SecLists.Org Security Mailing List Archive

Any hacker will tell you that the latest news and exploits are not found on any web site—not even Insecure.Org. No, the cutting edge in security research is and will continue to be the full disclosure mailing lists such as Bugtraq. Here we provide web archives and RSS feeds (now including message extracts), updated in real-time, for many of our favorite lists. Browse the individual lists below, or search them all:

Insecure.Org Lists

Nmap Development — Unmoderated technical development forum for debating ideas, patches, and suggestions regarding proposed changes to Nmap and related projects. Subscribe here.

Re: dev Digest, Vol 98, Issue 26 Brandon Oliver (May 19)
# Nmap 6.25 scan initiated Sun May 19 02:40:24 2013 as: C:\Program Files
(x86)\Nmap\nmap.exe -p80 -Pn -O -o
Nmap scan report for
Host is up (0.018s latency).
PORT STATE SERVICE
80/tcp open http
MAC Address:
Warning: OSScan results may be unreliable because we could not find at
least 1 open and 1 closed port
Device type: printer
Running: HP embedded, HP VxWorks
OS CPE: cpe:/h:hp:laserjet_cp2025dn cpe:/h:hp:laserjet_p2045n
cpe:/o:hp:vxworks
OS...

PrinterScanningIntrusion Brandon Oliver (May 19)
The loan noob, need to borrow some sec info. What's a DragonIDSConsole
doing on an HP Printer? Obviously firewall, but as I read about this bad
boy it's pretty nifty, all retard meant. I do have a serious question,
shall I close all these ports, and why do I return an error when scanning
for window -sW? It suggests to run ipv6 if my address is wrong but it's
not, did it anyways :
# Nmap 6.25 scan initiated Sat May 18 20:34:14...

Re: NMAP Error David Fifield (May 18)
That is a good find. Does it happen when scanning just 10.0.0.4, or does
it require the full range? Can you send me -d3 of scanning the printer?

David Fifield

Re: NMAP Error Gisle Vanem (May 18)
"David Fifield" <david () bamsoftware com> wrote:

I also hit this crash (debug-assert) with this command:
nmap -v -A 10.0.0.1-6

Just before nmap is to report the result for 10.0.0.4 (my Canon printer),
the Debug Assertion box comes up. Analysing this in WinDbg reveals
a problem with:

currenths->scriptResults.sort(scriptid_lessthan);
(in output.cc / printhostscriptresults).

The stacktrace at this point is:...

Re: can not compile recent svn nmap on windows vc 2010 Henri Doreau (May 18)
2013/5/18 David Fifield <david () bamsoftware com>:

The error used to be reported only if nsock_trace was >0. I guess in
most case it was simply silenced out. With the nsock logging framework
I introduced recently, errors are displayed by default. This is the
only change I see.

I've pushed two patches (r30902 and r30903) that should improve the
situation. Please test and let me know if you encounter any issue.

Regards

Re: Nsock test suite Henri Doreau (May 18)
2013/5/12 David Fifield <david () bamsoftware com>:

I did so as of r30901, I hope it's the right way.

Terra: A low-level counterpart to Lua John Bond (May 18)
Hello All,

Just came across a white paper on terra[1]

"""
Like C, Terra is a simple, statically-typed, compiled language with manual
memory management. But unlike C, it is designed from the beginning to
interoperate with Lua. Terra functions are first-class Lua values created
using the terra keyword. When needed they are JIT-compiled to machine code.
"""

The paper is a bit beyond my level of understanding, but it...

New VA Modules: OpenVAS: 5, Nessus: 18 New VA Module Alert Service (May 18)
This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== OpenVAS plugins (5) ==

r16374 2013/gb_wordpress_wp_filemanager_file_dwnld_vuln.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_wordpress_wp_filemanager_file_dwnld_vuln.nasl?root=openvas&view=markup
WordPress wp-FileManager Plugin File Download Vulnerability

r16374...

Re: nping command line parsing: set source IP address Luis MartinGarcia. (May 18)
I have tested this in a Linux Mint box and I can't reproduce it either.

Regards,

Luis MartinGarcia.

Re: can not compile recent svn nmap on windows vc 2010 David Fifield (May 17)
I don't know. Why wasn't this a problem before? What do "git blame" and
"git log -SSO_BROADCAST -p" say about the history? Your solution sounds
fine.

David Fifield

Re: NMAP Error David Fifield (May 17)
I only found this reference to a similar previous problem:
http://seclists.org/nmap-dev/2012/q2/568

I have two tests I would like you to run.

1. Try running the same command from the command prompt (not Zenmap) and
see if the same scan crashes.
2. Try running the command from another (non-Windows) computer, and save
the output as XML.
nmap -T4 -A -v 10.220.7.0-254 -oX scan.xml
Then try opening scan.xml in Zenmap on Windows and see...

Re: can not compile recent svn nmap on windows vc 2010 Henri Doreau (May 17)
Hello,

2013/5/17 Gisle Vanem <gvanem () broadpark no>:

Thanks for testing. The Norwegian message looks nice too but doesn't
read any easier than korean for me. :)

So this looks like attempts to apply SO_BROADCAST on SOCK_STREAM
sockets. We could simply not do it. David, is there any peculiar
reason why there's no check to restrict it to datagram sockets?

Regards

Re: libdnet OpenBSD compatibility Henri Doreau (May 17)
2013/5/16 David Fifield <david () bamsoftware com>:

Ok, thanks.

I've checked the patch into trunk as of r30900. Thank you Giovanni for
the patch.

Regards

Re: nmap bug report, "host down" lines missing on verbose output David Fifield (May 17)
I think this is by design. Timed-out hosts are omitted from the output.
In some cases a host can time out even after it was found to be up--for
example, during port scanning.

David Fifield

Re: Issue with the network interfaces David Fifield (May 17)
It's this entry in the CHANGELOG:

o Routes are now sorted to prefer those with a lower metric. Retrieval
of metrics is supported only on Linux and Windows. [David Fifield]

David Fifield

Nmap Announce — Moderated list for the most important new releases and announcements regarding the Nmap Security Scanner and related projects. We recommend that all Nmap users subscribe.

Nmap Project Seeking Talented Programmers for Google Summer of Code Fyodor (Apr 26)
Hi Folks. I'm happy to announce that the Nmap Project has again been
accepted into the Google Summer of Code program. This innovative and
extraordinarily generous program provides $5,000 stipends to college and
graduate students who spend the summer improving Nmap! They gain valuable
experience, get paid, strengthen their résumés, and write code for millions
of users.

Previous SoC students helped create the Nmap Scripting Engine, Zenmap...

Nmap 6.25 holiday season release! 85 new scripts, better performance, Windows 8 enhancements, and more Fyodor (Nov 30)
Hi folks. It has been more than five months since the Nmap 6.01
release, and I'm pleased to announce a new version for you to enjoy
during the holidays! Nmap 6.25 contains hundreds of improvements,
including 85 new NSE scripts, nearly 1,000 new OS and service
detection fingerprints, performance enhancements such as the new
kqueue and poll I/O engines, better IPv6 traceroute support, Windows 8
improvements, and much more! It also includes...

Nmap 6.01 Released Fyodor (Jun 22)
Hi folks! I'm happy to report that the Nmap 6.00 release
(http://nmap.org/6 ) last month was a huge success, with hundreds of
thousands of downloads and a bunch of positive articles and reviews.
But any release this big is going to uncover a few issues, so we've
released Nmap 6.01 to address them. This should also appease the more
conservative users who always wait for the first patch update before
installing a major software release....

Nmap 6 Released! Fyodor (May 21)
Hi folks! After almost three years of work, 3,924 code commits, and
more than a dozen point releases since Nmap 5, I'm delighted to
announce the release of Nmap 6! It includes a more powerful Nmap
Scripting Engine, 289 new scripts, better web scanning, full IPv6
support, the Nping packet prober, faster scans, and much more!

For the top 6 improvements in Nmap 6, see the release notes:

http://nmap.org/6

Or you can go straight to the...

Last Chance to Apply for the Nmap/Google Summer of Code! Fyodor (Apr 04)
Hi Folks. I'm happy to announce that the Nmap Project has again been
accepted into the Google Summer of Code program. This innovative and
extraordinarily generous program provides $5,000 stipends to college
and graduate students who want to spend the summer improving Nmap!
They gain valuable experience, get paid, strengthen their résumé, and
write code for millions of users.

Previous SoC students helped create the Nmap Scripting Engine,...

Nmap 5.61TEST5 released with 43 new scripts, improved OS & version detection, and more! Fyodor (Mar 09)
Hi folks! We've been working hard for the last 2 months since
5.61TEST4, and I'm pleased to announce the results: Nmap 5.61TEST5.
This release has 43 new scripts, including new brute forcers for http
proxies, SOCKS proxies, Asterisk IAX2, Membase, MongoDB, Nessus
XMLRPC, Redis, the WinPcap remote capture daemon, the VMWare auth
daemon, and old-school rsync. Better check that your passwords are
strong! Some other fun scripts are...

Other Excellent Security Lists

Bugtraq — The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! Sławomir Jabs (May 17)
Everything has a story, everything evolves, adapts to changing circumstances
but does your IT Sec strategy evolve with the development of the digital
world?

Are you wiling to gamble on the security of you systems?

