Next Page >>
dynamic
The GNU C library dynamic linker expands $ORIGIN in setuid library search path
------------------------------------------------------------------------------
Gruezi, This is CVE-2010-3847.
The dynamic linker (or dynamic loader) is responsible for the runtime linking of
dynamically linked programs. ld.so operates in two security modes, a permissive
mode that allows a high degree of control over the load operation, and a secure
mode (libc_enable_secure) intended to prevent users from interfering with the
loading of privileged executables.
The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads
-------------------------------------------------------------------------------
Cześć, This advisory describes CVE-2010-3856, an addendum to CVE-2010-3847.
Please see http://seclists.org/fulldisclosure/2010/Oct/257 for background
information.
For obvious reasons, the dynamic linker will ignore requests to preload user
specified libraries for setuid/setgid programs. However, it is possible to
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities
1. *Advisory Information*
Title: Internet Explorer Dynamic OBJECT tag and URLMON sniffing
=============================================================================
FreeBSD-SA-09:12.bind Security Advisory
The FreeBSD Project
Topic: BIND named(8) dynamic update message remote DoS
Category: contrib
Module: bind
Announced: 2009-07-29
Credits: Matthias Urlichs
WAS Samples:
2. PlantsByWebSphere Sample multiple XSS vulnerabilities.
3. JAX-WS Web Services MTOM Sample XSS vulnerability.
4. JAX-WS Web Services Ping and Echo Sample multiple XSS vulnerabilities.
5. Dynamic Query - Employee Finder Sample multiple XSS vulnerabilities.
6. Dynamic Query - EJB Data Mediator Service Sample XSS vulnerability.
7. Application Profile - Account Management Sample multiple XSS vulnerabilities.
8. Scheduler Account Report Sample multiple XSS vulnerabilities.
Istanbul, Turkey.
NTMS'2012 aims at fostering advances in the areas of New Technologies,
Wireless Networks, Mobile Computing, Ad hoc and Ambient Networks, QoS,
Network Security and E-commerce, to mention a few, and provides a
dynamic forum for researchers, students and professionals to present
their state-of-the-art research and development in these interesting
areas.
The event will be combined with tutorial sessions and workshops.
Tutorials will precede the main program, aiming at the dissemination of
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Dynamic Update packets can cause a Denial of Service in the BIND
daemon.
Background
==========
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 31, 2008
I. BACKGROUND
IBM Corp.'s Informix Dynamic Server is an online transaction processing
data server. For more information, visit the product's homepage at the
following URL.
http://www-306.ibm.com/software/data/informix/ids/
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 31, 2008
I. BACKGROUND
IBM Corp.'s Informix Dynamic Server is an online transaction processing
data server. For more information, visit the product's homepage at the
following URL.
http://www-306.ibm.com/software/data/informix/ids/
http://labs.idefense.com/intelligence/vulnerabilities/
Nov 09, 2007
I. BACKGROUND
IBM Corp.'s Informix Dynamic Server is an online transaction processing
data server. It contains several set-uid root binaries. For more
information, visit the product homepage at the following URL.
http://www-306.ibm.com/software/data/informix/ids/
Istanbul, Turkey.
NTMS'2012 aims at fostering advances in the areas of New Technologies,
Wireless Networks, Mobile Computing, Ad hoc and Ambient Networks, QoS,
Network Security and E-commerce, to mention a few, and provides a
dynamic forum for researchers, students and professionals to present
their state-of-the-art research and development in these interesting
areas.
The event will be combined with tutorial sessions and workshops.
Tutorials will precede the main program, aiming at the dissemination of
Bugtraq ID: 25984
CVE Name: CVE-2007-0063
*Vulnerability Description*
OpenBSD’s DHCP server, dhcpd, implements the Dynamic Host Configuration
Protocol (DHCP) [1] and the Internet Bootstrap Protocol (BOOTP) [2]. DHCP
allows hosts on a TCP/IP network to request and be assigned IP addresses,
and also to discover information about the network to which they are
attached. BOOTP provides similar functionality, with certain restrictions.
Description
XWork before version 2.2.1 allows Java class path disclosure when non-existent method is requested
* using <s:submit> tag with and Dynamic Method Invocation (DMI) enabled.
* using bang notation (actionclass!method.action) with Dynamic Method Invocation (DMI) enabled
Apache Struts 2 and OpenSymphony WebWork frameworks are vulnerable to similar attacks.
1. Using <s:submit> tag with Dynamic Method Invocation (DMI) enabled.
To verify if NAT is enabled on a Cisco IOS device, log into the
device and issue the command "show ip nat statistics". The following
example shows a device configured with NAT:
Router# show ip nat statistics
Total translations: 2 (0 static, 2 dynamic; 0 extended)
Outside interfaces: Serial0
Inside interfaces: Ethernet1
Hits: 135 Misses: 5
Expired translations: 2
Dynamic mappings:
from functioning is vulnerable to a replay attack. It is possible to
fix the CAPTCHA value to a specific value and send that value to the
server as part of every request and gain access to protected
resources.
The Formshield CAPTCHA uses a dynamic key stored in the __VIEWSTATE of
the request and sends encrypted text to the server for obtaining and
displaying new image text in the CAPTCHA on the page every time. There
are 2 problems with this approach:
The encrypted text for a specific image always remains the same
from functioning is vulnerable to a replay attack. It is possible to
fix the CAPTCHA value to a specific value and send that value to the
server as part of every request and gain access to protected
resources.
