Re: [Full-disclosure] CVE-2010-0249 in the wild

in cyberspace you can drop a bomb that can then be tossed back at you more effectively than your original. Signed, Marc Maiffret Chief Security Architect FireEye, Inc. http://www.FireEye.com [1] - http://gs.statcounter.com/#browser_version-CN-daily-20080701-20100119-bar On Fri, Jan 22, 2010 at 2:41 PM

Re: [Full-disclosure] All China, All The Time

Todd, have you verified this encryption specifically the statement by McAfee: One of the malicious programs opened a remote backdoor to the computer, establishing an encrypted covert channel that masqueraded as an SSL connection to avoid detection. I assume by masquerade they mean the fact it is

Re: [Full-disclosure] All China, All The Time

is. -Marc Maiffret On Fri, Jan 15, 2010 at 9:21 PM, Dan Kaminsky d...@doxpara.com wrote: If it's stupid and it works, it isn't stupid. On Jan 15, 2010, at 11:07 PM, Marc Maiffret m...@marcmaiffret.com wrote: Todd, have you verified this encryption specifically the statement by McAfee

[Full-disclosure] EEYE: Internet Explorer Compressed Content URL Heap Overflow Vulnerability

Internet Explorer Compressed Content URL Heap Overflow Vulnerability Release Date: August 24, 2006 Date Reported: August 17, 2006 Severity: High (Code Execution) Systems Affected: Internet Explorer 6 SP1 with MS06-042 - Windows 2000 Internet Explorer 6 SP1 with MS06-042 - Windows XP SP1

[Full-disclosure] EEYE:ALERT: MS06-042 Related Internet Explorer 'Crash' is Exploitable

MS06-042 Related Internet Explorer 'Crash' is Exploitable Date: August 22, 2006 Severity: High Systems Affected: Windows 2000 with IE6 SP1 and MS06-042 hotfix installed Windows XP SP1 with IE6 SP1 and MS06-042 hotfix installed Overview: On August 8th Microsoft released MS06-042 which was a

[Full-disclosure] EEYE: Free scanning tool for critical MS06-040 flaw

or questions/comments feel free to send them to [EMAIL PROTECTED] and your hostess will be by shortly to take your order. Signed, Marc Maiffret Co-Founder/CTO Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9329 http://eEye.com/Blink - End-Point Vulnerability Prevention http

Re: [Full-disclosure] EEYE: research.eeye.com

To: Marc Maiffret CC: full-disclosure@lists.grok.org.uk Sent: Tue Aug 01 17:05:55 2006 Subject: Re: [Full-disclosure] EEYE: research.eeye.com On 8/1/06, Marc Maiffret [EMAIL PROTECTED] wrote: Hi, I am happy to announce to the first incarnation of http://research.eEye.com. On this site

RE: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability

To be clear we did not make any claim except that Retina has been updated to be able to identify this vulnerability. Obviously being that it is a local vulnerability we audit for the vulnerability using credentials through normal means that you should find in most any vulnerability assessment

RE: [Full-disclosure] CORE-Impact license bypass

not that I completely disagree but I think for the average consultant (99% of consultants) using an automated solution like Core/Canvas is going to do far more for them. Signed, Marc Maiffret Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9538 http://eEye.com/Blink - End-Point

RE: [Full-disclosure] IIS hacking contest

, Marc Maiffret Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9329 http://eEye.com/Blink - End-Point Vulnerability Prevention http://eEye.com/Retina - Network Security Scanner http://eEye.com/Iris - Network Traffic Analyzer http://eEye.com/SecureIIS - Stop known and unknown IIS