Join the upcoming CONFidence conference and meet both renown speakers and
specialists who deal with the IT security on a daily basis. People like,
you, who never stop asking questions and play with risks all the time...

We will...

[slackware-security] ruby (SSA:2013-136-02) Slackware Security Team (May 17)
[slackware-security] ruby (SSA:2013-136-02)

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current
to fix a security issue.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/ruby-1.9.3_p429-i486-1_slack14.0.txz: Upgraded.
This update fixes a security issue in DL and Fiddle included in Ruby where
tainted strings can be used by system calls regardless of the $SAFE...

[slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01) Slackware Security Team (May 17)
[slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01)

New mozilla-thunderbird packages are available for Slackware64 13.37 and
14.0. These were accidentally omitted from the last upload.

Here are the details from the Slackware64 14.0 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-17.0.6-x86_64-1_slack14.0.txz: Upgraded.
Here's the package that was missing from the last batch. The...

APPLE-SA-2013-05-16-1 iTunes 11.0.3 Apple Product Security (May 17)
APPLE-SA-2013-05-16-1 iTunes 11.0.3

iTunes 11.0.3 is now available and addresses the following:

iTunes
Available for: Mac OS X v10.6.8 or later, Windows 7, Vista,
XP SP2 or later
Impact: An attacker in a privileged network position may manipulate
HTTPS server certificates, leading to the disclosure of sensitive
information
Description: A certificate validation issue existed in iTunes. In
certain contexts, an active network attacker could...

ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability Security Alert (May 16)
ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability

EMC Identifier: ESA-2013-029

CVE Identifier: CVE-2013-0941

Severity Rating: CVSS v2 Base Score: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)

Affected Products:

RSA Authentication API versions prior to 8.1 SP1

RSA Web Agent for Apache Web Server versions prior to 5.3.5

RSA Web Agent for IIS versions prior to 5.3.5

RSA PAM Agent versions prior to 7.0

RSA Agent for Microsoft...

ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability Security Alert (May 16)
ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability

EMC Identifier: ESA-2013-041

CVE Identifier: CVE-2013-3270

Severity Rating: CVSS v2 Base Score: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)

Affected products:

EMC VNX Control Station versions prior 7.1.70.2
EMC Celerra Control Station versions prior 6.0.70.1

Summary:

A vulnerability exists in EMC VNX and EMC Celerra Control Station that...

[slackware-security] mozilla-thunderbird (SSA:2013-135-02) Slackware Security Team (May 16)
[slackware-security] mozilla-thunderbird (SSA:2013-135-02)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0,
and -current to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-17.0.6-i486-1_slack14.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

[slackware-security] mozilla-firefox (SSA:2013-135-01) Slackware Security Team (May 16)
[slackware-security] mozilla-firefox (SSA:2013-135-01)

New mozilla-firefox packages are available for Slackware 13.37, 14.0,
and -current to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-21.0-i486-1_slack14.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

[SECURITY] [DSA 2669-1] linux security update dann frazier (May 16)
----------------------------------------------------------------------
Debian Security Advisory DSA-2669-1 security () debian org
http://www.debian.org/security/ Dann Frazier
May 15, 2013 http://www.debian.org/security/faq
----------------------------------------------------------------------

Package : linux
Vulnerability : privilege escalation/denial of service/information...

Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (May 15)
Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability

Advisory ID: cisco-sa-20130515-mse

Revision 1.0

For Public Release 2013 May 15 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to
cause high CPU utilization and a reload of the...

Multiple Vulnerabilities in Exponent CMS advisory (May 15)
Advisory ID: HTB23154
Product: Exponent CMS
Vendor: Online Innovative Creations
Vulnerable Version(s): 2.2.0 beta 3 and probably prior
Tested Version: 2.2.0 beta 3
Vendor Notification: April 24, 2013
Vendor Patch: May 3, 2013
Public Disclosure: May 15, 2013
Vulnerability Type: SQL Injection [CWE-89], PHP File Inclusion [CWE-98]
CVE References: CVE-2013-3294, CVE-2013-3295
Risk Level: High
CVSSv2 Base Scores: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P),...

[ MDVSA-2013:165 ] firefox security (May 15)
_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:165
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : firefox
Date : May 15, 2013
Affected: Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple...

[security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code security-alert (May 15)
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03714526

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03714526
Version: 3

HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service
(DoS) and Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible....

[SECURITY] [DSA 2668-1] linux-2.6 security update dann frazier (May 15)
----------------------------------------------------------------------
Debian Security Advisory DSA-2668-1 security () debian org
http://www.debian.org/security/ Dann Frazier
May 14, 2013 http://www.debian.org/security/faq
----------------------------------------------------------------------

Package : linux-2.6
Vulnerability : privilege escalation/denial of...

File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities Vulnerability Lab (May 13)
======
File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities

Date:
=====
2013-05-04

References:
===========
http://www.vulnerability-lab.com/get_content.php?id=939

VL-ID:
=====
939

Common Vulnerability Scoring System:
====================================
5.9

Introduction:
=============
You have tons of files you need to get from one device to another, so what do you do? You use File Pro, that’s what you
do.
App Chronicles!...

Full Disclosure — A lightly moderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately, most of the posts are worthless drivel, so finding the gems takes patience.

AFU vulnerabilities in MCFileManager for TinyMCE MustLive (May 18)
Hello list!

I want to warn you about vulnerabilities in Moxiecode File Manager
(MCFileManager). This is commercial plugin for TinyMCE. It concerns as
MCFileManager, as all web applications which have MCFileManager in their
bundle.

These are Arbitrary File Uploading vulnerabilities, which lead to Code
Execution on IIS and Apache web servers.

-------------------------
Affected products:
-------------------------

Vulnerable are Moxiecode...

Re: My ISP is routing traffic to private addresses... Justin Elze (May 18)
The idea behind private IP space is it doesn't leave the ISPs AS via BGP to
the rest of the internet.

Re: My ISP is routing traffic to private addresses... Dan Dart (May 18)
Virgin at least use the 172.16.x.x internally to their infrastructure
- and they suggest you use 192.168.x.x for your personal use.
Traceroutes to any "external" address outside of their network go
through a 172.16.x.x

Re: My ISP is routing traffic to private addresses... Kirils Solovjovs (May 18)
It should. Private address ranges are not marked "magic cows" inside a
classical router's firmware.

Still the problem OP is experiencing is strange, since if there is a
local subnet, it should have a priority local route. Why isn't it there?

Btw, I'd be cautious to state that ISP filter incoming packets with
dst=private. The limitation here would be that private ranges will
usually be router upstream, so you...

Re: My ISP is routing traffic to private addresses... Alexander Georgiev (May 18)
It is sad, that many people don't understand network basics. BTW, your
internet router should not forward rfc1918 addresses to the outside,
shouldn't he?

Am 18. Mai 2013 04:09:48 schrieb Gary Baribault <gary () baribault net>:

Re: My ISP is routing traffic to private addresses... Gary Baribault (May 18)
There is no reason for that, you can use the same address inside as
outside so long as you don't try and reach a 10.0.0.0/8 in their
network, and that should never happen. I have seen some networks where
the inside address range is 192.168.0.0/16 or /8 and the outside is as
well, so long as your trying to reach public ranges beyond the next
outside network it works just fine.

Gary Baribault
Courriel: gary () baribault net
GPG Key:...

Re: My ISP is routing traffic to private addresses... Gary Baribault (May 18)
If they use the 10.0.0.0/8 there's no harm, if they use a DOD range or
another 'public' routable range, there is definitely a risk.

Gary B

Gary Baribault
Courriel: gary () baribault net
GPG Key: 0x685430d1
Fingerprint: 9E4D 1B7C CB9F 9239 11D9 71C3 6C35 C6B7 6854 30D1

Re: exploitation ideas under memory pressure Tavis Ormandy (May 18)
Ahh, I just realised a really cute trick, we can make PATHREC->next
point to the same userspace PATHREC, and EPATHOBJ::bFlatten will spin
forever traversing an infinite linked list.

i.e.

PathRecord->next = PathRecord;

While it's spinning, another thread can clean up the pool, then patch
the listnode (because it's in userspace), to break into pprFlattenRec!
Turning this into a clean write-what-where should be trivial.

Anyone...

Re: My ISP is routing traffic to private addresses... Carl \"Thomas\" Guething (May 17)
AT&T won't let you use 10.0.0.0/8 inside your home network on their devices
for the same reason. You will get an error if you try to configure their
device with it.

Re: My ISP is routing traffic to private addresses... Julius Kivimäki (May 17)
Many ISPs do this, usually they hijack DoD ranges. It shouldn't cause any
issues.

2013/5/17 kyle kemmerer <krkemmerer () gmail com>

Re: My ISP is routing traffic to private addresses... mezgani ali (May 17)
There are many ISP that route IP traffic through networks with private
addresses, my ISP to do the same thing and has 10.0.0.0 class A addresses
routable.
May be it is a miss of IP addresses or may be a NAT that was published due
to some network need.

regards,

exploitation ideas under memory pressure Tavis Ormandy (May 17)
List, there's a pretty obvious bug in win32k!EPATHOBJ::pprFlattenRec where the
PATHREC object returned by win32k!EPATHOBJ::newpathrec doesn't initialise the
next list pointer. The bug is really nice, but exploitation when
allocations start failing is tricky.

