«
Expand/Collapse
1665 items tagged "code"
Related tags:
multiple [+],
web [+],
server [+],
exploits [+],
business transaction management [+],
phptax [+],
injection [+],
zero day [+],
writeav [+],
windows management instrumentation [+],
windows 2003 sp2 [+],
windows [+],
user [+],
ubuntu [+],
module [+],
exploitation techniques [+],
exploit [+],
attackers [+],
red hat security [+],
oracle business [+],
hacks [+],
Software [+],
vulnerability [+],
execution [+],
vulnerabilities [+],
von neumann machine [+],
von neumann [+],
security [+],
php code [+],
mozilla [+],
memory corruption [+],
memory [+],
markus schaber [+],
language [+],
gnu emacs [+],
foswiki [+],
first person shooters [+],
firefox [+],
emacs [+],
development [+],
denial of service [+],
buyclassifiedscript [+],
apple mac os [+],
Programming [+],
remote [+],
zabbix [+],
xslt [+],
xoops [+],
x lion [+],
world writable [+],
wordperfect files [+],
windows linux [+],
wgt [+],
vulnerable version [+],
vice city multiplayer [+],
vice city [+],
version 6 [+],
unexpected values [+],
traversal [+],
timed interactive multimedia extensions [+],
time implementation [+],
technology user [+],
target host [+],
system privileges [+],
system compromise [+],
sven jacobi [+],
style [+],
struts [+],
stack buffer [+],
sp5 [+],
source [+],
software hacks [+],
sitescope [+],
shell [+],
security advisory [+],
script code [+],
script [+],
sap [+],
sample [+],
safari [+],
rob reilink [+],
reaver [+],
python wrapper [+],
python [+],
proficy [+],
privileged user [+],
privileged classes [+],
powerpc [+],
phonalisa [+],
perl script [+],
perl code [+],
pbot [+],
payload [+],
optimized functions [+],
open source web [+],
open source software [+],
o driver [+],
north south [+],
nmm [+],
netweaver [+],
netiq [+],
multiplayer server [+],
multiplayer [+],
mozilla firefox [+],
morse [+],
mobilecartly [+],
microsoft office user [+],
microcontrollers [+],
michael steil [+],
memory layout [+],
memory access [+],
martin johns tags [+],
many false positives [+],
malicious user [+],
loading code [+],
livedisc [+],
lattice theory [+],
julian seward [+],
jpegsnoop [+],
jesse ruderman [+],
java code [+],
java [+],
internet [+],
integer overflow [+],
instrumentation service [+],
inspector remote [+],
information disclosure [+],
heap allocation [+],
harlequin [+],
hardcorereview [+],
hannes mehnert [+],
graphics loading [+],
google [+],
gary kwong [+],
gamecube [+],
functional programming language [+],
freevimager [+],
free open source software [+],
file [+],
felix domke [+],
explorer [+],
exploitation [+],
excel user [+],
eval command [+],
emc [+],
elastix [+],
ektron [+],
eglibc [+],
ed morley [+],
easyphp [+],
dylan [+],
drupal [+],
discovery protocol [+],
directory traversal vulnerability [+],
dictionnaire [+],
demonstration code [+],
daniel bartlett [+],
code tester [+],
clipboard object [+],
cisco telepresence [+],
cisco security advisory [+],
cisco security [+],
cisco sales [+],
cisco discovery [+],
christian holler [+],
chris lord [+],
c. dylan [+],
brazil [+],
boris zbarsky [+],
bad idea [+],
automatic memory management [+],
authentication feature [+],
attacker [+],
arbitrary [+],
apple wgt [+],
apple security [+],
apple os x [+],
apple os [+],
apache [+],
andy davis [+],
andrew mccreight [+],
andreas bogk [+],
advisory [+],
Hardware [+],
3d acceleration [+],
21c3 [+],
arbitrary code execution [+],
zdi [+],
thunderbird [+],
talk [+],
point [+],
nicolas boulay [+],
mozilla thunderbird [+],
morse code [+],
microsoft [+],
lt 1 [+],
local [+],
java applet [+],
geany [+],
future generations [+],
felix von leitner [+],
door [+],
dll [+],
content [+],
chaos communication camp [+],
cedric bail [+],
c. the [+],
zero [+],
oracle [+],
chaos communication congress [+],
yann guidon [+],
xaurora [+],
x denial [+],
webkit [+],
web applications [+],
vhdl [+],
vbseo [+],
umplayer [+],
tool [+],
tie tack [+],
tie [+],
tack [+],
swapinnode [+],
straight key [+],
stellaris [+],
stack overflow [+],
sourced [+],
source code [+],
sorts [+],
something [+],
snippets [+],
session code [+],
service vulnerability [+],
service [+],
seasons greetings [+],
science fair project [+],
science [+],
schleck [+],
runnable [+],
robots [+],
rfidiot [+],
repl [+],
renaud schleck [+],
regular expression [+],
real networks [+],
real [+],
read [+],
radio [+],
quinn dunki [+],
qr code [+],
punctuation marks [+],
project [+],
poc [+],
pic microcontroller [+],
pic [+],
patricio palladino [+],
overflow vulnerability [+],
openview [+],
openstack [+],
op code [+],
nova cve [+],
new apartment [+],
networks [+],
natale [+],
msp430 [+],
morse code keyer [+],
microcontroller code [+],
microcontroller [+],
method [+],
merry christmas [+],
mental exercise [+],
malicious code [+],
malicious [+],
macro assembly [+],
lock [+],
load [+],
libetech [+],
led [+],
leak [+],
launchpad [+],
key code [+],
key [+],
jeremy blum [+],
javascript [+],
integer execution [+],
insecure [+],
huawei [+],
how to [+],
home [+],
holey [+],
high schoolers [+],
hack [+],
gray code [+],
gnu toolchain [+],
gnu licence [+],
freeradius [+],
freedom cpu [+],
flower [+],
fancy tools [+],
f cpu [+],
expansion rom [+],
embed [+],
eight characters [+],
ede component [+],
ede [+],
eap ttls [+],
dummy load [+],
dummy [+],
droves [+],
development software [+],
denies [+],
demonstration [+],
dan amlund [+],
csrf [+],
cryengine [+],
crawlability [+],
cpu [+],
cornell university [+],
code snippets [+],
code migration [+],
code leak [+],
code hack [+],
code composer studio [+],
coda [+],
claus [+],
cisco source [+],
cisco [+],
card locks [+],
c remote [+],
bugtraq [+],
batman [+],
avr [+],
autovue [+],
assembly [+],
artiss [+],
application crash [+],
application code [+],
application [+],
apple id [+],
announce [+],
ExploitsVulnerabilities [+],
day [+],
php [+],
oracle java [+],
cve [+],
code execution [+],
internet explorer [+],
zingiri,
zeus,
zenworks,
zenphoto,
zend,
zach hoffmann,
youtube,
xul,
xss,
xpdf,
xosoft,
xbox homebrew,
xbox,
x86 linux,
x86,
x32,
x. user,
x prior,
x internet,
x imageio,
x cve ,
x control,
x compact,
wxf,
www data,
wwii,
wrong context,
writing secure code,
wrf file,
wordpress,
word value,
word,
witness systems,
windows versions,
windows version,
windows multimedia,
windows machines,
winamp versions,
winamp,
win32 code,
william kimball,
wikkawiki,
widgets,
widget online,
widget,
wholetext,
whitepaper,
whitelist,
when performing arithmetic,
western digital,
wep wpa,
wegame,
webstudio,
webscan,
webmanager pro,
webmanager,
webid,
webex player,
webcore,
webcalendar,
webapps,
webadmin,
web worker,
web companion,
web based,
web application security,
way,
vulnerability sun,
vtiger crm,
vtiger,
vmx,
vmware products,
vmware,
visual,
viscom,
virus trojan,
virtualization,
video file,
video emulation,
video,
victim machine,
viable options,
vgx,
version,
variable length fields,
value pairs,
value,
valid pointer,
vadim okun,
using open source tools,
uses,
username parameter,
username field,
useresponse,
use,
usa,
uri uninitialized,
uri buffer,
uploadservlet,
upload image,
upload,
update,
unspecified,
unsigned code,
unixasm,
university of liege,
uninitialized pointer,
unhackable,
unauthenticated,
ufo alien invasion,
ufo,
ubercart,
typo,
typer,
tyler,
txt,
tucker taft,
trust issue,
trun,
trojan source,
trojan code,
trojan,
trigerring,
trendmicro,
trend micro internet security,
travis rhodes,
transmitter,
trainer,
toy,
toolchain,
toolbar,
tomcat server,
today,
tivoli storage manager,
tivoli,
tinymce,
tiny,
timthumb,
tiff image,
theory,
thadd,
text segment,
text parameter,
text elements,
text element,
text containers,
tetris game,
tetris,
tetex,
termination code,
temp directory,
ted mielczarek,
technical improvements,
teaming,
tcpdf,
tcp ports,
tcp port,
tcexam,
target system,
target method,
target machine,
target code,
target,
tar gz,
tar,
tag removal,
tabular data control,
system web,
system constraints,
system,
syntax,
symantec products,
symantec pcanywhere,
symantec,
switch input,
swekey,
svg,
super,
sun microsystems,
sun jvm,
sun jre,
sun java runtime environment,
sun java runtime,
sun,
summer,
sum,
sugarcrm,
suffers,
sudo,
style menu,
study,
stts,
stsz,
stss,
stsc,
structure,
string code,
string,
stream,
storage,
stm,
stiegg,
stephen a. ridley tags,
stephen,
stefan esser,
steam,
station,
static code analysis,
static code,
static analysis tool,
static analysis,
static,
startup,
stack frame,
srcelement,
src parameter,
sql server database,
sql injection,
sql,
spyware,
spooks,
spoofers,
spoofer,
spoof version,
spin,
spidertrap spider,
spider robot,
speedy,
space station,
source code viewer,
source code analyzer,
source code analysis,
sound libraries,
sort code,
sorenson video codec,
sorenson,
sophisticated attacker,
soliddb,
solaris x86,
solaris code,
solaris,
software protection,
social engineer,
soap request,
snow leopard,
smtp rcpt,
slides,
sleep mode,
slaed cms,
slaed,
sized families,
size values,
size parameters,
size parameter,
size,
siz,
sip,
single board,
sim,
shopping cart,
shockwave user,
shockwave player,
shockwave director,
shockwave 3d,
shockwave,
shellcode,
shell code,
shelf programs,
setup,
setoutertext,
session,
servos,
server mod,
server manager,
server code,
server client,
server authentication,
sequence description,
sensitive system,
selector,
selection range,
selection,
segment,
security risks,
security professionals,
security notice,
security mechanisms,
security event,
security audits,
security assessment,
security agent,
secure desktop,
secure,
secubt,
search,
sdk,
scroll,
script injection,
scott harden,
scott,
sate,
sapone,
sanity checks,
sanity check,
sandbox,
samba,
safer use,
saas,
s system,
s child,
russ cox,
russ,
runtime environments,
run,
ruby,
rtl,
rrule,
rpc protocol,
rpc,
rough version,
rop,
rootkits,
rootkit,
root privilege,
root code,
root certificate,
root,
roland lezuo,
rogue server,
roberto suggi,
rle,
riff,
rich lundeen,
rgboard,
rgba,
rfid,
rex,
review,
resistors,
request username,
request status,
request code,
reporter. authentication,
reporter engine,
reporter agent,
replication manager,
replication,
replacement string,
rendering,
remote server,
remote exploit,
reference,
rec,
realplayer user,
realplayer application,
realplayer,
realnetworks realplayer,
realnetworks,
real time system,
reading,
reader,
react,
rdp,
rcsl,
rational,
rapidshare,
rants,
random code,
ralf philipp,
radio operators,
