[Full-disclosure] Chrome and Safari users open to stealth HTML5 Application Cache attack

Google Chrome and Safari support HTML5 Application Cache. But unlike Firefox and Opera they do not ask for user permission before allowing a site to create an Application Cache. On unsecured networks, attackers could stealthily create malicious Application Caches in the browser of victims for

[Full-disclosure] Nuance OmniPage 16 Professional installs multiple vulnerable Microsoft runtime libraries

Nuance Communications, Inc. offer on their german web page http://www.nuance.de/kostenlose-ocr-software-test/download.asp a trial version of OmniPage 16 Professional for download. The installer OPPro16_TD.exe (a self-extracting RAR archive) was published Tue, 30 Jun 2009 14:38:28 GMT (according

Re: [Full-disclosure] Chrome and Safari users open to stealth HTML5 Application Cache attack

Hello Lava, It's an interesting twist but it does not seem to offer network attackers any additional advantage beyond what they can already achieve. For example, a similar attack works against the Firefox and Opera browsers I have installed on my laptop: echo -ne 'HTTP/1.1 200

[Full-disclosure] IS-2010-004 - D-Link DAP-1160 Unauthenticated Remote Configuration

Security Advisory IS-2010-004 - D-Link DAP-1160 Unauthenticated Remote Configuration Advisory Information Published: 2010-06-28 Updated: 2010-06-28 Manufacturer: D-Link Model: DAP-1160 Firmware version: 1.20b06 1.30b10 1.31b01 Vulnerability Details

Re: [Full-disclosure] IS-2010-004 - D-Link DAP-1160 Unauthenticated Remote Configuration

Is that UDP 2003 open on the WAN interface as well? Gary Baribault On 06/28/2010 09:50 AM, Cristofaro Mune wrote: Security Advisory IS-2010-004 - D-Link DAP-1160 Unauthenticated Remote Configuration Advisory Information Published: 2010-06-28 Updated: 2010-06-28

Re: [Full-disclosure] IS-2010-004 - D-Link DAP-1160 Unauthenticated Remote Configuration

Being the D-Link DAP-1160 an Access Point and not a router it does not have a specific WAN interface. Nonetheless, the UDP 2003 port is open and reachable from all the available interfaces on this device. Best Regards, Cristofaro Mune Gary Baribault wrote: Is that UDP 2003 open on the WAN

[Full-disclosure] London DEFCON June meet - DC4420 - Wed 30th June 2010

You asked for a summer - it's here. It's that time of the month again, and we shall be gathering in the usual haunt to hear: 'Having fun with Apple's IOKit' by Ilja Van Sprundel, IOActive Celebrating the demise, oh sorry, the epic fail of some football team thing isn't on the agenda. :-) ***

[Full-disclosure] Crossdressers; The Phantom Penis

Hello super hackers of Full-Disclosure! Additional misinformation for those who read my email (and who still didn't because for to my engrish said is blows, get over it) Crossdressers: the phantom menace In addition also to previous attacks before from open crossdressers this year I added three

Re: [Full-disclosure] Using of the sites for attacks on other sites

2010/6/28 MustLive mustl...@websecurity.com.ua: Hello participants of Full-Disclosure! For last two months I didn't post my articles to this list due to some not serious moaning in April on some of my articles (you always can find my articles at my site and in WASC Mailing List). But at the

Re: [Full-disclosure] Chrome and Safari users open to stealth HTML5 Application Cache attack

In summary, any http hit on an insecure network is dangerous on all browsers. (FWIW, Chromium resolves this for me. When I type mailenter into the omnibar, it auto-completes to https://mail.google.com/) Actually, I see this as a legitimate gap. HTTP links don't cache-mix with HTTPS links,

Re: [Full-disclosure] Chrome and Safari users open to stealth HTML5 Application Cache attack

Hi Chris, Excellent points. Please find my answers inline. It's an interesting twist but it does not seem to offer network attackers any additional advantage beyond what they can already achieve. The real advantage is in the lifetime of the cache. If the root resource of www.andlabs.org is

Re: [Full-disclosure] Chrome and Safari users open to stealth HTML5 Application Cache attack

On Mon, Jun 28, 2010 at 1:30 PM, Dan Kaminsky d...@doxpara.com wrote: In summary, any http hit on an insecure network is dangerous on all browsers. (FWIW, Chromium resolves this for me. When I type mailenter into the omnibar, it auto-completes to https://mail.google.com/) Actually, I see

[Full-disclosure] iDefense Security Advisory 06.21.10: Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability

iDefense Security Advisory 06.21.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 21, 2010 I. BACKGROUND libTIFF is a free and popular image library that provides support for displaying and manipulating Tag Image File Format (TIFF) image data. This library is used by numerous

Re: [Full-disclosure] Chrome and Safari users open to stealth HTML5 Application Cache attack

On Tue, Jun 29, 2010 at 12:41 AM, Chris Evans scarybea...@gmail.com wrote: On Mon, Jun 28, 2010 at 1:30 PM, Dan Kaminsky d...@doxpara.com wrote: In summary, any http hit on an insecure network is dangerous on all browsers. (FWIW, Chromium resolves this for me. When I type mailenter into

Re: [Full-disclosure] Chrome and Safari users open to stealth HTML5 Application Cache attack

On unsecured networks, attackers could stealthily create malicious Application Caches in the browser of victims for even HTTPS sites. It has always been possible to poison the browser cache and compromise the victim's account for HTTP based sites. With HTML5 Application Cache, it is possible