As vuln-dev is dead, I thought I'd post here, I don't have much free
time to work on silly Microsoft code, so I'm looking for ideas on how to
fix the final obstacle...

Re: My ISP is routing traffic to private addresses... Gary Baribault (May 17)
public or private IPs the problem is the same, but this was a routing
question .. and I see no problem with their using 'private' IPs on their
'inside' routing gear so long as they give me a routable public IP on my
gateway device.

Gary Baribault
Courriel: gary () baribault net
GPG Key: 0x685430d1
Fingerprint: 9E4D 1B7C CB9F 9239 11D9 71C3 6C35 C6B7 6854 30D1

Re: My ISP is routing traffic to private addresses... sec (May 17)
The only problem is that anyone on a cable modem could access their
10.x.x.x/8 address space and frankly who cares.

Me, if they're still not signing (much less encrypting) packets on the
local loop, and continuing to wish real hard that no one builds serial
or other debug ports—or board headers for same—into "certified" cable
modems.

I have a Verizon Wireless femtocell with what looks like an HDMI port
on the bottom, but...

Re: My ISP is routing traffic to private addresses... Gary Baribault (May 17)
I'm having a little trouble understanding the problem here .. my ISP
uses public addresses for our cable modems. I host an SSH server at
home, and given my nightly logs, I can guarantee that it's accessible
from the wide wed ;-), if the intermediate routers in the ISP's network
use 10.x.x.x/8 space, who cares? No one but their techs need to access
them, I assume they filter 'private' addresses at their edge so that...

Security Basics — A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs". I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.

Penetration Testing — While this list is intended for "professionals", participants frequenly disclose techniques and strategies that would be useful to anyone with a practical interest in security and network auditing.

[HITB-Announce] HITB Magazine Issue 010 Hafez Kamal (May 14)
Hi everyone,

A small reminder that article submissions for HITB Magazine Issue 010
are due tomorrow (15th May 2013). If you're interested in submitting
please send your > 3000 word article to editorial () hackinthebox org

Topics of interest include, but are not limited to the following:

Next generation attacks and exploits
Apple / OS X security vulnerabilities
SS7/Backbone telephony networks
VoIP security
Data...

SpiderFoot 2.0 released Steve Micallef (May 10)
Hi everyone,

SpiderFoot is a free, open-source footprinting tool, enabling you to
perform various scans against a given domain name in order to obtain
information such as sub-domains, e-mail addresses, owned netblocks, web
server versions and so on. The main objective of SpiderFoot is to
automate the footprinting process to the greatest extent possible,
freeing up a penetration tester's time to focus their efforts on the
security...

WASC Announcement: Static Analysis Technologies Evaluation Criteria Published announcements (May 10)
The Web Application Security Consortium (WASC) is pleased to announce the
Static Analysis Technologies Evaluation Criteria. The goal of the SATEC
project is to create a vendor-neutral set of criteria to help guide
application security professionals during the process of acquiring a
static code analysis technology that is intended to be used during
source-code driven security programs. This document provides a
comprehensive list of criteria that...

Ruxcon 2013 Call For Papers cfp (May 07)
Ruxcon 2013 Call For Presentations
Melbourne, Australia, October 26th-27th
CQ Function Centre
http://www.ruxcon.org.au/call-for-papers/

The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon 2013.

This year the conference will take place over the weekend of the 26th and 27th
of October at the CQ Function Centre, Melbourne, Australia.

.[x]. About Ruxcon .[x].

Ruxcon is ia premier technical computer security conference...

[TOOL] TOPERA v2 released cr0hn (May 07)
Hi everybody,

We just released TOPERA v2:

TOPERA is a new security tool for IPv6, with the particularity that their attacks can't be detected by Snort.

This new version of TOPERA include these improvements:

1 - Slow HTTP attacks (Slowloris over IPv6).
2 - Improved TCP port scanner.

New project page:

http://toperaproject.github.io/topera/

Regards!...

[HITB-Announce] #HITB2013KUL Call for Papers Hafez Kamal (May 01)
Hi everyone - This is a Call for Papers for the 11th annual HITB
Security Conference in Malaysia, #HITB2013KUL which takes place on the
16th and 17th of October in Kuala Lumpur.

Keynote speakers for the conference will be Joe Sullivan (Chief Security
Officer, Facebook) and Andy Ellis (Chief Security Officer, Akamai)

We're looking for talks that are highly technical, but most importantly,
material which is new and cutting edge. Submissions...

Breakpoint 2013 Call For Papers cfp (May 01)
Breakpoint 2013 Call For Papers
Melbourne, Australia, October 24th-25th
Intercontinental Rialto
http://www.ruxconbreakpoint.com

.[x]. Introduction .[x].

The Ruxcon team is pleased to announce Call For Papers for Breakpoint 2013.

Breakpoint showcases the work of expert security researchers from around the
world on a wide range of topics. This conference is organised by the Ruxcon
team and offers a specialised security conference to...

Arachni v0.4.2 has been released (Open Source Web Application Security Scanner Framework) Tasos Laskos (Apr 29)
Hey folks,

This is just to let you know that there's a new version of Arachni.

Arachni is a modular and high-performance (Open Source) Web Application Security Scanner Framework written in Ruby.

The change-log is quite sizeable but the gist is:
* Brand new web interface -- allowing for team collaboration.
* Significant decreases in memory usage.
* Issue remarks – Providing extra context to logged issues.
* Improved payloads...

TXDNS v2.4 released Arley Silveira (Apr 17)
TXDNS v 2.4 is out and available to download from
http://txdns.net/

This new version adds support for reverse grinding.

Ex:
txdns -r 10-20.1.60-70.1-254,192.168.15.0/24

Cheers
Arley Silveira.
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without...

A survey on qunatifying severity of vulnerabilities in softwares Khalid Khan Afridi (Apr 17)
Hello!

I am currently performing my master thesis on the topic of quantifying the
severity of
software vulnerabilities.

As you have done significant work in this area, I would be glad if you
could spare a few
minutes of your time to answer a survey on the topic. It should not
require more than 15-20
minutes to complete.

The survey can be found at: http://secsurvey.ics.kth.se/index.php

Thank you for your attention!

Best Regards,
Khalid Khan...

Hackersh 0.1 Release Announcement Itzik Kotler (Apr 03)
Hi All,

I am pleased to announce the first version of Hackersh
(http://www.hackersh.org).

Hackersh ("Hacker Shell") is a free and open source shell (command
interpreter) written in Python with built-in security commands, and
out-of-the-box wrappers for various security tools, using Pythonect as
its scripting engine. Pythonect is a new, experimental,
general-purpose high-level dataflow programming language based on
Python. It aims to...

Info Security News — Carries news items (generally from mainstream sources) that relate to security.

Firewall Wizards — Tips and tricks for firewall administrators

Re: Linked-in and its Phishing-like contacts option! lordchariot (May 01)
Yeah, I was trying to make this non-product specific, but most vendors can actually do this to some degree or another.

Here's how we do it on my product:

https://mcafee.box.com/MWG7-FeatureDemo-Part2

The problem with doing it at a network layer with an IDS is the SSL decryption. Almost everything nowadays is HTTPS, so
it's game over if you cannot open up the encryption.

e²

_____________________________________

From:...

Re: Linked-in and its Phishing-like contacts option! Jon Robinson (May 01)
It's not free but Palo Alto Networks does this.You can search here to see
which applications/sites they can control:
http://apps.paloaltonetworks.com/applipedia/

Jon Robinson
Digital Scepter
desk (951) 461-7868
mobile (562) 682-0821
jon () digitalscepter com

Re: Linked-in and its Phishing-like contacts option! Mathew Want (May 01)
Read only access to the sites. I like that idea a lot.

Has anyone else come across this requirement or found a good way to do it
at a control point level? Perhaps at the IDS layer?

M@

Re: OpenBSD IPSEC VPN question Chris Buechler (May 01)
You can, but that's a different circumstance. That would be IPsec
transport mode, which in combination with gif, GRE or similar
tunneling indeed doesn't have such requirements/quirks since there is
a route in the routing table in that case. Tunnel mode is more common,
which is what's applicable to the subject of this thread. Routing
table changes have no impact on whether traffic in BSD traverses a
tunnel mode IPsec connection,...

Re: OpenBSD IPSEC VPN question Paul D. Robertson (May 01)
It's been a while since I've done it, but Linux used to make an ipsec0 interface that was handled with the standard
routing table. Possibly in *BSD you need to use a gre or gif tunnel to achieve the same thing?

Paul

Re: OpenBSD IPSEC VPN question Chris Buechler (May 01)
This is true of all the BSDs with IPsec (and maybe Linux and other
*nix OSes but not sure of those). Traffic that doesn't have a specific
source IP set gets the source IP that's closest to the destination per
the routing table. IPsec doesn't have a routing table entry, traffic
follows the SPD. So it ends up getting the IP that's nearest the
default gateway, which is most always a public IP, which is most
always not going to...

Re: OpenBSD IPSEC VPN question David Lang (Apr 30)
That's what I would expect as well, but the person reporting the problem is
claiming that this is not the case on OpenBSD, that there are no routes visible
and connections _from_ the firewall need to explicitly set their source IP
address.

This doesn't sound right to me, but I am not an OpenBSD expert.

David Lang_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com...

