80 matches found
Information leak from client application with technical information
Data leakage through service information and network protocol in the client application. When exchanging information, you are always transmitting data. However, at different levels everyone remembers ISO/OSI?, service information is added to your data. What is this information, what can it say...
The Bat! 2.x message headers spoofing
Title: The Bat! 2.x message headers spoofing Author: 3APA3A Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable: The Bat! 3.5 Remote: Yes, against client Category: Information spoofing Intro: The Bat! is very convenient, powerful and secure...
Phrack55:Perl
Perl CGI Issues ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 07 of 19 ------------------------ Perl CGI Issues -------- rain.forest.puppy / ADM/Wiretrip ---------------- Introduction It seems to me that I should explain a little about what will be discussed. For the most part...
Outlook Express and SPA (Secure Password Authentication)
Topic: Outlook Express and SPA Secure Password Authentication Author: 3APA3A Affected Software: Internet Explorer 5.5, 6.0 Vendor: Microsoft Status: Informational 1. Background: Outlook Express doesn't support CRAM-MD5 or APOP and there is only one way to authenticate user on POP3/IMAP/SMTP serve...
File locking and security
Topic : File locking and security Author : 3APA3A Affected software : Windows NT 4.0, Windows 2000 and may be another systems Exploitable : Yes Remotely exploitable : No Category : Design flaw Background: Application can lock the file after file description is open by application or in open call...
The Bat! <cr> bug
SECURITY.NNOV URL: http://www.security.nnov.ru/advisories Topic: The Bat! bug Application: The Bat! 1.51 latest Vendor: RitLabs Category: Denial of Service Risk Factor: Low Remote: Yes Vendor Contacted: 13.04.2001 Software URL: http://www.thebat.net Vendor URL: http://www.ritlabs.com +Introductio...
Interview:Void
Team Void What is the world's attitude towards hackers from Russia? They are respected. Indeed, our compatriots are members of many well-known clans - w00w00, ADM and other highly revered teams. It should also be noted that the level of our computer professionals is quite worthy - you will meet...
Windows 2000 system partition weak default permissions
Title: Windows 2000 system partition weak default permissions Affected: Windows 2000 Vendor: Microsoft Author: ZARAZA Date: August, 03 2002 Risk: High Exploitable: Yes Remote: No Vendor notified: May, 17 2002 SECURITY.NNOV URL: http://www.security.nnov.ru Advanced info:...
buffer overflow in mshtml.dll
Topic: buffer overflow in mshtml.dll Authors: ERRor and DarkZorro of domain Hell 3APA3A of SECURITY.NNOV Date: February, 13 2002 Vendor Informed: December, 20 2001 Software affected: Microsoft Internet Explorer 6.0 and prior Microsoft Outlook Express 6.0 and prior Microsoft Outlook 2000 and prior...
FTP client/server and listen() implementation
Here is exploit. It works as described in NAI 1996 bulletin http://www.nai.com/nailabs/aspset/advisory/ftp-paper.asp but.... there are two points i'm disagree with NAI. 1. ftp console client under FreeBSD 2.2.x IS vulnerable 2. Inspite I don't treat FTP as secured protocol IMHO it's OS/software...
Special device access and DoS in Microsoft Internet Exporer
Title: special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook Authors: ERRor, 3APA3A Date: May, 14 2002 Affected: Internet Explorer 6.0 Vendor: Microsoft Risk: Average to high Remote: Yes Exploitable: Yes Vendor notified: April, 24 2002 Intro: All versions of Windows...
Phrack55:Klog
Rewrite pointer to memory window ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 08 of 19 ------------------------ Rewrite pointer to memory window -------- klog ---- Introduction If buffers can be overflowed, then by overwriting critical data, stored in the address space of the...
A variant of "Word Mail Merge" vulnerability
Title: A variant of "Word Mail Merge" vulnerability Authors: Err0r, 3APA3A Date: May, 03 2002 Affected: Office 97, 2000, XP Vendor: Microsoft Risk: Average to high Remote: for Office 2000 SR1a and prior Exploitable: Yes Vendor notified: February, 12 2002 Intro: All details on this issue may be...
Special device access in The Bat!
Topic: Special device access in The Bat! Author: 3APA3A Date: February, 25 2002 Software: The Bat! 1.53d, 1.54beta Vendor: Ritlabs http://www.thebat.net Risk: Low to average Remote: Yes Exploitable: Yes Vendor Status: Notified, not verified Details: The Bat! has special device access bug. If The...
