<< Previous Next >>
tools
Hi!,
I'm releasing Pass-The-Hash Toolkit v1.0, you can find it here:
http://oss.coresecurity.com/projects/pshtoolkit.htm.
source code:
http://oss.coresecurity.com/pshtoolkit/release/1.0/pshtoolkit_src_v1.0.tgz
binaries:
http://oss.coresecurity.com/pshtoolkit/release/1.0/pshtoolkit_v1.0.tgz
Dear Bugtraq community,
I am happy to announce the immediate availability of a web based email
security testing tool at http://www.ismymailsecure.com. The tool is an
end-user friendly way to determine if the mail servers for a certain
email address support the STARTTLS capability to encrypt the email
transfer between servers. While most email providers have frontends that
use encryption, the actual email transfers via SMTP are often not secure
at all, giving users a false sense of security. While it was always
possible to manually check for the availability of TLS encryption, the
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software tool available to resolve the vulnerability.
The FPUpdater tool (Floating Point Updater) must be run to update the Java Development Kit (JDK) and/or the Java Runtime Environment (JRE). This tool can be used to update all versions of HP-UX Java.
To download the FPUpdater tool, go to https://www.hp.com/go/java then click on the link for the FPUpdater tool
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software tool available to resolve the vulnerability.
The FPUpdater tool (Floating Point Updater) must be run to update the Java Development Kit (JDK) and/or the Java Runtime Environment (JRE). This tool can be used to update all versions of HP-UX Java.
To download the FPUpdater tool, go to https://www.hp.com/go/java then click on the link for the FPUpdater tool
NIST is preparing the fourth Static Analysis Tool Expostion (SATE IV). Briefly, participating tool makers run their tool on a set of programs. Researchers led by NIST analyze the tool reports. The results and experiences are reported at a workshop. The tool reports and analysis are made publicly available later.
The draft plan, including a summary of proposed changes since the last SATE, is located at:
http://samate.nist.gov/SATE.html
In particular, we plan to provide the test sets by July 31. We plan to hold the wrap-up experience workshop in March 2012. Any suggestions regarding the plan would be appreciated.
We invite tool makers to sign up. If you would like to participate in the exposition, or if you have questions, please email Aurelien Delaitre (aurelien.delaitre 'at' nist.gov) or Vadim Okun (vadim.okun 'at' nist.gov).
ESX 4.1 without patch ESX410-201110201-SG
ESX 4.0 without patch ESX400-201110401-SG
3. Problem Description
a. VMware Tools Display Driver Privilege Escalation
The VMware XPDM and WDDM display drivers contain buffer overflow
vulnerabilities and the XPDM display driver does not properly
check for NULL pointers. Exploitation of these issues may lead
to local privilege escalation on Windows-based Guest Operating
On Wed, 07 May 2008, Ken Schaefer wrote:
> What I don't see is any proof, in your article, that information from an installation of the Malicious Software Removal Tool was passed onto someone else in the government, without any other consent from the user and without any legal order compelling Microsoft.
>
> Cheers
> Ken
Proof? Are you kidding... Proof is in Microsoft's own words read
the article:
#2009-012 libtiff tools integer overflows
Description:
The libtiff image library tools suffer from integer overflows which may lead to
a potentially exploitable heap overflow and result in arbitrary code execution.
The libtiff package ships a library, for reading and writing TIFF, as well as a
small collection of tools for manipulating TIFF images. The cvt_whole_image
To remove the PDF file extension from the list of supported file format
extensions, complete the following actions:
1. From the Windows Desktop, open the BlackBerry Server Configuration
tool.
2. Click the Attachment Server tab.
3. In the Format Extensions field, delete pdf: from the colon
delimited list of extensions.
4. Click Apply.
5. Click OK.
To remove the PDF file extension from the list of supported file format
extensions, complete the following actions:
1. From the Windows Desktop, open the BlackBerry Server Configuration
tool.
2. Click the Attachment Server tab.
3. In the Format Extensions field, delete pdf: from the colon
delimited list of extensions.
4. Click Apply.
5. Click OK.
> List,
>
> Moth is a VMware image with a set of vulnerable Web Applications and
> scripts, that you may use for:
> - Testing Web Application Security Scanners
> - Testing Static Code Analysis tools (SCA)
> - Giving an introductory course to Web Application Security
>
> The motivation for creating this tool came after reading
> "anantasec-report.pdf" which is included in the release file which you
> are free to download. The main objective of this tool is to give the
To remove the PDF file extension from the list of supported file format
extensions, complete the following actions:
1. From the Windows Desktop, open the BlackBerry Server Configuration
tool.
2. Click the Attachment Server tab.
3. In the Format Extensions field, delete pdf: from the colon
delimited list of extensions.
