SOLDIERX.COM Nobody Can Stop Information Insemination

{PRL} Novell Netware OpenSSH Remote Stack Overflow

Vulnerabilities in CMS WebManager-Pro

[ MDVSA-2010:169 ] mozilla-thunderbird

[USN-982-1] Wget vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Posted by nullcon on Sep 02

nullcon Dwitiya (2.0)
The Jugaad(hacking) Conference

nullcon is an initiative by null - The open security community.
(http://www.null.co.in)

Website:
http://nullcon.net

Calling all Jugaadus(hackers)
It's the time of the year when we welcome research done by the
community as paper submissions for nullcon.
So, sip your coffee, dust your debuggers, fire your tools, challenge
your grey cells and shoot us an email.

Tracks:
---------------
-...

Posted by travis+ml-dailydave on Sep 02

Forgot a few, or rather neglected to mention them, because I have no
good response, and am acknowledging the argument by omitting a
response. I'm responding here in the interest of fairness:

Pro: MAC policies are complex because what you're trying to do is complex.
Anti: So you're saying MAC is complex because MAC is complex?
Pro: I guess so. ;-)

I don't have a good way to defend this, but it seems to me that, in
general, the more fine-grained...

Posted by Alex Legler on Sep 02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201009-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: wxGTK: User-assisted execution of arbitrary code...

Posted by travis+ml-dailydave on Sep 02

Summary:

Government: We need cyber-security, put out a contract for bids.
CompanyA: We can do it for $120k/seat.
CompanyB: We can do it for $100k/seat.
CompanyC: We can do it for $140k/seat.
Government: SELECT * FROM CONTRACTOR ORDER BY COST_PER_SEAT;
CompanyB: Find us the people who are arguably qualified, and
will work for a maximum of $50k, fill out an EPSQ,
submit to a SSBI, and whose poo doesn't stink.
Nobody...

Posted by coderman on Sep 02

sir, you've got a Coyotos stuck in your mustache. what did you eat for lunch?

Posted by coderman on Sep 02

there are some useful mitigations around these inevitable failures,
http://qubes-os.org/Architecture.html is an example of isolation
rather than correctness i've liked since NetTop wrapped RSBAC policy
around vmware guest isolation...

defense in depth loves company, so application correctness, in
addition to NX / other hw protections on guest/host, in addition to
virtual machine isolation, in addition to RSBAC constraints, in
addition to ......

Posted by travis+ml-dailydave on Sep 02

Okay, I'll feed him... ;-)

I'm the one who came forward a few years ago - not as saying SELinux
is a silver bullet - but rather that it's not entirely worthless (as
many curmudgeons would have you believe).

That you can defeat a kernel-level protection with a kernel-level
exploit isn't news. Saltzer & Schroeder pointed out that a
"supervisor program" must protect itself long ago. To reliably
enforce a protection mechanism, you...

Posted by Valdis . Kletnieks on Sep 02

Yeah, but hacking a Harvard architecture is still balls harder than hacking
a von Neumann architecture. ;)

Posted by halfdog on Sep 02

Vde (virtual distributed ethernet) is an ethernet compliant virtual network that
can be spawned over a set of physical computers over the internet ... (see
http://vde.sourceforge.net).

The vde_plug (at least on ubuntu hardy) contains a bug, that is triggered when a
certain amount of encapsulated ether frame data is sent to the plug in a
specially timed manner. When the input buffer is filled just with a single byte,
vde_plug uses also the first...

Posted by Román Ramírez on Sep 02

Rooted CON 2011 - Call for Papers

-=] About Rooted CON

Rooted CON is a security congress which will be held in Madrid (Spain)
from 3 to 5 March 2011, whose spectrum of participants ranging from
students to state forces and secret services, through professionals of
the security market, lawyers, or even technology enthusiasts (and others).

-=] Type of Presentations

The congress accepts two kinds of presentations:

- Fast talks: 20 minutes.
-...

Posted by Pavel Kankovsky on Sep 02

If your OS's security model "understands" programs and data belong in
different security domains then every instruction of code on your computer
is trusted to enforce that policy. Your line of defence goes through every
program and any bug can breach it. The failure is inevitable. [1]

[1] P. A. Loscocco, S. D. Smalley, P. A. Muckelbauer, R. C. Taylor,
S. J. Turner and J. F. Farrell, "The Inevitability of Failure: The Flawed...

Posted by Pavel Kankovsky on Sep 02

You made general questions about RSA as a cryptographic primitive.
There was nothing about PKI in them.

RSA encryption uses public keys. Public keys are--as their name
suggests--supposed to be known publicly. Anyone can compute ciphertexts
from plaintexts. An encryption oracle will not help you crack RSA private
keys. If you can do it with the oracle, you can do it without the oracle
as well.

As far as encryption is concerned the purpose of...

Posted by MustLive on Sep 02

Hello Bugtraq!

I want to warn you about SQL Injection and Redirector (URL Redirector Abuse)
vulnerabilities in CMS WebManager-Pro (SecurityVulns ID:11108). It's
Ukrainian commercial CMS.

SQL Injection:

http://site/c.php?id=1%20and%20version()=5

Redirector:

http://site/c.php?id=1&url=http://websecurity.com.ua

Affected products: both systems CMS WebManager-Pro from two developers.
Vulnerable are versions CMS WebManager-Pro up to 8.1...

Posted by Francis Provencher on Sep 02

#####################################################################################

Application: Novell Netware OpenSSH Remote Stack Overflow

Platforms: Netware 6.5

Exploitation: Remote code execution

CVE Number:

Novell TID: 7006756

ZeroDayInitiative: ZDI-10-169

Author: Francis Provencher (Protek Research Lab's)

Blog: http://www.protekresearchlab.com/...

Posted by YGN Ethical Hacker Group on Sep 02

1. OVERVIEW

The Moovida Media Player application is vulnerable to Insecure DLL
Hijacking Vulnerability. Similar terms that describe this
vulnerability
have been come up with Remote Binary Planting, Unsafe Library Loading,
and Insecure DLL Loading/Injection/Hijacking/Preloading.

2. PRODUCT DESCRIPTION

Moovida Media Player is a free and open source media center that
allows you to enjoy all of your music, video and pictures
in an awsome...