radio band,
quot,
quicktime player,
quicktime pict,
quicktime panorama,
quicktime media,
quicktime apple,
questionaire,
quest,
query engine,
quality manager,
qtx,
qr code generator,
qart,
puzzle box,
puzzle,
pumping station,
protocol handlers,
protocol format,
prosieben,
proper authentication,
proof of concept,
promotic,
progressive mesh,
programmer,
proftpd,
profile sequence,
proficy historian,
professional source,
professional,
product catalogue,
processinstruction,
process,
pro versions,
privilege escalation vulnerability,
privilege elevation,
presentation,
pre,
pragyan,
practical,
powerpoint,
power consumption,
power,
potential security vulnerability,
post mortem,
post,
port 5631,
port 515,
port 143,
polygon objects,
pointless website,
pointer value,
pointer,
pnpixpat,
pmwiki,
plugin version,
plugin api,
plugin,
pls,
please,
player skins,
player,
pinpoint,
pictureheader,
pict,
physical tokens,
phpscheduleit,
phpmyfaq,
phpmyadmin,
phpldapadmin,
php vulnerability,
php files,
php barcode,
php 5,
photoshop,
peter silberman,
peter molnar,
perrotta,
peripherals,
pcvue,
pcanywhere,
pat on the back,
passwords,
password properties,
password disclosure,
password,
party software components,
participant organizations,
parsing,
parent node,
parameter,
parallax,
paper,
paola perrotta,
panorama,
packet size,
packet data,
packet count,
packet,
packard,
owncloud,
overflow code,
overflow,
osx,
ordinal,
order,
oracle user,
oracle database 11g,
option element,
operation,
opera web browser,
opera,
opentext,
openjdk,
openedit,
opendchub,
open source tools,
open source tool,
open source project,
open source,
open,
opcode,
online,
onefilecms,
omnivista,
ole,
old,
ogv,
officeartblip,
office excel,
office,
ofbiz,
object pointer,
object index,
obfuscation,
obfuscated,
nut shell,
numberoftiles,
null pointers,
null pointer,
null character,
null byte,
novell zenworks asset management,
novell zenworks,
novell netware version,
novell netware 6,
novell netware,
novell iprint,
novell groupwise internet agent,
novell groupwise,
novell,
node,
nis accounts,
nis,
night dragon,
news,
new,
networker module,
networker,
network node manager,
network information service,
network,
netware,
netsaro,
netcat,
net,
neel mehta,
neel,
ndr,
nbsp nbsp nbsp nbsp nbsp,
nbsp,
naviguer sur internet,
navigator plugins,
natty,
nasa,
nail clipper,
n webadmin,
mystery,
mysqldumper,
mycioscn,
myasutil,
musical,
music generation,
music,
multiplication operation,
multimedia library,
msp,
mp4v,
mp4 files,
moving,
movie,
motion,
morse code trainer,
mops,
monitoring tool,
mom and dad,
module versions,
modification,
modem string,
mod,
mitigation technologies,
mit kerberos,
misc,
minimal architecture,
minicms,
millennium series,
midi streams,
midi stream,
midi parser,
midi file,
midi,
microsys,
microsoft windows media player,
microsoft windows media,
microsoft source code,
microsoft powerpoint,
microsoft office xp,
microsoft office word,
microsoft office powerpoint,
microsoft office 2007,
microsoft excel 2002,
microsoft excel,
microsoft corp,
micro control,
michael wu,
mic,
mi6,
metasploit,
metaprogramming,
metagoofil,
meta files,
meta characters,
meta,
messenger server,
meshcms,
merethis,
mercury loadrunner,
menu asp,
mencoder,
memory technique,
memory segment,
memory registers,
memory region,
memory copy,
memory allocation,
memory address,
mehta,
megaupload,
media application,
media,
mdvsa,
md5 sum,
mcafee,
maynor,
maximum reliability,
matthew de carteret,
matt conover,
matrix object,
matrix,
matias,
mathias payer,
martijn wargers,
mark dowd,
mark,
mapserver,
map,
manufacturing companies,
manual security,
mandriva linux,
mandatory access control,
manager. user,
manager. authentication,
manager. affected,
manager remote,
manager nnmrptconfig,
manager fastback,
manager client,
manager casprocessor,
manager agent,
manager,
management code,
management,
malware,
malicious website,
malicious script,
malicious attacker,
malaysia,
mail messages,
mail gateway,
magnetproc,
magneto,
magical qualities,
madou,
mac os x,
mac os,
mac,
lzw decompression,
lucent,
lst,
love,
lotus domino server,
lotus domino,
lotus,
lost keys,
loop iterations,
loop,
lookup code,
lookup,
logo,
login,
logical screen,
logging code,
log,
list,
linuxshield,
linux security,
linux platforms,
linux loader,
linux kernel tree,
linux box,
linux,
link,
line follower,
lilhttp,
lifestyle management,
license server,
libxslt,
libtiff,
library user,
library code,
library,
libfontparser,
libavcodec,
letter style,
legend,
leaks,
leaked,
layout grid,
layout engine,
layout code,
lavc,
laptop,
krb5,
korek,
knowledge,
kills,
keyboard,
kernel mode,
kernel drivers,
kernel code,
kernel,
ken,
keeping christmas,
kdc,
jtag,
jpeg decoder,
jpeg,
jordi chancel,
joomla,
johnny carlo,
job application,
jesse ou,
jeff walden,
jcow,
javascript engine,
javascript array,
javafx,
java web start,
java virtual machine,
java sandbox,
java runtime environment,
java plugin,
java code execution,
jakcms,
jacob west,
j integra,
iscanner,
ir emitter,
ipwraw,
ipswitch,
iprint,
invalid values,
invalid pointer,
invalid parameters,
invalid address,
intrust,
intrusion prevention system,
intrusion,
internetshop,
internet explorer user,
internet explorer code,
internet explorer 8,
interface code,
interface,
interested parties,
integration,
integra 2,
integer,
instrumentation,
instance,
insider,
insertion code,
input file,
injection bug,
informix dynamic server,
informix,
information stream,
inefficient code,
indusoft,
indiana jones 4,
indiana,
index style,
index code,
inclusion,
incident response,
impresspages,
imap services,
imap server,
imap,
imanager,
imailsrv,
imail,
imageshack,
imagemap code,
imageio,
image processing library,
igor bukanov,
ignition,
idefense security advisory,
idefense,
ida pro,
icq,
icc,
ibm,
ian beer,
hxxp,
httpd web server,
html tables,
html element,
html component,
html,
hp openview nnm,
hp openview network node manager,
hp openview,
hp network,
hp mercury,
howtos,
how to follow directions,
hostbill,
host kernel,
hooking,
hook code,
holiday,
historian,
hips,
hexbug,
henry sivonen,
helpme,
help system,
helix server,
helix,
helena,
heap memory,
heap corruption,
heap,
header type,
header code,
harvester,
hardware platform,
handhelds,
hackers,
hacker,
hack in the box,
h 264,
h 263,
gwia,
guillaume delugr,
guide,
gui techniques,
gui,
groupwise,
ground truth,
grimwepa,
graphical user interface,
graham,
googler,
good time,
gold version,
gold,
gnu c library,
glyphs,
glsa,
global color table,
gif,
ghostscript,
ghost in the shell,
george,
genl,
generic methods,
generic answer,
generator,
gchq,
gadu gadu,
gadu,
gadget,
g usb,
functional reference,
function pointers,
function,
freewebshop,
freetype,
freepbx,
free reference,
free pointer,
free open source,
framework,
frame dimensions,
fpx,
fpga,
foxypress,
fourcc value,
found,
format strings,
format string attacks,
format string attack,
format specifiers,
format specifier,
form asp,
forgery,
forensics,
font resources,
font format,
font,
fob,
flv file format,
flv,
flc delta,
flc,
flaw,
flashpix,
flag field,
first class client,
first,
finder,
files search,
file upload,
file deletion,
file corruption,
fichier host,
ffmpeg,
feh,
faulty memory,
faulty logic,
faulty code,
fastest,
fastback,
fascinating facts,
fascinating,
family ties,
facts,
extsetowner,
extra step,
exposition,
execution code,
exe code,
exe,
exception handling,
excel spreadsheet,
excel,
evolution,
evilqr,
evasion and escape,
ettercap,
esri,
esignal,
error,
eric detoisien,
eric,
equality,
english,
engineering,
engine,
enabled,
emulation based,
embrace,
elst,
elevation,
element code,
element,
elastic,
efficiency,
effect,
eeprom,
editwrx,
editor php,
editable,
edgesight,
edge cases,
easy,
dynamic memory,
dynamic binary translation,
dsa,
driver ghostscript,
driven product,
dport,
doug jackson,
double quotes,
dotnetnuke,
dotan,
dongle,
don,
domino server,
domino,
dom tree,
dom prototype,
dom nodes,
dom node,
dom,
dolphin,
dodgy code,
document table,
document position,
document,
dll module,
dll file,
directory traversal,
directory service manager,
directory code,
directory,
director riff,
director movie files,
director file,
dino dai zovi,
dimensional vector,
digital tv,
digital,
didn,
dhclient,
dev boards,
destination buffer,
deslock,
desktop protocol,
desktop,
design flaw,
demo code,
demo,
default locations,
default installation,
default extensions,
decompression routines,
decompression code,
decompression,
decoder,
debutant,
debounce,
ddms,
dcc protocol,
davis,
david maynor,
databound,
database code,
database,
data validation,
data protector,
data,
darknet,
dangling pointer,
daily basis,
dad,
d. a,
d tiff resource,
d pict,
d pcx,
d iff,
d bmp,
cyber,
cw keys,
current user,
cs5,
crystal reports,
crystal powered,
crystal,
cross site scripting,
crm,
critical windows,
critical structures,
crimeware,
crash,
cracking the code,
cracking,
cracked,
crack,
cpu architectures,
coverage data,
coverage,
corruption issues,
corruption,
core,
copy operations,
cool links,
cookies,
cookie values,
cookie value,
conversion issue,
conversion code,
controller,
control replication,
control activex,
control,
context,
contenteditable,
content ,
confirms,
configuration interface,
concrete,
concept,
computer associates,
compiler invocation,
compiler,
companion,
commenters,
command logo,
command line arguments,
command line argument,
comma separated values,
com,
color profiles,
collab,
coldfusion,
codecrawler,
code tools,
code theory,
code puzzle,
code path,
code integration,
code fragments,
code coverage,
code checks,
code breaking,
code breakers,
code breaker,
code authors,
code attempts,
cms,
clock rate,
clock displays,
clock,
client config,
client,
classic,
clamps,
clamav,
cktricky,
citrix,
cisco webex,
cisco warns,
cisco unified,
cisco secure,
cisco products,
cisco icm,
circulated,
cid,
chunk size,
chunk,
christmas,
chris evans,
chris eagle,
chop chop,
chips,
chip family,
china,
child index,
chewing gum,
charlie miller,
charlie,
challenges,
challenge,
cgi,
cf research,
centreon,
center tags,
cellphones,
canon powershot,
can bite,
cameras,
camera,
callmenum,
ca xosoft,
ca arcserve,
c. above,
c library,
bytecode,
byte value,
byte code,
buzzle,
button,
bug,
buffer overflows,
buffer overflow vulnerability,
buffer overflow,
buffer,
bt4,
browser,
broken,
bridge results,
bridge,
brian,
breaker,
breadboard,
boston,