Re: OpenBSD IPSEC VPN question Paul D. Robertson (Apr 30)
I'd expect a connect() to bind implicitly to IP_ADDR_ANY and have the system fill in the source address by default
based on the destination route if the client doesn't specify an explicit bind address and for traffic destined to go
through the VPN to do so- it sounds like it doesn't- but without more data, I'd be wary of troubleshooting it (NAT,
filtering...)

However, I'd also advocate being able to explicitly set the...

Breakpoint 2013 Call For Papers cfp (Apr 30)
Breakpoint 2013 Call For Papers
Melbourne, Australia, October 24th-25th
Intercontinental Rialto
http://www.ruxconbreakpoint.com

.[x]. Introduction .[x].

The Ruxcon team is pleased to announce Call For Papers for Breakpoint 2013.

Breakpoint showcases the work of expert security researchers from around the
world on a wide range of topics. This conference is organised by the Ruxcon
team and offers a specialised security conference to...

Re: OpenBSD IPSEC VPN question Bennett Todd (Apr 30)
When you've got a vpn up, you're multi-homed, the Unix way for a client to
choose a network to use, when there are multiple choices, is to specify the
src ip to bind to.

I think that's the behavior I'd expect anywhere.

Re: Linked-in and its Phishing-like contacts option! David Lang (Apr 30)
when you say turn off webmail, do you mean to cut off access to public webmail
servers from inside your network? or do you man to not run things like OWA that
expose your company mail to the Internet?

David Lang

firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Re: Proxy advantage David Lang (Apr 30)
If you start with the premise that the only thing that's a firewall is a packet
filter, especially with deep packet inspection being optionsl, then you are
going to be in rather bad shape.

I have run a fairly large organization with proxy firewalls (800+ people, 100+
separate networks), it can be done. In some areas it bypasses whole classes of
problems.

Even for user desktops you can do it, but you need to get a good proxy, not just...

Re: firewall-wizards Digest, Vol 64, Issue 3 phishing David Lang (Apr 30)
Except with the "Cloud" you as an organization give up a lot of the tools that
have been used in the past to secure things.

Plus, you have the DevOps approach being misinterpreted by management to mean
"engineers can do everything, they can bypass those annoying ops and security
folks to get things done"

It's going to be an interesting few years as everyone learns that you still need
admins and security folks in the...

Re: Linked-in and its Phishing-like contacts option! lordchariot (Apr 30)
I have a lot of requests from customers to try to make the web read-only. The main use cases are for social network,
blogs/wikis, and commenting on posts. The fundamental ways to do this are to 1) have MITM SSL decryption, and 2) block
the POST method for specific sites. Most commercial proxies can do this and even squid does SSL MITM.

By blocking POST to certain categories of sites and only allowing the POST for the */logon pages, users can...

OpenBSD IPSEC VPN question David Lang (Apr 30)
I'm seeing some odd reports on the rsyslog mailing list where someone is climing
that when using an IPSEC VPN on OpenBSD they have to explicitly set the source
IP address for all connections out from the firewall (tunnel endpoint) or else
the connection won't go through the tunnel. The person reporting this is
proposing modifications to rsyslog to have it force the local IP address for
outbound connections as a work-around for this...

Web App Security — Provides insights on the unique challenges which make web applications notoriously hard to secure, as well as attack methods including SQL injection, cross-site scripting (XSS), cross-site request forgery, and more.

CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! Sławomir Jabs (May 17)
Everything has a story, everything evolves, adapts to changing circumstances
but does your IT Sec strategy evolve with the development of the digital
world?

Are you wiling to gamble on the security of you systems?

Join the upcoming CONFidence conference and meet both renown speakers and
specialists who deal with the IT security on a daily basis. People like,
you, who never stop asking questions and play with risks all the time...

We will...

RE: WASC Announcement: Static Analysis Technologies Evaluation Criteria Published Debasis Mohanty (May 17)
Good initiative! I feel one of the important element that is missing is the
"scoring mechanism". Based on what would you distinguish one product from
the other?

I created similar evaluation criteria nearly 7-8 years back for evaluating
SCA products using a QFD. That was the time I was introduced to 6-sigma and
thought a QFD is a best approach to have appropriate scoring for various
pilot parameters. However I never released it to the...

[HITB-Announce] HITB Magazine Issue 010 Hafez Kamal (May 14)
Hi everyone,

A small reminder that article submissions for HITB Magazine Issue 010
are due tomorrow (15th May 2013). If you're interested in submitting
please send your > 3000 word article to editorial () hackinthebox org

Topics of interest include, but are not limited to the following:

Next generation attacks and exploits
Apple / OS X security vulnerabilities
SS7/Backbone telephony networks
VoIP security
Data...

WASC Announcement: Static Analysis Technologies Evaluation Criteria Published announcements (May 11)
The Web Application Security Consortium (WASC) is pleased to announce the
Static Analysis Technologies Evaluation Criteria. The goal of the SATEC
project is to create a vendor-neutral set of criteria to help guide
application security professionals during the process of acquiring a
static code analysis technology that is intended to be used during
source-code driven security programs. This document provides a
comprehensive list of criteria that...

SpiderFoot 2.0 released Steve Micallef (May 06)
Hi everyone,

SpiderFoot is a free, open-source footprinting tool, enabling you to
perform various scans against a given domain name in order to obtain
information such as sub-domains, e-mail addresses, owned netblocks, web
server versions and so on. The main objective of SpiderFoot is to
automate the footprinting process to the greatest extent possible,
freeing up a penetration tester's time to focus their efforts on the
security...

[HITB-Announce] #HITB2013KUL Call for Papers Hafez Kamal (May 01)
Hi everyone - This is a Call for Papers for the 11th annual HITB
Security Conference in Malaysia, #HITB2013KUL which takes place on the
16th and 17th of October in Kuala Lumpur.

Keynote speakers for the conference will be Joe Sullivan (Chief Security
Officer, Facebook) and Andy Ellis (Chief Security Officer, Akamai)

We're looking for talks that are highly technical, but most importantly,
material which is new and cutting edge. Submissions...

Breakpoint 2013 Call For Papers cfp (May 01)
Breakpoint 2013 Call For Papers
Melbourne, Australia, October 24th-25th
Intercontinental Rialto
http://www.ruxconbreakpoint.com

.[x]. Introduction .[x].

The Ruxcon team is pleased to announce Call For Papers for Breakpoint 2013.

Breakpoint showcases the work of expert security researchers from around the
world on a wide range of topics. This conference is organised by the Ruxcon
team and offers a specialised security conference to...

Arachni v0.4.2 has been released (Open Source Web Application Security Scanner Framework) Tasos Laskos (Apr 29)
Hey folks,

This is just to let you know that there's a new version of Arachni.

Arachni is a modular and high-performance (Open Source) Web Application Security Scanner Framework written in Ruby.

The change-log is quite sizeable but the gist is:
* Brand new web interface -- allowing for team collaboration.
* Significant decreases in memory usage.
* Issue remarks – Providing extra context to logged issues.
* Improved payloads...

Administrivia - slow moderation this week Andrew van der Stock (Apr 28)
Hi all,

I'm going to be in Milan this week.

Not that there are many messages to moderate, but moderation will be
iffy / slow this next week, particularly during the bits where various
planes are flapping their wings and going "whoosh".

Normal moderation service will resume May 5.

thanks,
Andrew

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here -...

A survey on qunatifying severity of vulnerabilities in softwares Khalid Khan Afridi (Apr 18)
Hello!

I am currently performing my master thesis on the topic of quantifying the
severity of
software vulnerabilities.

As you have done significant work in this area, I would be glad if you
could spare a few
minutes of your time to answer a survey on the topic. It should not
require more than 15-20
minutes to complete.

The survey can be found at: http://secsurvey.ics.kth.se/index.php

Thank you for your attention!

Best Regards,
Khalid Khan...

Defcon DCG Kerala Information Security Meet 2013 Ajin Abraham (Apr 07)
Defcon DCG Kerala Information Security Meet 2013
=====================================
Defcon DCG Kerala (DC0497) is a Defcon USA registered group for
promoting and demonstrating research and development in the field of
Information Security. We are a group of Information Security
Enthusiasts actively interested in promoting information security.
Defcon Kerala Information Security Meet will be a platform for
security analysts, ethical hackers,...

c0c0n 2013 - Call For Papers and Call For Workshops c0c0n International Information Security Conference (Apr 06)
/ _ \ / _ \ |__ \ / _ \/_ |___ \
___| | | | ___| | | |_ __ ) | | | || | __) |
/ __| | | |/ __| | | | '_ \ / /| | | || ||__ <
| (__| |_| | (__| |_| | | | | / /_| |_| || |___) |
\___|\___/ \___|\___/|_| |_| |____|\___/ |_|____/

###################################################
c0c0n 2013 - Call For Papers and Call For Workshops
###################################################

August 22-24, 2013 -...

winAUTOPWN v3.4 Released - Completing 4 years !! QUAKER DOOMER (Mar 27)
Dear all,

This is to announce release of winAUTOPWN version 3.4.
Conceived and released in 2009, WINDOWS AUTOPWN grows strong completing its 4th year.
Visit: http://winautopwn.co.nr

++++++++++++++++++++
About winAUTOPWN:

winAUTOPWN is a unique exploit framework which aids in auto (hacking) / shell gaining as well as in exploiting
vulnerabilities to conduct Remote Command Execution, Remote File/Shell Upload, Remote File Inclusion and...

