You are hereFeed aggregator / Sources / Full Disclosure - NB Contains harsh language
Full Disclosure - NB Contains harsh language
A lightly moderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately, most of the posts are worthless drivel, so finding the gems takes patience.
Updated: 54 min 20 sec ago
Re: Trustwave and Mozilla (Resolved)
1 hour 7 min agoPosted by decoder on Feb 22
Hi,some important points seem missing here. First of all, Mozilla sent a CA
communications that clarifies that issuing MitM certificates is not
acceptable by the policy (in fact, the policy was *not* clear about that
before, this case has never been there). Furthermore, all other CAs (and
according to Trustwave, quite a few CAs consider this "common
practice"), have been given a deadline by which all of these
certificates have to be...
Categories: Technical Blogs
Re: Patator - new multi-purpose brute-forcing tool
1 hour 47 min agoPosted by Nate Theis on Feb 22
You might look into PyPy for a speed boost: http://pypy.orgCategories: Technical Blogs
Re: Downloads Folder: A Binary Planting Minefield
1 hour 48 min agoPosted by Nate Theis on Feb 22
Hmm, interesting AV evasion technique: Seemingly legitimate app, but thedownload page gives both a malicious DLL and the main executable, the main
executable uses LoadLibrary insecurely.
Categories: Technical Blogs
Re: Trustwave and Mozilla (Resolved)
2 hours 4 min agoPosted by Jeffrey Walton on Feb 22
The previous was a statement of facts. "Inmates running the asylum" ishyperbole.
If you find you are sensitive to the position taken, it could indicate
you took the wrong position.
Jeff
Categories: Technical Blogs
Trustwave and Mozilla (Resolved)
2 hours 26 min agoPosted by Jeffrey Walton on Feb 22
It appears to be official.Trustwave issued MitM certificates, which is deceptive, unethical, and
contrary to its agreement for inclusion.
Mozilla just rewarded their violations of trust by continuing their
inclusion. Apparently, agreements between Mozilla and CAs have no
veracity as both are more than happy to violate the end user.
Original Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=724929
NSS and Firefox Update:...
Categories: Technical Blogs
Snom IP Phone Privilege Escalation - Security Advisory - SOS-12-001
2 hours 58 min agoPosted by Lists on Feb 22
Sense of Security - Security Advisory - SOS-12-001Release Date. 23-Feb-2012
Last Update. -
Vendor Notification Date. 27-Jan-2012
Product. Snom IP Phone series
Platform. Hardware
Affected versions. All versions prior to v8.4.35
Severity Rating. High
Impact. Privilege escalation
Attack Vector. Remote without...
Categories: Technical Blogs
Re: Pros and cons of 'Access-Control-Allow-Origin' header?
3 hours 13 min agoPosted by Michele Orru on Feb 22
Michal Zalewski wrote:@DavidBlanc what Michal said is what I meant before, and what we're
actually doing in BeEF :-)
If you have an XSS of whatever of the 3 types, you are already pwned,
meaning that whoever exploits the XSS loading an external JS is
controlling your browser across the whole domain of the vulnerable
webapp (SOP restrictions applied, unless you don't have a 0day, use
CORS, etc..)
Specifically in BeEF we use...
Categories: Technical Blogs
Re: Pros and cons of 'Access-Control-Allow-Origin' header?
5 hours 15 min agoPosted by Michal Zalewski on Feb 22
No. It's a mechanism to control cross-origin XMLHttpRequests (and someother peripheral things), and adding it does not reduce the likelihood
or exploitability of XSS bugs.
If you use it incorrectly, you may end up removing most of the
security assurances provided by the same-origin policy, but that's a
separate topic.
If you have an XSS vulnerability, there are many simpler ways to relay
data to an attacker-controlled site without...
Categories: Technical Blogs
iOS 5 passcode bypass flaw reported
5 hours 19 min agoPosted by Juha-Matti Laurio on Feb 22
The source article:http://threatpost.com/en_us/blogs/ios-5-flaw-allows-unfettered-access-users-contacts-calls-022212
Juha-Matti
Categories: Technical Blogs
Re: Circumventing NAT via UDP hole punching.
5 hours 46 min agoPosted by Harry Behrens on Feb 22
I believe this is exactly what "Symmetric RTP" in the context ofSIP-based communication has been doing for years.
Or have I missed something?
Best regards,
Harry
Categories: Technical Blogs
TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability
6 hours 3 min agoPosted by ZDI Disclosures on Feb 22
TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing RemoteCode Execution Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-12-01
February 22, 2012
-- CVE ID:
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java Runtime
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code
on vulnerable installations of Oracle Java. User interaction is...
Categories: Technical Blogs
Re: Pros and cons of 'Access-Control-Allow-Origin' header?
6 hours 23 min agoPosted by David Blanc on Feb 22
I am sorry, I don't understand what you are trying to say here. Whichquestion of mine did you answer?
BTW, I'm aware that whether we use a wildcard or not is up to us.
Categories: Technical Blogs
ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution
6 hours 31 min agoPosted by ZDI Disclosures on Feb 22
ZDI-12-039 : Oracle Java Web Start java-vm-args Command ArgumentInjection Remote Code Execution
http://www.zerodayinitiative.com/advisories/ZDI-12-039
February 22, 2012
-- CVE ID:
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java Runtime
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection...
Categories: Technical Blogs
ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability
6 hours 32 min agoPosted by ZDI Disclosures on Feb 22
ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote CodeExecution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-038
February 22, 2012
-- CVE ID:
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java Runtime
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID...
Categories: Technical Blogs
ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability
6 hours 34 min agoPosted by ZDI Disclosures on Feb 22
ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote CodeExecution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-037
February 22, 2012
-- CVE ID:
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java Runtime
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID...
Categories: Technical Blogs
ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability
6 hours 35 min agoPosted by ZDI Disclosures on Feb 22
ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote CodeExecution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-036
February 22, 2012
-- CVE ID:
CVE-2012-0155
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by...
Categories: Technical Blogs
ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability
6 hours 36 min agoPosted by ZDI Disclosures on Feb 22
ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote CodeExecution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-035
February 22, 2012
-- CVE ID:
CVE-2012-0011
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer 9
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by...
Categories: Technical Blogs
ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability
6 hours 39 min agoPosted by ZDI Disclosures on Feb 22
ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File ParsingRemote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-034
February 22, 2012
-- CVE ID:
CVE-2012-0150
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Windows Media Player
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability...
Categories: Technical Blogs
Re: Pros and cons of 'Access-Control-Allow-Origin' header?
6 hours 40 min agoPosted by Michele Orru on Feb 22
Take a look at http://beefproject.com internals.We're using that header.
Actually it depends how do you use it.
It's like crossdomain.xml: you can use a wildcard or not,
it's up to you.
Cheers
antisnatchor
David Blanc wrote:
Categories: Technical Blogs
ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability
6 hours 41 min agoPosted by ZDI Disclosures on Feb 22
ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code ExecutionVulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-033
February 22, 2012
-- CVE ID:
-- CVSS:
10, AV:N/AC:L/Au:N/C:C/I:C/A:C
-- Affected Vendors:
ABB
-- Affected Products:
ABB WebWare
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 11594.
For further...
Categories: Technical Blogs