body element,
bob clary,
board,
bmp image,
bmp files,
bluetooth,
blogging software,
blink,
blackberry,
black ice,
black hat,
bit,
bind request,
binary translator,
binary,
beta group,
ben nagy,
ben cohen,
bells and whistles,
beeper,
bbs,
bbcode,
based intrusion prevention,
based intrusion detection,
based buffer overflow,
baseband,
barcode,
backwpup,
background job,
backdoor,
avr isp,
avira antivir,
avi parsing,
avi file,
avi,
autostart,
automation,
author,
authentication,
aurora,
auditing,
audit trail,
audio streams,
audio playback,
audio codec,
audio,
attributes,
attribute,
attacking,
attack,
atrc,
atom,
asp sql,
asp authentication,
aslr,
asia,
arun lakhotia,
array index,
array data,
array,
arp poisoning,
arithmetic operations,
arithmetic operation,
arithmetic instructions,
argument,
arduino,
arcserve,
arcmap,
arbitrary objects,
arbitrary commands,
arbitrary code,
apps,
application web,
application modules,
applet,
apple webkit,
apple safari,
apple quicktime player,
apple quicktime,
apple preview,
apple mac os x,
apple lossless,
apple iphone,
apple imageio,
apple colorsync,
apple clamps,
apple,
app,
apache httpd,
anyone,
android,
and,
analysis platform,
analysis,
alternative,
alpha tabbed,
alpha,
allocator,
alice,
alguest,
algorithms,
alexander sotirov,
alex wheeler,
alert management,
alert,
alcatel lucent,
alan turing,
aka ms,
ajax,
airodump,
aircrack,
aidicms,
agnitio,
agent software,
agent,
adversarial,
advanced audio coding,
advanced,
adrian,
adobe shockwave player,
adobe reader,
adobe photoshop elements,
adobe flash player,
adobe download manager,
adobe director,
adobe acrobat reader,
adobe,
admin code,
admin,
address book,
adan,
adam meyers,
adam,
activex version,
activex control,
activex code,
activex,
active x control,
ace,
access control,
access,
abu dhabi,
abram,
abraham,
abel,
abdullah,
aac files,
aac file,
Wireless,
Videos,
Tutoriaux,
Tutoriales,
Tools,
Support,
Pentesting,
Newbie,
HackIt,
Guias,
General,
Fixes,
Espace,
Countermeasures,
Community,
Bugs,
BackTrack,
Area,
1b channel
Skip to page:
1
2
3
...
7
-
14:01
»
Hack a Day
For those unfamiliar with Ham Radio, there are lots of fancy tools these days to make it easier for the radio operator. But enthusiasts still like to get back to basics, and one way to do this is to participate in Straight Key Night. This is when you pull out your traditional Morse code keyer [...]
-
11:01
»
Hack a Day
For [Davide Gironi] made a holiday tie tack this year. It’s not made to look like Santa Claus, Frosty, or a Christmas tree. He simply wishes you a Merry Christmas (‘Buon Natale’ in Italian) by flashing the message in Morse code. Two LEDs have been added to a plain tie tack. It is tethered to the [...]
-
-
16:00
»
SecuriTeam
BuyClassifiedScript suffers from PHP code injection vulnerability
-
13:01
»
Hack a Day
To the casual observer this flower looks nice as its illuminated center fades in and out. But there’s hidden meaning to that light. Some of the blinks are longer than others; this flower is using Morse Code. [Renaud Schleck] wanted to try a few different things with his MSP430 microcontroller. He decided on an LED [...]
-
-
7:44
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-202 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable products utilizing the Oracle Outside In technology. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of WordPerfect files. When parsing font records the code within vswp5.dll does not validate the datasize value prior to performing arithmetic on it. The result is used to make a heap allocation that can be undersized which can be leveraged to corrupt memory leading to arbitrary code execution under the context of the user running the application.
-
7:44
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-202 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable products utilizing the Oracle Outside In technology. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of WordPerfect files. When parsing font records the code within vswp5.dll does not validate the datasize value prior to performing arithmetic on it. The result is used to make a heap allocation that can be undersized which can be leveraged to corrupt memory leading to arbitrary code execution under the context of the user running the application.
-
7:44
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-202 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable products utilizing the Oracle Outside In technology. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of WordPerfect files. When parsing font records the code within vswp5.dll does not validate the datasize value prior to performing arithmetic on it. The result is used to make a heap allocation that can be undersized which can be leveraged to corrupt memory leading to arbitrary code execution under the context of the user running the application.
-
7:43
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-197 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the java.beans.Expression class. Due to unsafe handling of reflection of privileged classes inside the Expression class it is possible for untrusted code to gain access to privileged methods and properties. This can result in remote code execution under the context of the current process.
-
7:43
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-197 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the java.beans.Expression class. Due to unsafe handling of reflection of privileged classes inside the Expression class it is possible for untrusted code to gain access to privileged methods and properties. This can result in remote code execution under the context of the current process.
-
7:43
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-197 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the java.beans.Expression class. Due to unsafe handling of reflection of privileged classes inside the Expression class it is possible for untrusted code to gain access to privileged methods and properties. This can result in remote code execution under the context of the current process.
-
16:00
»
SecuriTeam
UMPlayer is prone to a vulnerability that lets attackers execute arbitrary code.
-
-
14:30
»
Hack a Day
Here’s an interesting tip that can help improve your ability to write assembly code. In an effort to remove the complexity of assembly code for an AVR project [Quinn Dunki] figured out how to use macros when writing AVR code with the GNU toolchain. Anyone using AVR-GCC should keep this in mind if they ever [...]
-
-
16:00
»
SecuriTeam
Mozilla Firefox is prone to a vulnerability that lets attackers execute arbitrary code.
-
-
19:04
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in Ektron CMS 8.02 (before SP5). The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, which allows to execute arbitrary code with NETWORK SERVICE privileges.
-
19:04
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in Ektron CMS 8.02 (before SP5). The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, which allows to execute arbitrary code with NETWORK SERVICE privileges.
-
19:04
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in Ektron CMS 8.02 (before SP5). The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, which allows to execute arbitrary code with NETWORK SERVICE privileges.
-
-
10:01
»
Hack a Day
This crew of high schoolers built a sorting robot for the Smart Young Mindz challenge. We got pretty excited when hearing that it sorts plastic by its recycling code, but unfortunately this isn’t quite what it’s made out to be. The device uses an RFID code on each product to figure out where it goes. Their [...]
-
-
15:03
»
Packet Storm Security Advisories
Ubuntu Security Notice 1636-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Thunderbird. Various other issues were also addressed.
-
15:03
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1636-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Thunderbird. Various other issues were also addressed.
-
15:03
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1636-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Thunderbird. Various other issues were also addressed.
-
14:40
»
Packet Storm Security Exploits
This Metasploit module abuses a lack of authorization in the NetIQ Privileged User Manager service (unifid.exe) to execute arbitrary perl code. The problem exists in the ldapagnt module. The module has been tested successfully on NetIQ PUM 2.3.1 over Windows 2003 SP2, which allows to execute arbitrary code with SYSTEM privileges.
-
14:40
»
Packet Storm Security Recent Files
This Metasploit module abuses a lack of authorization in the NetIQ Privileged User Manager service (unifid.exe) to execute arbitrary perl code. The problem exists in the ldapagnt module. The module has been tested successfully on NetIQ PUM 2.3.1 over Windows 2003 SP2, which allows to execute arbitrary code with SYSTEM privileges.
-
14:40
»
Packet Storm Security Misc. Files
This Metasploit module abuses a lack of authorization in the NetIQ Privileged User Manager service (unifid.exe) to execute arbitrary perl code. The problem exists in the ldapagnt module. The module has been tested successfully on NetIQ PUM 2.3.1 over Windows 2003 SP2, which allows to execute arbitrary code with SYSTEM privileges.
-
-
23:50
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-186 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RTF files. The code responsible for lexing control words from the input file does not properly validate that all objects are properly defined. By removing terminating values within an RTF file an attacker can cause the program to re-use a freed object. Combined with basic memory layout control an attacker can abuse this situation to achieve code execution under the context of the user running the application.
-
23:50
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-186 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RTF files. The code responsible for lexing control words from the input file does not properly validate that all objects are properly defined. By removing terminating values within an RTF file an attacker can cause the program to re-use a freed object. Combined with basic memory layout control an attacker can abuse this situation to achieve code execution under the context of the user running the application.
