New User, Welcome!     Login

Next Page >>

Andrea Barisani

[SECURITY] [DSA 1835-1] New tiff packages fix several vulnerabilities

   It was discovered that malformed TIFF images can lead to a crash
   in the decompression code, resulting in denial of service.

CVE-2009-2347

   Andrea Barisani discovered several integer overflows, which
   can lead to the execution of arbitrary code if malformed
   images are passed to the rgb2ycbcr or tiff2rgba tools.

For the old stable distribution (etch), these problems have been fixed
in version 3.8.2-7+etch3.

[Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors

Permalink:
http://www.ocert.org/advisories/ocert-2009-019.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[HITB-Announce] HITB2011AMS -- Call For Papers now Open

Shreeraj Shah     (Founder, BlueInfy)
Fredric Raynal    (Sogeti/Cap Gemini)
Robert Hansen (rsnake) (SecTheory)
Alexander Kornburst (Red Database)
Emmanuel Gadaix   (Founder, TSTF)
Andrea Barisani   (Inverse Path)
Ed Skoudis        (InGuardians)
Haroon Meer       (Sensepost)
Chris Evans       (Google)
Philippe Langlois (TSTF)
Skyper            (THC)

Shakacon Security Conference - Trainers and Speakers Finalized

   \__Playing with Heyoka: Spoofed Tunnels and Undetectable Data
 
Daniel Blander
   \__Emerging Trends in Security and Risk Management
 
Andrea Barisani & Daniele Bianco, Inverse Path
   \__Sniff keystrokes with lasers/voltmeters: Side Channel Attacks
 
Paul Craig
   \__Rage Against the Kiosk

[oCERT-2011-001] Chyrp input sanitization errors

Permalink:
http://www.ocert.org/advisories/ocert-2011-001.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | OSS Computer Security Incident Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[HITB-Announce] HITBSecConf2009 - Malaysia Videos Released!

1.) Alex 'kuza55' Kouzemtchenko (Associate Consultant, statsec)

2.) Alexander Gazet (Sogeti ESEC Research & Development)

3.) Andrea Barisani (Chief Security Engineer, Inverse Path)

4.) Babak Javadi (TOOOL USA)

5.) Bruno Goncalves de Oliveira (Computer Engineer, iBLISS)

CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's

   Ultimate Web Hacking  - Yeng-Min Chen (Japanese)
   Reverse Engineering  - Yuji Ukai (Japanese)
   The Exploit Laboratory - Saumil Shah (English)
   Advanced Honeypot Tactics - Thorsten Holz (English)
   Advanced Linux Hardening - Andrea Barisani (English)
   Bugfinding with the Immunity Debugger - Nicolas Waisman & Kostya 
Kortchinski (English)
   Practical 802.11 Wi-Fi (In)Security - Cedric Blancher (English)

**

[oCERT-2009-010] mimeTeX and mathTeX buffer overflows and command injection

Permalink:
http://www.ocert.org/advisories/ocert-2009-010.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-004] AjaxTerm session id collision

Permalink:
http://www.ocert.org/advisories/ocert-2009-004.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-017] PHP multiple issues

Permalink:
http://www.ocert.org/advisories/ocert-2009-017.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-015] KDE multiple issues

Permalink:
http://www.ocert.org/advisories/ocert-2009-015.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-003] LittleCMS integer errors

Permalink:
http://www.ocert.org/advisories/ocert-2009-003.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[HITB-Announce] REMINDER: HITB2011 - Malaysia Call for Papers Closes on the 15th

Shreeraj Shah     (Founder, BlueInfy)
Fredric Raynal    (Sogeti/Cap Gemini)
Robert Hansen     (rsnake) (SecTheory)
Alexander Kornburst (Red Database)
Emmanuel Gadaix   (Founder, TSTF)
Andrea Barisani   (Inverse Path)
Ed Skoudis        (InGuardians)
Haroon Meer       (Thinkst)
Chris Evans       (Google)
Philippe Langlois (TSTF)
Skyper            (THC)

project announcement - oCERT - Open Source CERT

The oCERT Team
<team@ocert.org>

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-011] Android improper camera and audio permission verification

