Tag: OSVDB

  • HTTP Request Smuggling

    [This was originally published on the OSVDB blog.] Last month, Watchfire released a new paper describing “HTTP Request Smuggling” attacks. Since the release of this paper, many products have been found prone to such attacks. Some of these include SunONE Web Server, Oracle Application Server Web Server, IBM WebSphere, BEA WebLogic, Tomcat, Microsoft Internet Information…

  • Reverse Engineering Microsoft Patches in 20 Minutes

    [This was originally published on the OSVDB blog.] Halvar posted to the DailyDave mail list today showing a brief flash based demonstration of some of his reverse engineering tools. The presentation shows how one can reverse engineer a Microsoft patch using binary diff analysis, and figure out exactly what the vulnerability is, down to the…

  • Second-Order Symlink Vulnerabilities

    [This was originally published on the OSVDB blog.] http://archives.neohapsis.com/archives/fulldisclosure/2005-06/0060.html While symlink vulnerabilities are not new, Steven Christey from CVE points out a recent trend in “second-order symlink” vulnerabilities. Based on the recent examples published, there is a strong chance many applications have been vulnerable to such attacks in the past.

  • Vulnerabilities and Stock Value

    [This was originally published on the OSVDB blog.] Study: Flaw disclosure hurts software maker’s stockRobert Lemos, SecurityFocus 2005-06-06http://securityfocus.com/news/11197 The study analyzed the release of 146 vulnerabilities and found that a software company’s stock price decreased 0.63 percent compared to the tech-heavy NASDAQ on the day a flaw in the firm’s product is announced. The study…

  • 600 Security Vulnerabilities in Q1 2005

    [This was originally published on the OSVDB blog.] http://www.betanews.com/article/600_Security_Vulnerabilities_in_Q1_2005/1115067858 600 Security Vulnerabilities in Q1 2005By Nate Mook, BetaNewsMay 2, 2005, 5:04 PM According to a study published Monday by the SANS Institute, more than 600 new security vulnerabilities cropped up in the first three months of 2005. Although Microsoft leads the top 20 most critical…

  • Ginger & Photon

    [This was originally published on the OSVDB blog.] Recently at the CanSec West conference, Window Snyder from Microsoft gave a talk about Windows XP SP2 security internals. Looking past a bulk of the talk, one portion of it stuck out in the minds of many vulnerability researchers. Unfortunately, the press has only given it a…

  • Predicting Vulnerabilities, Quotes and More

    [This was originally published on the OSVDB blog.] Interesting article for several reasons. Below are some of the interesting quotes that stood out to me and may prove to be interesting topics. http://news.bbc.co.uk/1/hi/technology/3485972.stm Hackers exploit Windows patchesBy Mark WardLast Updated: Thursday, 26 February, 2004, 10:54 GMT “We have never had vulnerabilities exploited before the patch…

  • Days of Risk

    [This was originally published on the OSVDB blog.] The last few months have seen a lot more talk about the “Days of Risk”. In short, vendors like Microsoft say the days of risk are the time between vulnerability information (or an exploit) being released and a system being patched. So if a new vulnerability is…