One of my first advisories and was rediscovered later, turned into a viable
exploit 2 years after by another researcher.
http://framework.metasploit.com/exploits/view/?refname=windows:ftp:netterm_netftpd_user
so who won? can we argue about CSRF yet? perhaps an interlude with
0day or !0day moderated by Gadi...
On Nov 5, 2007 12:00 AM, pdp (architect) [EMAIL PROTECTED] wrote:
comments inlined
hey look i top posted
pdp we are not talking about whether XSS is suitable for all kinds of
pdp attacks.
coderman wrote:
so perhaps xss should be discussed much less is the only
concrete thing we all agree on?
FTW
It's pretty obvious that finding XSS has a low entrance barrier; this
explains its popularity. It's just not very impressive. At the same
time, if finding an xss gets some kid
On Dec 12, 2007 3:07 AM, jipe foo [EMAIL PROTECTED] wrote:
...
Hum... am I missing the point or is that just a matter of redirection
with the favicon (and the Gmail logout CRSF is not really new...) ?
Moreover just switching between tabs does not log me off on my system
[2] (as it does not
On Dec 11, 2007 7:46 PM, Nick FitzGerald [EMAIL PROTECTED] wrote:
...
So does the simple expedient of setting browser.chrome.favicons to
false fix this for FF users?
try browser.chrome.favicons and browser.chrome.site_icons disabled. maybe more?
Does it work in IE7's tabbed browsing?
for
I would say that XSS or CSRF is a means to an end. Its not that you can XSS is
what you do with once you find it. Its not a sexy beast that you can blog about
but it an attack vector none the less.
The simpler the attack the greater the success. So yeah it takes little skill
to find. It take
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1428-2[EMAIL PROTECTED]
http://www.debian.org/security/ dann frazier
December 11th, 2007
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SUSE Security Announcement
Package:samba
Announcement ID:SUSE-SA:2007:068
Date:
Gimp 2.2.14 RAS vuln
http://www.milw0rm.com/exploits/3888
That DownExec shellcode look nice. It was useful when you grabbed it
from Metasploit? Perhaps you should give the president credit before
telling security world you create the good shellcode. (Through much
use of diff, GPS has
iDefense Security Advisory 12.11.07
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 11, 2007
I. BACKGROUND
Internet Explorer is a graphical web browser developed by Microsoft
Corp. and included as part of Microsoft Windows since 1995. The
setExpression method is commonly used to
Thank you info sec guru for your glowing review. Did you even read my post?
I think I explained quite succinctly why XSS is not a vulnerability. Do you
have some argument with what I posted or are you going to stick with
criticizing my tone? You win oh guru of the info sec industry thing.
3
iDefense Security Advisory 12.11.07
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 11, 2007
I. BACKGROUND
Microsoft DirectShow, part of Microsoft DirectX, is used for the capture
and playback of multimedia streams on Microsoft Windows systems.
Synchronized Accessible Media
Its amazing the last 2 posters even have to time to read FD. With all the super
important super secret projects they must be working. They preface everything
with Im not going to put much thought into this then proceed to vomit a bunch
of useless rhertoic throwing in how trivial it is and how
All of the retards on the list will no doubt ask me for a secure session
management schema but I am a firm believer that sharing is communism so
screw you.
Did I call that or what :D
Yes you are implementing it badly. to establish session you no doubt require
authentication based on some known
Byron Sonne wrote:
In terms of a technically interesting challenge, it sounds about as
exciting as picking fights with 10 year olds. Shit man, most of this
stuff is more about fooling people than anything. Yawn. I was bored
tricking or weaseling passwords out of datacentre employees over the
On Wednesday 12 December 2007 08:05:35 Steven Adair wrote:
You aren't really able to take action on Google's site per the
real definition of CSRF.
CRSF: Canadian Rope Skipping Federation (Google's I'm feeling lucky)
Center for Research on Sustainable Forests
Canadian Rhodes
Actually, the suggested prevention tactic is to create a post variable in
your form of type hidden with a securely generated one-time ticket that an
attacker would not be able to scrape without performing an xmlhttp call,
therefore signalling a (real) security problem with the app in question.
Its amazing the last 2 posters even have
to time to read FD.
It's not without it's uses :)
With all the super important super secret
projects they must be working.
LOL
believes XSS and XSRF as viable attack vectors
The other side thinks its rubbish.
That's a disingenuous distortion. I
PS-- Have you managed to get hired in an actual security position yet or are
you running around San Francisco begging for scraps from our tables?
