Next Page >>
status
Sleeping for 10 seconds... (Ctrl+C to stop)...
Now, wait for the new connections to arrive. If you checks the listener
using the LSNRCTL tool you will something like the following:
$ lsnrctl status
LSNRCTL for Linux: Version 11.1.0.6.0 Production
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
----------------------
Cisco IOS Software versions 11.0 through 12.4 with the HTTP server
enabled. A system that contains the IOS HTTP server or HTTP secure
server, but does not have it enabled, is not affected.
To determine if the HTTP server is running on your device, issue the
show ip http server status | include status and the show ip http
server secure status | include status commands at the prompt and look
for output similar to:
Router#show ip http server status | include status
HTTP server status: Enabled
======================================================================
5) Time Table
28/08/2007 - Vendor notified.
28/08/2007 - Vendor response.
26/09/2007 - Additional information provided and status update
requested.
26/09/2007 - Vendor informs that status update will be provided soon.
10/10/2007 - Vendor provides status update.
23/11/2007 - Status update requested.
24/11/2007 - Vendor provides status update.
==[ Vulnerability
INFIGO IS's security team identified a critical remote buffer overflow
vulnerability in the latest ICQ version (ICQ 6.0). In newer versions,
ICQ has a 'Personal Status Manager' feature, where a user can specify
text messages for his status/mood (online/offline/etc.). The specified
message will be visible in the title part of a remote user's ICQ chat
window, when a chat session is initiated.
When a user writes a message in the status manager, the text string is
======================================================================
6) Time Table
24/02/2009 - Vendor notified.
27/02/2009 - Vendor response.
05/03/2009 - Vendor provides status update (having problems
reproducing the reported vulnerability).
06/03/2009 - Additional details and crash dump provided to vendor.
22/05/2009 - Vendor provides status update (still investigating).
12/08/2009 - Vendor provides status update (vulnerability confirmed).
24/09/2009 - Vendor provides status update (scheduled for December).
2008/03/11 n.runs AG sends PoCs for various issues to Apple Inc.
2008/03/11 Apple Inc. acknowledges the PoCs, but has issues
reproducing some of the vulnerabilities.
2008/03/12 n.runs AG sends more reliable PoCs along with detailed
reproduction steps.
2008/03/24 Apple Inc. sends a status report regarding the
vulnerabilities reported by n.runs AG
2008/03/30 n.runs AG thanks Apple Inc. for the status update and
apologises for not being more responsive during the
CanSecWest time-frame.
2008/03/31 Apple Inc. sends a second status update and provides a
01/11/2007 - Microsoft states that the vulnerability is fixed by the
patches released in MS06-069.
02/11/2007 - Vendor informed that MS06-069 does not fix the
vulnerability, which was tested against a fully patched
system.
23/11/2007 - Vendor contacted (status update requested).
23/01/2008 - Vendor contacted (status update requested again).
05/02/2008 - Vendor informed that due to no response to status
requests an advisory will be published in two weeks).
05/02/2008 - Vendor response (vulnerability successfully reproduced
and asks for coordinated disclosure).
======================================================================
5) Time Table
16/04/2008 - Vendor notified.
16/04/2008 - Vendor response.
25/06/2008 - Status update requested.
27/06/2008 - Vendor response (responsible person is on holiday, but
will provide status update ASAP).
24/07/2008 - Status update requested.
13/08/2008 - Status update requested.
13/08/2008 - Vendor response.
} SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;
PVOID GetInfoTable(ULONG ATableType)
{
ULONG mSize = 0x4000;
PVOID mPtr = NULL;
LONG status;
HMODULE hlib = GetModuleHandle("ntdll.dll");
PVOID pZwQuerySystemInformation = GetProcAddress(hlib , "ZwQuerySystemInformation");
do
{
mPtr = malloc(mSize);
VIII. DISCLOSURE TIMELINE
12/05/2008 Initial Contact
01/05/2009 Microsoft requested PoC
01/06/2009 iDefense sent PoC
01/23/2009 iDefense requested status update
01/26/2009 iDefense requested status update
01/27/2009 Microsoft reports status
02/09/2009 Microsoft reports status
02/26/2009 Microsoft reports status
03/27/2009 Microsoft reports status
Return the number of bytes read on success, SAFE_READ_ERROR on error. */
size_t
rmt_read__ (int handle, char *buffer, size_t length)
{
char command_buffer[COMMAND_BUFFER_SIZE];
size_t status;
size_t rlen;
size_t counter;
sprintf (command_buffer, "R%lu\n", (unsigned long) length);
if (do_command (handle, command_buffer) == -1
VIII. DISCLOSURE TIMELINE
12/05/2008 Initial Contact
01/05/2009 Microsoft requested PoC
01/06/2009 iDefense sent PoC
01/23/2009 iDefense requested status update
01/26/2009 iDefense requested status update
01/27/2009 Microsoft reports status
02/09/2009 Microsoft reports status
02/26/2009 Microsoft reports status
03/27/2009 Microsoft reports status
VIII. DISCLOSURE TIMELINE
12/05/2008 Initial Contact
01/05/2009 Microsoft requested PoC
01/06/2009 iDefense sent PoC
01/23/2009 iDefense requested status update
01/26/2009 iDefense requested status update
01/27/2009 Microsoft reports status
02/09/2009 Microsoft reports status
02/26/2009 Microsoft reports status
03/27/2009 Microsoft reports status
01/19/2009 From IBM - 1st response & PoC Request
01/21/2009 From Autonomy - New proposed tentative disclosure date - End
of February 2009
01/21/2009 From Symantec - Proposed tentative disclosure date -
February 24, 2009
01/30/2009 Multiple vendor coordination status sent
01/30/2009 to IBM - PoC resent
02/05/2009 From IBM - clarification request
02/12/2009 From IBM - clarification request
02/13/2009 to IBM - clarification response
02/18/2009 From IBM - requests PoC clarification
======================================================================
6) Time Table
27/07/2009 - Vendor notified.
27/07/2009 - Vendor response.
19/08/2009 - Vendor provides status update.
24/09/2009 - Vendor provides status update.
27/10/2009 - Vendor provides status update.
08/12/2009 - Vendor provides status update.
29/01/2010 - Vendor provides status update.
30/04/2010 - Vendor provides status update (tentatively targetting
======================================================================
6) Time Table
27/07/2009 - Vendor notified.
27/07/2009 - Vendor response.
19/08/2009 - Vendor provides status update.
24/09/2009 - Vendor provides status update.
27/10/2009 - Vendor provides status update.
08/12/2009 - Vendor provides status update.
29/01/2010 - Vendor provides status update.
30/04/2010 - Vendor provides status update (tentatively targetting
======================================================================
6) Time Table
09/07/2009 - Vendor notified.
09/07/2009 - Vendor response.
15/08/2009 - Vendor provides status update.
25/09/2009 - Vendor provides status update.
11/01/2010 - Status update requested.
11/01/2010 - Vendor provides status update (scheduled for May 2010).
30/04/2010 - Vendor provides status update (slipped from May 2010
release and now tentatively targetting August 2010).
deemed a pre-requisite to report the bug to MSRC. Core asks the vendor
if they have any findings that rules out exploitation for privilege
escalation and denial of service attacks.
. 2009-11-04:
Status update from MSRC saying that the investigation into the issue was
concluded. The issue was successfully identified with the PoC provided
by Core. After extensive review it was determined that all the memory
locations identified by the tool fall within the work area of the
Virtual Machine Monitor. The findings are that the contents of the RW
pages are not trusted by Virtual PC and overwritten before use and that
======================================================================
6) Time Table
14/07/2009 - Vendor notified.
14/07/2009 - Vendor response.
20/08/2009 - Vendor provides status update.
24/09/2009 - Vendor provides status update (scheduled for fall 2009).
29/10/2009 - Vendor provides status update (scheduled for March 2010).
28/05/2010 - Vendor provides status update (slipped from March 2010
release and now scheduled for August 2010).
02/06/2010 - Vendor provides status update.