The Formshield CAPTCHA uses a dynamic key stored in the __VIEWSTATE of
the request and sends encrypted text to the server for obtaining and
displaying new image text in the CAPTCHA on the page every time. There
are 2 problems with this approach:
The encrypted text for a specific image always remains the same
HP has provided the following software updates to resolve the vulnerability.
The updates can be downloaded from http://www.hp.com/go/softwaredepot/
Ignite-UX vC.7.3.148 or subsequent
Dynamic Root Disk vA.3.0.0 or subsequent
MANUAL ACTIONS: Yes - Update
Update to Ignite-UX vC.7.3.148 or subsequent, Dynamic Root Disk vA.3.0.0 or subsequent
########################################################
Description:
DynPG is used to upload and manage dynamic web content similar to other content management systems.
DynPG however differs from other CMS, because it is embedded directly into websites.
The software was originally developed to realize designs that are created with Adobe Photoshop, Adobe Fireworks, Adobe Illustrator or any other graphics software.
The layout is created with an editor like Adobe Dreamweaver or Adobe GoLive or even as simple code.
After that, code snippets are placed at those points, where dynamically generated content (like articles, galleries, blogs or other dynamic content) shall be generated.
It provides a convenient way to extend existing websites with dynamic content. DynPG provides a template engine, but also supports existing CSS layouts.
eNYe-Sec - www.enye-sec.org
>> Program description (by the author website) <<
The Gemini Portal 4 is the most scalable, dynamic, and powerful content
management system there is. It is perfect for large business network services,
to the simple personal web site for use with PHP and MySQL.', 'The Gemini
Portal is a dynamic content management system. It is ideal for any size
community, allowing users, moderators, limited admins, and global admins log
in. Many of the built in pages use the dynamic database file system (ArzFS)
through knowledge driven search.
|
| It’s designed to drive users to the knowledge they seek and enhance the visibility
of content and context of your organization's unstructured information.
|
| * Dynamic - delivers complete dynamic facet capabilities, type-ahead search,
real-time content alerting, is reactive to search-led content exploration
| * Tailorable - delivers business adjustable relevancy and UIMA standardization
for entity identification and tuned semantic searching
| * Supportable - delivers search on 20+ platform, connects to 30+ repositories
| * Secure - delivers enforced security across content repositories
[+] Application: AdaptBB
[+] Version: 1.0 Beta
[+] Website: http://sourceforge.net/projects/adaptbb/
[+] Bugs: [A] Multiple Blind SQL Injection
[B] Multiple Dynamic Code Execution
[C] Arbitrary File Upload
[+] Exploitation: Remote
[+] Date: 09 Apr 2009
- Version:5.10.014
[Bug Description and Proof of Concept]
Attackers use source code disclosure attacks to try to obtain the
source code of server-side applications. The basic role of Web servers
is to serve files as requested by clients. Files can be static, such
as image and HTML files, or dynamic, such as ASP, JSP and PHP files.
When the browser requests a dynamic file, the Web server first
executes the file and then returns the result to the browser. Hence,
dynamic files are actually code executed on the Web server.
http://www.imperva.com/resources/glossary/source_code_disclosure.html
Industry Gold Sponsor: Deutsche Telekom Laboratories
Industry Silver Sponsor: Frauenhofer Heinrich Hertz Institute
Technical co-sponsors:
IEEE Control System Society
International Society of Dynamic Games
In-cooperation with ACM SIGSAC
***
GameSec 2010, the inaugural Conference on Decision and Game Theory for
Security
Domain Name System (DNS) protocols. BIND includes a DNS server
(named); a resolver library (routines for applications to use when
interfacing with DNS); and tools for verifying that the DNS server
is operating correctly.
A flaw was found in the way BIND handles dynamic update message
packets containing the "ANY" record type. A remote attacker could
use this flaw to send a specially-crafted dynamic update packet
that could cause named to exit with an assertion failure.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
ZDI-08-012: IBM Informix Dynamic Server Authentication Password Stack
Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-012
March 13, 2008
-- CVE ID:
CVE-2008-0727
-- Affected Vendors:
IBM
device and issue the show ip nat statistics command. The following
example shows a device that is configured with NAT:
Router#show ip nat statistics
Total translations: 2 (0 static, 2 dynamic; 0 extended)
Outside interfaces: Serial0
Inside interfaces: Ethernet1
Hits: 135 Misses: 5
Expired translations: 2
Dynamic mappings:
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02904002
Version: 1
HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-07-05
Last Updated: 2011-07-05
* Exploiting Online Games - Gary McGraw
* SHIELDS: metrics, tools and Internet services to improve security in
application developments - Domenico Rotondi
* Graph Analysis for WebApps: From Nodes to Edges - Simon Roses Femerling
* The OWASP Education Project - Martin Knobloch
* Dynamic Taint Propagation: Finding Vulnerabilities Without Attacking -
Matias Madou
* Threat Modeling for Application Designers & Architects - Shay Zalalichin
* Scanstud: Evaluating static analysis tools - Martin Johns,
* Office 2.0: Software as a Service, Security on the Sidelines? - John
ZDI-08-011: IBM Informix Dynamic Server DBPATH Buffer Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-011
March 13, 2008
-- CVE ID:
CVE-2008-0727
-- Affected Vendors:
IBM
CVE Id(s) : CVE-2009-0696
CERT advisory : VU#725188
Debian Bug : 538975
It was discovered that the BIND DNS server terminates when processing a
specially crafted dynamic DNS update. This vulnerability affects all
BIND servers which serve at least one DNS zone authoritatively, as a
master, even if dynamic updates are not enabled. The default Debian
configuration for resolvers includes several authoritative zones, too,
so resolvers are also affected by this issue unless these zones have
been removed.
Next Page>>
|
