On Tue, Jun 19, 2001 at 03:44:10PM +0200, Henrik Nordstrom wrote:
> [EMAIL PROTECTED] wrote:
>
> > Folks are missing the point on the Referer check that I suggested.
>
> I intentionally selected to not go down that path in my message as there
> are quite a bit of pitfalls with Referer, and it ca
Regarding IMG tags in HTML email, here is a good point I received off-list.
The sender did not wish to post directly, but approved forwarding this note.
-Peter
- Forwarded message (anonymous, forwarded with permission) -
Date: Sat, 16 Jun 2001 22:55:41 +0200
To: Peter W <[EM
On Thu, Jun 14, 2001 at 09:12:05PM -0400, Chris Lambert wrote:
> would it be safe to check
> that if a referer is present, it contains the sites' domain name,
Yes.
> but if it
> isn't, it most likely wouldn't have been referenced in an tag or
> submitted via JavaScript?
You mean it's safe/leg
On Fri, Jun 15, 2001 at 02:09:57AM -0400, Chris Lambert wrote:
> Yes, you're correct that its the target of the exploit which needs to be
> protected. However, the reason we originally related it to message boards
> was because the source and the target were tightly related.
Yes, of course. It's
Cross-Site Request Forgeries
(CSRF, pronounced "sea surf")
I hope you don't mind if I expand on this a bit. You've come across the
tip, in my opinion, of a rather large iceberg. It's another
Web/trust-relationship problem. Many Web applications are fairly good at
identifyi
On Fri, Jun 08, 2001 at 12:37:34AM -0700, Peter Ajamian wrote:
> While crypt password authentication is not in and of itself very secure,
> Network Sulotions have made it even less so by including the first two
> characters of the password as the salt of the encrypted form. While the
> password
On Fri, Jun 08, 2001 at 04:51:57AM +0100, Glynn Clements wrote:
>
> Eric Hacker wrote:
> > Conveniently, UTF8 uses the same
> > values as ASCII for ASCII representation. Above the standard ASCII 127
> > character representation, UTF8 uses multi-byte strings beginning with 0xC1.
>
> No; the sequ
On Tue, Jun 05, 2001 at 12:59:03PM -0700, Dan Kaminsky wrote:
> An immediate design fix would be to use a different coloring and fontfacing
> scheme to refer to full names, rather than quoted email addresses from the
> address book. This should self-document decently, since over the course of
>
On Mon, Jun 04, 2001 at 03:17:04PM -0700, [EMAIL PROTECTED] wrote:
> On Mon, Jun 04, 2001 at 11:19:37AM -0400, David F. Skoll wrote:
> > I could not duplicate this with OpenSSH 2.9p1-1 on Red Hat 6.2
> The problem code is invoked in the X forwarding of ssh. If you try
> again, this time passing -
On Fri, May 18, 2001 at 04:35:08PM -0400, Greg A. Woods wrote:
> [ On Friday, May 18, 2001 at 11:18:51 (-0400), Wietse Venema wrote: ]
> > 3 - User-specified shell commands. Traditionally, a user can specify
> > any shell command in ~user/.forward, and that command will execute
> > with the priv
On Wed, Apr 11, 2001 at 04:32:38PM +0100, Shez wrote:
> The mkpasswd password generator that ships in the ``expect'' package of (at
> least RedHat 6.2) generates only a relatively small number (2^15 for the
> default password length) of passwords. Presumably this is a result of trying
> to
On Sun, Mar 11, 2001 at 10:36:32PM +0100, Palmans Pepijn wrote:
> The problem is in the sub check_url:
> It sets $check_referer = 1 if there is no $ENV{'HTTP_REFERER'}
> Under normal conditions your server will always be able to get the HTTP_REFERER.
Not true. Many firewalls block Referer header
On Sat, Feb 17, 2001 at 04:57:23PM +0100, JeT Li wrote:
> One way to fix the problem is to create a directory inside your
> home directory which is inaccessible to anyone but yourself (permissions 700),
> called tmp. Then insert an entry in your login start-up file to set the $TMP
> environ
I can't believe how much has been written about an issue
that's apparently fixed with a few lines of code.
More patches, less pedantic finger pointing. Bottom line
is the app does not, cannot enforce length constraints on
usernames, so it needs to do proper bounds checking.
-Peter
On Sun, Feb 11, 2001 at 05:15:53PM -0300, Paulo Cesar Breim wrote:
> The software Tiny Sheet, present in all versions of Palm Pilot,
http://www.iambic.com/pilot/tinysheet3/
To clarify: it's not included with PalmOS; it's 3rd-party software.
> has a function called IMPORT file.
