[Full-disclosure] Kerio WebSTAR local privilege escalation

DMA[2006-1115a] - 'Kerio WebSTAR local privilege escalation' Author: Kevin Finisterre Vendor(s): http://www.kerio.com/webstar_home.html Product: 'Kerio WebSTAR <= 5.4.2 (?)' References: http://www.digitalmunition.com/DMA[2006-1115a].txt Description: Kerio WebSTAR is an easy-to-use web server fo

Re: [Full-disclosure] DoS kiddiots can face 10 years in jail

On Wed, 15 Nov 2006, Ronald MacDonald wrote: > I'm worried the Government is tightening the Computer Misuse Act > without fully understanding any consequences... Um, isn't that their *job*? Who said they needed to understand anything? -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF "

Re: [Full-disclosure] DoS kiddiots can face 10 years in jail

> The new law also makes it an offence to supply or make available any > software or tools that could be used to commit hacking or denial of > service attacks, and those found guilty under this section of the act > face up to two years in jail. Not only that, but the reform also targets anyone who

[Full-disclosure] ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability

ZDI-06-042: Verity Ultraseek Request Proxying Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-042.html November 15, 2006 -- CVE ID: CVE-2006-5819 -- Affected Vendor: Verity -- Affected Products: Ultraseek -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers h

[Full-disclosure] [SECURITY] [DSA 1212-1] New openssh packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1212-1[EMAIL PROTECTED] http://www.debian.org/security/ Noah Meyerhans November 15, 2006 - -

[Full-disclosure] Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability

Hello, We would like to inform you about a vulnerability in Outpost Firewall PRO 4.0. Description: Outpost Firewall PRO hooks many functions in SSDT and in at least twelve cases it fails to validate arguments that come from user mode. User calls to NtAssignProcessToJobObject, NtCreateKey, Nt

[Full-disclosure] TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure

-- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 Message sent using UebiMiau 2.7.2 TrustedBSD* all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006 Noti

[Full-disclosure] FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure

-- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 Message sent using UebiMiau 2.7.2 FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006 Notice =

[Full-disclosure] DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure

-- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 Message sent using UebiMiau 2.7.2 DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006 Not

[Full-disclosure] NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure

-- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 Message sent using UebiMiau 2.7.2 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure 11/15/2006 Notice ==

Re: [Full-disclosure] ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability

here we go, enjoy! https://prdelka.blackart.org.uk/exploitz/prdelka-vs-MS-winzip.c --- Micheal Turner <[EMAIL PROTECTED]> wrote: > 7245 correctly resolves this issue; standard stack > overflow in WZFILEVIEW.FilePattern snatching EIP; > PoC > below; > > > > > > > >