexmark skins code execution.
Either LEXBCES.exe, LXBKPSWX.exe, LXBKJSWX.exe, or LEXPPS.exe allows
interaction from the user while running as SYSTEM. This interaction can
lead to CMD.exe
I am not sure why but this post appeared to be rejected.
DMA[2006-0115a] - 'AmbiCom Bluetooth Object Push Overflow'
Author: Kevin Finisterre
Vendor: http://www.ambicom.com/products/air2net
Product: 'AmbiCom Blue Neighbors <= V2.50 Build 2500'
References:
http://www.digitalmunition.com/DMA[2006-01
DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal'
Author: Kevin Finisterre
Vendor: http://www.toshiba-tro.de/
Product: 'Toshiba Bluetooth Stack <=v4.00.23(T)'
References:
http://www.digitalmunition.com/DMA[2006-0112a].txt
Description:
Toshiba was one of the first companies to p
All,
I think I was able to get the SAFER mechanism to block this for IE, and
any program covered under it. I know that there are other workarounds,
but I have found the SAFER approach has stopped every one of these sorts
of attacks. I have a vbscript that activates SAFER for IE, and various
other
Chapter 9 style ala Stealing the network.
enjoy...
have you ever been BluePIMped?
Exploiting The Widcomm BTStackServer by KF (kf_lists[at]digitalmunition[dot]com)
On August 12, 2004 Ryan Naraine of internetnews.com described a serious
vulnerability in
Widcomm's widely deployed Bluetooth Co
DMA[2005-1202a] - 'sobexsrv - Scripting/Secure OBEX Server format string
vulnerability'
Author: Kevin Finisterre
Vendor: http://www.mulliner.org/bluetooth/sobexsrv.php
Product: 'sobexsrv'
References: http://www.digitalmunition.com/DMA[2005-1202a].txt
http://www.mulliner.org/bluetooth/sobexsrv-1.
1 - 100 of 103 matches
Mail list logo
