Unsubscribe
This message (including any attachments) contains confidential information
intended for a specific individual and purpose, and is protected by law. If you
are not the intended recipient, you should delete this message and any
disclosure, copying, or distribution of this message,
CVE-2013-4295: XXE vulnerability In Apache Shindig 2.5.0 (PHP)
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: Apache Shindig PHP 2.5.0
Description: The gadget renderer in the PHP version of Apache Shindig
is subject to an XML External Entity (XXE) Injection attack
t the original exploit dev has to waste his time saying the
same thing 5 times.
Ryan Sears
- Original Message -
From: "dan j rosenberg"
To: "Cal Leeming [Simplicity Media Ltd]"
,
full-disclosure-boun...@lists.grok.org.uk, "Ariel Biener"
Yep, just tested it in an Ubuntu 10.10 sandbox I have (running kernel
2.6.35-22-generic). Works as expected.
Great job Dan. You're full of win!
Regards,
Ryan Sears
- Original Message -
From: "Cal Leeming [Simplicity Media Ltd]"
To: "Dan Rosenber
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> ___
> Full-Disclosure - We believe in it.
1. First after logging onto the console either pnlog mailto, or pnlog scpto
will send the logs off of the box to a destination you specify, you can also
display the logs using pnlog show.
[pnadmin]$ pnlog scpto r...@10.4.61.206:/home/ryan
scp /tmp/error-logs.tar.gz r...@10.4.61.206:/home/ryan
ity Mailing List Archives:
http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
--
Ryan C. Barnett
ModSecurity Community Manager
Breach Security: Director of Application Security Training
Web Application Security Consortium (WA
On that note you might as well deny php5 too
--Ryan Neufeld
IT Systems Manager
[EMAIL PROTECTED]
MagPower Systems Inc.
Ph: (640)940-3232
Fax: (640)940-3233
-Original Message-
From: Gadi Evron [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 12, 2007 9:50 AM
To: [EMAIL PROTECTED]
Cc
It seems dubious, at best, to me and possibly nothing more than pure FUD.
Sorry to get off topic.
Ryan Meyer
Source: http://secunia.com/advisories/23232/
Does anybody have any more detailed information on specifics about
this vulnerability? There is very little detail concerning this. What
actions is anyone taking against this? According to one article,
Mcafee discovered this vulnerability and the word
As of 20-October-2006, Ryan Smith from Hustle Labs
(http://www.hustlelabs.com) and Michael Ligh from MNIN
(http://www.mnin.org) have released an advisory
detailing a vulnerability in Novell eDirectory HTTPStk. This
vulnerability occurs when processing HTTP Request headers and can be
triggered by
When does php.net usually publish an official patched version on their
website, outside of cvs? One would think they should publish it soon
considering the vulnerability and exploit.
On 9/9/06, İsmail Dönmez <[EMAIL PROTECTED]> wrote:
Hi,
9 Eylül 2006 Cumartesi 13:24 tarihinde, [EMAIL PROTECTED]
As of 24.7.2006, a new advisory detailing a buffer overflow in
Tumbleweed EMF's LHA archive processing has been made public on the
Hustle Labs website. Please visit
http://www.hustlelabs.com/advisories.html for more information.
-Ryan Smith
Hi there,
Website Baker 2.6.4 includes security fixes that should hopefully fix all of
these problems.
Ryan.
based versions)
Novell Netware Client for Windows (All versions)
Credit:
Ryan Smith & Alex Wheeler
Details & Patch information:
http://www.hustlelabs.com/novell_ndps_advisory.pdf
Vendor links:
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=9145&sl
Hi Group.
Security advisory is available at:
http://www.ryanstyle.com/alert/my/5/ms06_009_eng.html
Best regards,
Ryan
:
Remote Code Execution
Credit:
Ryan Smith ([EMAIL PROTECTED])
Advisory:
http://www.hustlelabs.com/shareaza_advisory.pdf
There has been a new release which resolves this issue (2.6.1).
