[Full-disclosure] IBM Domino Web Access Upload Module dwa7w.dll SEH Overwrite Exploit

This one is unicode based, so is inotes6w. Exploitation for inotes6w is probably the same just with a different offset. Code is inline and attached. - IBM Domino Web Access Upload Module dwa7w.dll SEH Overwrite Exploit function Check() { var buf = une

[Full-disclosure] Installshield isusweb.dll Buffer Overflow Exploit

MC has already made a Metasploit module for this, and Symantec has released BloodHound signatures for general isusweb abuse. Code is inline and attached. Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check() { var buf = 'A';

Re: [Full-disclosure] usb shorting to ground

Todd Troxell wrote: > I discovered rather inadvertently that laptops do not enjoy having > their USB VCC shorted to GND one bit. It is a sure DoS, in fact if > the machine has a stupid power supply, it could result in permanent > damage. It is kind of scary for kiosk machines like the those > ubiqu

[Full-disclosure] IBM Domino Web Access inotes6.dll SEH Overwrite Exploit

My first attempt at an SEH overwrite exploit. Anyhow, I first posted about this issue regarding version 7 of this control, Will Dormann of the CERT/CC discovered versions 6 and 6.5 are vulnerable too, see http://www.kb.cert.org/vuls/id/963889. Dwa7w.dll and inotes6w.dll are unicode, thats my ne

[Full-disclosure] [ GLSA 200712-25 ] OpenOffice.org: User-assisted arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-25 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] [ GLSA 200712-24 ] AMD64 x86 emulation GTK+ library: User-assisted execution of arbitrary code

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - -

[Full-disclosure] [ GLSA 200712-23 ] Wireshark: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - -

[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 <[EMAIL PROTECTED]>, Lolek of TK53

[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 <[EMAIL PROTECTED]>, Lolek of TK53

[Full-disclosure] DIMVA 2008 - Call For Papers

Dear Colleagues, Attached please find the Call For Papers for DIMVA 2008, the Fifth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment; which is to be held in Paris, France, July 10-11, 2008. Complete information is available at http://www.dimva.org/dimv

[Full-disclosure] [ GLSA 200712-22 ] Opera: Multiple vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 <[EMAIL PROTECTED]>, Lolek of TK53