Next Page >>
com
iDefense Security Advisory 08.11.09
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 11, 2009
I. BACKGROUND
Microsoft's Component Object Model (COM) was designed to allow
interoperability between disjointed software components. It is a
standardized interface solution to the programming dilemmas involved in
object oriented programming, distributed transactions, and
iDefense Security Advisory 07.28.09
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 28, 2009
I. BACKGROUND
Microsoft's Component Object Model (COM) was designed to allow
interoperability between disjointed software components. It is a
standardized interface solution to the programming dilemmas involved in
object oriented programming, distributed transactions, and
iDefense Security Advisory 07.28.09
http://labs.idefense.com/intelligence/vulnerabilities/
Jul 28, 2009
I. BACKGROUND
Microsoft's Component Object Model (COM) was designed to allow
interoperability between disjointed software components. It is a
standardized interface solution to the programming dilemmas involved in
object oriented programming, distributed transactions, and
Program : Phorum 5.2.11
Homepage : http://www.phorum.org/
Discovery : 2009/07/16
Author Contacted : 2009/07/17
Found by : crashfr at sysdream dot com
This Advisory : crashfr at sysdream dot com
//----- Application description
| Susceptibility | Remote unauthenticated sessions |
|--------------------+---------------------------------------------------|
| Severity | Major |
|--------------------+---------------------------------------------------|
| Exploits Known | Yes - Published by Blake Cornell < blake AT |
| | remoteorigin DOT com > on voip0day.com |
|--------------------+---------------------------------------------------|
| Reported On | June 22, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Noam Rathaus < noamr AT beyondsecurity DOT com >, |
| | with his SSD program, also by Blake Cornell |
Interested in Speaking / Sharing your thoughts??
The topic of the event will be on "Privacy in the 21st Century", so all talks should be related to it (we should be addressing the Web Application side of Privacy (for example what happens to Privacy with SQL Injection, XSS and issues like pdp's Snoop)
Send a mail to dharmeshmm at mastek dot com to confirm your presentation for the event.
Interested in Sponsoring??
Send a mail to dharmeshmm at mastek dot com or call at +91 98670 75327 to understand the sponsorship details.
Introduction
============
This paper discusses how a binary file could be crafted to cause IDA Pro to
consume 100% of CPU resources while trying to analyze it, thus preventing
disassembling. While this vulnerability is in the QNX file loader, a functional
COM file could be crafted to masquerade as a QNX file and trigger this issue.
This vulnerability was responsibly disclosed to IDA Pro's support personnel and
this advisory was not released until a fixed build was publicly released.
==========
Background
- TOTVS ERP Microsiga Protheus
[Vendor Product Description - Portuguese]
- Software de Gesto - TOTVS
A TOTVS uma empresa de software, inovao, relacionamento e suporte
gesto, lder absoluta no Brasil, com 49,1% de share de mercado, e
tambm na Amrica Latina, com 31,2%*, a maior empresa de softwares
aplicativos sediada em pases emergentes e a 7ª maior do mundo no
setor.Tem mais de 25,2 mil clientes ativos, conta com o apoio de 9 mil
participantes e est presente em 23 pases.
Proposta de Valor
============================================================
FOREGROUND SECURITY, SECURITY ADVISORY 2011-004
- Original release date: November 10, 2011
- Discovered by: Jose Carlos de Arriba - Senior Security Analyst at Foreground Security
- Contact: (jcarriba (at) foregroundsecurity (dot) com, dade (at) painsec (dot) com)
- Severity: 4.3/10 (Base CVSS Score)
============================================================
I. VULNERABILITY
-------------------------
|--------------------+---------------------------------------------------|
| Reported On | February 23, 2009 |
|--------------------+---------------------------------------------------|
| Reported By | Gentoo Linux Project: Kerin Millar ( kerframil on |
| | irc.freenode.net ) and Fergal Glynn < FGlynn AT |
| | veracode DOT com > |
|--------------------+---------------------------------------------------|
| Posted On | April 2, 2009 |
|--------------------+---------------------------------------------------|
| Last Updated On | April 2, 2009 |
|--------------------+---------------------------------------------------|
CA Advisory Date: 2007-09-26
Reported By: Sean Larsson, iDefense Labs
anonymous researcher working with the iDefense VCP
Aaron Portnoy of DV Labs (dvlabs.tippingpoint.com)
Impact: A remote attacker can execute arbitrary code or cause a
denial of service condition.
