Next Page >>
Mon
smb: \> symlink ../../../../../ foobar
smb: \> ls
. D 0 Wed Feb 3 14:27:47 2010
.. D 0 Wed Feb 3 14:19:13 2010
xxx A 1955 Wed Feb 3 14:22:42 2010
foobar D 0 Mon Feb 1 20:29:12 2010
45503 blocks of size 2097152. 24437 blocks available
smb: \> ls ..
NT_STATUS_OBJECT_PATH_SYNTAX_BAD listing \..
Debian Security Advisory DSA-1648-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
October 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : mon
Vulnerability : insecure temporary files
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-4477
Debian Bug : 496398
http://yehg.net/lab/pr0js/vulnerables/status_bar_url_spoofing.htm
On Mon, Jul 27, 2009 at 6:53 PM, xu shaopei<xisigr@gmail.com> wrote:
> hi ,jplopezy:
>
> IN "http://hi.baidu.com/xisigr/blog/item/edbcba00011864de267fb55a.html",
> 127.0.0.1 is just a fictitious example.
>
Mandriva Linux Security Advisory MDVSA-2008:214
http://www.mandriva.com/security/
_______________________________________________________________________
Package : mon
Date : October 16, 2008
Affected: Corporate 3.0
_______________________________________________________________________
Problem Description:
// Lets check our target IP is handled by a NetCache:
$ printf "TRACE / HTTP/1.1\r\nHost: 74.125.65.106\r\nMax-Forwards:
0\r\nConnection: Close\r\n\r\n" | nc 74.125.65.106 80
HTTP/1.1 200 OK
Date: Mon, 17 Aug 2009 00:35:16 GMT
Content-Length: 97
Content-Type: message/http
Server: NetCache appliance (NetApp/6.0.7)
Connection: close
On Mon 2009-10-26 18:11:56, Dan Yefimov wrote:
> On 26.10.2009 18:06, Pavel Machek wrote:
> >On Mon 2009-10-26 15:37:50, Dan Yefimov wrote:
> >>On 26.10.2009 13:54, psz@maths.usyd.edu.au wrote:
> >>>Dear Dan,
> >>>
> >>>>... in authentic kernels /proc/<PID>/fd/<FD> are symlinks ...
> >>>
> >>>They appear to /bin/ls as symlinks, but observation suggests that they
> >>>"act" as hardlinks. Could that be fixed somehow? (I did look at the
On 26.10.2009 18:26, Pavel Machek wrote:
> On Mon 2009-10-26 18:11:56, Dan Yefimov wrote:
>> On 26.10.2009 18:06, Pavel Machek wrote:
>>> On Mon 2009-10-26 15:37:50, Dan Yefimov wrote:
>>>> On 26.10.2009 13:54, psz@maths.usyd.edu.au wrote:
>>>>> Dear Dan,
>>>>>
>>>>>> ... in authentic kernels /proc/<PID>/fd/<FD> are symlinks ...
>>>>>
>>>>> They appear to /bin/ls as symlinks, but observation suggests that they
On Mon, Nov 24, 2008 at 11:39 PM, Damien Miller <djm@mindrot.org> wrote:
> On Mon, 24 Nov 2008, Nick Boyce wrote:
>
>> Could someone please help the uncomprehending [i.e. me :-)] understand
>> why or whether this is anything to be worried about at all ?
>
> Yes, the attack is very unlikely to work against an interactive
> connection.
>
On Mon, 26 Oct 2009, Matthew Dempsky wrote:
> On Mon, Oct 26, 2009 at 9:01 AM, Tony Finch <dot@dotat.at> wrote:
> >
> > Attacker uses openat() to open and modify the "private" file.
>
> At least with Linux 2.6.18, you still need +x permission on the
> directory to access its contents using openat(2).
According to POSIX, if you open the directory with O_SEARCH then openat()
does not re-check search (+x) permissions.
On Mon, Nov 02, 2009 at 08:53:26PM +0100, Pavel Machek wrote:
> > The link count of a files tells you the number of hard links that
> > are persisted within the same filesystem. It is _NOT_ a promise
> > that there are no other means to access the inode of the file.
>
> It used to be promise before /proc was mounted.
"mount --bind" behaves like a hard link and it does not increment the link
count.
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright ©) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 14:39 by dchih
<output truncated>
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.4(20)T with an installed image name of
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 14:39 by dchih
!--- output truncated
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.4(20)T with an installed image name of
Hi,
Bogdan Calin schrieb am Mon, 25 Jan 2010 12:58:50 +0200:
>The latest version of e107, version 0.7.17 contains a PHP backdoor.
>http://e107.org/e107_files/downloads/e107_v0.7.17_full.zip
The start page of e107.org, <http://e107.org/news.php>,
contains suspect, probable malicious JavaScript-Code at the
top,followed by many links in the format
Good day.
Mon, Nov 24, 2008 at 03:17:05PM +0700, svrt wrote:
> In Oct 2008, SVRT-Bkis has detected a serious buffer overflow vulnerability
> in ffdshow which affects all available internet browsers.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Really? And links, elinks, lynx, dillo and others are affected too?
What about my Firefox that (I assume) has no ffdshow code inside it and
there are no ffdshow-related plugins coupled to it? Is it vulnerable?
> wonder if they are the same.