Unauthorized Access: Bypassing PHP strcmp() Danux (Mar 03)
Hope you enjoy it.

http://danuxx.blogspot.com/2013/03/unauthorized-access-bypassing-php-strcmp.html

NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France Jonathan Brossard (Feb 25)
*******************************************************************************

PARENTAL ADVISORY: 100% technical content
*******************************************************************************

+--------------------------------------------------------------+
= =
= NoSuchCon - CFP 2.0 =
=...

Daily Dave — This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

D2Sec's Elliot Dave Aitel (May 06)
http://www.d2sec.com/news/driving_d2_elliot_with_immunity_canvas.html

There's a lot of different kinds of exploits - and many people ignore
the web exploits that are not for Wordpress. This is usually a mistake
because, especially as we look at #OpUSA and #OpIsreal and the like, a
lot of people are running all sorts of web applications with all sorts
of esoteric web vulnerabilities on them. Which is why our close and
continuing friends over...

SyScan 2013 Dave Aitel (May 02)
It's really only after you finish writing a keynote that you know what
it's about. In a sense, everyone around you writes it with you as you
talk through it with people. The one I delivered at SyScan itself was
funnier. . . although even so, not very funny. Not everything is funny!
Even things that include Buffy.

"Things Buffy the Vampire Slayer Taught Me About CyberWar - SyScan 2013
Keynote)"...

Yet Another Java Security Warning Bypass Esteban Guillardoy (Apr 25)
Hi everyone!

I wrote a blog post about another Java Security Warning Bypass that
you may find interesting ;)

Just go to the Immunity blog and enjoy:
http://immunityproducts.blogspot.com/2013/04/yet-another-java-security-warning-bypass.html

Cheers
Esteban

Answering Lurene's Question Dave Aitel (Apr 21)
So the kids are in NY so I've gotten a full night's sleep for the first
time in about a while, and parts of my brain I didn't realize were
malfunctioning now have blood and oxygen and whatever soupy hormones
they need to start sparking back up. I'm working on my SyScan talk,
which is due next week, so I wanted to warm up by answering a question
for Lurene.

----

Imagine it's 2030 and we finally understand a few things...

Students teaching trainers Alex McGeorge (Apr 17)
Aloha list,

We do a lot of teaching at Immunity and it's something I think we've
gotten pretty good at over the years. Part of improving your teaching
offerings is doing some hard reflection on what did and didn't work for
the most recent class which is what we're in the process of doing for
web hacking right now. Most of those lessons only make sense from an
internal perspective but there are some things that other people...

Re: Linux Hangman Rules Michal Zalewski (Apr 17)
[lcamtuf () raccoon ~]$ gdb
(gdb) shell id
uid=500(lcamtuf) gid=500(lcamtuf) groups=100(users),500(lcamtuf)

Oh no!

/mz

Linux Hangman Rules Dave Aitel (Apr 17)
http://blog.ioactive.com/2013/04/can-gdbs-list-source-code-be-used-for.html

So reading the above blog is amusing for many reasons. But it did make a
lot of people sit around looking at the funniest games you could play on
modern Linux. For example, Linux Hangman.

Linux Hangman Rules
You take turns putting setuid root onto files in /usr/bin /usr/sbin/,
etc. and if your opponent can use that to get root, even via a
convoluted scenario, then you...

Re: Recent experiences with ZDI? Jim Manico (Apr 17)
Here is a pretty comprehensive list of bug bounty programs to help kick
start the conversation.

http://bugcrowd.com/list-of-bug-bounty-programs/

- Jim

Recent experiences with ZDI? patrick patrick (Apr 15)
Hi guys,

I haven´t had dealings with ZDI in years, but I´ve heard some rumors of
people getting screwed over by them recently.

Can somebody confirm or deny this?

Is there currently a safe&legal alternative to get rewarded for bughunting?

Thanks
P

Android Application (Dalvik) Memory Analysis & the Chuli Malware Joe Sylve (Apr 15)
Hello,

We wanted to take the opportunity to point you to a blog post which gives a
preview of some of the research we've been working on at 504ENSICS Labs in
the area of Android memory analysis. We think our results will be of great
interest to the DFIR community and look forward to your feed back.

The blog post can be found here:

http://www.504ensics.com/android-application-dalvik-memory-analysis-the-chuli-malware/

---
Joe T. Sylve,...

top game Dave Aitel (Mar 22)
In some parallel universe you can hear Yoda say to a younger Disciple,
"How are you going to control EIP if you can't even control your own anger?"

Perhaps not Yoda. Perhaps Halvar.

Regardless, if for whatever reason you wanted to hear more about
Brazilian Jiu Jitsu or INFILTRATE, then you can hit up the podcast I did
this morning with Ryan Naraine
here:...

Gifts Dave Aitel (Mar 21)
Angel <http://en.wikipedia.org/wiki/Angel_%28Buffyverse%29>: And
Buffy, be careful with this gift. A lot of things that seem strong
and good and powerful, they can be painful.
Buffy <http://en.wikipedia.org/wiki/Buffy_Summers>: Like, say...
immortality?
Angel: Exactly. I'm dying to get rid of that.

We put the 32 bit (or we will shortly) version of the PTRACE exploit
into CANVAS Early Updates. I know there...

Re: RSA Shawn (Mar 21)
I putted these slides into one tar file:
http://hfg-resources.googlecode.com/files/RSA-US-2013.tar.bz2

"Seeing is believing" Dave Aitel (Mar 19)
So a while back I asked what the point of PWN2OWN was, and Mark Dowd
said that of course many people have never SEEN a modern exploit, and
hence it has some strategic value. I think for Google it's also useful
to see what new bugclasses exist in their products that people have not
otherwise publicly told them about, as well. The main bugclass is being
arrogant enough to believe they can write something memory safe in C++,
but we'll get...

Re: The Truth of TrueType Justin Seitz (Mar 11)
Sometimes Dave fails at pasting things, that's why the rest of us are here:

http://immunityproducts.blogspot.com.ar/2013/03/infiltrate-preview-truetype-font.html

PaulDotCom — General discussion of security news, research, vulnerabilities, and the PaulDotCom Security Weekly podcast.

SQL cheat sheat Philip Green (May 19)
Hello PaulDotCom mailing list!

I have a group of programmers working on a site and really, I know more
about breaking into stuff than defending.

What do you guys think the most important thing(s) to tell programmers when
they are coding a database to try and prevent SQL injection
attacks occurring?

Any website links would really help as well.

Thanks in advance.

Philip Andrei Green
=)

Re: Little Snitch Mike Perez (May 16)
I believe that if you look at the "default" rules, UDP is set to be
allowed.

Check your default ruleset.

Mike

Sent from my Windows Phone
------------------------------
From: Carlos Perez <carlos_perez () darkoperator com>
Sent: ‎5/‎16/‎2013 10:17
To: PaulDotCom Security Weekly Mailing List <pauldotcom () mail pauldotcom com>
Subject: Re: [Pauldotcom] Little Snitch

Tuns out the payload was using the local...

Re: Little Snitch Carlos Perez (May 16)
Tuns out the payload was using the local resolver and does bypassing little snitch

Re: Little Snitch Carlos Perez (May 16)
One interesting thing UDP traffic does not get flagged only TCP just noticed it testing some python scripts

Re: Derbycon on Roku Kory Kyzar (May 15)
I'm not actually affiliated with the Derbycon guys, just a big fan of what
they have accomplished. Adrian and the guys have done all the heavy
lifting, we just threw some XML together to access it.

I'm with you on enjoying the ease of access that the Roku channel provides
though. It's great to grab a cold drink and kick your feet up and take a
talk or two in at the end of the day.

Re: Derbycon on Roku David Maynor (May 15)
I love that you have a channel. I wish other confs would follow suit. The coolness of having the content right at your
fingers tips is awesome.

Norfolk, VA Infosec Meetup - OrfSec James Philput (May 14)
Hello,
For those who are both interested, and in the general vicinity of Norfolk, VA, I'd like to announce a somewhat
new informal infosec meetup. OrfSec takes place at a local bar on the third Thursday of each month. It's intended as
an infosec event, but all geeks are welcome. The next one is set for this Thursday, 8pm at Cogan's on Colonial Ave. in
Norfolk.

James

Derbycon on Roku Kory Kyzar (May 14)
Just a heads up for anyone else that watched the Derbycon talks via the
Roku. We've finally got the channel updated with days 2, 3, and the stable
talks from last year.

-Kory

Re: Little Snitch Anastasios Monachos (May 14)
Personally +1 for LS, other alternative "Hands off"

Re: user enumeration through RDP Robin Wood (May 13)
That looks like an interesting approach. With a bit of effort you could
auto-crop the images to reduce the amount you would need to OCR to reduce
anything on the wallpaper being detected.

Robin

Re: iptables rules to simulate Null, Fin and Xmas responses Robin Wood (May 13)
will require students to use Null, Fin or Xmas nmap scans to identify
ports. Does anyone know how to set up iptables rules to simulate these?

