«
Expand/Collapse
68 items tagged "filter"
Related tags:
local information [+],
linux kernel [+],
linux [+],
keyview [+],
bypass [+],
autonomy [+],
null pointer [+],
cups [+],
red [+],
print [+],
postscript printer description [+],
command line interfaces [+],
barracuda [+],
arbitrary code execution [+],
cross site scripting [+],
buffer overflow vulnerability [+],
websense [+],
web filter [+],
web [+],
virus [+],
validation [+],
special request [+],
spam [+],
smf [+],
simple machines [+],
proxy filter [+],
proxy [+],
peter eisentraut [+],
messenger version [+],
memory corruption [+],
malicious script [+],
mail protocols [+],
lan [+],
forgery [+],
filter data [+],
exposed [+],
e mail service [+],
drupal [+],
chaos communication congress [+],
c. an [+],
akeni [+],
zip file [+],
xss [+],
shiro [+],
serendipity [+],
request paths [+],
mac [+],
logic [+],
ettercap [+],
chain [+],
alt [+],
Software [+],
Newbie [+],
Area [+],
vulnerability [+],
wireshark [+],
william yerazunis [+],
validate [+],
usa [+],
txt [+],
treasure trove [+],
text classifier [+],
software filter [+],
service vulnerability [+],
robot [+],
problem [+],
privilege escalation vulnerability [+],
pov [+],
port 1863 [+],
php [+],
parameters [+],
para [+],
packet [+],
null pointer dereference [+],
news [+],
networking [+],
multiple buffer overflow [+],
msnms [+],
mdvsa [+],
mb ring [+],
mathematical ideas [+],
mail filter [+],
mac address filters [+],
local privilege escalation [+],
light filter [+],
leds [+],
layer 2 [+],
layer [+],
kaspersky [+],
kalman [+],
internet explorer [+],
internet [+],
hacks [+],
filter text [+],
filter rules [+],
exposes [+],
ethercap [+],
ellislab [+],
e mail address [+],
e mail [+],
dst [+],
display [+],
direcciones mac [+],
design choices [+],
denial of service [+],
crm [+],
codeigniter [+],
clock [+],
clean filter [+],
bugtraq [+],
buffer overflow vulnerabilities [+],
breaking ground [+],
bot [+],
apple ios [+],
algorithm [+],
address string [+],
accidental leakage [+],
Soporte [+],
information disclosure vulnerability [+]
-
-
13:41
»
Packet Storm Security Exploits
A filter bypass vulnerability in Akeni LAN (LE) Messenger version 1.2.118 allows for malicious script insertion / cross site scripting attacks.
-
13:41
»
Packet Storm Security Misc. Files
A filter bypass vulnerability in Akeni LAN (LE) Messenger version 1.2.118 allows for malicious script insertion / cross site scripting attacks.
-
-
12:35
»
SecDocs
Authors:
Peter Eisentraut Tags:
virus spam Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This lecture takes a critical look at the impact that contemporary spam and virus filter techniques have on the stability, performance, and usability of the e-mail system. Spam and virus filtering techniques have been discussed numerous times at this congress and other ones. What is rarely considered are the consequences that these measures have for the overall stability, performance, and usability of the e-mail system. Many spam filtering techniques play tricks with the e-mail protocols, which carries the risk of shutting out systems that use stricter or alternative implementations of these protocols. Filter systems that create bounce messages have become a plague of their own on the Internet. Alternatively, filter systems discard messages without notification, with the result that there is currently no longer a guarantee that any message will arrive anywhere. Large ISPs are regularly listed on DNS block lists, and many users are indiscriminate in their application of these lists, creating more communication barriers. New purported sender idenfication techniques such as SPF do nothing to fight spam but instead discriminate users of certain ISPs and lock in users to their e-mail service providers. Besides these technical issues, spam filtering when applied without careful consideration also creates privacy and legal problems. Massive gathering and analysis of e-mail traffic cannot only be used to fight spam but also to harvest information about e-mail users. Many providers and administrators may not even be aware that most of their e-mail filtering activities are likely to toe the line to illegality. This lecture will take a critical look at these issues, looking at examples, experiences, and current developments in the fight against e-mail abuse, with the goal of raising awareness among users and administrators.