-
23:50
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-186 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RTF files. The code responsible for lexing control words from the input file does not properly validate that all objects are properly defined. By removing terminating values within an RTF file an attacker can cause the program to re-use a freed object. Combined with basic memory layout control an attacker can abuse this situation to achieve code execution under the context of the user running the application.
-
-
12:22
»
Packet Storm Security Exploits
EasyPHP version 12.1 suffers from a remote code execution vulnerability due to a code tester feature running on a server bound to localhost.
-
-
21:26
»
SecDocs
Authors:
Cedric Bail Nicolas Boulay Tags:
hardware hacking Event:
Chaos Communication Congress 18th (18C3) 2001 Abstract: The goal of the project is to design a free cpu core (free in the sense of "freedom", not free of charge). The CPU is written in VHDL and all the source code and documentation will be available to whoever wants to build one under a GNU licence (or very close to). The contributors want to create a new standard with a good compromise between cost and performance. Nowadays, the instruction set is defined and most integer execution units (computational blocks) are under design. The main problem is the lack of free synthesis tools (to translate VHDL code into a chip mask) and an enforceable GPL-like licence (electronic circuits obey to specific laws). We will present all the key issues in the design of a cpu and the global architecture of the F-cpu.
-
-
21:47
»
SecDocs
Authors:
Cedric Bail Nicolas Boulay Yann Guidon Tags:
technology Event:
Chaos Communication Congress 19th (19C3) 2002 Abstract: F-CPU is not dead : it is stable since 2000 and some source code exists. The VHDL tool chain problems are slowly solved and new software is written : the goal of designing a microprocessor only with Free Software is not utopic anymore. Some french F-CPU contributors will present a few architectural aspects, some code examples and the available (incomplete) software suite.
-
-
17:00
»
SecuriTeam
PhpTax 0.8 is prone to remote code execution vulnerability.
-
-
14:53
»
Packet Storm Security Advisories
Drupal versions prior to 7.16 suffer from arbitrary PHP code execution and information disclosure vulnerabilities. Version 6 is not affected.
-
14:53
»
Packet Storm Security Misc. Files
Drupal versions prior to 7.16 suffer from arbitrary PHP code execution and information disclosure vulnerabilities. Version 6 is not affected.
-
-
17:00
»
SecuriTeam
This allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the char_repl parameter, which is inserted into a regular expression that is processed by the preg_replace function with the eval switch.
-
-
17:00
»
SecuriTeam
This allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
-
-
16:58
»
Packet Storm Security Advisories
Vulnerabilities exist in EMC NMM that could potentially be exploited by a malicious user to execute arbitrary code. Also, there is a risk that sensitive information could be disclosed under specific circumstances described in the details below.
-
16:58
»
Packet Storm Security Recent Files
Vulnerabilities exist in EMC NMM that could potentially be exploited by a malicious user to execute arbitrary code. Also, there is a risk that sensitive information could be disclosed under specific circumstances described in the details below.
-
16:58
»
Packet Storm Security Misc. Files
Vulnerabilities exist in EMC NMM that could potentially be exploited by a malicious user to execute arbitrary code. Also, there is a risk that sensitive information could be disclosed under specific circumstances described in the details below.
-
8:01
»
Hack a Day
We’ve already given an overview of the Stellaris Launchpad, but lets look at the first steps to running code on the device. First we’ll get the development software working, then we’ll build and run a very simple example. TI allows use of the full version of their IDE, Code Composer Studio, with the Launchpad’s on-board [...]
-
-
23:59
»
Packet Storm Security Exploits
This Metasploit module exploits a code execution vulnerability in the KeyScript ActiveX control from keyhelp.ocx. It is packaged in several products or GE, such as Proficy Historian 4.5, 4.0, 3.5, and 3.1, Proficy HMI/SCADA 5.1 and 5.0, Proficy Pulse 1.0, Proficy Batch Execution 5.6, and SI7 I/O Driver between 7.20 and 7.42. When the control is installed with these products, the function "LaunchTriPane" will use ShellExecute to launch "hh.exe", with user controlled data as parameters. Because of this, the "-decompile" option can be abused to write arbitrary files on the remote system. Code execution can be achieved by first uploading the payload to the remote machine, and then upload another mof file, which enables Windows Management Instrumentation service to execute it. Please note that this module currently only works for Windows before Vista. On the other hand, the target host must have the WebClient service (WebDAV Mini-Redirector) enabled. It is enabled and automatically started by default on Windows XP SP3
-
23:59
»
Packet Storm Security Recent Files
This Metasploit module exploits a code execution vulnerability in the KeyScript ActiveX control from keyhelp.ocx. It is packaged in several products or GE, such as Proficy Historian 4.5, 4.0, 3.5, and 3.1, Proficy HMI/SCADA 5.1 and 5.0, Proficy Pulse 1.0, Proficy Batch Execution 5.6, and SI7 I/O Driver between 7.20 and 7.42. When the control is installed with these products, the function "LaunchTriPane" will use ShellExecute to launch "hh.exe", with user controlled data as parameters. Because of this, the "-decompile" option can be abused to write arbitrary files on the remote system. Code execution can be achieved by first uploading the payload to the remote machine, and then upload another mof file, which enables Windows Management Instrumentation service to execute it. Please note that this module currently only works for Windows before Vista. On the other hand, the target host must have the WebClient service (WebDAV Mini-Redirector) enabled. It is enabled and automatically started by default on Windows XP SP3
-
23:59
»
Packet Storm Security Misc. Files
This Metasploit module exploits a code execution vulnerability in the KeyScript ActiveX control from keyhelp.ocx. It is packaged in several products or GE, such as Proficy Historian 4.5, 4.0, 3.5, and 3.1, Proficy HMI/SCADA 5.1 and 5.0, Proficy Pulse 1.0, Proficy Batch Execution 5.6, and SI7 I/O Driver between 7.20 and 7.42. When the control is installed with these products, the function "LaunchTriPane" will use ShellExecute to launch "hh.exe", with user controlled data as parameters. Because of this, the "-decompile" option can be abused to write arbitrary files on the remote system. Code execution can be achieved by first uploading the payload to the remote machine, and then upload another mof file, which enables Windows Management Instrumentation service to execute it. Please note that this module currently only works for Windows before Vista. On the other hand, the target host must have the WebClient service (WebDAV Mini-Redirector) enabled. It is enabled and automatically started by default on Windows XP SP3
-
-
18:29
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1350-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two flaws in Firefox could allow a malicious website to bypass intended restrictions, possibly leading to information disclosure, or Firefox executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.
-
18:29
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-1350-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two flaws in Firefox could allow a malicious website to bypass intended restrictions, possibly leading to information disclosure, or Firefox executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.
-
18:29
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1350-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two flaws in Firefox could allow a malicious website to bypass intended restrictions, possibly leading to information disclosure, or Firefox executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.
-
18:28
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1351-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Two flaws in Thunderbird could allow malicious content to bypass intended restrictions, possibly leading to information disclosure, or Thunderbird executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.
-
18:28
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1351-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Two flaws in Thunderbird could allow malicious content to bypass intended restrictions, possibly leading to information disclosure, or Thunderbird executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.
-
11:07
»
Hack a Day
We’re not really interested in building a dummy load like this one for ourselves. But the concepts behind its design make for a nice little mental exercise as you read your way through the build description. [Pabr] wanted to build a dummy load which could be used to test a cheaply made gas generator. He [...]
-
-
21:47
»
SecDocs
Authors:
Markus Schaber Tags:
software development Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Like in the last year, examples of strange programming (art)work will be shown. In addition to the funny and sportive disciplines known from last year, some examples of painful production code will be presented. Wie letztes Jahr werden wieder beispielhaft grenzwertige Programmier- (kunst)werke beleuchtet. Neben den spassig-sportlichen "Disziplinen" werden diesmal auch schmerzhafte Beispiele von Produktivcode vorgestellt. The first part of the presentation will - similar to last years presentation - shed some light on the funny and sportive disciplines of the art of programming. Besides new examples in disciplines that were presented last year, like obfuscated programming and shortest code, core wars and demo coding are new in the agenda. In core wars, we have a bunch of programmes running in parallel in the same memory. (This is a typical Von-Neumann machine with multitasking, but without memory protection.) The goal is to create a program that survives as long as possible, but at the same time quickly erases the other programs from memory. Demo coders try to exploit a given, limited (and often legacy) hardware through the use of crafty software, and thus create unexpected effects and surprising results. On so-called demo partys, those programs are presented, and sometimes even some high valued prices are put up. The winners are e. G. 3D first person shooters in 64k and video clips with sound in 4k. In the second part of the lessons, some creatively designed programming languages will be introduced. Especially, the two projects "Argh!" and "repsub" will be presented. Both of them evolved in the orbit of the CCC. Argh! and its derivative Aargh! are somehow similar to BeFunge in that they are two dimensional virtual machines. Argh! and Aargh! were both adjusted to fit the special needs of customary unix text mode terminals. Repsub has the high ideal to be a democratic programming environment. All memory cells enjoy equal rights, and can be processed highly parallel. It is mathematically proved that this pattern-matching and replacement based programming language is touring complete. Finally, the third part will introduce some extra painful examples of production code. A fertile source for those are some commercially developed projects that were open-sourced afterwards. From time to time, those create the impression that the developers lost control of their own code. They now hope the community will help them to find the way out of their maintainance nightmare. The CCC ErfA Group Ulm is planning to hold a shortest C coding contest on this Congress. We learned our lession from the last years contest, so the rules will be much simplified. Der erste Teil des Vortrages beleuchtet - ähnlich wie der letztjährige Vortrag - die spassig-sportlichen Disziplinen der Programmierkunst. Neben den bereits im letzten Jahr beleuchteten Disziplinen wie obfuscated Programming und shortest Code stehen auch Core Wars und Demo Coding auf dem Programm.
