Next Page >>
Feb
root@nr-pentest:~/Downloads/samba-3.4.5/source3# /usr/local/samba/bin/smbclient -s /etc/samba/smb.conf -Usmb //<host>/testmount/
Enter smb's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.0]
smb: \> ls
. D 0 Wed Feb 3 14:27:03 2010
.. D 0 Wed Feb 3 14:19:13 2010
test D 0 Wed Feb 3 14:19:13 2010
xxx A 1955 Wed Feb 3 14:22:42 2010
45503 blocks of size 2097152. 24437 blocks available
December 2007 addressed the vulnerability reported by Core and provided an
official list of supported product that are vulnerable and their
respective versions. Vendor cannot commit to a specific date for the
release of fixes but can commit to release a fix within the first quarter
of the year (Q1/2008). The upcoming release of minor version updates of
vulnerable product is scheduled for February 14th.
. *2008-01-08*: Email reply from Core indicating that publication of
CORE-2007-0930 has been re-scheduled to February 14th., 2008. Nonetheless,
the lack of vendor commitment to a specific date for the release of fixes
does not make the ballpark commitment of Q1/2008 any more credible than
the previous estimations.
Title: Multiple vulnerabilities in
SUPERAntiSpyware and Super Ad Blocker
Date of Discovery: 2 Feb 2010
Contact Date: 4 Feb.2010
Release Date: 10 Mar 2010
Author: Luka Milkovic
Mail: milkovic.luka at gmail.com
Software Link: SUPERAntiSpyware -
http://www.superantispyware.com/index.html
Super Ad Blocker -
. 2009-10-09:
Received a summary from Microsoft with an update on all open cases with
Core. Internet Explorer cases appear listed as "working with product
team to determine fix and release date. Earliest potential ship date for
a fix is February 2010".
. 2009-10-23:
Core sends email to MSRC indicating that publication of the advisory has
been re-scheduled to November 10 2009 and it is open to delaying it
further up to the second Tuesday of December 2009 if MSRC is willing to
Blue Moon Consulting adapts `RFPolicy v2.0 <http://www.wiretrip.net/rfp/policy.html>`_ in notifying vendors.
:Initial vendor contact:
February 07, 2009: Initial contact sent to Will Guaraldi.
:Vendor response:
February 07, 2009: Will replied PyBlosxom did not use XML, so there could be no XML injection bug.
The UltraVNC team has released patched binaries [4] for its viewer.
Additional information can be found in the UltraVNC Forum
(http://forum.ultravnc.info/).
The TightVNC team has released patched source code in [5]. TightVNC
1.3.10 will be released by Feb 10th 2009.
7. *Credits*
These vulnerabilities were discovered and researched by Ariel
Blue Moon Consulting adapts `RFPolicy v2.0 <http://www.wiretrip.net/rfp/policy.html>`_ in notifying vendors.
:Initial vendor contact:
February 24, 2009: Initial contact sent to Jack Polgar.
:Vendor response:
February 24, 2009: Jack replied asking for technical details.
A symlink is created to another users wordpress configuration, which does not even exist in the chroot, resulting in a broken, unreadable symlink.
dcarey@drewcarey.com [~/public_html]# ln -s /home/bbarker/public_html/wp-config.php vuln
dcarey@drewcarey.com [~/public_html]# ls -lsah
total 20K
4.0K drwxr-x--- 3 dcarey nobody 4.0K Feb 17 22:25 ./
4.0K drwxr-xr-x 9 dcarey dcarey 4.0K Feb 17 22:23 ../
4.0K drwxr-xr-x 2 dcarey dcarey 4.0K Feb 17 22:17 cgi-bin/
8.0K -rw-r--r-- 1 dcarey dcarey 4.1K Feb 10 18:16 default.html
0 lrwxrwxrwx 1 dcarey dcarey 39 Feb 17 22:25 vuln -> /home/bbarker/public_html/wp-config.php
in November 2007.
The Android Software Development Kit includes a fully functional
operating system, a set of core libraries, application development
frameworks, a virtual machine for executing application and a phone
emulator based on the QEMU emulator [4]. Public reports as of February
27th, 2008 state that the Android SDK has been downloaded 750,000 times
since November 2007 [5].