Summary: Multiple vulnerabilities exist in the CsAgent service
ANDHERI (E)- MUMBAI
Registrations - LIMITED SEATS !!!
The event is FREE to attend. If you are willing to attend or sponsor, just send a mail to dharmeshmm at mastek dot com as a confirmation.
Note: Since the venue is a restricted area, it is mandatory for each participant to register via email with dharmeshmm at mastek dot com. This would help generating gate passes for all individuals for the event. Else participant will not be able to attend the same.
Interested in Speaking at the event??
You really should stop talking about exploits against Powerpoint etc.
As long as I can make an .exe that visually looks pixel for pixel like
a .ppt, the security model you imagine (that the desktop can
differentiate between code execution and document editing) doesn't
exist. This work is better, if incomplete.
On Thu, Jun 2, 2011 at 9:32 AM, Mitja Kolsek <mitja.kolsek@acros.si> wrote:
>
> Thor, the "Online Proof of Concept" section of the blog post points you to a *remote*
> exploit (without any warning) but let me repeat the link here:
CA Host-Based Intrusion Prevention System (CA HIPS) r8
Affected Platforms:
Windows
Status and Recommendation:
CA has issued the following patch to address the vulnerabilities.
CA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494
How to determine if you are affected:
1. Log in to the HIPS Administration Console.
|---------------------+--------------------------------------------------|
| Exploits Known | No |
|---------------------+--------------------------------------------------|
| Reported On | July 28, 2009 |
|---------------------+--------------------------------------------------|
| Reported By | Nick Baggott < nbaggott AT mudynamics DOT com > |
|---------------------+--------------------------------------------------|
| Posted On | August 10, 2009 |
|---------------------+--------------------------------------------------|
| Last Updated On | August 10, 2009 |
|---------------------+--------------------------------------------------|
Affected Platforms:
Windows
Status and Recommendation:
CA has provided the following updates to address the
vulnerabilities.
BrightStor ARCserve Backup for Laptops and Desktops r11.5:
> a .ppt, the security model you imagine (that the desktop can
> differentiate between code execution and document editing) doesn't
> exist.
I can partly agree with this for local attacks where attacker places a
malicious file - be it .ppt or .exe - somewhere on user's computer or
USB drive and get the user to double-click it. With a remote attack of
this type, Windows Explorer will issue a security warning if you
double-click an .exe on a remote share, but will let you double-click
a .ppt without such warning. It's hard to say what percentage of users
would actually be stopped by such warning but I'd consider it a part
CVE: CVE-2008-1472
CA Advisory Date: 2008-03-28
Reported By: Exploit code posted at milw0rm.com
Impact: A remote attacker can cause a denial of service or execute
arbitrary code.
Summary: CA products that implement the DSM ListCtrl ActiveX
BrightStor ARCserve Backup r11 for Windows
Affected Platforms:
Windows
Status and Recommendation:
CA has provided updates to address the vulnerabilities.
CA Anti-Virus for the Enterprise 7.1, CA Anti-Virus for the
Enterprise r8: QO96079
CA Threat Manager for the Enterprise r8: QO96387
CA Anti-Virus for the Enterprise r8.1, CA Threat Manager for the
Summary: CA ARCserve Backup for Laptops and Desktops Server
contains multiple vulnerabilities that can allow a remote attacker
to execute arbitrary code or cause a denial of service condition.
