[Full-disclosure] XCon2007 Call For Paper

/xcon.xfocus.org/ for the speaker information, conference arrangement and previous conferences archives. Updated announcements will be posted to XCon and XFocus website. Thank you for your support to XCon & XFocus ! XCon2007 organizing committee& XFocus Team - -- Kind Regards,

Re: [Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor

e setuid bit from tt: > > $ ls -la /tmp/bb > -rw-r--r-- 1 root system0 Jan 18 12:57 /tmp/bb > $ ./k > euid=203 > f=2 > > This is not the same as the issue posted though. I look forward to hearing > back from yo

[Full-disclosure] Multiple OS kernel insecure handling of stdio file descriptor

notifiation 2006-12-12 HP responses ,assgin to SSRT061287; Sun responses but mistake this vulnerablitily as application bug and hope us figoure out real attack vector; Aix no responses; 2007-01-18 public disclosure -- K

Re: [Full-disclosure] Re: [MPlayer-users] [xfocus-SD-060329]MPlayer: Multiple integer overflows

ase > your advisory? > Have you an idea how many people you put at risk by your stupidty? > > Attila Kinali > -- Kind Regards, --- XFOCUS Security Team http://www.xfocus.org ___ Full-Disclosure - We believ

[Full-disclosure] [xfocus-SD-060329]MPlayer: Multiple integer overflows

during August 18-20, 2006. ... more at xcon2006 call for paper http://www.xfocus.org/documents/200603/14.html Welcome ;) - -- Kind Regards, - --- XFOCUS Security Team http://www.xfocus.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFEKiVkwhDwaF6cSWIRAppzA

[Full-disclosure] XCon2006 Call For Paper

food and accommodations. XCon will endeavor to assist you to reserve the hotel. Thank you for your support to XCon & XFocus ! XCon2006 organizing committee& XFocus Team - -- Kind Regards, - --- XFOCUS Security Team http://www.xfocus.org -BEGIN PGP SIGNATURE

[Full-disclosure] [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability

product. Eyas of XFOCUS Security Team discovered a buffer overflow vulnerability when Excel processes a malicous ".xls" file, which might cause Excel to crash or even execute arbitrary code. Description: Excel will initialize a stack buffer with 0x0e0e0e0e when it open a &

[Full-disclosure] Re: [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability

Check compiler whether correct deal with sizeof operator, * which can cause integer overflow if you careless use !!! * * note: some old compiler maybe have this vulnerability * * by [EMAIL PROTECTED] * * XFOCUS Security Team * http://www.xfocus.org * * already tested: *

[Full-disclosure] [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability

ote: some old compiler have this vulnerability * * by [EMAIL PROTECTED] * * XFOCUS Security Team * http://www.xfocus.org * * already tested: * * BCB6+ent_upd4vuln !!! * gcc version 4.0.0 20050519 (Red Hat 4.0.0-8).not vuln * gcc version 2.95.

[Full-disclosure] [xfocus-SD-060101]AIX getCommand&getShell two vulnerabilities

ication .Waiting.Waiting January 1, 2006 - Public disclosure(vendor not reply) --EOF -- Kind Regards, --- XFOCUS Security Team http://www.xfocus.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-cha