Several vulnerabilities have been found in Android's core libraries for
processing graphic content in some of the most used image formats (PNG,
. Sun ONE Calendar Server 6.0
. Sun Java System Calendar Server 6 2004Q2
. Sun Java System Calendar Server 6 2005Q1
. Sun Java System Calendar Server 6 2005Q4
. Sun Java System Calendar Server 6.3
. Sun Java System Calendar Server 6.3-7.01 (built Feb 20 2008)
5. *Vendor Information, Solutions and Workarounds*
Sun has published patches and a Sun alert for these vulnerabilities. The
Regards, Sandeep
--------------------------------------------------
From: "David Calabro" <dcalabro@transitionalwork.org>
Sent: Saturday, February 14, 2009 1:02 AM
To: "'Sandeep Cheema'" <51l3n7@live.in>; <bugtraq@securityfocus.com>
Subject: RE: SEPKILL /im SMC.EXE /f
> If the Symantec Management Client service was somehow changed from
> "smc.exe" to "smc.exe -P" it would effectively prevent the service from
https://forums.symantec.com/syment/board/message?board.id=endpoint_protection11&message.id=26289
--------------------------------------------------
From: "Sandeep Cheema" <51l3n7@live.in>
Sent: Friday, February 20, 2009 11:01 AM
To: <bugtraq@securityfocus.com>
Subject: Re: SEPKILL /im SMC.EXE /f
> Privilege Escalation attack
>
|--------------------+---------------------------------------------------|
| Severity | Moderate |
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | Feb 24, 2010 |
|--------------------+---------------------------------------------------|
| Reported By | Mark Michelson |
|--------------------+---------------------------------------------------|
| Posted On | Feb 25, 2010 |
|--------------------+---------------------------------------------------|
| Vulnerability Disclosure Report |
| |
|------------------------------------------------------------------|
Advisory : CORELAN-10-010
Disclosure date : February 8th, 2010
0x00 : Vulnerability information
--------------------------------
2. the list of affected platforms, and
3. the severity rating Microsoft has assigned to the bug.
. 2008-11-05:
MSRC responds that patches to IE ship every two months and the next
available ship date will be February 10th. The case is currently rated
as an Important class Information Disclosure vulnerability. Vendor
provides a list of affected components and platforms. The MSRC was able
to reproduce this issue on all IE versions with the following
exceptions: IE7 and IE8 in Windows Vista when Protected Mode is ON. In
spite of that MSRC does not include IE8 in list of affected components
If the Symantec Management Client service was somehow changed from "smc.exe" to "smc.exe -P" it would effectively prevent the service from starting in the first place. Correct?
-----Original Message-----
From: Sandeep Cheema [mailto:51l3n7@live.in]
Sent: Friday, February 13, 2009 12:25 PM
To: bugtraq@securityfocus.com
Subject: Re: SEPKILL /im SMC.EXE /f
Just as an update couldn't get any further other than t.he fact that
SMCGui.exe is getting killed as its running in the user account and SMC.exe
--------------------------------------------------
From: "Sandeep Cheema" <51l3n7@live.in>
Sent: Thursday, February 19, 2009 12:50 PM
To: <bugtraq@securityfocus.com>
Subject: Re: SEPKILL /im SMC.EXE /f
> Please note the following. I have reported this to Symantec at
> https://forums.symantec.com/syment/board/message?board.id=endpoint_protection11&thread.id=25786&view=by_date_ascending&page=2
4. If the file date is earlier than indicated in the below
table, the installation is vulnerable.