PPS-- Namedropping the head of a project you plagiarized from in your cover
letter is not good policy. Especially in this industry. Its a smaller world
PS-- Have you managed to get hired in an actual security position yet or are
you running around San Francisco begging for scraps from our tables?
PPS-- Namedropping the head of a project you plagiarized from in your cover
letter is not good policy. Especially in this industry. Its a smaller world
On Wed, 12 Dec 2007 15:23:15 EST, Byron Sonne said:
That's a disingenuous distortion. I happen to think they are both viable
attack vectors AND rubbish.
The sad part is that in so many cases, total rubbish is a viable attack vector.
I'm ambivalent on whether the preceding sentence needs a
Glad to see we figured it out. :) Yes, Cross Site Request Forgery would
be the correct term referenced by the acronym in all of the replies
(subsequently also the first result in a normal Google query). I'm still
not quite sure what the big deal on the favicon stuff in terms of this
issue. So
On Wednesday 12 December 2007 11:27:28 Steven Adair wrote:
Glad to see we figured it out. :) Yes, Cross Site Request Forgery would
be the correct term referenced by the acronym in all of the replies
(subsequently also the first result in a normal Google query).
And there you have it: I can
Mr. HinkyDink would like to share the following with the Security Community...
-- Forwarded message --
From: [EMAIL PROTECTED]
Date: Dec 12, 2007 6:05 PM
Subject: Websense 6.3.1 Filtering Bypass
To: [EMAIL PROTECTED]
Please share this with your little friends...
rPath Security Advisory: 2007-0264-1
Published: 2007-12-12
Products:
rPath Linux 1
Rating: Minor
Exposure Level Classification:
Remote User Deterministic Information Exposure
Updated Versions:
[EMAIL PROTECTED]:1/1.2.3-8.1-1
[EMAIL PROTECTED]:1/1.2.3-8.1-1
rPath Issue Tracking
On Dec 12, 2007 3:38 AM, Morning Wood [EMAIL PROTECTED] wrote:
One of my first advisories and was rediscovered later, turned into a viable
exploit 2 years after by another researcher.
http://framework.metasploit.com/exploits/view/?refname=windows:ftp:netterm_netftpd_user
Yes way to go MW you made his day! MW I understand how hard it is to turn
things into viable exploits :(... sometimes the best move is just to wait
for the metasploit guys to do it. They are elite at bof sploitin' etc. You
should stick to the more interesting research like XSS and SQL tampering :
On Dec 12, 2007 10:32 PM, Fredrick Diggle [EMAIL PROTECTED] wrote:
also Dude, your pillow joke was damn hilarious :D how did you think of it?
can you give me joke lessons?
No, but I can give you some pointers on sarcasm.. ;-)
-JP
___
===
Ubuntu Security Notice USN-550-3 December 13, 2007
libcairo regression
https://launchpad.net/bugs/175573
===
A security issue affects the following Ubuntu releases:
BTW:
http://www.google.com/search?hl=enq=%22Fredrick+Diggle%22+%2B2003btnG=Search
Nice work Fred!
On Dec 12, 2007 10:32 PM, Fredrick Diggle [EMAIL PROTECTED] wrote:
Yes way to go MW you made his day! MW I understand how hard it is to turn
things into viable exploits :(... sometimes the best
wow thats quite impressive.. you couldnt exploit a basic overflow and two
years later someone else did
you must be quite proud. Did you tell your family and co workers about this
great finding? I hear tipping point and idefense are hiring you should
forward them this set of emails.
On Dec 12,
On Dec 12, 2007 12:36 PM, Andrew A [EMAIL PROTECTED] wrote:
...
PPS-- Namedropping the head of a project you plagiarized from in your cover
letter is not good policy. Especially in this industry. Its a smaller world
... people have been relayed by now that you
directly claimed authorship of
On Dec 12, 2007 1:27 PM, Steven Adair [EMAIL PROTECTED] wrote:
... if you simply
had a 302 or mod_rewrite rule for any image that you actually had written
into the source of your page, you could achieve the same result.
no, that would only trigger a request when the page is loaded. a
refresh
On Dec 12, 2007 9:01 PM, Andrew A [EMAIL PROTECTED] wrote:
Actually, the suggested prevention tactic is to create a post variable in
your form of type hidden with a securely generated one-time ticket that an
attacker would not be able to scrape without performing an xmlhttp call,
therefore
34 matches
Mail list logo