> Well when this
Regarding Peter Guendl's discovery of DoS attacks against iWS 4.1:
1) Peter G. reports that disabling the cache with cache-init is not
an effective workaround for the FastTrack problem.
2) I wrote that iWS 4.1 has "at least one huge hole (remote code execution
via SSL/TLS implementation bu
On Mon, Jan 22, 2001 at 05:28:50PM -0800, Ryan Russell wrote:
> Due to some mail trouble, I'm manually forwarding this note.
> From: Microsoft Security Response Center
> Subject:Re: BugTraq: EFS Win 2000 flaw
> "... it is recommended that it is always better to start by crea
On Mon, Jan 22, 2001 at 01:30:33PM +0100, Peter Gründl wrote:
>Defcom Labs Advisory def-2001-05
Oooh, how fancy! ;-)
> --=[Detailed Description]=
> The Fasttrack 4.1 server caches requests for non-existing URLs with
> valid extensi
At 5:48pm Mar 22, 2000, Vanja Hrustic wrote:
> amonotod wrote:
> > Netscape ENT 3.6 SP3 -or maybe it's SP2- on NT4.0 SP4, vulnerable, even though
> > WebPublishing has never (not even just to try it out) been enabled.
Same here. If directory browsing is enabled, wp-cs-dump gives a listing.
> -
At 11:44pm Mar 15, 2000, Pavel Machek wrote:
> /proc/pid allows strange tricks (2.3.49):
> pavel@bug:~/misc$ ps aux | grep grep
> Warning: /boot/System.map has an incorrect kernel version.
> Warning: /usr/src/linux/System.map has an incorrect kernel version.
... interesting bits about /proc/$PI
At 10:31am Feb 23, 2000, -Eiji Ohki- wrote:
> I could find out the denial of service effected to iPlanet
> Web Server, Enterprise Edition 4.1 on Linux 2.2.5(Redhat6.1J;
> Kernel 2.2.12).
http://www.iplanet.com/downloads/download/detail_161_284.html
"Version Description: Please note this is a pre
At 9:59am Feb 8, 2000, Taneli Huuskonen wrote:
> Ari Gordon-Schlosberg wrote:
>
> > [Bill Thompson <[EMAIL PROTECTED]>]
> > > One form of protection from a truly *cross-site* attack that I didn't
> > > see mentioned in the CERT advisory is the trusty "HTTP_REFERER"
> > HTTP_REFERER is trivial to
,
then $TMPDIR (maybe), then a fatal complaint.
-Peter
At 11:50pm Jan 24, 2000, Peter W wrote:
> At 8:48am Jan 24, 2000, harikiri wrote:
>
> > w00w00 Security Advisory - http://www.w00w00.org/
> >
> > Title: VMware 1.1.2 Symlink Vulnerability
> > Platfo
Please note that such wrappers should produce normal HTML pages with
hyperlinks and HTTP-EQUIV "client pull" tags. If the wrapper simply uses a
Location: redirect, many clients will send the URL of the original page,
not the URL of the intermediate wrapper (verified in Netscape 4.7 and MSIE
4.0).
At 12:43pm Jan 4, 2000, Alfred Huger wrote:
>Red Hat, Inc. Security Advisory
>4. Solution:
>
>For each RPM for your particular architecture, run:
>rpm -Uvh
>where filename is the name of the RPM.
By suggesting "-Uvh" instead of "-Fvh",[1] RHAT may put systems at risk.
Case
At 1:14am Nov 13, 1999, D. J. Bernstein wrote:
> A sniffing attacker can easily forge responses to your DNS requests. He
> can steal your outgoing mail, for example, and intercept your ``secure''
> web transactions. This is obviously a problem.
If by secure web transactions, you mean https, SSL-
Unfortunately, many documents suggest doing this work as root. See
http://www.redhat.com/mirrors/LDP/HOWTO/Kernel-HOWTO-3.html#ss3.2
Some re-education may be in order. :-(
-Peter
cc: Brian Ward, the Kernel-HOWTO maintainer
At 10:06pm Oct 25, 1999, Alessandro Rubini wrote:
> > There is a (mo
On Fri, 27 Aug 1999, Paul Leach (Exchange) wrote:
> The server gets to say, in the WWW-Authenticate challenge header field, for
> which "realm" it wants credentials (name+password). If both www.company.com
> and www.company.com:81 send the same realm, then the same password will
> continue to wor
As Netscape has not acknowledged my email or bug report from last week,
and one form of this vulnerability is currently being used, I have decided
it best to publicize this problem.
SUMMARY
This post describes a flaw verified in Netscape Communicator 4.6-0 as
distributed by Red Hat software for
29 matches
Mail list logo