Re: Little Snitch Mike Perez (May 13)
Thanks everyone for the replies. I am using the latest version, and
becoming more paranoid by the minute! ;)

Re: iptables rules to simulate Null, Fin and Xmas responses Matthew Schwartz (May 13)
If your looking for IPtables rules that can detect these types of scan can looking at lines 134-161,
https://bitbucket.org/schwartz1375/firewall/src/8aa2f7713b16b70abf5b49e259cbedd0da5bc5e9/firewall?at=master

V/r

Matthew

Re: iptables rules to simulate Null, Fin and Xmas responses Matthew Schwartz (May 13)
Do you mean Iptable rules to detect Null, Fin or Xmas nmap scans?

Matthew

iptables rules to simulate Null, Fin and Xmas responses Robin Wood (May 12)
Hi
As part of the lab I'm building I'd like to create some machines which will
require students to use Null, Fin or Xmas nmap scans to identify ports.
Does anyone know how to set up iptables rules to simulate these?

Robin

Microsoft Sec Notification — Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products—note how most have a prominent and often-misleading "mitigating factors" section.

Microsoft Security Bulletin Minor Revisions Microsoft (May 16)
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: May 15, 2013
********************************************************************

Summary
=======
The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS13-045

Bulletin Information:
=====================

* MS13-045 - Important

-...

Microsoft Security Advisory Notification Microsoft (May 14)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: May 14, 2013
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Microsoft Security Advisory (2846338)
- Title: Vulnerability in Microsoft Malware Protection Engine
Could Allow Remote Code Execution
-...

Microsoft Security Bulletin Minor Revisions Microsoft (May 14)
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: May 14, 2013
********************************************************************

Summary
=======
The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS13-009

Bulletin Information:
=====================

* MS13-009 - Critical

-...

Microsoft Security Bulletin Summary for May 2013 Microsoft (May 14)
********************************************************************
Microsoft Security Bulletin Summary for May 2013
Issued: May 14, 2013
********************************************************************

This bulletin summary lists security bulletins released for
May 2013.

The full version of the Microsoft Security Bulletin Summary for
May 2013 can be found at
http://technet.microsoft.com/security/bulletin/ms13-may.

With the release of...

Microsoft Security Bulletin Advance Notification for May 2013 Microsoft (May 09)
********************************************************************
Microsoft Security Bulletin Advance Notification for May 2013
Issued: May 9, 2013
********************************************************************

This is an advance notification of security bulletins that
Microsoft is intending to release on May 14, 2013.

The full version of the Microsoft Security Bulletin Advance
Notification for May 2013 can be found at...

Microsoft Security Advisory Notification Microsoft (May 08)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: May 8, 2013
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Microsoft Security Advisory (2847140)
- Title: Vulnerability in Internet Explorer Could Allow
Remote Code Execution
-...

Microsoft Security Advisory Notification Microsoft (May 04)
********************************************************************
Title: Microsoft Security Advisory Notification
Issued: May 3, 2013
********************************************************************

Security Advisories Updated or Released Today
==============================================

* Microsoft Security Advisory (2847140)
- Title: Vulnerability in Internet Explorer Could Allow
Remote Code Execution
-...

Microsoft Security Bulletin Minor Revisions Microsoft (Apr 26)
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: April 26, 2013
********************************************************************

Summary
=======
The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS12-043

Bulletin Information:
=====================

* MS12-043 - Critical

-...

Microsoft Security Bulletin Minor Revisions Microsoft (Apr 24)
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: April 24, 2013
********************************************************************

Summary
=======
The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS13-028
* MS13-031
* MS13-036
* MS13-APR

Bulletin Information:
=====================

*...

Microsoft Security Bulletin Re-Releases Microsoft (Apr 23)
********************************************************************
Title: Microsoft Security Bulletin Re-Releases
Issued: April 23, 2013
********************************************************************

Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.

* MS13-036 - Important
* MS13-apr

Bulletin Information:
=====================

* MS13-036 -...

Microsoft Security Bulletin Minor Revisions Microsoft (Apr 18)
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: April 17, 2013
********************************************************************

Summary
=======
The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS13-036

Bulletin Information:
=====================

* MS13-036 - Important

-...

Microsoft Security Bulletin Minor Revisions Microsoft (Apr 16)
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: April 16, 2013
********************************************************************

Summary
=======
The following bulletins have undergone minor revision increments.
Please see the bulletins for more details.

* MS13-034

Bulletin Information:
=====================

* MS13-034 - Important

-...

Microsoft Security Bulletin Summary for April 2013 Microsoft (Apr 09)
********************************************************************
Microsoft Security Bulletin Summary for April 2013
Issued: April 9, 2013
********************************************************************

This bulletin summary lists security bulletins released for
April 2013.

The full version of the Microsoft Security Bulletin Summary for
April 2013 can be found at
http://technet.microsoft.com/security/bulletin/ms13-apr.

With the...

Microsoft Security Bulletin Advance Notification for April 2013 Microsoft (Apr 04)
********************************************************************
Microsoft Security Bulletin Advance Notification for April 2013
Issued: April 4, 2013
********************************************************************

This is an advance notification of security bulletins that
Microsoft is intending to release on April 9, 2013.

The full version of the Microsoft Security Bulletin Advance
Notification for April 2013 can be found at...

Microsoft Security Bulletin Minor Revisions Microsoft (Apr 03)
********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: April 3, 2013
********************************************************************

Summary
=======
The following bulletins have undergone minor revision increments.
Please see the bulletin for more details.

* MS13-007
* MS13-022

Bulletin Information:
=====================

* MS13-007 - Important

-...

Funsec — While most security lists ban off-topic discussion, Funsec is a haven for free community discussion and enjoyment of the lighter, more humorous side of the security community

OT: Attorney General Eric Holder on 'Too Big to Jail' Jeffrey Walton (May 18)
http://www.americanbanker.com/issues/178_45/transcript-attorney-general-eric-holder-on-too-big-to-jail-1057295-1.html

The following is a transcript of Attorney General Eric Holder's
remarks before the Senate Judiciary Committee, in which he discusses
the idea that some banks are 'Too Big to Jail.'

Sen. Chuck Grassley, R-Iowa: In the case of bank prosecution. I'm
concerned we have a mentality of 'too big to jail' in...

Re: [funsec] Skype with care â€“ Microsof t is reading everything you write Jeffrey Walton (May 17)
That's not really practical in many cases. What do consumers have when
all carriers and handset manufacturers do it? Its certainly not
choice.

All are likely doing it to some degree or another. Again, no choice.

Monopolistic policy and practice in industry used to be kept in check.
Case studies include the steel, railroad, and oil barons. For the old
steel, railroad, and oil barons, the interesting thing (in my opinion)
was why it...

Re: Skype with care â€“ Microsof t is reading everything you write Blanchard, Michael (InfoSec) (May 17)
There is always a clause in ALL of those ELUA's stating that they can change at anytime, without notice usually too.
Your only recourse is to stop using the product if you don’t like the EULA. Sucks yes, but until a better product
comes along that is as widely adopted, well, we're stuck.... Who's to say what Apple is doing with Facetime?

Those folks that complain about "evil empires" are the cause of their own...

Re: [funsec] Skype with care â€“ Microsof t is reading everything you write Jeffrey Walton (May 17)
In the US, they call those "Material Adverse Change" (MACs).

Its a bitch we have to accept those adverse changes just to get bug
fixes and security patches for defective products. It seems like
illegal tying to me, and I wonder why the FTC has not stepped in. In
the US, politicians are bought and sold like trading cards, so I don't
expect it to change anytime soon.

Jeff

Re: [funsec] Skype with care â Microsoft is re ading everything you write Rob, grandpa of Ryan, Trevor, Devon & Hannah (May 17)
As it happens, I'm currently reviewing an intriguing book ("Boilerplate") that
addresses all kinds of issues around "agreements" and consent. Particularly for
those of us who joined Skype before MS bought it, and therefore "agreed" to a
very different set of rules ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca slade () victoria tc ca rslade ()...

Re: Skype with care Joel Esler (May 17)
Skype is a free tool.

You get, what you pay for. Same with Google and their products, etc.

Re: Skype with care Jeffrey Walton (May 16)
Nice, but I don't agree with some of Bott's conclusions. Especially
the one made about visiting a site/fetching a header. If its just host
reputation, all the reputation service needs is the URL, without the
need to visit the host.

Do you think a M$ engineer tossed us a bread crumb to let us know the
degree of invasion? Why else take the risk of leaking interception
results like this originating from encrypted traffic that users expect...

Re: Skype with care Juha-Matti Laurio (May 16)
A different point of view also:

http://www.zdnet.com/is-microsoft-reading-your-skype-instant-messages-7000015388/

Juha-Matti

Jeffrey Walton [noloader () gmail com] kirjoitti:

Re: [funsec] Skype with care – Microsoft is reading everything you write Jeffrey Walton (May 16)
A couple of follow ups on this....

"Skype backdoor confirmation,"
http://lists.randombit.net/pipermail/cryptography/2013-May/004224.html

and

"All Your Skype Are Belong To Us,"
http://financialcryptography.com/mt/archives/001430.html

They're not even trying any more Rich Kulawiec (May 16)
Domains registered by the Discovery Channel yesterday:

19kidsandcounting.net
40yearchildanewcase.com
40yearchildanewcase.net
7littlejohnstons.com
7littlejohnstons.net
900poundmantheraceagainsttime.com
900poundmantheraceagainsttime.net
alaskathelastfrontier.net
americasworsttattoos.net
amishmafia.net
backyardoil.net
beringseagoldundertheice.net...

