Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS (Problem 3000)

Title: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS Problem 3000. Product: Visual Studio 2005 Vendor: Microsoft Vulnerability class: Denial of Service Remote: application dependant, remote vector is possible CVE: CVE-2007-0842 Author: 3APA3A,...

Microsoft Windows Vista/2003/XP/2000 file management security issues

Title: Microsoft Windows Vista/2003/XP/2000 file management security issues Author: 3APA3A, http://securityvulns.com/ Vendor: Microsoft and potentially another vendors Products: Microsoft Windows Vista/2003/XP/2000, Microsoft resource kit for Windows 2000 and different utilities. Access Vector:...

Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak

Title: Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak Author: 3APA3A, Affected: Microsoft Windows 2000,XP,2003,Vista Exploitable: Yes Type: Remote from local network, authentication required NULL session was not tested. Class: Information leak CVE: Intro: It's very...

Hewlett-Packard Network Node Manager 7.50 Remote Console weak files permissions

Vendor: Hewlett-Packard Application: Network Node Manager 7.50 Remote Console under Microsoft Windows XP SP2. Vulnerability: Local Vulnerability Level: High Author: 3APA3A , Impact: privilege escalation of any unprivileged user to Local System or another user's account. Intro: NNM Remote Console ...

RFC2196

Network Working Group B. Fraser Request for Comments: 2196 Editor FYI: 8 SEI/CMU Obsoletes: 1244 September 1997 Category: Informational Site Security Handbook Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind...

Kerio Winroute Firewall 5.10 users credentials leak

Application: Kerio Winroute Firewall 5.10 Vendor: Kerio Technologies Inc. Vendor Site: http://www.kerio.com Remote: Yes Exploitable: Yes Risk level: Critical if proxy requires authentication Authors: Alexander Antipov & 3APA3A aka Pig Killer Authors Sites: http://www.securitylab.ru...

Is backup required?

Do you need Backup? Introduction. Main features of backup. Risks. RAID. Cluster systems. Shadow copy. Version control systems. Application level recovery. Backup security. Version control systems Modern version control systems such as CVS, Subversion, or commercial products can and sometimes quit...

Phrack55:DIG

Distributed collection of information ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09/09/99 --- 09 of 19 ------------------------- Distributed collection of information -------- hybrid ---- Review Information gathering is the process of determining the characteristics of one or more remote...

Phrack55:Klog

Rewrite pointer to memory window ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 08 of 19 ------------------------ Rewrite pointer to memory window -------- klog ---- Introduction If buffers can be overflowed, then by overwriting critical data, stored in the address space of the...

WIDER : Social Engineering

Social engineering Professional programming Sequential hack one. Introduction 2. social engineering 3. Extraction of information. Social engineering. Sequential hack. four. Finding and processing information. 5. Some ways to divorce people. 6. Human denial of service HDoS 7. Advanced methods...

Integer overflow:attack

Digital Scream January, 2003 Integer overflow: attack Hello! Recently, the number of people involved in IT security has grown significantly. Consequently, there was a breakthrough in the implementation of some attacks... And that is why this article is about a new type of Integer Overflow attack...

Backup implementation

Backup implementation I. Intro II. Tools III. Strategy We study the tools. System utilities for copying files. In the simplest case, to create a replica of the file structure, you can, of course, use the copy command on Windows and cp or rcp on nix. However, there are many questions that these...

Is backup required?

Do you need Backup? Introduction. Main features of backup. Risks. RAID. Cluster systems. Shadow copy. Version control systems. Application level recovery. Backup security. The introduction of any technology is associated with costs and risks in one way or another. This applies to backup as much a...

What else can be ruined by antivirus?

What else will ruin AntiViruses? I have always been pleased with the "professionalism" of antivirus developers in everything, except for the viruses themselves take, for example, the same work with e-mail, whose standards are not followed by any of the manufacturers of anti-virus software. Anothe...

Interview:USSR

USSR Labs USSR Labs their website , their slogan is "USSR is back", that is, "USSR is back", their symbol is a bulldog in a strict collar broke into the world of computer security relatively recently, but very decisive. Somewhere, probably last fall interview taken in 2000 - editor's note, they...

CodeRed : The history of one vulnerability

History of one vulnerability It all started with a message from eEye 1 about another discovered buffer overflow vulnerability in IIS. The problem was in the ISAPI filter from Index Service. According to the eEye report, the vulnerability was discovered quite unexpectedly during one of the tests o...

3APA3A : NTLM in corporate networks

November 18, 2004| 3APA3A NTLM in corporate networks Introduction When, a decade and a half ago, Microsoft began serious work on creating enterprise-wide centralized networks while working on the Windows NT operating system, the developers were given a very difficult and new task for those times ...

