Next Page >>
public
/*
*
* Copyright (C) darkfig
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
Advisory ID: cisco-sa-20100707-snmp
Revision 1.0
For Public Release 2010 July 07 1600 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
is AOL's business-oriented version of AIM targeted for professional use
with an emphasis on "business-grade" security and integration with email
client and other productivity applications
(http://aimpro.premiumservices.aol.com/) AIM Lite, as defined in its
website (http://x.aim.com/laim/), is a reference application used to test
new technology also developed by AOL and available for the public in the
form of a "light IM client".
A vulnerability was discovered in these three popular versions of AOL
Instant Messaging software, AIM 6.1 (and 6.2 beta), AIM Pro and AIM Lite,
which expose workstations running the IM clients and their users to
is AOL's business-oriented version of AIM targeted for professional use
with an emphasis on "business-grade" security and integration with email
client and other productivity applications
(http://aimpro.premiumservices.aol.com/) AIM Lite, as defined in its
website (http://x.aim.com/laim/), is a reference application used to test
new technology also developed by AOL and available for the public in the
form of a "light IM client".
A vulnerability was discovered in these three popular versions of AOL
Instant Messaging software, AIM 6.1 (and 6.2 beta), AIM Pro and AIM Lite,
which expose workstations running the IM clients and their users to
Title: Twitter credentials disclosure in HTC Peep mobile app (default HTC Twitter client)
Vulnerability ID: TAD-2011-001
Credits: This vulnerability was discovered by Raul Siles, Founder and Senior Security Analyst with Taddong (www.taddong.com)
Publication date: February 4, 2011
Vendors contacted: HTC (and MITRE - CVE ID)
-- Vulnerability description:
> On 3/23/2011 2:13 PM, Theo de Raadt wrote:
> >> If *any* threat exists,
> >> that threat is increased by public exposure of unmitigated attack
> >> methodology
> > I think you have it wrong.
> >
> > Public exposure increases the visibility, and therefore customers
> > install the patches quicker.
> >
> > Without public visibility, they will keep running the old code.
HES2010 will focus on hardcore computer security, insecurity,
vulnerability analysis, reverse engineering, research and hacking.
INTRO
The goal of this conference is to promote security research, broaden
public awareness and create an open forum so that communication
between the researcher, the security industry, the experts and the
public can happen.
A recent decision of justice in France has convicted a security
researcher for disclosing vulnerabilities and exploits. These laws
familiar
with the way IPB handles input data. Below is a quick trace of input
validation process. The code snippets come from IPB version 3.0.4.
line | file: admin/sources/base/ipsRegistry.php
352 | static public function init()
353 | {
... |
... |
462 | IPSLib::cleanGlobals( $_GET );
463 | IPSLib::cleanGlobals( $_POST );
Aruba Networks Security Advisory
Title: Management User Authentication Bypass Vulnerability When Using
Public Key Based SSH Authentication.
Aruba Advisory ID: AID-42309
Revision: 1.0
For Public Release on 4/23/2009
source applications that are vulnerable to this.
During our search it was discovered that PHPIDS did unserialize()
every piece of user input that looked like being seríalized.
public static function runCentrifuge($value, IDS_Monitor $monitor = null)
{
$threshold = 3.49;
$unserialized = false;
if(preg_match('/^\w:\d+:\{/', $value)) {
$unserialized = @unserialize($value);
Document ID: 109450
Advisory ID: cisco-sa-20090225-ace
http://www.cisco.com/warp/public/707/cisco-sa-20090225-ace.shtml
Revision 1.0
For Public Release 2009 February 25 1600 UTC (GMT)
This time-line is mostly here to keep track of work and progress on this
issue. However it does highlight one important thing. Vendors need to
provide valid, secure, contact information that can get security issues
reported to the proper individuals within their organization. This contact
information should be clearly published on their public facing web sites.
12/05/2007 - Initial Discovery
12/12/2007 - Contacted Cert Coordination Center to attempt to obtain
appropriate vendor contact information.
12/17/2007 - Additional work on details, proof of concept
Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network
Denial of Service Vulnerability
Advisory ID: cisco-sa-20080326-pptp
http://www.cisco.com/warp/public/707/cisco-sa-20080326-pptp.shtml
Revision 1.0
For Public Release 2008 March 26 1600 UTC (GMT)
Advisory ID: cisco-sa-20100811-ace
Revision 1.0
For Public Release 2010 August 11 1600 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
TEHTRI-Security was invited to give a talk called "Web In The Middle,
Attacking Clients", at the first Hack In The Box Europe, Amsterdam (
http://conference.hackinthebox.org/hitbsecconf2010ams/ ).