-
12:35
»
SecDocs
Authors:
Peter Eisentraut Tags:
virus spam Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This lecture takes a critical look at the impact that contemporary spam and virus filter techniques have on the stability, performance, and usability of the e-mail system. Spam and virus filtering techniques have been discussed numerous times at this congress and other ones. What is rarely considered are the consequences that these measures have for the overall stability, performance, and usability of the e-mail system. Many spam filtering techniques play tricks with the e-mail protocols, which carries the risk of shutting out systems that use stricter or alternative implementations of these protocols. Filter systems that create bounce messages have become a plague of their own on the Internet. Alternatively, filter systems discard messages without notification, with the result that there is currently no longer a guarantee that any message will arrive anywhere. Large ISPs are regularly listed on DNS block lists, and many users are indiscriminate in their application of these lists, creating more communication barriers. New purported sender idenfication techniques such as SPF do nothing to fight spam but instead discriminate users of certain ISPs and lock in users to their e-mail service providers. Besides these technical issues, spam filtering when applied without careful consideration also creates privacy and legal problems. Massive gathering and analysis of e-mail traffic cannot only be used to fight spam but also to harvest information about e-mail users. Many providers and administrators may not even be aware that most of their e-mail filtering activities are likely to toe the line to illegality. This lecture will take a critical look at these issues, looking at examples, experiences, and current developments in the fight against e-mail abuse, with the goal of raising awareness among users and administrators.
-
11:01
»
Hack a Day
If you’re looking to improve the stability of your self balancing robot you might use a simple horrifying equation like this one. It’s part of the journey [Lauszus] took when developing a sensor filtering algorithm for his balancing robot. He’s not breaking ground on new mathematical ideas, but trying to make it a bit easier for [...]
-
-
21:37
»
SecDocs
Authors:
Peter Eisentraut Tags:
virus spam Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This lecture takes a critical look at the impact that contemporary spam and virus filter techniques have on the stability, performance, and usability of the e-mail system. Spam and virus filtering techniques have been discussed numerous times at this congress and other ones. What is rarely considered are the consequences that these measures have for the overall stability, performance, and usability of the e-mail system. Many spam filtering techniques play tricks with the e-mail protocols, which carries the risk of shutting out systems that use stricter or alternative implementations of these protocols. Filter systems that create bounce messages have become a plague of their own on the Internet. Alternatively, filter systems discard messages without notification, with the result that there is currently no longer a guarantee that any message will arrive anywhere. Large ISPs are regularly listed on DNS block lists, and many users are indiscriminate in their application of these lists, creating more communication barriers. New purported sender idenfication techniques such as SPF do nothing to fight spam but instead discriminate users of certain ISPs and lock in users to their e-mail service providers. Besides these technical issues, spam filtering when applied without careful consideration also creates privacy and legal problems. Massive gathering and analysis of e-mail traffic cannot only be used to fight spam but also to harvest information about e-mail users. Many providers and administrators may not even be aware that most of their e-mail filtering activities are likely to toe the line to illegality. This lecture will take a critical look at these issues, looking at examples, experiences, and current developments in the fight against e-mail abuse, with the goal of raising awareness among users and administrators.
-
-
12:01
»
Hack a Day
This hard-drive based POV clock is a treasure trove of great design choices. Now, we’ve seen a bunch of spinning clock builds. Several of the hard drive versions use slits cut in the platters to create a display by illuminating an LED behind those slits at just the right moment. This is a similar idea but [...]
