Category: InfoSec
-
Classification Headache: Remote vs Local
[This was originally published on the OSVDB blog.] http://archives.neohapsis.com/archives/bugtraq/2005-07/0238.html From: Derek Martin (code[at]pizzashack.org)Date: Thu Jul 14 2005 – 21:39:30 CDT The issue has come up on bugtraq before, but I think it is worth raising it again. The question is how to classify attacks against users’ client programs which come from the Internet, e.g. an…
-
ICAT > NVD
[This was originally published on the OSVDB blog.] Someone brought this to my attention: http://nvd.nist.gov/National Vulnerability Database Welcome to NVD!!NVD is a comprehensive cyber security vulnerability database that integrates all publicly available U.S. Government vulnerability resources and provides references to industry resources. It is based on the CVE vulnerability naming standard. NVD contains:11708 Vulnerabilities482 US-CERT…
-
Why Vulnerability Databases Can’t Do Everything
[This was originally published on the OSVDB blog.] https://seclists.org/fulldisclosure/2005/Jul/292 From: Steven M. Christey (coley[at]mitre.org)Date: Fri Jul 15 2005 – 13:35:52 CDT Vulnerability databases and notification services have to pore through approximately 100 new public vulnerability reports a week. Correction: that’s HUNDREDS of reports, from diverse and often unproven sources, for about 100 unique vulnerabilities per…
-
Disclosure: Whois.Cart Multiple Vulnerabilities
[This was originally published on OSVDB, now gone, and touched up for style. VulnDB 18533, 18534, 18535, 18536] During communication with the vendor of Whois.Cart regarding previous entries, Alexandre Lemaire was very helpful and prompt in providing information for the OSVDB team to resolve outstanding questions. During the communication, a few low concern issues were found.…
-
HTTP Request Smuggling
[This was originally published on the OSVDB blog.] Last month, Watchfire released a new paper describing “HTTP Request Smuggling” attacks. Since the release of this paper, many products have been found prone to such attacks. Some of these include SunONE Web Server, Oracle Application Server Web Server, IBM WebSphere, BEA WebLogic, Tomcat, Microsoft Internet Information…
-
Reverse Engineering Microsoft Patches in 20 Minutes
[This was originally published on the OSVDB blog.] Halvar posted to the DailyDave mail list today showing a brief flash based demonstration of some of his reverse engineering tools. The presentation shows how one can reverse engineer a Microsoft patch using binary diff analysis, and figure out exactly what the vulnerability is, down to the…
-
Second-Order Symlink Vulnerabilities
[This was originally published on the OSVDB blog.] http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0060.html While symlink vulnerabilities are not new, Steven Christey from CVE points out a recent trend in “second-order symlink” vulnerabilities. Based on the recent examples published, there is a strong chance many applications have been vulnerable to such attacks in the past.
-
Vulnerabilities and Stock Value
[This was originally published on the OSVDB blog.] Study: Flaw disclosure hurts software maker’s stockRobert Lemos, SecurityFocus 2005-06-06http://securityfocus.com/news/11197 The study analyzed the release of 146 vulnerabilities and found that a software company’s stock price decreased 0.63 percent compared to the tech-heavy NASDAQ on the day a flaw in the firm’s product is announced. The study…
-
600 Security Vulnerabilities in Q1 2005
[This was originally published on the OSVDB blog.] http://www.betanews.com/article/600_Security_Vulnerabilities_in_Q1_2005/1115067858 600 Security Vulnerabilities in Q1 2005By Nate Mook, BetaNewsMay 2, 2005, 5:04 PM According to a study published Monday by the SANS Institute, more than 600 new security vulnerabilities cropped up in the first three months of 2005. Although Microsoft leads the top 20 most critical…
-
Ginger & Photon
[This was originally published on the OSVDB blog.] Recently at the CanSec West conference, Window Snyder from Microsoft gave a talk about Windows XP SP2 security internals. Looking past a bulk of the talk, one portion of it stuck out in the minds of many vulnerability researchers. Unfortunately, the press has only given it a…