Permalink:
http://www.ocert.org/advisories/ocert-2009-011.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

CanSecWest 2008 Mar 26-28

The Exploit Laboratory - Advanced Edition               Saumil Shah
Advanced Honeypot Tactics               Thorsten Holz
Mastering the network with Scapy                Philippe Biondi
Voice over IP (VoIP) Security           Nico Fischbach
Practical 802.11 WiFi (In)Security              Cdric Blancher
Advanced Linux Hardening                Andrea Barisani
Defend The Flag         Microsoft

--
2008 PWN 2 OWN

[oCERT-2008-004] multiple speex implementations insufficient boundary checks

Permalink:
http://www.ocert.org/advisories/ocert-2008-004.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[HITB-Ann] Reminder: HITB2010 Malaysia Call for Papers Closing August 9th

Shreeraj Shah   (Founder, BlueInfy)
Fredric Raynal  (Sogeti/Cap Gemini)
Robert Hansen (rsnake) (SecTheory)
Alexander Kornburst     (Red Database)
Emmanuel Gadaix (Founder, TSTF)
Andrea Barisani (Inverse Path)
Ed Skoudis              (InGuardians)
Haroon Meer     (Sensepost)
Chris Evans             (Google)
Philippe Langlois       (TSTF)
Skyper          (THC)

CanSecWest 2008 PWN2OWN - Mar 26-28

They may not have already been submitted to the affected vendor or 
to third parties.

13. Each machine will be secured to common industry best practices:

We'll get Andrea Barisani from our Hardening Linux Dojo (which still 
has seats available :) to look over the Ubuntu machine, and the 
Microsoft/iSec/Core DTF folks to secure the Windows box, and Josh 
Ryder our local Mac zealot to look at the OSX wafer.

Special Thanks:

[oCERT-2010-002] Joomla input sanitization errors (XSS)

Permalink:
http://www.ocert.org/advisories/ocert-2010-002.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-008] Dillo integer overflow

Permalink:
http://www.ocert.org/advisories/ocert-2009-008.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-014] Android denial-of-service issues

Permalink:
http://www.ocert.org/advisories/ocert-2009-014.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-007] FCKeditor input sanitization errors

Permalink:
http://www.ocert.org/advisories/ocert-2009-007.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-012] libtiff tools integer overflows

Permalink:
http://www.ocert.org/advisories/ocert-2009-012.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing

Permalink:
http://www.ocert.org/advisories/ocert-2008-006.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's

   Ultimate Web Hacking  - Yeng-Min Chen (Japanese)
   Reverse Engineering  - Yuji Ukai (Japanese)
   The Exploit Laboratory - Saumil Shah (English)
   Advanced Honeypot Tactics - Thorsten Holz (English)
   Advanced Linux Hardening - Andrea Barisani (English)
   Bugfinding with the Immunity Debugger - Nicolas Waisman & Kostya 
Kortchinski (English)
   Practical 802.11 Wi-Fi (In)Security - Cedric Blancher (English)

**

[oCERT-2008-013] MPlayer Real demuxer heap overflow

Permalink:
http://www.ocert.org/advisories/ocert-2008-013.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-009] CamlImages integer overflows

Permalink:
http://www.ocert.org/advisories/ocert-2009-009.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2009-013] yTNEF/Evolution TNEF attachment decoder input sanitization errors

Permalink:
http://www.ocert.org/advisories/ocert-2009-013.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"

[oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference

Permalink:
http://www.ocert.org/advisories/ocert-2010-004.html

-- 
Andrea Barisani |                Founder & Project Coordinator
          oCERT | Open Source Computer Emergency Response Team

<lcars@ocert.org>                         http://www.ocert.org
 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
        "Pluralitas non est ponenda sine necessitate"
Next Page>>

Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!