advisory about a backdoor you found in Rudolph the red nosed reindeer.
At least then you could promote yourself from being a coward to a
comedian.
Thank you, please drive through.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Blink
Tiny Personal Firewall 6.0 was tested immediately after we had discovered the
Kerio bug and the issue did/does not exist in the current version of Tiny
Personal Firewall 6.0. Only versions of Kerio Personal Firewall 4.0.0 - 4.1.1
are affected by the IP Options bug.
Signed,
Marc Maiffret
Chief
Kerio Personal Firewall Multiple IP Options Denial of Service
Release Date:
November 9, 2004
Date Reported:
October 30, 2004
Severity:
High (Remote Denial of Service)
Vendor:
Kerio
Systems Affected:
Kerio Personal Firewall 4.1.1 and prior
Overview:
eEye Digital Security has discovered a
RealPlayer Zipped Skin File Buffer Overflow
Release Date:
October 27, 2004
Date Reported:
October 11, 2004
Severity:
High (Code Execution)
Vendor:
RealNetworks
Systems Affected:
For Microsoft Windows
RealPlayer 10.5 (6.0.12.1053 and earlier)
RealPlayer 10
RealOne Player v2
RealOne Player v1
RealPlayer pnen3260.dll Heap Overflow
Release Date:
October 1, 2004
Date Reported:
August 09, 2004
Severity:
High (Remote Code Execution)
Vendor:
RealNetworks
Systems Affected:
Windows:
RealPlayer 10.5 (6.0.12.1040 and earlier)
RealPlayer 10
RealPlayer 8 (Local Playback)
RealOne Player V2
Symantec Multiple Firewall NBNS Response Remote Heap Corruption
Release Date:
May 12, 2004
Date Reported:
April 19, 2004
Severity:
High (Remote Kernel Code Execution)
Vendor:
Symantec
Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec
Symantec Multiple Firewall DNS Response Denial-of-Service
Release Date:
May 12, 2004
Date Reported:
April 19, 2004
Severity:
High (Remote Denial of Service)
Vendor:
Symantec
Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec Norton
Symantec Multiple Firewall Remote DNS KERNEL Overflow
Release Date:
May 12, 2004
Date Reported:
April 19, 2004
Severity:
High (Remote Kernel Access)
Vendor:
Symantec
Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec Norton Internet
Symantec Multiple Firewall NBNS Response Processing Stack Overflow
Release Date:
May 12, 2004
Date Reported:
April 19, 2004
Severity:
High (Remote Kernel Code Execution)
Vendor:
Symantec
Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec
digress... If you want to
read about some real OS flaws then check out:
http://www.eeye.com/html/Research/Advisories/AD20040413D.html
Signed,
Marc Maiffret
Co-Founder/Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http
Windows Local Security Authority Service Remote Buffer Overflow
Release Date:
April 13, 2004
Date Reported:
October 8, 2003
Severity:
High (Remote Code Execution)
Vendor:
Microsoft
Systems Affected:
Windows 2000
Windows XP
Description:
eEye Digital Security has discovered a remote buffer
Microsoft DCOM RPC Memory Leak
Release Date:
April 13, 2004
Date Reported:
September 10, 2003
Severity:
High (Remote Code Execution)
Vendor:
Microsoft
Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server
Microsoft DCOM RPC Race Condition
Release Date:
April 13, 2004
Date Reported:
September 10, 2003
Severity:
High (Remote Code Execution)
Vendor:
Microsoft
Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal Server
Windows Expand-Down Data Segment Local Privilege Escalation
Release Date:
April 13, 2004
Date Reported:
November 21, 2003
Severity:
Medium (Local Privilege Escalation to Kernel)
Vendor:
Microsoft
Systems Affected:
Windows NT 4.0
Windows 2000
Description:
eEye Digital Security has discovered
Windows VDM TIB Local Privilege Escalation
Release Date:
April 13, 2004
Date Reported:
February 9, 2004
Severity:
Medium (Local Privilege Escalation to Kernel)
Vendor:
Microsoft
Systems Affected:
Windows NT 4.0
Windows 2000
Description:
eEye Digital Security has discovered a second local
Internet Security Systems PAM ICQ Server Response Processing
Vulnerability
Release Date:
March 18, 2004
Date Reported:
March 8, 2004
Severity:
High (Remote Code Execution)
Vendor:
Internet Security Systems
Systems Affected:
RealSecure Network 7.0, XPU 22.11 and before
RealSecure Server Sensor
RealSecure/BlackICE Server Message Block (SMB) Processing Overflow
Release Date:
February 26, 2004
Date Reported:
February 18, 2004
Severity:
High (Remote Code Execution)
Vendor:
Internet Security Systems
Software Affected:
RealSecure Network 7.0, XPU 20.15 through 22.9
Real Secure Server
ZoneLabs SMTP Processing Buffer Overflow
Release Date:
February 18, 2004
Date Reported:
February 13, 2004
Severity:
Medium (Local Privilege Escalation/Remote Code Execution)
Vendor:
ZoneLabs Inc.
