Exploitable issue in various Adobe products
c0ntex ([EMAIL PROTECTED]) Scott Laurie
February 2008
Vulnerable applications, tested:
Adobe Photoshop Album Starter
Adobe After Effects CS3
Adobe Photoshop CS3
Not Vulnerable applications, tested:
Adobe Reader
Adobe Flash Player
This bug is related
in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
/
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
expanded
(one who survived) yet the victims clothes are still undamaged, pretty
neat bullets and pretty neat smoke.
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
of
that position's overall merits.
On 9/11/06, c0ntex [EMAIL PROTECTED] wrote:
http://noderat.spaces.live.com/blog/cns!6ADE4614B66EADD2!1321.entry
On 11/09/06, Philosophil [EMAIL PROTECTED] wrote:
Uh. You do realize this was a hoax, right?
On 9/9/06, c0ntex [EMAIL PROTECTED] wrote:
http
footage of the
drops, doctor examinations and leaked documents from the US and
UK. but like I said, you are all entitled to your own opinions.
On 11/09/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
--On September 11, 2006 8:20:51 PM +0100 c0ntex [EMAIL PROTECTED] wrote:
You are entitled
Another:
http://video.google.co.uk/videoplay?docid=-5702006622816922747
Makes me sick.
On 10/09/06, c0ntex [EMAIL PROTECTED] wrote:
http://video.google.co.uk/videoplay?docid=-5587990522549547050
--
regards
c0ntex
--
regards
c0ntex
___
Full
http://video.google.co.uk/videoplay?docid=-5587990522549547050
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
as a water pistol, a
whoopy cushion, Hacking Linux Exposed and a copy of WHAX.
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
, netscape and security for search bots to index.
Netscape is d00med!! and it is all n3td3v's fault lol
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
have a problem with Yahoo or any fortune 500 that may be hiring
black hat hackers as part of internal espionage, if no one else can
help, and if you can find them, maybe you can hire...The n3td3v Group
--
regards
c0ntex
___
Full-Disclosure - We believe
-in of some ascii armour, we might then be on par
with a hardened Linux or *BSD..
Granted, I haven't looked at Vista yet :)
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
of the particular employee
LOL, messaging Yahoo core security team - do you mean massaging? You
truely are a nob jocky, saddle up and ride into the sunset you bafoon.
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk
___
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
regards
c0ntex
___
Full-Disclosure - We believe
http://www.911revisited.com/video.html
:-(
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
industry scramble to take cover?
Boy THOSE were the days!!!
http://blacksecurity.org
3++
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
I too, like you, am a true hacker releasing top rated, high
profile posts to the list. You might just trampoline my career to an
all-time high :-)
--
regards
c0ntex
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http
Oh, and my mate thinks your a nob jockey lol
On 27/04/06, c0ntex [EMAIL PROTECTED] wrote:
On 27/04/06, n3td3v [EMAIL PROTECTED] wrote:
more useless garbage, and more and more and more.
Just gonnae no' - damn my pixels are wasting away with your nonsense,
if you wanna bitch to the guy
http://www.open-security.org/advisories/16
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
On 14/04/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
this is not a vulnerability for MS because the .hlp file is a script
file and they believe that's not secured at all, c0ntex just posted a
fresh advisory of something wich has been found years ago, disclosed
hundred of times, but he looks
http://www.open-security.org/advisories/15
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Advisory # x Thu Mar 16 21:05:55 EST 2006 x # Heap Overflow in Microsoft
Windows 2003
APPENDIX A VENDOR INFORMATION
http://www.microsoft.com
CONTACT
c0ntex [EMAIL PROTECTED]
1-888-565-9428
BEWARE THE JIZZTAPO
On 17/02/06, H D Moore [EMAIL PROTECTED] wrote:
... the non-alpha prefix is only used if you
dont pass GETPCTYPE=win32 for PexAlphaNum or GETPCTYPE=seh for Alpha2.
Yea, exactly, used msfpayload (non-web) and it works perfectly - thank you HD
--
regards
c0ntex
On 17/02/06, c0ntex [EMAIL PROTECTED] wrote:
Yea, exactly, used msfpayload (non-web) and it works perfectly - thank you HD
oops, msfpayload msfencode.
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
No exploit, just some basic research - anyone with 100% Ascii win32 shellcode?
http://open-security.org/winmedia/index.html
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
is looking more realistic but I
need to wait til tomorrow now as I need to sleep :)
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
On 27/01/06, POSITIF [EMAIL PROTECTED] wrote:
Hello,
We would like to present the POSITIF project to all
Full-disclosure members.
http://www.positif.org/iwhat.html
7 Million Euros. Happy new year!
--
regards
c0ntex
___
Full-Disclosure - We
On 23/01/06, J.A. Terranson [EMAIL PROTECTED] wrote:
No, it was mine!
printf([!] mailutils imapd4d universal(?) exploit 0.5 by c0ntex\n);
Yet, I found *this* in my older files:
printf([!] mailutils imapd4d universal(?) exploit 0.5 by n3td3v\n);
Will the REAL code theif
for this exploit as he is the real hacker here.