CA has issued updates to address the vulnerabilities. The first
issue, CVE-2008-1328, occurs due to insufficient bounds checking
on command arguments by the LGServer service. The second issue,
CVE-2008-1329, occurs due to insufficient verification of file
uploads by the NetBackup service. In most cases, an attacker can
potentially gain complete control of an affected installation.
Additionally, only a server installation of BrightStor ARCserve
Backup for Laptops and Desktops is affected. The client
I. BACKGROUND
--------------
Flynax is a software development company which produces several CMSs to mantain
different kinds of classifieds websites.
II. DESCRIPTION
----------------
Nasel members discovered a critical vulnerability in the front-end of
|----------------------+-------------------------------------------------|
| Exploits Known | No |
|----------------------+-------------------------------------------------|
| Reported On | November 29, 2007 |
|----------------------+-------------------------------------------------|
| Reported By | Tilghman Lesher <tlesher AT digium DOT com> |
|----------------------+-------------------------------------------------|
| Posted On | November 29, 2007 |
|----------------------+-------------------------------------------------|
| Last Updated On | November 29, 2007 |
|----------------------+-------------------------------------------------|
Summary: CA ARCserve Backup for Laptops and Desktops contains
multiple vulnerabilities that can allow a remote attacker to cause
a denial of service condition or execute arbitrary code. The first
set of vulnerabilities, CVE-2007-3216, occur due to insufficient
bounds checking on multiple command arguments by the LGServer
service. The second set of vulnerabilities, CVE-2007-5003, occur
due to insufficient bounds checking on rxrLogin authentication
credentials and on a username by the GetUserInfo() function. The
third vulnerability, CVE-2007-5004, occurs due to insufficient
verification of an integer value used during authentication, which
============================================================
FOREGROUND SECURITY, SECURITY ADVISORY 2011-001
- Original release date: August 27, 2011
- Discovered by: Jose Carlos de Arriba
- Contact: (jcarriba (at) foregroundsecurity (dot) com, dade (at) painsec (dot) com)
- Severity: 4.3/10 (Base CVSS Score)
============================================================
I. VULNERABILITY
-------------------------
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | October 30, 2007 |
|--------------------+---------------------------------------------------|
| Reported By | Tilghman Lesher <tlesher AT digium DOT com> |
|--------------------+---------------------------------------------------|
| Posted On | December 18, 2007 |
|--------------------+---------------------------------------------------|
| Last Updated On | December 18, 2007 |
|--------------------+---------------------------------------------------|
Thor, the "Online Proof of Concept" section of the blog post points you to a *remote*
exploit (without any warning) but let me repeat the link here:
http://www.binaryplanting.com/demo/XP_2-click/test.html
Visit this with IE8 on 32-bit Windows XP.
Please find further information here:
Affected Platforms:
Windows
Status and Recommendation:
CA has issued the following patch to address the vulnerabilities.
CA Secure Content Manager r8: QO99987
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | July 18, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Tilghman Lesher < tlesher AT digium DOT com > |
|--------------------+---------------------------------------------------|
| Posted On | July 22, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | July 22, 2008 |
|--------------------+---------------------------------------------------|
Reported By:
Anonymous researcher working with the iDefense VCP (CVE-2007-5325)
Dyon Balding of Secunia Research (CVE-2007-5326)
Cocoruder of Fortinet Security Research Team (CVE-2007-5327)
Tenable Network Security (CVE-2007-5328)
Pedram Amini of DV Labs (dvlabs.tippingpoint.com) (CVE-2007-5329)
Dyon Balding of Secunia Research (CVE-2007-5330)
eEye Digital Security (CVE-2007-5331)
shirkdog (CVE-2007-5332)
Impact: A remote attacker can cause a denial of service, execute
Thor, the "Online Proof of Concept" section of the blog post points you to a *remote*
exploit (without any warning) but let me repeat the link here:
http://www.binaryplanting.com/demo/XP_2-click/test.html
Visit this with IE8 on 32-bit Windows XP.
Please find further information here:
Next Page>>
|