Software Affected:
ZoneAlarm 4.0 and above
ZoneAlarm Pro 4.0 and above
ZoneAlarm Plus 4.0 and
Microsoft ASN.1 Library Bit String Heap Corruption
Release Date:
February 10, 2004
Date Reported:
September 25, 2003
Severity:
High (Remote Code Execution)
Systems Affected:
Microsoft Windows NT 4.0
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Description:
eEye
Microsoft ASN.1 Library Length Overflow Heap Corruption
Release Date:
February 10, 2004
Date Reported:
July 25, 2003
Severity:
High (Remote Code Execution)
Systems Affected:
Microsoft Windows NT 4.0 (all versions)
Microsoft Windows 2000 (SP3 and earlier)
Microsoft Windows XP (all versions)
shifting away from vendors, is a rather wasted endeavor because the technical facts
simply speak for themselves.
This flaw shouldn't have been left to be fixed for almost a year. Microsoft should not
have knowingly left customers vulnerable for almost a year. Microsoft fucked up.
Signed,
Marc
Yah hopefully nobody took my blunt email as any knock on Dan. I have a lot
of respect for the guy and am sure he'll do just fine with life after
@stake.
Its a sad ordeal all around.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com
They are going to need to update Dan Geers title in the report...
Microsoft critic loses job over report
http://www.msnbc.com/news/971914.asp?0si=-
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
, therefore
quickest to the market is not always good in the long run. so with that you
should always want to strive for accuracy, although knowing not everything
will be perfect. that is at least what i think...
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F
Here we go again. :-o
-Marc
Microsoft RPC Heap Corruption Vulnerability - Part II
Release Date:
September 10, 2003
Severity:
High (Remote Code Execution)
Systems Affected:
Microsoft Windows NT Workstation 4.0
Microsoft Windows NT Server 4.0
Microsoft Windows NT Server 4.0, Terminal
1.0.4 is not the latest version. Version 1.1.0 is the latest. Upgrade to
that.
Again, if you think you have found a bug just contact us and we can help you
out.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network
not
(yet again) screw up and release a patch that does not truly fix a system.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS
Try
our RPC scanner, I think you'll find it is much more accurate than Foundstones
and Microsofts. http://www.eeye.com/html/Research/Tools/RPCDCOM.html
Signed,Marc MaiffretChief Hacking OfficereEye
Digital SecurityT.949.349.9062F.949.349.9538http://eEye.com/Retina - Network
Security
Internet Explorer Object Data Remote Execution Vulnerability
Release Date:
August 20, 2003
Reported Date:
May 15, 2003
Severity:
High (Remote Code Execution)
Systems Affected:
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Microsoft Internet
/Advisories/AL20030811.html
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
subnet 40% of the time...
Also tftp/ftp etc... a decent worm would be direct from IP to IP, no
retarded connect back to grab your payload stuff. That only makes more
methods of easily filtering the worm.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F
your
just wanting to be overly paranoid or something?
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS
,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
| -Original Message-
| From
SQL Sapphire Worm Analysis
Release Date:
1/25/03
Severity:
High
Systems Affected:
Microsoft SQL Server 2000 pre SP 2
Description:
Late Friday, January 24, 2003 we became aware of a new SQL worm spreading
quickly across various networks around the world.
The worm is spreading using a buffer
://www.cnhonker.net/Files/show.php?id=167
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
to help
the good guys.
Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
36 matches
Mail list logo