During our talk, we released multiple advisories and we explained many
issues related to some vulnerabilities. You can find more public
information through the slides available online. Here are some related
details that we wanted to share with you through this mailing list :
o CVE-2010-1752: TEHTRI-Security inside the iPhone iOS4
TEHTRI-Security found a stack overflow in CFNetwork API, through the
Advisory ID: cisco-sa-20090923-tls
Revision 1.0
For Public Release 2009 September 23
+---------------------------------------------------------------------
Summary
=======
Cisco Security Advisory: Cisco ACE Application Control Engine Device
Manager and Application Networking Manager Vulnerabilities
Advisory ID: cisco-sa-20090225-anm
http://www.cisco.com/warp/public/707/cisco-sa-20090225-anm.shtml
Revision 1.0
For Public Release 2009 February 25 1600 UTC (GMT)
Advisory ID: cisco-sa-20090114-ironport
Revision 1.0
For Public Release 2009 January 14 1600 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
*Vendor Information, Solutions and Workarounds*
In general process control networks should be physically isolated from
corporate or other publicly accessible data networks as such an isolated
network will limit the exposure of systems with network facing
vulnerabilities only to accidental disruption or potentially malicious
users or systems within the process control network itself.
However, if physical isolation of the process control network is not
Server: Apache/2.2.3 (CentOS)
Content-Length: 590
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /Znl5g3k70ZaBUPYmN5RAGUdkskoprzGI63K4mIj2sqzbX0Kc3Fu7vfthepWhmKvjudPuJTNeK9zw5MaZ1yXJi8RJRRuPe5UahFwOblMXsIPTGh3pVjTLdim3vuTKgdazOG9idQbIjbnpMEco8Zlo5xNRuCoviPx7x7tYYeOgc8HU46gaecJwnHY7f6GlQB8H6kBFhjoIaHE1SQPhU5VReCz1olPh5jZ<font size=50>DEFACED<!xc+ADw-script+AD4-alert('xss')+ADw-/script+AD4---//--
VPN, and Supervisor 32, Supervisor 720, or
Route Switch Processor 720
Advisory ID: cisco-sa-20080326-queue
http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml
Revision 1.0
For Public Release 2008 March 26 1600 UTC (GMT)
Document ID: 100358
Advisory ID: cisco-sa-20080213-cucmsql
http://www.cisco.com/warp/public/707/cisco-sa-20080213-cucmsql.shtml
Revision 1.0
For Public Release 2008 February 13 1600 UTC (GMT)
Document ID: 100345
Advisory ID: cisco-sa-20080116-cucmctl
http://www.cisco.com/warp/public/707/cisco-sa-20080116-cucmctl.shtml
Revision 1.0
For Public Release 2008 January 16 1600 UTC (GMT)
Vary: negotiate
TCN: list
Content-Length: 610
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>406 Not Acceptable</title>
</head><body>
<h1>Not Acceptable</h1>
<p>An appropriate representation of the requested resource /<img
>=20
> Microsoft Office allows documents to be digitally signed by
>=20
> authors using certified keys, allowing viewers to verify the=20
>=20
> integrity and the origin based on the author's public key.=20
>=20
> The author's public key certificate, which can come from a=20
>=20
> trusted third party, is embedded in the signed document.=20
>=20
On Sun, 23 Sep 2007, Chad Perrin wrote:
> In the case of that "private zero day exploit", then, nobody will ever
> know about it except the person that has it waiting in reserve -- and if
> someone else discovers and patches the vulnerability before the exploit
> is ever used, it never becomes a "public" zero day exploit. In other
> words, you can always posit that there's sort of a Heisenbergian state of
> potential private zero day exploitedness, but in real, practical terms
> there's no zero day anything unless it's public.
>
> The moment you have an opportunity to measure it, the waveforms collapse.
On 9/25/07, Brian Loe <knobdy@gmail.com> wrote:
> On 9/25/07, Gadi Evron <ge@linuxbox.org> wrote:
> > No longer good enough.
> >
> > We can get a press scare over a public vuln release, or a wake-up call.
> >
> > I think we can do better as an industry.
>
> Who, then, rewrites all of the reference material? And doesn't any new
> definition simply become definition number 2 in Webster?
On 9/25/07, Adrian Griffis <adriang63@gmail.com> wrote:
> I understand why this descriptivist approach is tempting over a
> prescriptivist approach. But it's important, I think, to keep in mind
> that the public uses the word "illegal" when they really mean
> "unlawful" and uses the word "Schizophrenic" when they are talking
> about multiple personality disorders. All technical fields have their
> jargon, and the general public is simply not well educated enough
> about the issues involved to arbitrate disputes over usage. Just as
> the legal profession needs the word "illegal" with its proper meaning,
> On 9/25/07, Brian Loe <knobdy@gmail.com> wrote:
>> On 9/25/07, Gadi Evron <ge@linuxbox.org> wrote:
>> > No longer good enough.
>> >
>> > We can get a press scare over a public vuln release, or a wake-up call.
>> >
>> > I think we can do better as an industry.
>>
>> Who, then, rewrites all of the reference material? And doesn't any new
>> definition simply become definition number 2 in Webster?
On 3/23/2011 2:13 PM, Theo de Raadt wrote:
>> If *any* threat exists,
>> that threat is increased by public exposure of unmitigated attack
>> methodology
> I think you have it wrong.
>
> Public exposure increases the visibility, and therefore customers
> install the patches quicker.
>
> Without public visibility, they will keep running the old code.
Next Page>>
|