3APA3A : Hacking into HTML chats for one more time

More about HTML chat hacks one. PART ONE, or we show our own. The interface of almost any chat is based on dynamically generated HTML forms interconnected via javascript. In almost all chats, the username and password or some identifier that is generated when the user logs in is stored inside the...

AntiAntivirus (Internet can be ruined by antivrus)

Will AntiVirus ruin the Internet? 3APA3A security.nnov.ru Dmitry Leonov bugtraq.ru Alex Exler exler.ru Alexander Dilevsky yandex.ru Alexander Antipov securitylab.ru Ilya Medvedovsky dsec.ru Vladislav Myasnyankin BugTraq.Ru The seemingly uncomplicated mail worm Sobig.f broke all distribution...

Network protocols security: View from client side

Security of Common Application Network Protocols: A Client's Perspective Having received an offer to write an article about the security of network protocols and their vulnerabilities, at first I wanted to refuse - it seems that everything that can be written on this topic has already been writte...

Interview:w00w00

w00w00 One of the first to respond to a request for an interview was w00w00 pronounced "woo-woo", their website . A group highly respected among those who are interested in security issues - they have discovered a lot of holes in security systems, many interesting tactics of hacker attacks. The...

SACERDOTE

Some FTP data transfer protocol problems, common implementation errors and suggestions for fixing them David Sacerdote, [email protected] April, 1996, The icons .... show the translator's comments. The symbol ? shows places where the translator disagrees with the author. Original text of the...

Security aspects of time synchronization infrastructure

A large number of services on modern corporate network require time to be synchronized within network or with absolute time and may fail if there are any problems with time synchronization. Below are just few examples of services and required time precision. For synchronization within network:...

Izik : Reverse Engineering with LD_PRELOAD

July, 06 2005г.| Izik Reverse Engineering with LDPRELOAD This paper is about the LDPRELOAD feature, and how it can be useful for reverse engineering dynamically linked executables. This technique allows you to hijack functions/inject code and manipulate the application flow. Compiling Methods...

Integer overflow:protection

Digital Scream January, 2003 Integer Overflow: Guard Philosophy This article is a logical continuation of the past topic about Integer overflow vulnerabilities. Many believe that this vulnerability is not fixable. Unfortunately, this is also what the authors of Phrack magazine think. I literally...

QQLan : XSS - WEB = Cross-Applications Scripting

July 25, 2005| coded by [email protected] XSS - WEB = Cross-Applications Scripting Buffer overflows are getting tough now. Users have set up all sorts of "personal firewalls", compilers are introducing all sorts of tricky preprocessors that go crazy at the sight of strcpy and control overwriting...

ANDR : Format String Vulnerability

Format string vulnerability Andrey Kolischak March, 2001 [email protected] Format string vulnerability It is no secret that most of the software, in addition to specific vulnerabilities, contains “holes” associated with an incorrect programming style. If some of these holes, such as buffer overflows,...

Backup implementation

Organization Backup I. Intro Let's start by cramming terms and definitions. Backup backup, b4kup or in the common folk backup we will call an asynchronous, in relation to modification, process of creating a copy of stored information data, which allows you to restore the previous state of the dat...

Interview:Void

Team Void What is the world's attitude towards hackers from Russia? They are respected. Indeed, our compatriots are members of many well-known clans - w00w00, ADM and other highly revered teams. It should also be noted that the level of our computer professionals is quite worthy - you will meet...

ANDR : Windows NT stack overflow attacks

Stack overflow attacks on Windows NT Andrey Kolischak Stack Overflow Attacks in Windows NT Today, software vulnerabilities related to the so-called stack overflow are one of the main problems of system administrators. On the mailing lists and whistleblowers devoted to software security breaches,...

Global war on local Administrator

Global war on local Administrator Sergey V. Gordeychik, [email protected] All seemed to be going well. The users' privileges have been minimized. User was not able to log on another user's workstation. No other programs than business-purposed were installed on user computers. According to system...

Backup implementation

Backup implementation I. Intro II. Tools III. Strategy Well, now let's talk about how to live with all this correctly. The backup process consists of three stages: planning, implementation and support. We have already talked a little about support and implementation, but planning is the most...

3APA3A : Frontend applications security

May 30, 2002| Client software security. 1. Introduction. Usually, when talking about attacks via the Internet and related risks, they mean the security of the mail server, the Web Server and other corporate Internet services. To ensure corporate security Internet services are usually placed in a...

Is backup required?

Do you need Backup? Introduction. Main features of backup. Risks. RAID. cluster systems. Shadow copy. Version control systems. Application level recovery. Backup security. Cluster systems A cluster is several computers nodes functioning as a single system that can work even if one of the nodes...

ANDR : Buffer overflow attacks

Buffer overflow attacks Andrey Kolischak November, 1999 Buffer overflow attacks Buffer overflows is the name of the most common software security vulnerability. The first attack using this vulnerability was used in the Morris worm in 1988. Since then, their number has increased every year...