-
-
21:42
»
SecDocs
Authors:
Markus Schaber Tags:
software development Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Like in the last year, examples of strange programming (art)work will be shown. In addition to the funny and sportive disciplines known from last year, some examples of painful production code will be presented. Wie letztes Jahr werden wieder beispielhaft grenzwertige Programmier- (kunst)werke beleuchtet. Neben den spassig-sportlichen "Disziplinen" werden diesmal auch schmerzhafte Beispiele von Produktivcode vorgestellt. The first part of the presentation will - similar to last years presentation - shed some light on the funny and sportive disciplines of the art of programming. Besides new examples in disciplines that were presented last year, like obfuscated programming and shortest code, core wars and demo coding are new in the agenda. In core wars, we have a bunch of programmes running in parallel in the same memory. (This is a typical Von-Neumann machine with multitasking, but without memory protection.) The goal is to create a program that survives as long as possible, but at the same time quickly erases the other programs from memory. Demo coders try to exploit a given, limited (and often legacy) hardware through the use of crafty software, and thus create unexpected effects and surprising results. On so-called demo partys, those programs are presented, and sometimes even some high valued prices are put up. The winners are e. G. 3D first person shooters in 64k and video clips with sound in 4k. In the second part of the lessons, some creatively designed programming languages will be introduced. Especially, the two projects "Argh!" and "repsub" will be presented. Both of them evolved in the orbit of the CCC. Argh! and its derivative Aargh! are somehow similar to BeFunge in that they are two dimensional virtual machines. Argh! and Aargh! were both adjusted to fit the special needs of customary unix text mode terminals. Repsub has the high ideal to be a democratic programming environment. All memory cells enjoy equal rights, and can be processed highly parallel. It is mathematically proved that this pattern-matching and replacement based programming language is touring complete. Finally, the third part will introduce some extra painful examples of production code. A fertile source for those are some commercially developed projects that were open-sourced afterwards. From time to time, those create the impression that the developers lost control of their own code. They now hope the community will help them to find the way out of their maintainance nightmare. The CCC ErfA Group Ulm is planning to hold a shortest C coding contest on this Congress. We learned our lession from the last years contest, so the rules will be much simplified. Der erste Teil des Vortrages beleuchtet - ähnlich wie der letztjährige Vortrag - die spassig-sportlichen Disziplinen der Programmierkunst. Neben den bereits im letzten Jahr beleuchteten Disziplinen wie obfuscated Programming und shortest Code stehen auch Core Wars und Demo Coding auf dem Programm.
-
21:42
»
SecDocs
Authors:
Markus Schaber Tags:
software development Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Like in the last year, examples of strange programming (art)work will be shown. In addition to the funny and sportive disciplines known from last year, some examples of painful production code will be presented. Wie letztes Jahr werden wieder beispielhaft grenzwertige Programmier- (kunst)werke beleuchtet. Neben den spassig-sportlichen "Disziplinen" werden diesmal auch schmerzhafte Beispiele von Produktivcode vorgestellt. The first part of the presentation will - similar to last years presentation - shed some light on the funny and sportive disciplines of the art of programming. Besides new examples in disciplines that were presented last year, like obfuscated programming and shortest code, core wars and demo coding are new in the agenda. In core wars, we have a bunch of programmes running in parallel in the same memory. (This is a typical Von-Neumann machine with multitasking, but without memory protection.) The goal is to create a program that survives as long as possible, but at the same time quickly erases the other programs from memory. Demo coders try to exploit a given, limited (and often legacy) hardware through the use of crafty software, and thus create unexpected effects and surprising results. On so-called demo partys, those programs are presented, and sometimes even some high valued prices are put up. The winners are e. G. 3D first person shooters in 64k and video clips with sound in 4k. In the second part of the lessons, some creatively designed programming languages will be introduced. Especially, the two projects "Argh!" and "repsub" will be presented. Both of them evolved in the orbit of the CCC. Argh! and its derivative Aargh! are somehow similar to BeFunge in that they are two dimensional virtual machines. Argh! and Aargh! were both adjusted to fit the special needs of customary unix text mode terminals. Repsub has the high ideal to be a democratic programming environment. All memory cells enjoy equal rights, and can be processed highly parallel. It is mathematically proved that this pattern-matching and replacement based programming language is touring complete. Finally, the third part will introduce some extra painful examples of production code. A fertile source for those are some commercially developed projects that were open-sourced afterwards. From time to time, those create the impression that the developers lost control of their own code. They now hope the community will help them to find the way out of their maintainance nightmare. The CCC ErfA Group Ulm is planning to hold a shortest C coding contest on this Congress. We learned our lession from the last years contest, so the rules will be much simplified. Der erste Teil des Vortrages beleuchtet - ähnlich wie der letztjährige Vortrag - die spassig-sportlichen Disziplinen der Programmierkunst. Neben den bereits im letzten Jahr beleuchteten Disziplinen wie obfuscated Programming und shortest Code stehen auch Core Wars und Demo Coding auf dem Programm.
-
21:42
»
SecDocs
Authors:
Markus Schaber Tags:
software development Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Like in the last year, examples of strange programming (art)work will be shown. In addition to the funny and sportive disciplines known from last year, some examples of painful production code will be presented. Wie letztes Jahr werden wieder beispielhaft grenzwertige Programmier- (kunst)werke beleuchtet. Neben den spassig-sportlichen "Disziplinen" werden diesmal auch schmerzhafte Beispiele von Produktivcode vorgestellt. The first part of the presentation will - similar to last years presentation - shed some light on the funny and sportive disciplines of the art of programming. Besides new examples in disciplines that were presented last year, like obfuscated programming and shortest code, core wars and demo coding are new in the agenda. In core wars, we have a bunch of programmes running in parallel in the same memory. (This is a typical Von-Neumann machine with multitasking, but without memory protection.) The goal is to create a program that survives as long as possible, but at the same time quickly erases the other programs from memory. Demo coders try to exploit a given, limited (and often legacy) hardware through the use of crafty software, and thus create unexpected effects and surprising results. On so-called demo partys, those programs are presented, and sometimes even some high valued prices are put up. The winners are e. G. 3D first person shooters in 64k and video clips with sound in 4k. In the second part of the lessons, some creatively designed programming languages will be introduced. Especially, the two projects "Argh!" and "repsub" will be presented. Both of them evolved in the orbit of the CCC. Argh! and its derivative Aargh! are somehow similar to BeFunge in that they are two dimensional virtual machines. Argh! and Aargh! were both adjusted to fit the special needs of customary unix text mode terminals. Repsub has the high ideal to be a democratic programming environment. All memory cells enjoy equal rights, and can be processed highly parallel. It is mathematically proved that this pattern-matching and replacement based programming language is touring complete. Finally, the third part will introduce some extra painful examples of production code. A fertile source for those are some commercially developed projects that were open-sourced afterwards. From time to time, those create the impression that the developers lost control of their own code. They now hope the community will help them to find the way out of their maintainance nightmare. The CCC ErfA Group Ulm is planning to hold a shortest C coding contest on this Congress. We learned our lession from the last years contest, so the rules will be much simplified. Der erste Teil des Vortrages beleuchtet - ähnlich wie der letztjährige Vortrag - die spassig-sportlichen Disziplinen der Programmierkunst. Neben den bereits im letzten Jahr beleuchteten Disziplinen wie obfuscated Programming und shortest Code stehen auch Core Wars und Demo Coding auf dem Programm.
-
21:42
»
SecDocs
Authors:
Felix Domke Michael Steil Rob Reilink Tags:
games Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: The GameCube - what it is made of and how it can be hacked. We'll describe different approachs of getting own code onto the GameCube and things that you can do with a GameCube under your control. Of course it runs Linux. A GameCube has very interesting hardware (PowerPC, G3-style, processor and fast 3d acceleration), but unfortunatetly it's "closed" because it's a game console and not a computer. But - of course - this shouldn't prevent anyone running Linux on it, as it has very nice hardware which is worth to exploit with something useful and more interesting than games. We will describe the GameCube's hardware in detail (including the stuff you won't read elsewhere), and show ways how to get your own code onto the cube. We will explain different approaches of software hacks (PSO, Action Replay Loader) and exploits as well a hardware modification (exchanging the IPL). We show how own code can be developed for the GameCube, and finally present Linux running on the Gamecube.
-
21:42
»
SecDocs
Authors:
Felix Domke Michael Steil Rob Reilink Tags:
games Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: The GameCube - what it is made of and how it can be hacked. We'll describe different approachs of getting own code onto the GameCube and things that you can do with a GameCube under your control. Of course it runs Linux. A GameCube has very interesting hardware (PowerPC, G3-style, processor and fast 3d acceleration), but unfortunatetly it's "closed" because it's a game console and not a computer. But - of course - this shouldn't prevent anyone running Linux on it, as it has very nice hardware which is worth to exploit with something useful and more interesting than games. We will describe the GameCube's hardware in detail (including the stuff you won't read elsewhere), and show ways how to get your own code onto the cube. We will explain different approaches of software hacks (PSO, Action Replay Loader) and exploits as well a hardware modification (exchanging the IPL). We show how own code can be developed for the GameCube, and finally present Linux running on the Gamecube.
-
9:41
»
SecDocs
Authors:
Felix Domke Michael Steil Rob Reilink Tags:
games Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: The GameCube - what it is made of and how it can be hacked. We'll describe different approachs of getting own code onto the GameCube and things that you can do with a GameCube under your control. Of course it runs Linux. A GameCube has very interesting hardware (PowerPC, G3-style, processor and fast 3d acceleration), but unfortunatetly it's "closed" because it's a game console and not a computer. But - of course - this shouldn't prevent anyone running Linux on it, as it has very nice hardware which is worth to exploit with something useful and more interesting than games. We will describe the GameCube's hardware in detail (including the stuff you won't read elsewhere), and show ways how to get your own code onto the cube. We will explain different approaches of software hacks (PSO, Action Replay Loader) and exploits as well a hardware modification (exchanging the IPL). We show how own code can be developed for the GameCube, and finally present Linux running on the Gamecube.
-
-
21:52
»
SecDocs
Authors:
Daniel Bartlett Tags:
Google Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A look at methods of locating vulnerable sites via google and exploiting them with no user interaction and how to prevent your code being vulnerable. People learn a little about scripting for the web and hardly ever about security. This leaves us with many issues on many sites. The simplest of things get overlooked and can often lead to full system compromise. Technically this talk focuses on PHP since it is extreamly commonplace and people pick it up reasonably quickly and easily. Looking at the largest and smallest of errors in code, explaining how to exploit, how to rectify and how to inform. Many people overlook that, disclose what you find, tell the owner of the site! We will discuss the scripts and programs that have been developed for automating the whole process, even down to logging all the info in a nice little web application.
-
21:52
»
SecDocs
Authors:
Daniel Bartlett Tags:
Google Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A look at methods of locating vulnerable sites via google and exploiting them with no user interaction and how to prevent your code being vulnerable. People learn a little about scripting for the web and hardly ever about security. This leaves us with many issues on many sites. The simplest of things get overlooked and can often lead to full system compromise. Technically this talk focuses on PHP since it is extreamly commonplace and people pick it up reasonably quickly and easily. Looking at the largest and smallest of errors in code, explaining how to exploit, how to rectify and how to inform. Many people overlook that, disclose what you find, tell the owner of the site! We will discuss the scripts and programs that have been developed for automating the whole process, even down to logging all the info in a nice little web application.
