-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerability
Revision 1.0
Date Published: 2004-12-09 (KST)
Last Update: 2004-12-09
Disclosed by SSR Team ([EMAIL PROTECTED])
Summary
UseModWiki is one of famous wiki web applications.
If an attacker can spoof the signature file download site, he can
potentially do quite a bit worse than this (in that he can deny the
usability of the antivirus engine at all by providing a bogus
signature file). I'd think that some form of cryptography would be in
use to prevent this (either SSL o
This is what one of our developers came up with:
"I could only find one bypass that uses the DHTML Edit Control ActiveX
control (clsid:2D360201-FFF5-11d1-8D03-00A0C959BC0A) installed with the
IE.
An example of this is http://www.malware.com/flopup.html
This still showed a popup even when I said
hmm well, pdx.edu has a computer scanning the world, hit hundreds of other hosts
http://www.mynetwatchman.com/LID.asp?ip=131.252.116.141
http://www.dshield.org/ipinfo.php?ip=131.252.116.141
maybe you call them and ask?
___
Full-Disclosure - We beli
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: postgresql
Advisory ID
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: iproute2
Advisory ID:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
There's an outstanding security issue with WINS on Windows servers - TCP
port 42 is the WINS port.
Cheers
Stu
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of James Lay
> Sent: Tuesday, 14 December 2004 2:47 a.m.
> To: Full-Disclosure (E-mail)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Secure Network Operations, Inc.
http://www.secnetops.com/research
Strategic Reconnaissance Team
research[at]secnetops[.]com
Team Lead Contact JxT[at]secnetops[.]com
Spam Contact
The pop-up does not work with all options relating to ActiveX set to
disabled, but most user would not bother to disable it. Another reason
to use another browser.
J
[EMAIL PROTECTED] wrote:
Friday, December 10, 2004
Internet Explorer 6 on the gadget commonly known as Windows XP SP2 enjoys
a
Dude,
What you see is a "feature" of the GPRS system and really up to the operators to control.
It works like this:
In a simplified form: in GPRS the mobile phone authenticates to the mobile network via SGSN which gets its response from the HLR/VLR. The SGSN then sets up the PDP context betw
Winamp 5.07 (latest version) Remote Crash.
+ vuln to cause 100% cpu usage.
13/12/04
I. BACKGROUND
Winamp is a very popular windows audio
and video player. It also has alot
of other features and is used by
millions of people across the world.
II. DESCRIPTION
VULN 1.
There is a vuln in wina
* James Lay:
> Here they be. ODD. Anyone else seeing this?
Probably yes. 8-) 42/TCP is used by Microsoft's WINS replication, and
this service has got a security hole for which Microsoft has yet to
release a patch.
___
Full-Disclosure - We believe in i
WINS Vulnerability announced over Thanksgiving:
http://www.immunitysec.com/downloads/instantanea.pdf
People are looking for WINS Servers. I hope everyone has ingress filters
preventing WINS access from the Internet...
-Dave Killion
> -Original Message-
> From: [EMAIL PROTECTED]
> [ma
On Mon, 13 Dec 2004 06:46:38 -0700, James Lay <[EMAIL PROTECTED]> wrote:
> Here they be. ODD.
http://support.microsoft.com/kb/890710
yay google.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
I'd speculate for several reasons. I've actually heard it said in my
organization that people don't want to use Firefox, because certain
sites don't display properly or at all with it. Even after being told
there is an extension to view a page in IE, they still use that argument...
[EMAIL PRO
http://isc.sans.org/port_details.php?port=42&repax=1&tarax=2&srcax=2&percent=N&days=70&Redraw=
Shows a fairly large spike over the weekend. 42 is used for WINS (MS's
netbios name server) replication, and recently the Immunitysec folks
found an exploitable bug in the WINS service. Still, given how
Hi James,
I see the same thing here, this IP scanned 3 of our networks
(see attached log file).
TCP ID is always 57370
Source port : 6000
Dest port : 42
Nothing is running on tcp port 42 here.
I'd be interested in knowing what it is too, I'll open
a netcat listener at my home and let you kno
Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability
iDEFENSE Security Advisory 12.13.04
http://www.idefense.com/application/poi/display?type=vulnerabilities
December 13, 2004
I. BACKGROUND
xzgv is a picture viewer for X, with a thumbnail-based file selector. It
uses GTK+ and Imlib 1
Author: Giovanni Delvecchio
e-mail: [EMAIL PROTECTED]
Tested version:
Opera 7.54 linux version with Kde 3.2.3
Original advisory: http://zone-h.org/en/advisories/read/id=6503/
Problem:
===
Opera for linux uses "kfmclient exec" as "Default Application" to handle
saved files.
This could be used by
On Fri, 10 Dec 2004 23:42:07 EST, Scott Renna said:
> Beautiful...how many more fun ones like these until people start to
> migrate away from IE.
If the stuff in the past hasn't already urged them to migrate, why should
a small thing like being able to beat the popup blocker make them move?
Product:Gadu-Gadu,
most of all available versions (including the latest one)
Vendor: SMS-EXPRESS.COM (http://www.gadu-gadu.pl)
Impact: Several vulnerabilities within application allow for
remote execution of arbitrary code and information
Could perhaps be the beginning of a worm/cracker searching for the WINS
vulnerability.
http://www.securityfocus.com/archive/1/382414
Patrick Dolan
Information Security Analyst
-Original Message-
From: James Lay [mailto:[EMAIL PROTECTED]
Sent: Monday, December 13, 2004 7:47 AM
To: Ful
23 matches
Mail list logo