This part from the TID is kind of important:
GroupWise Webaccess users using their desktop or laptop computers do NOT have this
problem.
Only happens with WML & HDML.
Only happens when using Wireless Phones
Ryan
>>> "Adam Gray" <[EMAIL PROTECTED]> 7/31/
he author reports fixes this problem.
===
Contact
===
Ryan Fox
[EMAIL PROTECTED]
TCP connections
in the CLOSE_WAIT state, according to their bugzilla database:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=76146 for more info.
Ryan Cleary
SysAdmin
Interdimenions Corp.
--
T Ryan Cleary <[EMAIL PROTECTED]>
URL: http://people.interdimensions.com/tryanc
PGP: 82 93 32 D7 3A AC C0 8D 34 56 96 CC DA DB 5E 2B
t rent this useless junk
from AT&T.
Attempts to notify AT&T about this issue resulted in them wanting to
send a technician to my house to check my wiring. Don't even get me
started on their tech support...
Ryan
.2 Workgroup (Build 180)
Ryan Purita
Network Security Analyst
Totally Connected Ltd.
1308 S.E. Marine Drive,
Vancouver, B.C., V5X 4K4
[EMAIL PROTECTED]
Phone: 604-432-78
urity
reports.) They can help get the report to the right people.
If all else fails, please contact me, and I'll put you in touch with
people I know there.
Ryan
On Fri, 5 Jul 2002, Aaron C. Newman wrote:
> Does anyone know of a contact at Sybase to whi
Windows 2000 and NT4 IIS .HTR Remote Buffer Overflow
Release Date:
June 12, 2002
Severity:
High (Remote code execution)
Systems Affected:
Microsoft Windows NT 4.0 Internet Information Services 4.0
Microsoft Windows 2000 Internet Information Services 5.0
A vulnerability in transfer chunking, in
reference,
and a number of other items. I would think it's non-trivial.
I would think this was a hand-done response to Code Red.
Ryan
flames.)
Having done my usual lecturing, I will say that this is the first time
I've even been willing to entertain the idea of a good worm... I just
don't know what else can fix a problem of this scale. You will never,
ever come to agreement on how it should be done. Either some government
will decide for you, or some hacker who is willing to take one for the
team. I'm not real comfortable with either of those two setting policy
for the Internet.
Ryan
p his target list.
Whoops.
Ryan
l -p 80 > worm, and you'll get a copy. It's not scanning
in any sense, it just tries a connect, and sends the string.
Ryan
n image tag to a newsgroup, instead of a web forum,
with heavy traffic (some porn images group). If the image tag had it's
source pointing to a common URL, it could quickly bring that site down
due to the volume of people downloading the message from the newsgroup
and referencing the image tag contained within.
Ryan Kennedy
actice is to code a function specifically to strip any
possible malicious characters out of strings, and wrap it around every
variable put into a query, whether it should be user-supplied or not.
Addslashes is a good function to call from your stripping function, but it
should not be your only line of defense.
Ryan Fox
it's bible history, then you
don't. The bypass only "works" if the restricted site is the default.
Ryan
ord, Red Hat 7.0 ships with a user/group 'mysql' under which the daemon
runs (I guess they read up, not sure what version of the MySQL RPM you saw
it running as root under...).
Cheers,
Ryan
+-- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --+
Ryan W. Maple
you should not have to setup
ACLs to protect yourself from your own software. I take it from your
comment that they are not planning on fixing it.
Just my worthless $.02 :)
Cheers,
Ryan
+-- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --+
Ryan W. Maple "I du
y, and Red Hat issued one
early Friday. Alan Cox said that it would be fixed in 2.2.19pre9 which
was also released on Friday (IIRC).
I do agree that releasing it right before the weekend was not the _best_
thing to do, but upda
r vendors. I believe Elias
forwarded the exploit to Bugtraq the next day.
Ryan
x27; well-being, is
what will prompt them to pay-for-play under a system like ISC is
proposing.
Or am I just being cynical?