-
21:52
»
SecDocs
Authors:
Daniel Bartlett Tags:
Google Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A look at methods of locating vulnerable sites via google and exploiting them with no user interaction and how to prevent your code being vulnerable. People learn a little about scripting for the web and hardly ever about security. This leaves us with many issues on many sites. The simplest of things get overlooked and can often lead to full system compromise. Technically this talk focuses on PHP since it is extreamly commonplace and people pick it up reasonably quickly and easily. Looking at the largest and smallest of errors in code, explaining how to exploit, how to rectify and how to inform. Many people overlook that, disclose what you find, tell the owner of the site! We will discuss the scripts and programs that have been developed for automating the whole process, even down to logging all the info in a nice little web application.
-
9:18
»
Packet Storm Security Exploits
Reaver Pro Livedisc has a named pipe called /tmp/exe that is world writable and any input to it is passed to the shell interpreter, where it is executed as root. This provides a good demonstration as to why using named pipes to execute commands in applications is a bad idea. This exploit spawns a bindshell on localhost:4444 then connects to it.
-
9:18
»
Packet Storm Security Recent Files
Reaver Pro Livedisc has a named pipe called /tmp/exe that is world writable and any input to it is passed to the shell interpreter, where it is executed as root. This provides a good demonstration as to why using named pipes to execute commands in applications is a bad idea. This exploit spawns a bindshell on localhost:4444 then connects to it.
-
9:18
»
Packet Storm Security Misc. Files
Reaver Pro Livedisc has a named pipe called /tmp/exe that is world writable and any input to it is passed to the shell interpreter, where it is executed as root. This provides a good demonstration as to why using named pipes to execute commands in applications is a bad idea. This exploit spawns a bindshell on localhost:4444 then connects to it.
-
-
17:04
»
Packet Storm Security Advisories
Andy Davis of NCC Group has discovered an arbitrary code execution vulnerability in Apple OS X Lion versions 10.7 to 10.7.4 and OS X Lion Server versions 10.7 to 10.7.4.
-
17:04
»
Packet Storm Security Recent Files
Andy Davis of NCC Group has discovered an arbitrary code execution vulnerability in Apple OS X Lion versions 10.7 to 10.7.4 and OS X Lion Server versions 10.7 to 10.7.4.
-
17:04
»
Packet Storm Security Misc. Files
Andy Davis of NCC Group has discovered an arbitrary code execution vulnerability in Apple OS X Lion versions 10.7 to 10.7.4 and OS X Lion Server versions 10.7 to 10.7.4.
-
-
21:54
»
SecDocs
Authors:
Meike Richter Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What has software to do with development policy? A lot. Software is not only about code, it is about rights, control, transparency, freedom and power. Poorly educated people with little financial resources, mostly located in the Southern hemisphere, have little chance to have access to information and communication technologies (ICTs) and to the Internet. Since the mid-1990s, the so-called digital divide appeared on the political agenda. By providing access to ICTs, it is hoped to promote economical, political and social development as well. This lecture explains the digital divide and its implications and gives an overview of the different positions within the discourse. There are three different modes of argumentation: the optimists claiming the new ICTs could strengthen the voice of the poor and developing nations and of marginalized groups; sceptics who believe that new technology alone will make little difference; and pessimists who emphasize that digital technologies will further exacerbate the existing North-South divide. So far, the choice of the software model has hardly played a role in digital development policy. Proprietary architectures are the rule. Only in recent time, the nature of code becomes an issue. E.g., the country of Brazil is going pro-Linux. Free/Open Source Software has a lot of advantages for poor and developing nations: it offers access to knowledge and information engineering skills of the most developed countries, it promotes technological independence and it is for free. So how come that GNU/Linux is not being used all over the place? Why is Brazil's approach towards free code something completely new? This lecture explains why software becomes an increasingly important political issue.
-
21:54
»
SecDocs
Authors:
Meike Richter Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What has software to do with development policy? A lot. Software is not only about code, it is about rights, control, transparency, freedom and power. Poorly educated people with little financial resources, mostly located in the Southern hemisphere, have little chance to have access to information and communication technologies (ICTs) and to the Internet. Since the mid-1990s, the so-called digital divide appeared on the political agenda. By providing access to ICTs, it is hoped to promote economical, political and social development as well. This lecture explains the digital divide and its implications and gives an overview of the different positions within the discourse. There are three different modes of argumentation: the optimists claiming the new ICTs could strengthen the voice of the poor and developing nations and of marginalized groups; sceptics who believe that new technology alone will make little difference; and pessimists who emphasize that digital technologies will further exacerbate the existing North-South divide. So far, the choice of the software model has hardly played a role in digital development policy. Proprietary architectures are the rule. Only in recent time, the nature of code becomes an issue. E.g., the country of Brazil is going pro-Linux. Free/Open Source Software has a lot of advantages for poor and developing nations: it offers access to knowledge and information engineering skills of the most developed countries, it promotes technological independence and it is for free. So how come that GNU/Linux is not being used all over the place? Why is Brazil's approach towards free code something completely new? This lecture explains why software becomes an increasingly important political issue.
-
-
21:46
»
SecDocs
Authors:
Meike Richter Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What has software to do with development policy? A lot. Software is not only about code, it is about rights, control, transparency, freedom and power. Poorly educated people with little financial resources, mostly located in the Southern hemisphere, have little chance to have access to information and communication technologies (ICTs) and to the Internet. Since the mid-1990s, the so-called digital divide appeared on the political agenda. By providing access to ICTs, it is hoped to promote economical, political and social development as well. This lecture explains the digital divide and its implications and gives an overview of the different positions within the discourse. There are three different modes of argumentation: the optimists claiming the new ICTs could strengthen the voice of the poor and developing nations and of marginalized groups; sceptics who believe that new technology alone will make little difference; and pessimists who emphasize that digital technologies will further exacerbate the existing North-South divide. So far, the choice of the software model has hardly played a role in digital development policy. Proprietary architectures are the rule. Only in recent time, the nature of code becomes an issue. E.g., the country of Brazil is going pro-Linux. Free/Open Source Software has a lot of advantages for poor and developing nations: it offers access to knowledge and information engineering skills of the most developed countries, it promotes technological independence and it is for free. So how come that GNU/Linux is not being used all over the place? Why is Brazil's approach towards free code something completely new? This lecture explains why software becomes an increasingly important political issue.
-
-
13:01
»
Hack a Day
College students have returned in droves to dorms and apartments at campuses everywhere. So this is the time of year we usually start seeing some coded entry hacks. [Charmonkey] recently took on the challenge at his new apartment. There were some caveats though. He needed to ensure the Landlord could still enter using a key, [...]
-
-
9:01
»
Hack a Day
We’ve been living a life of luxury, writing our microcontroller code in a text editor and using — of all things — a compiler to turn it into something the chip can use. [Dan Amlund Thomsen] shows us a different way of doing things. He’s actually crafting the operation codes for a PIC microcontroller by [...]
-
-
14:01
»
Hack a Day
[Jeremy Blum] wrote in to share his LibeTech QR Code Door Lock project. He developed it during his Senior year at Cornell University along with three of his classmates. It seeks to move away from magnetic card locks in favor of optical locks that authenticate based on a QR code. The hardware he’s using here [...]
-
-
17:39
»
Packet Storm Security Exploits
This Metasploit module exploits abuses the FlashTunnelService SOAP web service on Oracle Business Transaction Management 12.1.0.7 to upload arbitrary files, without authentication, using the WriteToFile method. The same method contains a directory traversal vulnerability, which allows to upload the files to arbitrary locations. In order to execute remote code two techniques are provided. If the Oracle app has been deployed in the same WebLogic Samples Domain a JSP can be uploaded to the web root. If a new Domain has been used to deploy the Oracle application, the Windows Management Instrumentation service can be used to execute arbitrary code. Both techniques has been successfully tested on default installs of Oracle BTM 12.1.0.7, Weblogic 12.1.1 and Windows 2003 SP2. Default path traversal depths are provided, but the user can configure the traversal depth using the DEPTH option.
-
17:39
»
Packet Storm Security Recent Files
This Metasploit module exploits abuses the FlashTunnelService SOAP web service on Oracle Business Transaction Management 12.1.0.7 to upload arbitrary files, without authentication, using the WriteToFile method. The same method contains a directory traversal vulnerability, which allows to upload the files to arbitrary locations. In order to execute remote code two techniques are provided. If the Oracle app has been deployed in the same WebLogic Samples Domain a JSP can be uploaded to the web root. If a new Domain has been used to deploy the Oracle application, the Windows Management Instrumentation service can be used to execute arbitrary code. Both techniques has been successfully tested on default installs of Oracle BTM 12.1.0.7, Weblogic 12.1.1 and Windows 2003 SP2. Default path traversal depths are provided, but the user can configure the traversal depth using the DEPTH option.
-
17:39
»
Packet Storm Security Misc. Files
This Metasploit module exploits abuses the FlashTunnelService SOAP web service on Oracle Business Transaction Management 12.1.0.7 to upload arbitrary files, without authentication, using the WriteToFile method. The same method contains a directory traversal vulnerability, which allows to upload the files to arbitrary locations. In order to execute remote code two techniques are provided. If the Oracle app has been deployed in the same WebLogic Samples Domain a JSP can be uploaded to the web root. If a new Domain has been used to deploy the Oracle application, the Windows Management Instrumentation service can be used to execute arbitrary code. Both techniques has been successfully tested on default installs of Oracle BTM 12.1.0.7, Weblogic 12.1.1 and Windows 2003 SP2. Default path traversal depths are provided, but the user can configure the traversal depth using the DEPTH option.
-
-
8:22
»
Packet Storm Security Advisories
PRE-CERT Security Advisory - A stack overflow vulnerability has been identified in FreeRADIUS that allows to remotely execute arbitrary code via specially crafted client certificates (before authentication). The vulnerability affects setups using TLS-based EAP methods (including EAP-TLS, EAP-TTLS, and PEAP).