Skype with care – Microsoft is reading everything you write Jeffrey Walton (May 16)
(Thanks to KW in a private email).

http://www.h-online.com/security/news/item/Skype-with-care-Microsoft-is-reading-everything-you-write-1862870.html

Anyone who uses Skype has consented to the company reading everything
they write. The H's associates in Germany at heise Security have now
discovered that the Microsoft subsidiary does in fact make use of this
privilege in practice. Shortly after sending HTTPS URLs over the
instant messaging...

Private drone spying ... Rob, grandpa of Ryan, Trevor, Devon & Hannah (May 14)
OK, get out your legal arguments: privately-owned "peeping tom" drones are now
in use ...

http://www.theatlantic.com/technology/archive/2013/05/so-this-is-how-it-begins-
guy-refuses-to-stop-drone-spying-on-seattle-woman/275769/

or

http://is.gd/CWnpGJ

====================== (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org
Hardware has grown following...

[HITB-Announce] HITB Magazine Issue 010 Hafez Kamal (May 14)
Hi everyone,

A small reminder that article submissions for HITB Magazine Issue 010
are due tomorrow (15th May 2013). If you're interested in submitting
please send your > 3000 word article to editorial () hackinthebox org

Topics of interest include, but are not limited to the following:

Next generation attacks and exploits
Apple / OS X security vulnerabilities
SS7/Backbone telephony networks
VoIP security
Data...

Re: Risk analysis Rich Kulawiec (May 14)
"Red Dawn" is a movie (well, alright, two movies) (two BAD movies),
not a blueprint for successful insurrection. In the real world, the
annoyances known as the "Wolverines" would be promptly and
easily exterminated.

(Two REALLY bad movies, jebus, didn't anybody in the room have the nerve
to point out that remaking worthless drivel three decades later was highly
likely to result in far more expensive worthless drivel?)...

For tech dinosaurs ... Rob, grandpa of Ryan, Trevor, Devon & Hannah (May 14)
A bunch of old tech going up for auction:
http://www.bbc.co.uk/news/technology-22510800

(Including an Enigma :-)

====================== (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org
You can observe a lot by just watching. - Yogi Berra
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links...

CERT Advisories — The Computer Emergency Response Team has been responding to security incidents and sharing vulnerability information since the Morris Worm hit in 1986. This archive combines their technical security alerts, tips, and current activity lists.

Alert - Upcoming Mail Delivery Changes US-CERT Alerts (May 10)
National Cyber Awareness System
US-CERT Alert - Upcoming Mail Delivery Changes

Thank you for being a subscriber to our US-CERT Alerts product. We
are striving to keep our capabilities at the leading edge of
communication. You may have noticed we've redesigned and upgraded our
website recently and as a part of that process, on May 14th, we are
migrating to GovDelivery as our email subscription service. As a
current subscriber you will...

Current Activity - Upcoming Mail Delivery Changes Current Activity (May 10)
National Cyber Awareness System

Thank you for being a subscriber to our US-CERT Current Activity
product. We are striving to keep our capabilities at the leading edge
of communication. You may have noticed we've redesigned and upgraded
our website recently and as a part of that process, on May 14th, we
are migrating to GovDelivery as our email subscription service. As a
current subscriber you will need to do nothing. You will notice a...

Current Activity - Microsoft Releases Advance Notification for May 2013 Security Bulletin Current Activity (May 09)
National Cyber Awareness System
Microsoft Releases Advance Notification for May 2013 Security Bulletin

Original release date: May 09, 2013

Microsoft has issued a Security Bulletin Advanced Notification
indicating that its May release will contain 10 bulletins. These
bulletins will have the severity rating of critical and important and
will be for Microsoft Windows, Office, Internet Explorer, .NET
Framework, Lync, and Windows Essentials. These...

Current Activity - Adobe Releases Security Advisory for ColdFusion Current Activity (May 09)
National Cyber Awareness System
Adobe Releases Security Advisory for ColdFusion

Original release date: May 09, 2013

Adobe has identified a critical vulnerability affecting ColdFusion 10,
9.0.2, 9.0.1, 9.0, and earlier versions for Windows, Macintosh, and
UNIX. This vulnerability (CVE-2013-3336) could permit an unauthorized
user to remotely retrieve files stored on a server. There are reports
that an exploit of this vulnerability is publicly...

Current Activity - Microsoft Releases Security Advisory for Internet Explorer Current Activity (May 07)
National Cyber Awareness System
Microsoft Releases Security Advisory for Internet Explorer

Original release date: May 07, 2013

Microsoft is investigating public reports of a remote code execution
vulnerability in Internet Explorer 8 and is aware of attacks that
attempt to exploit this vulnerability. This vulnerability may allow an
attacker to execute arbitrary code if a user accesses a specially
crafted website. Microsoft is actively working...

Current Activity - Cisco Releases Security Advisories Current Activity (Apr 25)
National Cyber Awareness System
Cisco Releases Security Advisories

Original release date: April 25, 2013

Cisco has released three security advisories to address vulnerabilities
affecting Cisco NX-OS-based products, Cisco Device Manager, and Cisco
Unified Computing System. These vulnerabilities may allow an attacker to
bypass authentication controls, execute arbitrary code, obtain sensitive
information, or cause a denial-of-service condition....

Current Activity - Apple Releases Security Updates for Safari Current Activity (Apr 18)
National Cyber Awareness System
Apple Releases Security Updates for Safari

Original release date: April 18, 2013

Apple has released security updates for Safari 6.0.4 WebKit to address
multiple vulnerabilities. These vulnerabilities could allow a remote
attacker to execute arbitrary code or cause a denial-of-service
condition.

Safari 6.0.4 WebKit updates are available for the following versions:
* OS X Lion v10.7.5
* OS X Lion Server v10.7.5...

Alert TA13-107A: Oracle has released multiple updates for Java SE US-CERT Alerts (Apr 18)
National Cyber Awareness System
TA13-107A: Oracle has released multiple updates for Java SE

Original release date: April 17, 2013

Systems Affected

* JDK and JRE 7 Update 17 and earlier
* JDK and JRE 6 Update 43 and earlier
* JDK and JRE 5.0 Update 41 and earlier
* JavaFX 2.2.7 and earlier

Overview

Oracle has released a Critical Patch Update (CPU) for Java SE. Oracle
strongly recommends that customers apply CPU fixes as soon as possible....

Current Activity - Scams Exploiting Boston Marathon Explosion Current Activity (Apr 17)
National Cyber Awareness System
Scams Exploiting Boston Marathon Explosion

Original release date: April 17, 2013

Malicious actors are exploiting the April 15 explosions at the Boston
Marathon in attempts to collect money intended for charities and to
spread malicious code. Fake websites and social networking accounts have
been set up to take advantage of those interested in learning more
details about the explosions or looking to contribute to...

Current Activity - Malicious Actors May Take Advantage of Boston Marathon Explosion Current Activity (Apr 17)
National Cyber Awareness System
Malicious Actors May Take Advantage of Boston Marathon Explosion

Original release date: April 17, 2013

Historically, scammers, spammers, and other malicious actors capitalize
on major news events by registering domain names related to the events.
Malicious actors may attempt to exploit the April 15, 2013 explosions at
the Boston Marathon in this way. Some may use fake domains to take
advantage of those interested...

Current Activity - Oracle Releases April 2013 Security Advisory Current Activity (Apr 17)
National Cyber Awareness System
Oracle Releases April 2013 Security Advisory

Original release date: April 17, 2013

Oracle has released its Critical Patch Update for April 2013 to address
128 vulnerabilities across multiple products. This update contains the
following security fixes:
* 4 for Oracle Database Server
* 29 for Oracle Fusion Middleware
* 6 for Oracle E-Business Suite
* 3 for Oracle Supply Chain Products Suite
* 11 for Oracle...

Current Activity - WordPress Sites Targeted by Mass Brute-force Botnet Attack Current Activity (Apr 15)
National Cyber Awareness System
WordPress Sites Targeted by Mass Brute-force Botnet Attack

Original release date: April 15, 2013

US-CERT is aware of an ongoing campaign targeting the content management
software WordPress, a free and open source blogging tool and web
publishing platform based on PHP and MySQL. All hosting providers
offering WordPress for web content management are potentially targets.
Hackers reportedly are utilizing over 90,000...

Current Activity - Microsoft Releases April 2013 Security Bulletin Current Activity (Apr 09)
National Cyber Awareness System
Microsoft Releases April 2013 Security Bulletin

Original release date: April 04, 2013 | Last revised: April 09, 2013

Microsoft has released updates to address vulnerabilities in Microsoft
Windows, Office, Internet Explorer, Server Software, and Security
Software as part of the Microsoft Security Bulletin summary for April
2013. These vulnerabilities could allow remote code execution, elevation
of privilege,...

Current Activity - Microsoft Releases Advance Notification for April 2013 Security Bulletin Current Activity (Apr 04)
National Cyber Awareness System
Microsoft Releases Advance Notification for April 2013 Security Bulletin

Original release date: April 04, 2013

Microsoft has issued a Security Bulletin Advance Notification indicating
that its April release will contain nine bulletins. These bulletins will
have the severity rating of critical and important and will be for
Microsoft Windows, Office, Internet Explorer, Server Software, and
Security Software. These...