Accessing cookies via ftp
Topic: accessing cookies via ftp Affected Software: all versions of Netscape/Mozilla Author: 3APA3A Risk: Low Remotely Exploitable: Yes Impact: depending on server configuration cookie set by server can be retrieved by hostile side from client Vendor URL: http://www.mozilla.org SECURITY.NNOV...
3APA3A : Hacking into HTML chats for one more time
More about HTML chat hacks one. PART ONE, or we show our own. The interface of almost any chat is based on dynamically generated HTML forms interconnected via javascript. In almost all chats, the username and password or some identifier that is generated when the user logs in is stored inside the...
SACERDOTE
Some FTP data transfer protocol problems, common implementation errors and suggestions for fixing them David Sacerdote, [email protected] April, 1996, The icons .... show the translator's comments. The symbol ? shows places where the translator disagrees with the author. Original text of the...
Phrack55:DIG
Distributed collection of information ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09/09/99 --- 09 of 19 ------------------------- Distributed collection of information -------- hybrid ---- Review Information gathering is the process of determining the characteristics of one or more remote...
FTGate PRO/Office hotfixes
Date : December, 18 2001 Affected : FTGate PRO 1.05, FTGate Office 1.05 Vendor : Floositek 1 Risk : high Remote : yes Exploitable : yes Intro: Ftgate is Internet mail server for Windows with SMTP/POP3 support and a lot of additional features by Floositek1. During testing few vulnerabilities were...
Integer overflow:protection
Digital Scream January, 2003 Integer Overflow: Guard Philosophy This article is a logical continuation of the past topic about Integer overflow vulnerabilities. Many believe that this vulnerability is not fixable. Unfortunately, this is also what the authors of Phrack magazine think. I literally...
CodeRed : The history of one vulnerability
History of one vulnerability It all started with a message from eEye 1 about another discovered buffer overflow vulnerability in IIS. The problem was in the ISAPI filter from Index Service. According to the eEye report, the vulnerability was discovered quite unexpectedly during one of the tests o...
3APA3A : Frontend applications security
May 30, 2002| Client software security. 1. Introduction. Usually, when talking about attacks via the Internet and related risks, they mean the security of the mail server, the Web Server and other corporate Internet services. To ensure corporate security Internet services are usually placed in a...
3APA3A : NTLM in corporate networks
November 18, 2004| 3APA3A NTLM in corporate networks Introduction When, a decade and a half ago, Microsoft began serious work on creating enterprise-wide centralized networks while working on the Windows NT operating system, the developers were given a very difficult and new task for those times ...
Is backup required?
Do you need Backup? Introduction. Main features of backup. Risks. RAID. cluster systems. Shadow copy. Version control systems. Application level recovery. Backup security. Cluster systems A cluster is several computers nodes functioning as a single system that can work even if one of the nodes...
Kerio Winroute Firewall 5.10 users credentials leak
Application: Kerio Winroute Firewall 5.10 Vendor: Kerio Technologies Inc. Vendor Site: http://www.kerio.com Remote: Yes Exploitable: Yes Risk level: Critical if proxy requires authentication Authors: Alexander Antipov & 3APA3A aka Pig Killer Authors Sites: http://www.securitylab.ru...
QQLan : XSS - WEB = Cross-Applications Scripting
July 25, 2005| coded by [email protected] XSS - WEB = Cross-Applications Scripting Buffer overflows are getting tough now. Users have set up all sorts of "personal firewalls", compilers are introducing all sorts of tricky preprocessors that go crazy at the sight of strcpy and control overwriting...
Firewalls for local network
Firewalls for local network Sergey V. Gordeychik, [email protected] Installation of a firewall is the basic requirement for building a secured network. Years of their existence made firewalls more functional and more secured and developed them from simple packet filters into devices with...
Izik : Reverse Engineering with LD_PRELOAD
July, 06 2005г.| Izik Reverse Engineering with LDPRELOAD This paper is about the LDPRELOAD feature, and how it can be useful for reverse engineering dynamically linked executables. This technique allows you to hijack functions/inject code and manipulate the application flow. Compiling Methods...
Global war on local Administrator
Global war on local Administrator Sergey V. Gordeychik, [email protected] All seemed to be going well. The users' privileges have been minimized. User was not able to log on another user's workstation. No other programs than business-purposed were installed on user computers. According to system...
Uninet
Security risks associated with using e-mail. by 3APA3A as presented on Uninet conference, April, 19 2002 1. Intro 2. Risks assotiated with using e-mail. 3. How to fight malware on servers and why this protection may be ineffective 4. How to protect your workstations and how make Windows more...