Security Hero Rotating Header Image

Mail

out of box scanner

Re: out of box scanner

Posted by Nathan Grandbois on Dec 04

John Bennett wrote:

John,

You might want to take a look at the WASC list here:

http://projects.webappsec.org/Web-Application-Security-Scanner-List

The thread is still under discussion on the webappsec mailing list.

_nathan

URL: http://seclists.org/pen-test/2009/Dec/5

insecure elements in https protected pages

insecure elements in https protected pages

Posted by Mohammad Hosein on Oct 18

in a certain web application e.g gmail there are times the whole

communication is secured by ssl and sometimes "there are insecure elements"

that raise questions . i’m not a web professional . how to find these

insecure elements ? and how to evaluate if these elements are the results of

a successful man in the middle attack or not ?

regards

URL: http://seclists.org/fulldisclosure/2009/Oct/251

3339 (email_and_web_security_appliance)

CVE-2009-3339 (email_and_web_security_appliance)

Unspecified vulnerability in McAfee Email and Web Security Appliance 5.1 VMtrial allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3339

computer crime statistics

RE: computer crime statistics

<!–
Envelope-to: email@address
Delivery-date: Mon, 27 Jul 2009 22:22:29 +0100
Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com)
by lt.network5.net with esmtp (Exim 4.43)
id 1MVXeP-0004ru-8D
for email@address; Mon, 27 Jul 2009 22:22:29 +0100
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 7CBE42371F8; Mon, 27 Jul 2009 15:19:13 -0600 (MDT)
Mailing-List: contact <a
href=”mailto:bugtraq-help@securityfocus.com”>bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: &lt;bugtraq.list-id.securityfocus.com&gt;
List-Post: &lt;mailto:bugtraq@securityfocus.com&gt;
List-Help: &lt;mailto:bugtraq-help@securityfocus.com&gt;
List-Unsubscribe: &lt;mailto:bugtraq-unsubscribe@securityfocus.com&gt;
List-Subscribe: &lt;mailto:bugtraq-subscribe@securityfocus.com&gt;
Delivered-To: mailing list <a
href=”mailto:bugtraq@securityfocus.com”>bugtraq@securityfocus.com
Delivered-To: moderator for <a
href=”mailto:bugtraq@securityfocus.com”>bugtraq@securityfocus.com
Received: (qmail 10596 invoked from network); 27 Jul 2009 21:15:21 -0000
Content-class: urn:content-classes:message
MIME-Version: 1.0
Subject: RE: computer crime statistics
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Mon, 27 Jul 2009 15:15:13 -0600
Content-Type: multipart/signed;
micalg=SHA1;
protocol=&quot;application/x-pkcs7-signature&quot;;
boundary=&quot;—-=_NextPart_000_057C_01CA0ECD.09DC2F70&quot;
Message-ID: &lt;631BA9640B7F2246936CD03153E2F92E20F909@Libmail2.ualibrary.ualberta.ca&gt;
In-Reply-To: &lt;001a01ca0dfa$d7dde8b0$8799ba10$@com&gt;
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
Thread-Topic: computer crime statistics
Thread-Index: AcoN+oX+xKj011IHRImdAYPfW8fNdQAADRdwAEEC6NA=
References: &lt;001a01ca0dfa$d7dde8b0$8799ba10$@com&gt;
From: &quot;McDonnell, Michael&quot; &lt;michael.mcdonnell@ualberta.ca&gt;
To: &quot;Choon Ming&quot; &lt;choonming2002@gmail.com&gt;,
&lt;bugtraq@securityfocus.com&gt;,
&lt;full-disclosure-bounces@lists.grok.org.uk&gt;
X-IMAPbase: 1176125385 9714
Status: O
X-UID: 9714
Content-Length: 5925
X-Keywords:

SQLi Vulnerability Scanners

Re: SQLi Vulnerability Scanners

Posted by Taras on Jul 26

On Fri, 17 Jul 2009 13:17:10 -0300

Ulises2k <ulises2k_at_gmail.com> wrote:

> Try this:

>

> GUI

> http://w3af.sf.net

W3AF has also perfect console UI and furthermore it has SQLmap integration.

URL: http://seclists.org/pen-test/2009/Jul/0097.html

n3td3v honored at blackhat 2009 USA – best security intrusion specialist

n3td3v honored at blackhat 2009 USA – best security intrusion specialist

Posted by antisecav_at_hushmail.com on Jul 26

ATTENTION n3tD3v (www.twitter.com/n3td3v):

Thank you for all your help with the antisec movement.

We hope your grant with the intelligence community goes well!

This is Alex Jones, from Infowars,

Over and out.

URL: http://seclists.org/fulldisclosure/2009/Jul/0408.html

antisec and n3td3v responsible for Matasano hacking

Breaking: antisec and n3td3v responsible for Matasano hacking

Posted by antisecav_at_hushmail.com on Jul 25

GREAT BRITAIN – n3td3v/antisec is proud to announce official

partnership with antisec ("the scene")

In England, we care about intelligence. There is no better way to

do intelligence then to compromise computers. We are clearly

superior at security.

We eat up the competition….