--
Ryan Waldron||| http://www.erebor.com|||[EMAIL PROTECTED]
"The web goes ever, ever on, down from the site where it began..."
There will be a security convention on April 20,21,22 at:
Quality Inn Cleveland -- Airport
16161 Brookpark road
Cleveland, Oh 44142
(216) 267-5100
Check-in is 4:00pm on Friday, and Checkout is 11:00am Sunday (EST)
The room costs are $60.00 if you register early, $70.00 if you register at
th
uire you taking a virgin
drive and creating nothing but EFS partitions that cover the entire drive,
and THEN do your work.
Ryan
Due to some mail trouble, I'm manually forwarding this note. The
signature should check out.
Ryan
From: Microsoft Security Response Center
Sent: Monday, January 22, 2001 2:17 PM
To: '[EMAIL PROTECTED]'
Cc: Microsoft Security
rom 3 writes ago off of a physical disk surface for me... unless
you gave me a huge amount of time and money.
If the problem does exist as described... the possibility that a
government forensics lab might recover some data is no exucse for not
handling temp files properly for EFS.
Ryan
On Wed, 10 Jan 2001, Christian Zuckschwerdt wrote:
> I've read the directory with a bunch of other tools (perl, find) and
> that makes me believe it's not and ls bug.
>
What do echo * and strings . produce?
Ryan
id/1503
In short, if you've got a malicious web server, or a web server that has
been compromised in a non-obvious way, the problem is much more serious
than a DoS or DDoS.
Ryan
would have to be subtle (i.e. not crash the browser) and the
site would have to be popular, but not very carefully watched by the
administrators. In fact, given a powerful enough hole, this is a good way
to build an army of traditional zombies. Or steal loads of personal info
off of clients.
Ryan
, wordpad is launched. This is
from the web page demo.
Ryan
From:
http://www.apache.org/dist/Announcement.html
Apache 1.3.12 Released
The Apache Software Foundation and The Apache Server Project are pleased
to announce the release of version 1.3.12 of the Apache HTTP server.
The primary changes in this version of Apache are those related to the
``cross
und filter on the Ethernet or WAN interface that covers the dialup
address pool. Or on the next router out. All the ISPs I've seen (and
granted, it's only a few) have another router in front of the dialup
router. Sure, dialup users will still be able to spoof at each-other, but
I assume that's a much smaller concern.
Ryan
on platform, you
can start and stop programs, kill processes, download all passwords, shut
down the boxes, change hardware settings, all without any loggin in most
cases.
You really want to not have this problem.
Ryan
ound C code, unless you
HTMLize it first. If you don't, all your # will dissappear,
and perhaps the rest of the note if it's waiting for a # :)
Ryan
I believe you can do the same on most modern unices now with judicious
use of su and xhost adjustments.
Ryan
NetBoot Schemes (PC9x etc) as discussed by
[EMAIL PROTECTED] (Nick Fitzgerald)...
Well done for picking this aspect up... netboot is implemented in Intel
EtherExpress Pro 10/100 adapters... by default.
Great for management, not so good for security or fast booting :(
It can be turned off via an app
ough the properties
screen and disable all the things on by default.
Ryan
a password to be set upon installation.
My favorite way of handling this is that remote management isn't enabled
until a password is set, ala Cisco routers. Cisco seems to have missed that
on their Catalyst switches.
Ryan
I just released a Blowfish plugin that doesn't use MD5, and should be a
fast encryption substitue. It is availible from a link on the bo2k site.
As a note, both the cast and IDEA plugins are now fixed.
talis
Alfred Huger wrote:
> -- Forwarded message --
> Date: Sun, 01 Aug 199
Even more frightening, head to:
http://domino.siteatlas.com/domino/siteatlas.nsf?Open
for a rather complete listing of worldwide industries, ranging from telco
to hotels, who run Domino...
rt
On Thu, 8 Jul 1999 [EMAIL PROTECTED] wrote:
> yep that's all true... yet I feel domino sites are quit
55 matches
Mail list logo