-
-
20:22
»
Packet Storm Security Advisories
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
20:22
»
Packet Storm Security Recent Files
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
20:22
»
Packet Storm Security Misc. Files
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
9:57
»
SecDocs
Authors:
Andreas Bogk Hannes Mehnert Tags:
secure development Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: An overview of the highly dynamic, object-oriented, functional programming language Dylan will be given. As an example a web-based network management tool will be demonstrated. Dylan is a fully buzzword-compliant language (object-oriented, dynamic, functional) which was developed by Apple, CMU and Harlequin back in the early 90s. While the Apple project was cancelled in the early beta testing stage due to financial trouble at Apple, both CMU and Harlequin finished their compilers. CMU released a Dylan-to-C batch compiler as open source. Harlequin produced a full-blown development environment, including an IDE with code browsers, a debugger, profiler, and a native compiler for x86. This compiler has been available commercially. After the bankrupt of Harlequin, the programmers bought the rights to their code, and after an unsuccessful attempt to sell it, recently decided to release it as open source too. Dylan is unique in that it combines both the ease of use and rapid prototyping features of very high level languages with high performance code execution, allowing the deployment of real-life production systems. Additionally, it is amongst the languages that prevent many of the the common exploitable bugs like buffer overflows, integer overflows, format string exploits, double frees, that plague programs written in C. Dylan is semantically closely related to Scheme, but comes with an Algol-like syntax that should be more convenient to the programmer than the S-expression syntax used by the Lisp family of languages. It features a well-integrated class system with dynamic types and multiple inheritance, polymorphism via generic functions, first class functions and matching higher-order functions, automatic memory management and a macro system that allows to extend the grammar of the language. This talk presents the Dylan language and its implementations. It also demonstrates a sample application for configuring switches, routers, DHCP- and DNS-servers for a network environment such as the one of the Chaos Communication Congress over a web interface, focusing on how usage of the Dylan language features allows construction of a powerful framework for such purposes.
-
9:57
»
SecDocs
Authors:
Andreas Bogk Hannes Mehnert Tags:
secure development Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: An overview of the highly dynamic, object-oriented, functional programming language Dylan will be given. As an example a web-based network management tool will be demonstrated. Dylan is a fully buzzword-compliant language (object-oriented, dynamic, functional) which was developed by Apple, CMU and Harlequin back in the early 90s. While the Apple project was cancelled in the early beta testing stage due to financial trouble at Apple, both CMU and Harlequin finished their compilers. CMU released a Dylan-to-C batch compiler as open source. Harlequin produced a full-blown development environment, including an IDE with code browsers, a debugger, profiler, and a native compiler for x86. This compiler has been available commercially. After the bankrupt of Harlequin, the programmers bought the rights to their code, and after an unsuccessful attempt to sell it, recently decided to release it as open source too. Dylan is unique in that it combines both the ease of use and rapid prototyping features of very high level languages with high performance code execution, allowing the deployment of real-life production systems. Additionally, it is amongst the languages that prevent many of the the common exploitable bugs like buffer overflows, integer overflows, format string exploits, double frees, that plague programs written in C. Dylan is semantically closely related to Scheme, but comes with an Algol-like syntax that should be more convenient to the programmer than the S-expression syntax used by the Lisp family of languages. It features a well-integrated class system with dynamic types and multiple inheritance, polymorphism via generic functions, first class functions and matching higher-order functions, automatic memory management and a macro system that allows to extend the grammar of the language. This talk presents the Dylan language and its implementations. It also demonstrates a sample application for configuring switches, routers, DHCP- and DNS-servers for a network environment such as the one of the Chaos Communication Congress over a web interface, focusing on how usage of the Dylan language features allows construction of a powerful framework for such purposes.
-
9:57
»
SecDocs
Authors:
Andreas Bogk Hannes Mehnert Tags:
secure development Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: An overview of the highly dynamic, object-oriented, functional programming language Dylan will be given. As an example a web-based network management tool will be demonstrated. Dylan is a fully buzzword-compliant language (object-oriented, dynamic, functional) which was developed by Apple, CMU and Harlequin back in the early 90s. While the Apple project was cancelled in the early beta testing stage due to financial trouble at Apple, both CMU and Harlequin finished their compilers. CMU released a Dylan-to-C batch compiler as open source. Harlequin produced a full-blown development environment, including an IDE with code browsers, a debugger, profiler, and a native compiler for x86. This compiler has been available commercially. After the bankrupt of Harlequin, the programmers bought the rights to their code, and after an unsuccessful attempt to sell it, recently decided to release it as open source too. Dylan is unique in that it combines both the ease of use and rapid prototyping features of very high level languages with high performance code execution, allowing the deployment of real-life production systems. Additionally, it is amongst the languages that prevent many of the the common exploitable bugs like buffer overflows, integer overflows, format string exploits, double frees, that plague programs written in C. Dylan is semantically closely related to Scheme, but comes with an Algol-like syntax that should be more convenient to the programmer than the S-expression syntax used by the Lisp family of languages. It features a well-integrated class system with dynamic types and multiple inheritance, polymorphism via generic functions, first class functions and matching higher-order functions, automatic memory management and a macro system that allows to extend the grammar of the language. This talk presents the Dylan language and its implementations. It also demonstrates a sample application for configuring switches, routers, DHCP- and DNS-servers for a network environment such as the one of the Chaos Communication Congress over a web interface, focusing on how usage of the Dylan language features allows construction of a powerful framework for such purposes.
-
-
19:03
»
Packet Storm Security Exploits
This Metasploit module exploits a code execution flaw in HP SiteScope. It exploits two vulnerabilities in order to get its objective. An authentication bypass in the getSiteScopeConfiguration operation, available through the APISiteScopeImpl AXIS service, to retrieve the administrator credentials and subsequently abuses the UploadManagerServlet to upload an arbitrary payload embedded in a JSP. The module has been tested successfully on HP SiteScope 11.20 over Windows 2003 SP2.
-
19:03
»
Packet Storm Security Recent Files
This Metasploit module exploits a code execution flaw in HP SiteScope. It exploits two vulnerabilities in order to get its objective. An authentication bypass in the getSiteScopeConfiguration operation, available through the APISiteScopeImpl AXIS service, to retrieve the administrator credentials and subsequently abuses the UploadManagerServlet to upload an arbitrary payload embedded in a JSP. The module has been tested successfully on HP SiteScope 11.20 over Windows 2003 SP2.
-
19:03
»
Packet Storm Security Misc. Files
This Metasploit module exploits a code execution flaw in HP SiteScope. It exploits two vulnerabilities in order to get its objective. An authentication bypass in the getSiteScopeConfiguration operation, available through the APISiteScopeImpl AXIS service, to retrieve the administrator credentials and subsequently abuses the UploadManagerServlet to upload an arbitrary payload embedded in a JSP. The module has been tested successfully on HP SiteScope 11.20 over Windows 2003 SP2.
-
-
4:09
»
SecDocs
Authors:
Martin Johns Tags:
buffer overflow Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: A talk that will present academic tools, which are designed to find or disarm security problems in C code The last years have proven that humans are notorious producers of insecure code. They also seem to have problems security bigs on their own. For this reason scientist spend a reasonable amount of time in developing ideas how to automate the process of finding those security bugs (using static analysis) or how to fix those bugs automatically (with dynamic measures which take effect on runtime). The talk will give an introduction to both approaches. The presented tools are aimed at problems that belong to the programming language C: Buffer Overflows, Format String Exploits and their friends. Static tools examine the source code before the compilation. Depending on the tool methods like functional verification, finite automatons or lattice theory are used to find security bugs. The talk will try to show, how these tools work and what their shortcomings are (e.g. to many false positives, no weighting, hard to configure,...) Dynamic tools alter the source code before or during the compilation. They try to add constructs to the control flow with additions that are supposed to prevent the exploitation of security flaws. Classic examples (Stack Guard) and modern approaches (StoBo) are presented and discussed. Only tools and methods that are applicable by the programmer are addressed. Methods of preventing exploitation by altering the underlying infrastructure (i.e. the OS) are omitted. The focus is on measures that can be employed by the actual programmer. We think it is important that the usage of these kind of tools (esp. static analysis) grows in the open source community. Commercial companies are employing static analysis on a broad basis nowadays (for example Microsoft requires their coders to use the tools PreFast and PreFix daily). Otherwise the security advantage, that open source claims to possess, may diminish.
-
3:56
»
SecDocs
Authors:
Martin Johns Tags:
buffer overflow Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: A talk that will present academic tools, which are designed to find or disarm security problems in C code The last years have proven that humans are notorious producers of insecure code. They also seem to have problems security bigs on their own. For this reason scientist spend a reasonable amount of time in developing ideas how to automate the process of finding those security bugs (using static analysis) or how to fix those bugs automatically (with dynamic measures which take effect on runtime). The talk will give an introduction to both approaches. The presented tools are aimed at problems that belong to the programming language C: Buffer Overflows, Format String Exploits and their friends. Static tools examine the source code before the compilation. Depending on the tool methods like functional verification, finite automatons or lattice theory are used to find security bugs. The talk will try to show, how these tools work and what their shortcomings are (e.g. to many false positives, no weighting, hard to configure,...) Dynamic tools alter the source code before or during the compilation. They try to add constructs to the control flow with additions that are supposed to prevent the exploitation of security flaws. Classic examples (Stack Guard) and modern approaches (StoBo) are presented and discussed. Only tools and methods that are applicable by the programmer are addressed. Methods of preventing exploitation by altering the underlying infrastructure (i.e. the OS) are omitted. The focus is on measures that can be employed by the actual programmer. We think it is important that the usage of these kind of tools (esp. static analysis) grows in the open source community. Commercial companies are employing static analysis on a broad basis nowadays (for example Microsoft requires their coders to use the tools PreFast and PreFix daily). Otherwise the security advantage, that open source claims to possess, may diminish.
-
3:54
»
SecDocs
Authors:
Martin Johns Tags:
buffer overflow Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: A talk that will present academic tools, which are designed to find or disarm security problems in C code The last years have proven that humans are notorious producers of insecure code. They also seem to have problems security bigs on their own. For this reason scientist spend a reasonable amount of time in developing ideas how to automate the process of finding those security bugs (using static analysis) or how to fix those bugs automatically (with dynamic measures which take effect on runtime). The talk will give an introduction to both approaches. The presented tools are aimed at problems that belong to the programming language C: Buffer Overflows, Format String Exploits and their friends. Static tools examine the source code before the compilation. Depending on the tool methods like functional verification, finite automatons or lattice theory are used to find security bugs. The talk will try to show, how these tools work and what their shortcomings are (e.g. to many false positives, no weighting, hard to configure,...) Dynamic tools alter the source code before or during the compilation. They try to add constructs to the control flow with additions that are supposed to prevent the exploitation of security flaws. Classic examples (Stack Guard) and modern approaches (StoBo) are presented and discussed. Only tools and methods that are applicable by the programmer are addressed. Methods of preventing exploitation by altering the underlying infrastructure (i.e. the OS) are omitted. The focus is on measures that can be employed by the actual programmer. We think it is important that the usage of these kind of tools (esp. static analysis) grows in the open source community. Commercial companies are employing static analysis on a broad basis nowadays (for example Microsoft requires their coders to use the tools PreFast and PreFix daily). Otherwise the security advantage, that open source claims to possess, may diminish.