URL: http://seclists.org/fulldisclosure/2009/Jul/0405.html

IXXO Cart! Standalone and Joomla Component SQL Injection

Re: IXXO Cart! Standalone and Joomla Component SQL Injection

Posted by YEHG Group on Jul 26

Thanks, I’ll update the database of

http://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project

On Sat, Jul 25, 2009 at 3:57 PM, SmOk3<smok3f00_at_gmail.com> wrote:

> Original advisory at:

> …

URL: http://seclists.org/fulldisclosure/2009/Jul/0394.html

AntiSec is DEAD

Re: AntiSec is DEAD

Posted by srshaxsir_at_hushmail.com on Jul 25

You are an idiot.

anti-sec never threatened to show any 0day, it is against the point

you moron.. unless you believe anyone that signs his email with

‘anti-sec’.

We are still online, we are still auditing and hacking your code on

a daily basis, you just won’t know about it anymore until you…

URL: http://seclists.org/fulldisclosure/2009/Jul/0390.html

Adobe Reader / Acrobat and Flash Remote Code Execution

Adobe Reader / Acrobat and Flash Remote Code Execution

Summary:

Fortinet’s FortiGuard Global Security Research Team investigates a vulnerability in multiple Adobe products through SWF.

Impact:

Remote Code Execution.

Affected Software:

  • Adobe Reader and Acrobat 9.1.2 and earlier 9.x versions
  • Adobe Flash Player 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions

Solutions:

  • The FortiGuard Global Security Research Team released a signature “Adobe.Products.SWF.Remote.Code.Execution”, which covers this specific vulnerability.
  • Apply the suggested workaround from Adobe

The FortiGuard Global Security Research Team continues to monitor attacks against this vulnerability.

Fortinet customers who subscribe to Fortinetˇ¦s intrusion prevention (IPS) service should be protected against this remote code execution vulnerability. Fortinetˇ¦s IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by the FortiGuard Global Security Research Team, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat’s lifecycle.

References:

URL: http://www.fortiguardcenter.com/advisory/FGA-2009-29.html

Major spam campaign abusing Yahoo Groups

Major spam campaign abusing Yahoo Groups

About one million spam emails per hour are being sent to Yahoo Groups and other free web services, including Google Groups and LiveJournal, containing bogus pharmaceutical advertising content.

URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/Hhgm3VDE7z4/

Troll exploit of mailing lists and newsgroups

Re: [Mailing list Vulnerability] Troll exploit of mailing lists and newsgroups

Posted by Stephen Menard on Jul 22

Your Clock’s off

DOH! time for a beer

Received: from lists.grok.org.uk (localhost [127.0.0.1])

        by lists.grok.org.uk (Postfix) with ESMTP id CB44E1CB;

        Wed, 22 Jul 2009 15:45:17 +0100 (BST)

URL: http://seclists.org/fulldisclosure/2009/Jul/0350.html

Oral arguments in FISA Amendments Act lawsuit

Oral arguments in FISA Amendments Act lawsuit

The American Civil Liberties Union was in court today for oral arguments in its landmark challenge to the unconstitutional FISA Amendments Act (FAA), which gives the government virtually unchecked power to intercept Americans’ international e-mails and telephone calls. The ACLU filed a lawsuit to stop the government from spying under …

URL: http://www.pogowasright.org/?p=2088

sec

Re: http:cms.netrix.hu – hacked by anti-sec

Posted by Kema Druma on Jul 21

OMG, WTF is this.

ANTI-SEC has successfully pwnd a useless website using lulzy sql

injection from milw0rm.com.

u assholes, get a name like "SHITHOLE" and post ur shit somewhere else

and stop polluting anti-sec and the anti-sec movement and

security mailing list FFS.

GO DIE…

URL: http://seclists.org/fulldisclosure/2009/Jul/0295.html

4117

4117

PDF/Exploit.Pidief.ONG, VBS/TrojanDownloader.Small.L (6), Win32/Adware.BHO.GBP (2), Win32/Adware.BHO.NCG (2), Win32/Adware.GooochiBiz (4), Win32/Adware.WSearch, Win32/Agent.NXT (2), Win32/AutoRun.Agent.NP, Win32/AutoRun.Delf.BY, Win32/Delf.PFS, Win32/FlyStudio.NML, Win32/FlyStudio.NMM (5), Win32/Hupigon, Win32/Hupigon.NPE, Win32/KillAV.NDV (2), Win32/Koutodoor.AF (3), Win32/Koutodoor.G, Win32/Peerfrag.AG, Win32/Poison.NBC (2), Win32/PSW.Agent.NLP (2), Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NMY (3), Win32/PSW.OnLineGames.NNM, Win32/PSW.OnLineGames.NSU (2), Win32/PSW.OnLineGames.OKE, Win32/PSW.WOW.DZI, Win32/PSWTool.MailPassView.151 (4), Win32/Rootkit.Agent.NLY, Win32/Rustock.NIH, Win32/Rustock.NIK (3), Win32/Spy.Banker.AFFJ, Win32/Spy.Banker.QLG (4), Win32/TrojanDownloader.Bredolab.AA (2), Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ABV, Win32/TrojanDownloader.FakeAlert.ACU, Win32/TrojanDownloader.FakeAlert.ACV (2), Win32/TrojanDownloader.Zlob.CZJ, Win32/TrojanDropperDelf.NNM (2), Win32/TrojanDropper.VB.NHZ (2), Win32/Wigon.KU (2), Win32/Wigon.KY

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6089&Itemid=26