[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 [EMAIL PROTECTED], Lolek of TK53

[Full-disclosure] [ GLSA 200712-22 ] Opera: Multiple vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] DIMVA 2008 - Call For Papers

Dear Colleagues, Attached please find the Call For Papers for DIMVA 2008, the Fifth GI International Conference on Detection of Intrusions Malware, and Vulnerability Assessment; which is to be held in Paris, France, July 10-11, 2008. Complete information is available at

[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 [EMAIL PROTECTED], Lolek of TK53

[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 [EMAIL PROTECTED], Lolek of TK53

[Full-disclosure] [ GLSA 200712-23 ] Wireshark: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[Full-disclosure] [ GLSA 200712-24 ] AMD64 x86 emulation GTK+ library: User-assisted execution of arbitrary code

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[Full-disclosure] [ GLSA 200712-25 ] OpenOffice.org: User-assisted arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200712-25 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[Full-disclosure] IBM Domino Web Access inotes6.dll SEH Overwrite Exploit

My first attempt at an SEH overwrite exploit. Anyhow, I first posted about this issue regarding version 7 of this control, Will Dormann of the CERT/CC discovered versions 6 and 6.5 are vulnerable too, see http://www.kb.cert.org/vuls/id/963889. Dwa7w.dll and inotes6w.dll are unicode, thats my

Re: [Full-disclosure] usb shorting to ground

Todd Troxell wrote: I discovered rather inadvertently that laptops do not enjoy having their USB VCC shorted to GND one bit. It is a sure DoS, in fact if the machine has a stupid power supply, it could result in permanent damage. It is kind of scary for kiosk machines like the those

[Full-disclosure] Installshield isusweb.dll Buffer Overflow Exploit

MC has already made a Metasploit module for this, and Symantec has released BloodHound signatures for general isusweb abuse. Code is inline and attached. !-- written by e.b. Macrovision Installshield isusweb.dll SEH Overwrite Exploit Tested on Windows XP SP2(fully patched)

[Full-disclosure] IBM Domino Web Access Upload Module dwa7w.dll SEH Overwrite Exploit

This one is unicode based, so is inotes6w. Exploitation for inotes6w is probably the same just with a different offset. Code is inline and attached. - !-- written by e.b. IBM Domino Web Access Upload Module dwa7w.dll SEH Overwrite Exploit CVE-2007-4474 Tested on Windows XP