4. Click Apply.
5. Click OK.
List,
Moth is a VMware image with a set of vulnerable Web Applications and
scripts, that you may use for:
- Testing Web Application Security Scanners
- Testing Static Code Analysis tools (SCA)
- Giving an introductory course to Web Application Security
The motivation for creating this tool came after reading
"anantasec-report.pdf" which is included in the release file which you
are free to download. The main objective of this tool is to give the
S/N -> hash -> default SSID and encryption key
which can be read as: *a hashed version of the router's serial number
is generated which is then used to derive both, the default SSID and
the default encryption key.* This is just a high-level overview of the
algorithm. More specifically we have (quoted from Kevin's stkeys tool
source code comments):
Take as example: "CP0615JT109 (53)"
Remove the CC and PP values: CP0615109
S/N -> hash -> default SSID and encryption key
which can be read as: *a hashed version of the router's serial number
is generated which is then used to derive both, the default SSID and
the default encryption key.* This is just a high-level overview of the
algorithm. More specifically we have (quoted from Kevin's stkeys tool
source code comments):
Take as example: "CP0615JT109 (53)"
Remove the CC and PP values: CP0615109
S/N -> hash -> default SSID and encryption key
which can be read as: *a hashed version of the router's serial number
is generated which is then used to derive both, the default SSID and
the default encryption key.* This is just a high-level overview of the
algorithm. More specifically we have (quoted from Kevin's stkeys tool
source code comments):
Take as example: "CP0615JT109 (53)"
Remove the CC and PP values: CP0615109
S/N -> hash -> default SSID and encryption key
which can be read as: *a hashed version of the router's serial number
is generated which is then used to derive both, the default SSID and
the default encryption key.* This is just a high-level overview of the
algorithm. More specifically we have (quoted from Kevin's stkeys tool
source code comments):
Take as example: "CP0615JT109 (53)"
Remove the CC and PP values: CP0615109
Today, while searching for some references to add in my presentation, I
found the following message in a "hacker" (?) forum:
- "MELHOR FERRAMENTA DE DENIAL OF SERVICE DO MUNDO (BASILEIRA)"
(http://www.forum.darkers.com.br/index.php?topic=12674.msg53240;topicseen)
Translating it to English: "WORLD'S BEST DENIAL OF SERVICE TOOL
(BRAZILIAN)".
It is just to let you know:
1. THIS TOOL IS A FAKE.
2. I have no plans to release the source code, nor even after the
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made two methods available to resolve the vulnerability. Customers can request hotfixes or use the FPupdater tool.
Hotfixes
Customers can request the following hotfixes by contacting the normal HP Services support channel.
RESOLUTION
HP has made patches available to resolve the vulnerability for NNMi 9.0x
HP has made two methods available to resolve the vulnerability for 8.1x. Customers can request hotfixes or use the FPupdater tool.
For NNMi 9.0x
Operating System
Patch
“XSS in IBM Open Admin Tool (OAT_2.27_install_windows.exe)”
Product version tested : OAT v2.27
Vendore has been informed : July 27, 2010
They fix the vulnerability on : March 2011
Fixed version: OAT v2.72
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-04-13-1 Flashback malware removal tool
Flashback malware removal tool is now available and addresses the
following:
Malware removal
Available for: OS X Lion v10.7 or later without Java installed
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200905-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: IPSec Tools: Denial of Service
Date: May 24, 2009
Bugs: #267135
to at least 2.5.5 and preferably the newest release available before
the end of extended support.
3. Problem description:
a. VMware Tools Local Privilege Escalation on Windows-based guest OS
The VMware Tools Package provides support required for shared folders
(HGFS) and other features.
An input validation error is present in the Windows-based VMware
Jun 04, 2008
I. BACKGROUND
VMware is a software virtualization system which allows multiple virtual
computers to run on a single system. VMware Tools provides drivers and
utilities to enhance and optimize the experience within a guest
operating system running under VMware. For more information visit the
vendor's site at the following URL.
http://www.vmware.com/
Advisory: DAEMON Tools IOCTL local denial-of-service vulnerability
Advisory ID: JVNDB-2011-000085
Author: Satoshi TANDA
Affected Software: Successfully tested on DAEMON Tools 4.40
Vendor URL: http://www.daemon-tools.cc/eng/home
Vendor Status: fixed
CVE-ID: CVE-2011-3987
Yes. It isn't designed to search for the differences between 2 binary files but to search for similar files, _independently_ of the format, and group them.
This tool can be used, in example, to search for similar "crapwares" or to search for similar image files (not similar looking, but similar files), similar office documents, etc...
--- El mar, 5/1/10, T Biehn <tbiehn@gmail.com> escribi:
> De: T Biehn <tbiehn@gmail.com>
> Asunto: Re: [Full-disclosure] [Tool] DeepToad 1.1.0
> Para: "Dan Kaminsky" <dan@doxpara.com>
> CC: "Joxean Koret" <joxeankoret@yahoo.es>, "Full Disclosure" <full-disclosure@lists.grok.org.uk>, bugtraq@securityfocus.com
> What are the implications for firewire device compatibility of doing
> this?
I am no expert on ieee1394, but I have read up a bit on this and tested
Metlstorm's memory dumping tool and here's what I understand:
Firewire chipsets allow drivers to configure a particular memory range
which is open to access by DMA devices. Since the memory transfers
occur completely without software intervention, the only way to restrict
this is to tell the chip ahead of time what to allow and what not to
> > What are the implications for firewire device compatibility of doing
> > this?
>
> I am no expert on ieee1394, but I have read up a bit on this and
tested
> Metlstorm's memory dumping tool and here's what I understand:
>
> Firewire chipsets allow drivers to configure a particular memory range
> which is open to access by DMA devices. Since the memory transfers
> occur completely without software intervention, the only way to
> restrict
Hi,
Along with my colleague Filipe Almeida, I'd like to announce the
availability of DOM Checker, an automated tool for validating browser
security policy enforcement. The project is hosted at:
http://code.google.com/p/dom-checker/
The tool features several fairly neat features, including exhaustive
hierarchy crawling and side-channel blind write validation to reduce the
<<Previous Next>>
|
