Lucene search
K
Security VulnsMost viewed

80 matches found

security_vulns
security_vulns
added 2007/01/01 12:0 a.m.27 views

Interview:USSR

USSR Labs USSR Labs their website , their slogan is "USSR is back", that is, "USSR is back", their symbol is a bulldog in a strict collar broke into the world of computer security relatively recently, but very decisive. Somewhere, probably last fall interview taken in 2000 - editor's note, they...

7.1AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.27 views

RFC2196

Network Working Group B. Fraser Request for Comments: 2196 Editor FYI: 8 SEI/CMU Obsoletes: 1244 September 1997 Category: Informational Site Security Handbook Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind...

8.3AI score
Exploits0
security_vulns
security_vulns
added 2002/02/13 12:0 a.m.27 views

buffer overflow in mshtml.dll

Topic: buffer overflow in mshtml.dll Authors: ERRor and DarkZorro of domain Hell 3APA3A of SECURITY.NNOV Date: February, 13 2002 Vendor Informed: December, 20 2001 Software affected: Microsoft Internet Explorer 6.0 and prior Microsoft Outlook Express 6.0 and prior Microsoft Outlook 2000 and prior...

7.5AI score
Exploits0
security_vulns
security_vulns
added 2001/11/22 12:0 a.m.27 views

Outlook Express and SPA (Secure Password Authentication)

Topic: Outlook Express and SPA Secure Password Authentication Author: 3APA3A Affected Software: Internet Explorer 5.5, 6.0 Vendor: Microsoft Status: Informational 1. Background: Outlook Express doesn't support CRAM-MD5 or APOP and there is only one way to authenticate user on POP3/IMAP/SMTP serve...

7.4AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.26 views

Interview:Void

Team Void What is the world's attitude towards hackers from Russia? They are respected. Indeed, our compatriots are members of many well-known clans - w00w00, ADM and other highly revered teams. It should also be noted that the level of our computer professionals is quite worthy - you will meet...

0.3AI score
Exploits0
security_vulns
security_vulns
added 2006/07/09 12:0 a.m.26 views

Panda Platinum Internet Security 2006/2007 privilege escalation and bayesian filter control

Title: Panda Platinum Internet Security 2006/2007 privilege escalation and bayesian filter control security vulnerabilities Author: 3APA3A Vendor: Panda Software Product: Panda Platinum Internet Security 2006 10.02.01 Panda Platinum Internet Security 2007 11.00.00 Panda Antivirus was not tested...

1.1AI score
Exploits0
security_vulns
security_vulns
added 2002/03/08 12:0 a.m.26 views

Windows 2000 system partition weak default permissions

Title: Windows 2000 system partition weak default permissions Affected: Windows 2000 Vendor: Microsoft Author: ZARAZA Date: August, 03 2002 Risk: High Exploitable: Yes Remote: No Vendor notified: May, 17 2002 SECURITY.NNOV URL: http://www.security.nnov.ru Advanced info:...

7.5AI score
Exploits0
security_vulns
security_vulns
added 1999/10/15 12:0 a.m.26 views

FTP client/server and listen() implementation

Here is exploit. It works as described in NAI 1996 bulletin http://www.nai.com/nailabs/aspset/advisory/ftp-paper.asp but.... there are two points i'm disagree with NAI. 1. ftp console client under FreeBSD 2.2.x IS vulnerable 2. Inspite I don't treat FTP as secured protocol IMHO it's OS/software...

0.6AI score
Exploits0
security_vulns
security_vulns
added 2006/06/02 12:0 a.m.25 views

The Bat! 2.x message headers spoofing

Title: The Bat! 2.x message headers spoofing Author: 3APA3A Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable: The Bat! 3.5 Remote: Yes, against client Category: Information spoofing Intro: The Bat! is very convenient, powerful and secure...

0.7AI score
Exploits0
security_vulns
security_vulns
added 2002/05/14 12:0 a.m.25 views

Special device access and DoS in Microsoft Internet Exporer

Title: special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook Authors: ERRor, 3APA3A Date: May, 14 2002 Affected: Internet Explorer 6.0 Vendor: Microsoft Risk: Average to high Remote: Yes Exploitable: Yes Vendor notified: April, 24 2002 Intro: All versions of Windows...

0.2AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.24 views

Phrack55:Perl

Perl CGI Issues ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 07 of 19 ------------------------ Perl CGI Issues -------- rain.forest.puppy / ADM/Wiretrip ---------------- Introduction It seems to me that I should explain a little about what will be discussed. For the most part...

7.3AI score
Exploits0
security_vulns
security_vulns
added 2002/03/03 12:0 a.m.23 views

A variant of "Word Mail Merge" vulnerability

Title: A variant of "Word Mail Merge" vulnerability Authors: Err0r, 3APA3A Date: May, 03 2002 Affected: Office 97, 2000, XP Vendor: Microsoft Risk: Average to high Remote: for Office 2000 SR1a and prior Exploitable: Yes Vendor notified: February, 12 2002 Intro: All details on this issue may be...

7.1AI score
Exploits0
security_vulns
security_vulns
added 2002/02/25 12:0 a.m.23 views

Special device access in The Bat!

Topic: Special device access in The Bat! Author: 3APA3A Date: February, 25 2002 Software: The Bat! 1.53d, 1.54beta Vendor: Ritlabs http://www.thebat.net Risk: Low to average Remote: Yes Exploitable: Yes Vendor Status: Notified, not verified Details: The Bat! has special device access bug. If The...