Timeline:
20100819 Contacted vendor, supplied PoC
20100825 Vendor acknowledges receipt of information
20100826 Vendor creates ticket, SR # 10645215982
20100922 nSense requests status update
20100928 Vendor responds that a fix is being tested
20101109 nSense requests status update
20101112 nSense requests status update
20101112 Vendor responds, fix is still being tested
20101221 nSense requests status update
Advisory Name: VMware Tools Multiple Vulnerabilities
Release Date: 2011-06-03
Application: VMware Guest Tools
Severity: High
Author: Dan Rosenberg <drosenberg (at) vsecurity.com>
Vendor Status: Patch Released [2]
CVE Candidate: CVE-2011-1787, CVE-2011-2145, CVE-2011-2146
Reference: http://www.vsecurity.com/resources/advisory/20110603-1/
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
int ReadKernelMemory ( void *address, void *buffer, unsigned int len )
{
static int first_time = TRUE;
SYSDBG_VIRTUAL DbgMemory;
LONG Status;
int ret = FALSE;
/* If it is the first time */
if ( first_time == TRUE )
{
2011-09-19: Contacting vendor through securityteam@openoffice.org
2011-09-21: Vendor response, clarification request
2011-09-21: Sent answer
2011-10-05: Vendor response, clarification request
2011-10-05: Sent answer
2011-10-13: Contacted vendor asking for status
2011-11-23: Contacted vendor asking for status
2011-11-23: Vendor response, project moved to Apache
2011-11-24: Contacting vendor through ooo-security@incubator.apache.org
2011-12-05: Contacted vendor asking for status
2011-12-05: Vendor response
VII. VENDOR RESPONSE
The vendor verified the existence of the issue and addressed it as soon
as possible with a hotfix. Unfortunately most of the communication
bypassed us and were forced to ask for the current status several times.
Our last request of the current status at 08/24/2009 were unanswered.
VIII. SOURCES
scip AG - Security Consulting Information Process (german)
Affected Component: ConsoleUtilities ActiveX Control V.6.0.0.1846
Not Affected Component: ConsoleUtilities ActiveX Control V.6.0.0.2000
Remote Exploitable: Yes
Local Exploitable: No
CVE-ID: CVE-2009-3031
Patch Status: Vendor released an patch
Discovered by: Nikolas Sotiriu
Disclosure Policy: http://sotiriu.de/policy.html
Thanks to: Thierry Zoller: For the permission to use his
Policy
12/18/2007 - Initial Contact
12/18/2007 - Initial Response
12/19/2007 - PoC Requested
12/19/2007 - PoC Sent
01/14/2008 - Status update received
03/27/2008 - Status update requested
03/28/2008 - Status update received - no estimated release date
04/28/2008 - Status update requested
04/28/2008 - Status update received - no estimated release date
01/11/2009 - Vendor states updates being silently released soon,
Hi
With the new features implemented in IE 8, the status address bar has been
transformed too. The new step taken by Microsoft IE team that is not to
show
the address of selected link in a status bar can have a serious impact.
A user
will not be able to see the active link in the status bar. This looks
$uid = '';
$username = '';
$password = '';
$status = -1;
if (isset($_SERVER['PHP_AUTH_USER'])) {
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
6) Time Table
07/07/2010 - Vendor notified about vulnerability #1.
08/07/2010 - Vendor notified about vulnerability #2.
08/07/2010 - Vendor response.
15/08/2010 - Vendor provides status update.
11/01/2010 - Status update requested.
11/01/2010 - Vendor provides status update (tentatively targetting
May 2010).
30/04/2010 - Vendor provides status update (slipped from May 2010
release and now tentatively targetting August 2010).
authentication protocols. One of those protocols is EAP-TLS
used within 802.1X. In EAP-TLS X.509 client certificates are
used to authenticate remote users/clients.
FreeRADIUS supports several methods for checking the revocation
status of X.509 certificates. Recently support for revocation
status checking with the Online Certificate Status Protocol (OCSP)
was added to FreeRADIUS.
During a test of the OCSP support in FreeRADIUS, a security
vulnerability has been found in the way the FreeRADIUS code parses
Next Page>>
|