3APA3A : Using FTP protocol weaknesses

How to exploit bugs in the implementation of the FTP protocol David Sacerdot, in his article on the vulnerability of the FTP protocol and dated as early as April 1996, theoretically the vulnerability of the FTP protocol if it is incorrectly implemented. Two points are interesting in the article,...

Information leak from client application with technical information

Data leakage through service information and network protocol in the client application. When exchanging information, you are always transmitting data. However, at different levels everyone remembers ISO/OSI?, service information is added to your data. What is this information, what can it say...

Firewalls for local network

Firewalls for local network Sergey V. Gordeychik, [email protected] Installation of a firewall is the basic requirement for building a secured network. Years of their existence made firewalls more functional and more secured and developed them from simple packet filters into devices with...

Uninet

Security risks associated with using e-mail. by 3APA3A as presented on Uninet conference, April, 19 2002 1. Intro 2. Risks assotiated with using e-mail. 3. How to fight malware on servers and why this protection may be ineffective 4. How to protect your workstations and how make Windows more...

High performance Windows file server

A powerful file server for Windows No part - reflections without memories. Without further ado, let's start by thinking about what a file server is, how it functions, and what we need to make a file server as fast as possible, for example, to make the most of our gigabit network. At first glance,...

using named pipes for local privilege escalation

Digital Scream August, 2003 Using named pipes for local privilege escalation For Phrack magazine 61 Operating systems created by Microsoft in recent years several years old, based on the Windows NT kernel. This decision is positive affected the security of released operating systems, relatively...

Phrack55:Perl

Perl CGI Issues ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 07 of 19 ------------------------ Perl CGI Issues -------- rain.forest.puppy / ADM/Wiretrip ---------------- Introduction It seems to me that I should explain a little about what will be discussed. For the most part...

Panda Platinum Internet Security 2006/2007 privilege escalation and bayesian filter control

Title: Panda Platinum Internet Security 2006/2007 privilege escalation and bayesian filter control security vulnerabilities Author: 3APA3A Vendor: Panda Software Product: Panda Platinum Internet Security 2006 10.02.01 Panda Platinum Internet Security 2007 11.00.00 Panda Antivirus was not tested...

The Bat! 2.x message headers spoofing

Title: The Bat! 2.x message headers spoofing Author: 3APA3A Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable: The Bat! 3.5 Remote: Yes, against client Category: Information spoofing Intro: The Bat! is very convenient, powerful and secure...

multiple applications fd_set structure bitmap array index overflow

Issue: Multiple applications fdset structure bitmap array index overflow Type: remote Date: December, 12 2004 Original URL: http://www.security.nnov.ru/advisiories/sockets.asp Author: 3APA3A URL: http://www.security.nnov.ru/ Affected: gnugk 2.2.0 confirmed, fixed by vendor gnugk is OpenH323...

Bypassing client application protection techniques

Topic: Bypassing client application protection techniques Category: Protection bypass Affected products: CheckPoint VPN-1TM & FireWall-1R NG with Application Intelligence R55 HFA 9 Microsoft Windows XP SP2 Agnitum Outpost Pro 2.1, 2.5 Tiny Firewall Pro v6.0.100 ZoneAlarm Pro with Web Filtering...

Buffer overflow in Far Manager

Title: Buffer overflow in Far Manager Author: ZARAZA Affected: Far Manager 1.70beta1 and prior saved EIP overflow 1.70beta4 off-by-one frame pointer overflow Vendor: RARSoft Risk: Average local code execution Exploitable: Yes Remote: No Vendor Notified: January, 30 2003 I. Introduction: FAR is mo...

Kaspersky Antivirus DoS

Title: Kaspersky Antivirus DoS Author: ZARAZA Affected: Kaspersky Antivirus 4.0.9.0 Server and Workstation version on Windows NT 4.0 and Windows 2000. Vendor: Kaspersky Lab Date: January, 30 2003 Risk: Average Exploitable: Yes Remote: Yes for server versions Vendor Notified: January, 30 2003 I...

Buffer overflow/DoS against cmd.exe for Windows NT 4.0/2000

Title: Buffer overflow/DoS against cmd.exe for Windows NT 4.0/2000 Author: ZARAZA Affected: Microsoft Windows NT 4.0 buffer overflow Microsoft Windows 2000 DoS Vendor: Microsoft Risk: Average for Windows NT 4.0 Low for Windows 2000 Exploitable: Yes Remote: No Vendor Notified: January, 30 2003 I...

JanaServer multiple vulnerabilities

Title: Multiple vulnerabilities in JanaServer Author: ZARAZA Date: July, 22 2002 Affected: JanaServer 2.2.1 and prior JanaServer 1.46 and prior Vendor: Thomas Hauck Risk: High critical if some services, for example HTTP, are available from public interface Remote: yes Exploitable: yes Vendor...