0.1AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.21 views

Phrack55:Klog

Rewrite pointer to memory window ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 08 of 19 ------------------------ Rewrite pointer to memory window -------- klog ---- Introduction If buffers can be overflowed, then by overwriting critical data, stored in the address space of the...

0.3AI score
Exploits0
security_vulns
security_vulns
added 2001/10/13 12:0 a.m.21 views

Accessing cookies via ftp

Topic: accessing cookies via ftp Affected Software: all versions of Netscape/Mozilla Author: 3APA3A Risk: Low Remotely Exploitable: Yes Impact: depending on server configuration cookie set by server can be retrieved by hostile side from client Vendor URL: http://www.mozilla.org SECURITY.NNOV...

1AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.20 views

3APA3A : Hacking into HTML chats for one more time

More about HTML chat hacks one. PART ONE, or we show our own. The interface of almost any chat is based on dynamically generated HTML forms interconnected via javascript. In almost all chats, the username and password or some identifier that is generated when the user logs in is stored inside the...

Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.18 views

Phrack55:DIG

Distributed collection of information ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09/09/99 --- 09 of 19 ------------------------- Distributed collection of information -------- hybrid ---- Review Information gathering is the process of determining the characteristics of one or more remote...

Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.17 views

SACERDOTE

Some FTP data transfer protocol problems, common implementation errors and suggestions for fixing them David Sacerdote, [email protected] April, 1996, The icons .... show the translator's comments. The symbol ? shows places where the translator disagrees with the author. Original text of the...

0.9AI score
Exploits0
security_vulns
security_vulns
added 2001/12/18 12:0 a.m.16 views

FTGate PRO/Office hotfixes

Date : December, 18 2001 Affected : FTGate PRO 1.05, FTGate Office 1.05 Vendor : Floositek 1 Risk : high Remote : yes Exploitable : yes Intro: Ftgate is Internet mail server for Windows with SMTP/POP3 support and a lot of additional features by Floositek1. During testing few vulnerabilities were...

0.8AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.14 views

Integer overflow:protection

Digital Scream January, 2003 Integer Overflow: Guard Philosophy This article is a logical continuation of the past topic about Integer overflow vulnerabilities. Many believe that this vulnerability is not fixable. Unfortunately, this is also what the authors of Phrack magazine think. I literally...

0.5AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.13 views

3APA3A : NTLM in corporate networks

November 18, 2004| 3APA3A NTLM in corporate networks Introduction When, a decade and a half ago, Microsoft began serious work on creating enterprise-wide centralized networks while working on the Windows NT operating system, the developers were given a very difficult and new task for those times ...

6.5AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.12 views

Is backup required?

Do you need Backup? Introduction. Main features of backup. Risks. RAID. cluster systems. Shadow copy. Version control systems. Application level recovery. Backup security. Cluster systems A cluster is several computers nodes functioning as a single system that can work even if one of the nodes...

6.7AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.11 views

Kerio Winroute Firewall 5.10 users credentials leak

Application: Kerio Winroute Firewall 5.10 Vendor: Kerio Technologies Inc. Vendor Site: http://www.kerio.com Remote: Yes Exploitable: Yes Risk level: Critical if proxy requires authentication Authors: Alexander Antipov & 3APA3A aka Pig Killer Authors Sites: http://www.securitylab.ru...

0.4AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.11 views

QQLan : XSS - WEB = Cross-Applications Scripting

July 25, 2005| coded by [email protected] XSS - WEB = Cross-Applications Scripting Buffer overflows are getting tough now. Users have set up all sorts of "personal firewalls", compilers are introducing all sorts of tricky preprocessors that go crazy at the sight of strcpy and control overwriting...

5.7AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.9 views

3APA3A : Frontend applications security

May 30, 2002| Client software security. 1. Introduction. Usually, when talking about attacks via the Internet and related risks, they mean the security of the mail server, the Web Server and other corporate Internet services. To ensure corporate security Internet services are usually placed in a...

0.2AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.8 views

CodeRed : The history of one vulnerability

History of one vulnerability It all started with a message from eEye 1 about another discovered buffer overflow vulnerability in IIS. The problem was in the ISAPI filter from Index Service. According to the eEye report, the vulnerability was discovered quite unexpectedly during one of the tests o...

7.4AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.8 views

Firewalls for local network

Firewalls for local network Sergey V. Gordeychik, [email protected] Installation of a firewall is the basic requirement for building a secured network. Years of their existence made firewalls more functional and more secured and developed them from simple packet filters into devices with...

7.5AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.7 views

Izik : Reverse Engineering with LD_PRELOAD

July, 06 2005г.| Izik Reverse Engineering with LDPRELOAD This paper is about the LDPRELOAD feature, and how it can be useful for reverse engineering dynamically linked executables. This technique allows you to hijack functions/inject code and manipulate the application flow. Compiling Methods...

7.6AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.7 views

Global war on local Administrator

Global war on local Administrator Sergey V. Gordeychik, [email protected] All seemed to be going well. The users' privileges have been minimized. User was not able to log on another user's workstation. No other programs than business-purposed were installed on user computers. According to system...

7.4AI score
Exploits0
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.4 views

Uninet

Security risks associated with using e-mail. by 3APA3A as presented on Uninet conference, April, 19 2002 1. Intro 2. Risks assotiated with using e-mail. 3. How to fight malware on servers and why this protection may be ineffective 4. How to protect your workstations and how make Windows more...

4.1AI score
Exploits0
Total number of security vulnerabilities80