>
> Cheers
> Nam
>
> On Mon, 24 Nov 2008 15:17:05 +0700
> "svrt" <svrt@bkav.com.vn> wrote:
>
>> 1. General Information
>>
>> ffdshow is a DirectShow filter and VFW codec for many audio and video
See real examples:http://xisigr.googlepages.com/firefoxspoofing,test 1
is my,test 2 is your.some "%20" for display a "white space" in the
Status Bar.
On Mon, Jul 27, 2009 at 5:47 PM, Juan Pablo Lopez
Yacubian<jplopezy@gmail.com> wrote:
> xisigr
>
> in my opinion not is the same bug because the method is very diferent, and
> also your poc don' t work, anyway for more information you can enter ( if
On Mon, 13 Apr 2009, marianiscc@hotmail.com wrote:
: Discovered by Sirdarckcat from elhacker.net
By 'discovered', you mean 'copied from the disclosure in September 2006'
right?
CVE-2006-4605 through CVE-2006-4608.
So, we have this scenario. pavel/root is not doing anything interesting in
the background.
pavel@toy:/tmp$ uname -a
Linux toy.ucw.cz 2.6.32-rc3 #21 Mon Oct 19 07:32:02 CEST 2009 armv5tel GNU/Linux
pavel@toy:/tmp mkdir my_priv; cd my_priv
pavel@toy:/tmp/my_priv$ echo this file should never be writable > unwritable_file
# lock down directory
pavel@toy:/tmp/my_priv$ chmod 700 .
# relax file permissions, directory is private, so this is safe
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 14:39 by dchih
!--- output truncated
The following example identifies a Cisco product that is running
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 14:39 by dchih
<output truncated>
The following example shows a product that is running Cisco IOS
Software Release 12.4(20)T with an image name of
On Mon, May 10, 2010 at 09:05:16PM +0200, Stefan Esser wrote:
> Hi everyone,
>
> 10 days ago the Month of PHP Security 2010 has started at
> http://www.php-security.org/ and meanwhile 20 vulnerabilities were
> posted and also 4 user submitted articles were published. Here is a
> short summary of what was released so far. You can follow the Month of
> PHP Security on Twitter, too. Just follow @mops_2010
Thank you and all the volunteers for your efforts. It is good to see
launched November 2007 [1] against several popular 2Wire broadband
routers in Mexico. The attack was accomplished by means of changing
the router's DNS settings via a CSRF hole on the web interface.
A similar issue used to exist on the BT Home Hub and was reported in
October 2007 [2] (a month earlier) where it was possible to compromise
the router by tricking a user to visit a malicious page. The payload
[3] would then exploit an authentication bypass and CSRF vulnerability
in order to enable the "remote assistance" feature. (The intended
purpose of this feature was to allow BT engineers to remotely
troubleshoot home routers.) The attacker could then login remotely to
On Mon, Jul 13, 2009 at 3:55 PM, Neil Dickey<neil@geol.niu.edu> wrote:
> If this bug includes version 3.5, there is a workaround:
[...]
> When this bug kicked in on my copy of Ff3.5 ...
So are you stating that the bug *does* seem to affect FF 3.5, or not ?
Thierry says he thinks No, but you say /something/ nasty happened to
your FF 3.5, if I understand you correctly.
On Mon, 23 Feb 2009 info@exposit.co.uk wrote:
> The front-end of the application is composed of COM components that plug
> into the web browser. [...]
> In order to optimize the interaction speed of the application, a cache
> folder is created on the client machine. [...] Indeed, those files are
> required on the client machine because the workflow is execute on the
> client, not on the server. [...]
> If a user modifies this file and then mark it as read-only, he can
> execute arbitrary code. As the OTA API allows access to the database, he
>
> -- Eduardo
> http://www.sirdarckcat.net/
>
>
> On Mon, Jan 19, 2009 at 10:56 PM, Eduardo Vela <sirdarckcat@gmail.com>wrote:
>
>> Server Version Info: Oracle-Application-Server-10g/10.1.3.1.0
>> Oracle-HTTP-Server
>> PoC: http://OC4J/web-app/foobar/%c0%ae%c0%ae/WEB-INF/web.xml
>> Related: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
Maksymilian,
Mon, Dec 08, 2008 at 02:14:36PM +0100, Maksymilian Arciemowicz wrote:
> > Sat, Dec 06, 2008 at 12:40:48PM -0700, cxib@securityreason.com wrote:
> >> [ SecurityReason.com : PHP 5.2.6 SAPI php_getuid() overload ]
> > [...]
> >> Using PHP 5.2.6, as a Apache module can bypass many security points.
> >
> > Am I right that this vulnerability exists only in the Apache 1.x flavour
> > of the PHP module? The code in question that sets SG(server_context)
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 14:39 by dchih
<output truncated>
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.4(20)T with an installed image name of
FRI FEB 20 08:22:46 2009
CA IT Client Manager r12
dtscore11.dll
18376
MON JUL 27 16:00:36 2009
Solution
CA has issued the following patches to address the vulnerabilities.
Do cipher disks count? Though not mechanical, I guess you could say
that they compute in a way similar to manual calculators i.e. the
abacus.
On Mon, 11 May 2009 12:39:47 -0400 Dragos Ruiu <dr@kyx.net> wrote:
>On 11-May-09, at 7:29 AM, Juha-Matti Laurio wrote:
>
>> The oldest documented vulnerability in computer security world
>is
>> password file disclosure vulnerability from 1965, found by Mr.
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 14:39 by dchih
!--- output truncated
Next Page>>
|