No, it was mine!
printf([!] mailutils imapd4d universal(?) exploit 0.5 by c0ntex\n);
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
probably discovered they could save a few 100k by
reducing support requests via call centers and email bandwidth if they
dropped it, and in return got themselves a nice PM / consolidation job
with an office, a view and a parking space..
--
regards
c0ntex
signal SIGSEGV, Segmentation fault.
0x90909090 in ?? ()
(gdb)
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
No, it is not an advisory, just adding to rediculous posts on elog and
excel - anyone can post dumb bugs that have no code or valid use.
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
On 19/12/05, Joachim Schipper [EMAIL PROTECTED] wrote
I cannot reproduce this, either with A x 5000 or A x 2. I tested
unzip-5.52 on Linux/i386-2.6 and OpenBSD/i386-3.8, and saw no error.
Joachim
[c0ntex@ ~]$ unzip -v | head -1
UnZip 5.32 of 3 November 1997, by Info-ZIP
.
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
a go at you buddy, I just found the DVDMAN exploit
pretty funny tbh...
toddles back to read Matt. 7:6
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
/ Applications using all the
advanced exploitation techniques SANS discovered!!
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
right, detail your skill sets and how
they match what the company need and you should have no trouble
getting an interview.
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
*
1: Bug Researcher: c0ntex - c0ntexb[at]gmail.com -+- www.open-security.org
2: Bug Released: December 07th 2005
3: Bug Impact Rate: Hi
4: Bug Scope Rate: Local root
-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
/bhuVRf8Ipv
v4guvZNJVhs=
=wspa
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
regards
c0ntex
numbers
* Basic concepts of a file system (e.g. files, directories, and
time stamps)
You know what a file is right but what about a directory!?
lol
Enrol now and get a 25% discount on:
Stay Sharp: How To Tie Your Shoe laces
--
regards
c0ntex
to myself and I thought someone
on the list might find it funny. Guess that counts you out :-)
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
)
Take care,
K2
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
to release new 0day
and tekniquez, then one day the corporate $$$ machine found it and
started leaching it , now they claim it as theirs?
Many people have their career because of full-disclosure and the
'black-hat' postings.
Credit where it's due.
--
regards
c0ntex
in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
by Secunia - http://secunia.com/
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
___
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
regards
c0ntex
___
Full-Disclosure - We believe
date on the PC to say a
month before the product was due to expire. Oops ;) I guess Core is
using a very simplistic license mechanism.
Emailed CORE two times, 1 week ago, no reply.
--
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http
A 4. version :-)
On 26/09/05, Morning Wood [EMAIL PROTECTED] wrote:
been known since at least v3.2
are you using a 3.x or a 4.x series?
i belive the 4.x requires an auth from core before use
- Original Message -
From: c0ntex [EMAIL PROTECTED]
To: full-disclosure@lists.grok.org.uk
*
1: Bug Researcher: c0ntex - c0ntexb[at]gmail.com
2: Bug Released: September 26th 2005
3: Bug Impact Rate: Hi
4: Bug Scope Rate: Remote
of the program?
Is it just because it has all the exploits in there and it's GUI based?
What can you do with it you cant do by hand?
Also- how does it compare to CANVAS?
JP
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of c0ntex
Sent: Monday, September 26
used Acunetix, *googles*
btw, for what it matters, I meant I have never used CORE or CANVAS in an audit..
regards
c0ntex
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
(argv[1]));
memcpy(user, argv[1], strlen(argv[1]));
puts(\nExploit for elm email client 2.5.8 overflow in Expires field);
puts(Tested: Redhat on quiet a Sunday by c0ntex[at]open-security.org\n);
extloc = EXTLOC;
sysloc = SYSLOC;
strloc = STRLOC;
memset
that file
uploaded, you can reference anywhere you like via a href IFRAME
and the likes.
regards
c0ntex
On 07/07/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
I don't see how uploading a .LNK file to E-Room would cause the file to be
executed. Wouldn't a .LNK file be treated as an Internet Link
*
1: Bug Researcher: c0ntex - c0ntexb[at]gmail.com
2: Bug Released: July 06 2005
3: Bug Impact Rate: Medium / Hi
4: Bug Scope Rate: Local / Remote
*
$ This advisory
57 matches
Mail list logo