Product File Name File Date / Size
CA ARCserve Backup for Laptops and Desktops 11.5
rxRPC.dll February 18 2008 / 126976
CA ARCserve Backup for Laptops and Desktops 11.1
rxRPC.dll February 18 2008 / 114688
CA Desktop Management Suite 11.2 English
rxRPC.dll February 18 2008 / 126976
CA Desktop Management Suite 11.2 localized
Application: Version Number(s): 4.x, 5.x and 6.x
Severity: Ability to remotely determine version, build, service
pack, hot fix levels and times and dates each were installed
Author(s): Brook Powers, Sr. Network Engineer (bpowers@tech-serve
dot com)
Vendor Status: Vendor Notified February 1st, 2008
CVE Candidate: CVE-2008-0636
Reference: http://www.tech-serve.com/research/advisories/2008/
Overview:
| Vulnerability Disclosure Report |
| |
|------------------------------------------------------------------|
Advisory : CORELAN-10-008
Disclosure date : February 4th, 2010
0x00 : Vulnerability information
--------------------------------
currently rolling out Windows 7 may be relying on XP Mode to maintain
compatibility with XP applications and that in doing so they may be
inadvertently weakening their security posture in Core's view this
warrants the need for a security bulletin and corresponding security
patch. Accordingly Core has set the publication date for the Virtual PC
advisory to the 2nd Tuesday of February and will not change it unless
new information or a change in the vendor's stance occurs. If the vendor
does not consider it a security issue then Core would rather publish the
security bulletin without an official patch rather than have its
publication contingent on the release cycle of a service pack at some
undetermined time in the future.
CERT/CC informs Core that it will attempt to contact Corel.
. 2009-12-22:
Core sends a message to Corel Customer Services (through their website
[3]) requesting a security contact, and announcing its intention to
publish advisory CORE-2009-1126 on February 1st, 2010.
. 2009-12-23:
Corel Customer Support Services sends a generic reply without providing
a security contact.
. 2009-11-09:
Microsoft sends technical information about the bug, including a list of
affected versions and platforms. Its investigation indicates that the
issue can lead to Remote Code Execution and that fixes are currently
forecast to ship as an Important severity class issue in their bulletin.
Microsoft also requests that Core postpones publication until February
9th, 2010.
. 2009-11-11:
Core acknowledges receipt of the previous mail, and reschedules
publication of its advisory to February 9th, 2010.
=========================================
Yaniv Miron aka "Lament" Advisory Feb 24, 2010
ARISg5 (Version 5.0) Cross Site Scripting Vulnerability
=========================================
==========================================================================================
Application name: ARISg5 (arisglobal)
Version: 5.0
Class: Input Validation Error
Type: Cross Site Scripting (XSS)
-----Original Message-----
From: Andrew Barkley <barkley@usa.net>
To: Jeroen <nowhereman@moenen.org>
Subject: Re: Circumventing Critical Security in Windows XP
Date: Sat, 20 Feb 2010 04:20:46 -0000
Hi,
Thank you for your reply.
Exploit code:
Available to organizations by contacting info@enablesecurity.com
Timeline:
Feb 03, 2009: An email was sent to the security team at OpenX and PGP keys exchanged
Feb 03, 2009: Sent report to OpenX team with full details
Feb 04, 2009: A patch was provided to us and we verified that the patch fixes the reported issues
Apr 01, 2009: Co-ordinated information release
Solution:
http://www.cisco.com/warp/public/707/cisco-sa-20090225-anm.shtml
Revision 1.0
For Public Release 2009 February 25 1600 UTC (GMT)
Summary
=======
Multiple vulnerabilities exist in the Cisco Application Networking
9. *Report Timeline*
. 2009-01-09:
Core Security Technologies notifies Sun Security Coordination Team of
the vulnerability, setting the estimated publication date of the
advisory to Feb 2nd. Technical details are sent to Communications
Express team.
. 2009-01-09:
The vendor acknowledges reception of the report and asks Core to
postpone publication of the security advisory in order to have enough
<input name="query" value="SELECT 'your-shell-here' INTO OUTFILE '/path/to/www';" />
</form>
<script>document.forms[0].submit();</script>
===========================================
Feb 9, 2010 - Reported to Kusaba X dev team.
Feb 15, 2010 - Kusaba X 0.9.1 released containing patch.
Feb 17, 2010 - Info released
~~Thanks to Sazpaimon
~~Greetz to the open source community
. 2010-01-12:
Cisco replies, saying that it will investigate the report.
. 2010-01-12:
Cisco tentatively acknowledges the February 5th release date.
. 2010-01-13:
Core replies, reassuring that the release date can be moved if Cisco
can't meet it.
Next Page>>
|