-
-
13:21
»
SecDocs
Authors:
William Yerazunis Tags:
security Event:
Black Hat USA 2010 Abstract: In this whitepaper we consider the problem of outbound-filtering of emails to prevent accidental leakage of confidential information, We examine how to do this with the GPLed open-source spam filter CRM114 and test the accuracy of this filter against a 10,000+ document corpus of hand-classified emails (both confidential and non-confidential) in Japanese. We look into what moving parts are involved in these filters, and how they can be set up. The results show that a hybrid of multiple CRM114 filters outperforms a human-crafted regular-expression filter by nearly 100x in recall, by detecting > 99.9% of confidential documents, and with a simultaneous false alarm rate of less than 5.3%. As the programmers creating the machine-learning programs don't know how to read or write Japanese, this problem is an almost ideal case of the Searle “Chinese Room” problem.
-
-
17:52
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1110-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.
-
17:52
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1110-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.
-
17:52
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1110-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.
-
7:44
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1109-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in Perl. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.
-
7:44
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1109-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in Perl. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.
-
7:44
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1109-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in Perl. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.
-
-
22:01
»
Packet Storm Security Recent Files
Apache Shiro version 1.0.0-incubating suffers from an information disclosure vulnerability. Shiro's path-based filter chain mechanism did not normalize request paths before performing path-matching logic. The result is that Shiro filter chain matching logic was susceptible to potential path traversal attacks.
-
22:00
»
Packet Storm Security Exploits
Apache Shiro version 1.0.0-incubating suffers from an information disclosure vulnerability. Shiro's path-based filter chain mechanism did not normalize request paths before performing path-matching logic. The result is that Shiro filter chain matching logic was susceptible to potential path traversal attacks.
-
-
23:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-218 - Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service via a long e-mail address string. A NULL pointer dereference was discovered in ZipArchive::getArchiveComment. A possible flaw was discovered in open_basedir.
-
-
14:55
»
remote-exploit & backtrack
How do I save ONLY the packets from the DISPLAY FILTER in Wireshark on the fly.
I am using Wireshark to capture traffic from my wireless adapter.
Capture Filter is "port 1863"
Display Filter is "msnms contains plain"
Saving using multiple files.
Next file every 100 MB.
Ring buffer with 2 files.
I would like to get Wireshark to save only the packets after the Display Filter in a separate file automatically so that I dont lose them when the ring buffer maxes out and rolls over.
I would like the program to run continuously saving only packets from the Display Filter on the fly and discarding the rest.
Is there a program that will save the displayed packets to a separate file just before the ring buffer file fills up and clears?
Any way to make the output of the display filter of one wireshark program be the input for a second wireshark program running at the same time.
Is there a better capture filter that will give me only the packets I want?
Any ideas?
Thanks.
-
-
2:36
»
remote-exploit & backtrack
Hi,
I just got a simple question, that I could not answer, since I found the information anywhere...
Can an Ettercap filter be used for Layer 2 parameters? (MAC addresses)
I tried to create a filter using the parameters "eth.src and eth.dst" and etterfilter compiled it without problems. Anyway, once the filter is applied, it does not filter as desired...
thanks for the help!
best regards.
-
-
4:34
»
remote-exploit & backtrack
Buenas,
he instalado el BT4, porque necesito utilizar Ettercap para unos determinados tests de integridad en una red.
He probado varios filtros para alterar información IP y TCP y funcionan de lujo.
También quería alterar información de nivel dos (direcciones MAC, básicamente).
En el filtro defino varias condiciones dependientes de la MAC origen o MAC destino (eth.src o etc.dst). Me permite compilar el filtro y ejecutarlo, pero se salta las condiciones como le da la gana...
Alguien sabe a que puede ser debido?
gracias!
Hi everyone,
I have been looking throughout the forum and in Google, and have found nothing...that's why I post this new thread.
I am using ETTERCAP for testing some security and structural issues of a network.
I configured and compiled some filters for IP and HTTP traffic and worked with no problems.
The problems came when I tried to do Layer 2 (MAC address) filters. I did some filter conditions using
eth.src and
etc.dst, but it did not work. The filter compiled without problems, but the filter did not apply, even if the conditions were fulfilled (I made cross tests with sniffer and ethercap-filter messages).
Do I have to configure something special to make this filter work?
Thank you everyone for your help!
Hi,
I've looked in the documentation, but found nothing...
It is possible to introduce delays in the sent message using ettercap bridged sniffing?
thanks!