-
-
20:51
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point. Our module has been successfully tested on multiple setups, including: IE, Firefox, Chrome and Safari on Windows, Linux and OS X, etc.
-
20:51
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point. Our module has been successfully tested on multiple setups, including: IE, Firefox, Chrome and Safari on Windows, Linux and OS X, etc.
-
20:51
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point. Our module has been successfully tested on multiple setups, including: IE, Firefox, Chrome and Safari on Windows, Linux and OS X, etc.
-
-
19:41
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-157 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Series records. The code within Excel.exe makes an assumption about the data types within a Series record and can be made to write beyond the bounds of a heap buffer when a specific combination of fields are set to unexpected values. This corruption can be leveraged to achieve code execution under the context of the user running the application.
-
19:41
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-157 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Series records. The code within Excel.exe makes an assumption about the data types within a Series record and can be made to write beyond the bounds of a heap buffer when a specific combination of fields are set to unexpected values. This corruption can be leveraged to achieve code execution under the context of the user running the application.
-
19:41
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-157 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Series records. The code within Excel.exe makes an assumption about the data types within a Series record and can be made to write beyond the bounds of a heap buffer when a specific combination of fields are set to unexpected values. This corruption can be leveraged to achieve code execution under the context of the user running the application.
-
19:23
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable products utilizing the Oracle Outside In Technology. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XPM files. When parsing the chars_per_pixel element the code within vsgdsf.dll does not validate that the data can fit within a stack buffer prior to copying it. This can be leveraged by a remote attacker to execute code under the context of the user running the application.
-
19:23
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable products utilizing the Oracle Outside In Technology. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XPM files. When parsing the chars_per_pixel element the code within vsgdsf.dll does not validate that the data can fit within a stack buffer prior to copying it. This can be leveraged by a remote attacker to execute code under the context of the user running the application.
-
19:23
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable products utilizing the Oracle Outside In Technology. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XPM files. When parsing the chars_per_pixel element the code within vsgdsf.dll does not validate that the data can fit within a stack buffer prior to copying it. This can be leveraged by a remote attacker to execute code under the context of the user running the application.
-
-
15:38
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
-
15:38
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
-
15:38
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.
-
15:22
»
Packet Storm Security Advisories
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
15:22
»
Packet Storm Security Recent Files
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
15:22
»
Packet Storm Security Misc. Files
The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
-
-
19:52
»
Packet Storm Security Exploits
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized or is deleted, aka "Time Element Memory Corruption Vulnerability." This is an exploit for the vulnerability noted in MS11-050.
-
19:52
»
Packet Storm Security Recent Files
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized or is deleted, aka "Time Element Memory Corruption Vulnerability." This is an exploit for the vulnerability noted in MS11-050.
-
19:52
»
Packet Storm Security Misc. Files
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized or is deleted, aka "Time Element Memory Corruption Vulnerability." This is an exploit for the vulnerability noted in MS11-050.
-
-
17:00
»
SecuriTeam
am4ss is prone to a remote PHP code-injection vulnerability.
-
4:01
»
Hack a Day
Did you know it’s possible to write Javascript code without using any letters or numbers at all? Well, it’s not just Javascript, but that’s the language used in this demonstration. [Patricio Palladino] shows how code can be written using just eight characters, and all of them are punctuation marks. Typecasting is the name of the [...]
-
-
21:56
»
SecDocs
Authors:
Felix von Leitner Tags:
C / C++ Event:
Chaos Communication Camp 2007 Abstract: The selling points for C++ are mostly focused on how it supposedly makes it easier to write code. This talk will argue that it is much more important to make code easy to read, and in that respect C++ is a huge regression compared to C. The talk is mostly from the perspective of a professional code auditor. The point of the talk is to get people to think about how others (and themselves!) will have to read and understand the code in the future. This point is also true for other programming languages, so this is not just about C++ bashing, it is about showing what coding style is good for future generations and which will just get you in trouble. The examples will mostly be C++, obviously, but people from other programming languages might learn a thing or two from the talk, too.
-
21:56
»
SecDocs
Authors:
Felix von Leitner Tags:
C / C++ Event:
Chaos Communication Camp 2007 Abstract: The selling points for C++ are mostly focused on how it supposedly makes it easier to write code. This talk will argue that it is much more important to make code easy to read, and in that respect C++ is a huge regression compared to C. The talk is mostly from the perspective of a professional code auditor. The point of the talk is to get people to think about how others (and themselves!) will have to read and understand the code in the future. This point is also true for other programming languages, so this is not just about C++ bashing, it is about showing what coding style is good for future generations and which will just get you in trouble. The examples will mostly be C++, obviously, but people from other programming languages might learn a thing or two from the talk, too.
-
-
23:52
»
Packet Storm Security Exploits
Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a remote code execution vulnerability in the FlashTunnelService WriteToFile message. Proof of concept included.
-
23:52
»
Packet Storm Security Recent Files
Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a remote code execution vulnerability in the FlashTunnelService WriteToFile message. Proof of concept included.
-
23:52
»
Packet Storm Security Recent Files
Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a remote code execution vulnerability in the FlashTunnelService WriteToFile message. Proof of concept included.
-
23:52
»
Packet Storm Security Misc. Files
Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a remote code execution vulnerability in the FlashTunnelService WriteToFile message. Proof of concept included.
-
23:52
»
Packet Storm Security Misc. Files
Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a remote code execution vulnerability in the FlashTunnelService WriteToFile message. Proof of concept included.
-
17:00
»
SecuriTeam
The Artiss Code Embed Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
-
-
15:36
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-133 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE iFix. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ihDataArchiver.exe process which listens by default on TCP port 14000. Several errors are present in the code responsible for parsing data from the network. By providing malformed data for opcodes 6, 7, 8, 10, and 12 the process can be made to corrupt memory which can lead to arbitrary code execution in the context of the user running the service.
-
15:36
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-133 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE iFix. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ihDataArchiver.exe process which listens by default on TCP port 14000. Several errors are present in the code responsible for parsing data from the network. By providing malformed data for opcodes 6, 7, 8, 10, and 12 the process can be made to corrupt memory which can lead to arbitrary code execution in the context of the user running the service.
-
15:36
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-133 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE iFix. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ihDataArchiver.exe process which listens by default on TCP port 14000. Several errors are present in the code responsible for parsing data from the network. By providing malformed data for opcodes 6, 7, 8, 10, and 12 the process can be made to corrupt memory which can lead to arbitrary code execution in the context of the user running the service.
-
3:22
»
Packet Storm Security Exploits
A patch introduced a signedness bug causing any program compiled against the vulnerable version of eglibc and using optimized functions such as memcpy_ssse3 and memcpy-ssse3-back to be potentially vulnerable to unexpected code execution.
-
3:22
»
Packet Storm Security Recent Files
A patch introduced a signedness bug causing any program compiled against the vulnerable version of eglibc and using optimized functions such as memcpy_ssse3 and memcpy-ssse3-back to be potentially vulnerable to unexpected code execution.
-
3:22
»
Packet Storm Security Misc. Files
A patch introduced a signedness bug causing any program compiled against the vulnerable version of eglibc and using optimized functions such as memcpy_ssse3 and memcpy-ssse3-back to be potentially vulnerable to unexpected code execution.
-
-
17:00
»
SecuriTeam
xAurora is prone to a vulnerability that lets attackers execute arbitrary code.
-
-
18:57
»
Packet Storm Security Advisories
Cisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash. Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released updated software that resolves the command and code execution vulnerabilities. There are currently no plans to resolve the malformed IP packets denial of service vulnerability, as this product is no longer being actively supported. There are no workarounds that mitigate these vulnerabilities. Customers should contact their Cisco Sales Representative to determine the Business Unit responsible for their Cisco TelePresence Recording Server.
-
18:57
»
Packet Storm Security Recent Files
Cisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash. Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released updated software that resolves the command and code execution vulnerabilities. There are currently no plans to resolve the malformed IP packets denial of service vulnerability, as this product is no longer being actively supported. There are no workarounds that mitigate these vulnerabilities. Customers should contact their Cisco Sales Representative to determine the Business Unit responsible for their Cisco TelePresence Recording Server.
-
18:57
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash. Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released updated software that resolves the command and code execution vulnerabilities. There are currently no plans to resolve the malformed IP packets denial of service vulnerability, as this product is no longer being actively supported. There are no workarounds that mitigate these vulnerabilities. Customers should contact their Cisco Sales Representative to determine the Business Unit responsible for their Cisco TelePresence Recording Server.
-
-
9:27
»
Packet Storm Security Advisories
Ubuntu Security Notice 1495-1 - Integer overflows were discovered in the graphics loading code of several different image types. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Sven Jacobi discovered an integer overflow when processing Escher graphics records. If a user were tricked into opening a specially crafted PowerPoint file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
-
9:27
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1495-1 - Integer overflows were discovered in the graphics loading code of several different image types. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Sven Jacobi discovered an integer overflow when processing Escher graphics records. If a user were tricked into opening a specially crafted PowerPoint file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
-
9:27
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1495-1 - Integer overflows were discovered in the graphics loading code of several different image types. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Sven Jacobi discovered an integer overflow when processing Escher graphics records. If a user were tricked into opening a specially crafted PowerPoint file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
-
-
16:42
»
Packet Storm Security Exploits
Python-wrapper executes any test.py script within the current working directory, when supplied with help('modules'). A non-privileged user may gain code execution by tricking root to help('modules') or help() and then modules from within python-wrapper while within a non-privileged user's work directory.
-
16:42
»
Packet Storm Security Recent Files
Python-wrapper executes any test.py script within the current working directory, when supplied with help('modules'). A non-privileged user may gain code execution by tricking root to help('modules') or help() and then modules from within python-wrapper while within a non-privileged user's work directory.
-
16:42
»
Packet Storm Security Misc. Files
Python-wrapper executes any test.py script within the current working directory, when supplied with help('modules'). A non-privileged user may gain code execution by tricking root to help('modules') or help() and then modules from within python-wrapper while within a non-privileged user's work directory.
-
-
17:47
»
Packet Storm Security Advisories
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle AutoVue. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AutoVueX.ocx ActiveX object. There exists a method SetMarkupMode() that takes an unbounded string as an argument and copies it to a fixed-length buffer on the stack. This can lead to memory corruption which can be leveraged to execute code under the context of the process.
Skip to page:
1
2
3
...
7