Current Activity - Mozilla Releases Multiple Updates Current Activity (Apr 03)
National Cyber Awareness System
Mozilla Releases Multiple Updates

Original release date: April 03, 2013

The Mozilla Foundation has released updates to address multiple
vulnerabilities. These vulnerabilities could allow an attacker to
initiate a cross-site scripting attack or obtain sensitive information,
enable privilege escalation or execute arbitrary code, or cause a
denial-of-service condition.

Updates to the following products are...

Open Source Security — Discussion of security flaws, concepts, and practices in the Open Source community

Re: plone, rrdtool, zenoss bugs Henri Salo (May 19)
Tested Debian wheezy packages:

python-rrdtool 1.4.7-2
python2.7 2.7.3-6

Backtrace attached. Might affect other software too.
Debian bug: http://bugs.debian.org/708866

---
Henri Salo
(gdb) run -c "import rrdtool;rrdtool.graph('/tmp=/out.png','-f','%n%n')"
Starting program: /usr/bin/python2.7 -c "import rrdtool;rrdtool.graph('/tmp=/out.png','-f','%n%n')"
[Thread...

Re: Re: CVE Request: DoS in OpenSMTPD TLS Support Gilles Chehade (May 19)
Yes, that would have been much nicer.

We discovered the CVE request at the same time as everyone, on two
public lists along with a script that allows any kiddie to trigger
it... sent by a package maintainer we had talked to minutes ago to
explain the issue and who knew the fix release was two days away.

Anyway, what's done is done, we released earlier, hopefully we get
a bit more coordination next time.

Hopefully, we don't need too...

Re: Re: CVE Request: DoS in OpenSMTPD TLS Support Kurt Seifried (May 19)
For future reference you can get CVEs privately, although if you're
not the official upstream this means there is a greater chance of
duplicates (and thus of me saying "no, make a public request). So if
you want to do this a possible compromise is to email me and the
upstream and if upstream replies that it's ok then I'd probably go ahead.

Agreed, generally with public source code commits fixing an issue we
consider it public...

More zPanel security flaws? Trying to sort them out Kurt Seifried (May 19)
So the head of the zPanel project "ballen" ("Bobby Allen" according to
Google) reports:

http://forums.zpanelcp.com/showthread.php?27608-ZPanelCP-Server-has-not-been-compromised

======
4) Security issues raised
The security issues mentioned in the following article
(http://imgur.com/a/lzRuo) are already fixed, however we are a short
way off being able to release the new version. All known security
vulnerabilities have been...

Re: CVE Request: DoS in OpenSMTPD TLS Support Jason A. Donenfeld (May 19)
Sorry about that. I was in the midst of bumping packages in gentoo to
the snapshot where you had fixed the issue, when I figured it might be
wise to also get the issue tracked with a CVE asap. Sorry for jumping
the gun.

The quote was "I haven't looked into why this happens or if memory
corruption / code execution is a possibility, but at the very least,
it's a nasty DoS."

Which is why I figured it was already a public issue,...

Re: Re: CVE Request: DoS in OpenSMTPD TLS Support Kurt Seifried (May 18)
A snapshot has been posted to http://www.opensmtpd.org/archives/ , but

Please use CVE-2013-2125 for this issue.

Re: CVE request: WordPress plugin wp-cleanfix CSRF Kurt Seifried (May 18)
Ok this is a slightly messy one. Normally yes, WP admin can modify the
site and thus execute arbitrary PHP, so a remote flaw that allows php
command execution only for admin would be a security flaw (e.g. worth
of hardening) but not typically a security vulnerability (e.g. worthy
of a CVE and full security treatment).

However in this case it is exploitable, the CSRF provides a vector for
exploitation. So it's gets a separate CVE.

So please...

Re: Multiple vulnerabilities in PHP Address Book v8.2.5 Henri Salo (May 18)
As far as I can tell - yes.

---
Henri Salo

Re: CVE Request: DoS in OpenSMTPD TLS Support Gilles Chehade (May 18)
Erf...

Not too nice to send a CVE request without ANY coordination with us ...

Just for the record, you contacted us today reporting a bug which could
be memory corruption and you didn't know if it could be exploited. Then
I replied telling you that we discovered and fixed the bug two days ago
and I then explained to you what the bug really was (wrong logic in the
IO events handling code in our SSL layer). I then told you that we made...

CVE Request: DoS in OpenSMTPD TLS Support Jason A. Donenfeld (May 18)
Hi Kurt,

The SSL handling in the latest OpenSMTPD (5.3.1) misconfigures its
sockets in blocking mode, allowing an attacker to prevent all mail
delivery simply by holding a socket open.

I discovered this accidentally, as I noticed my HP printer's smtp
client would keep the connection indefinitely open after an
unsuccessful authentication attempt, causing no more mail to be
delivered until I SIGKILL'd my smtpd process or unplugged my...

Re: CVE request: WordPress plugin wp-cleanfix CSRF Henri Salo (May 18)
File wpCleanFixAjax.php contains:

30 $command = strip_tags( $_POST['command'] );
31 eval ( $command );

and there is:

12 if ( is_admin() && _wpdk_is_ajax() ) {

So it only work when logged in administrator. This is not a security
vulnerability as is, because WordPress administrator can upload/edit PHP as she
or he likes.

There is a CSRF vulnerability, which can be used to execute arbitrary PHP.

POST...

Re: CVE Request: WebAuth: Authentication credential disclosure Kurt Seifried (May 18)
Yeah in this case I'm definitely going count a 4 month window as "made
available" =). Please use CVE-2013-2106 for this issue. With any luck
now all the standard scanners like Nessus will add a test and anyone
vulnerable will find out asap.

Re: CVE Request: WebAuth: Authentication credential disclosure Russ Allbery (May 18)
Kurt Seifried <kseifried () redhat com> writes:

Yes, via http://webauth.stanford.edu/ as well as via my personal web site.
I did issue an advisory (to webauth-announce () lists stanford edu). There
were six announced (distributed, tagged, etc.) releases that had this
vulnerability.

WebAuth is moderately well-used; it's not as popular as some of the other
web single sign-on systems, but it's been distributed with Debian and...

Re: Show In Browser 0.0.3 Ruby Gem /tmp file injection vulnerability Kurt Seifried (May 18)
Please use CVE-2013-2105 for this issue.

Re: CVE Request: WebAuth: Authentication credential disclosure Kurt Seifried (May 18)
WebAuth 4.4.1 was changed to use a persistent CGI::Application object

I did a Google search, there appear to be other
universities/organizations using WebAuth, was the vulnerable version
made generally available (e.g. on an ftp site or whatever?).

Secure Coding — The Secure Coding list (SC-L) is an open forum for the discussion on developing secure applications. It is moderated by the authors of Secure Coding: Principles and Practices.

SearchSecurity: BSIMM4 Gary McGraw (May 11)
hi sc-l,

Sammy Migues, Jacob West and I wrote an introductory article about BSIMM4 for SearchSecurity. It was just posted on
SearchSecurity: http://bit.ly/11qlIBi
(or http://searchsecurity.techtarget.com/feature/BSIMM4-measures-and-advances-secure-application-development)

This article provides a great way to get up to speed on the BSIMM project in its BSIMM4 instantiation. The BSIMM
Community is expanding rapidly, and we're looking...

Ruxcon 2013 Call For Papers cfp (May 08)
Ruxcon 2013 Call For Presentations
Melbourne, Australia, October 26th-27th
CQ Function Centre
http://www.ruxcon.org.au/call-for-papers/

The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon 2013.

This year the conference will take place over the weekend of the 26th and 27th
of October at the CQ Function Centre, Melbourne, Australia.

.[x]. About Ruxcon .[x].

Ruxcon is ia premier technical computer security conference...

Silver Bullet 85:Mobile Security with Jim Routh and Scott Matsumoto Gary McGraw (May 03)
hi sc-l,

Is mobile security a brand new day or the same old same old? The answer depends on how you look at the problem. If
you are a practitioner in the trenches, there are many new and interesting shiny bits to mobile security. If you are a
security veteran, things look very familiar. In this episode of Silver Bullet, Jim Routh, Scott Matsumoto and I take
on the Necker Cube of mobile security. Jim Routh is the ultimate security...

CFP: Workshop on Risk Perception in IT Security and Privacy Larry Koved (May 03)
Workshop on Risk Perception in IT Security and Privacy

A workshop of the Symposium On Usable Privacy and Security (SOUPS)
http://cups.cs.cmu.edu/soups/2013/

For full details, please see: http://cups.cs.cmu.edu/soups/2013/risk.html

This workshop is an opportunity to bring together researchers and
practitioners to share experiences, concerns and ideas about how to
address the gap between user perception of IT risks and security /...

W2SP 2013 - Web 2.0 Security and Privacy workshop - call for participation Larry Koved (May 03)
Only three weeks until the workshop.

Call for participation!

The workshop and program chairs invite you to participate in the 7th W2SP
workshop.

The goal of this one-day workshop is to bring together researchers and
practitioners from academia and industry to focus on understanding Web
security and privacy issues, and to establish new collaborations in these
areas.

The list of this year's accepted papers / presentations can be found...

MoST 2013 - Mobile Security and Technology workshop - call for participation Larry Koved (May 03)
Three weeks until the workshop.

Call for participation!

The workshop and program chairs invite you to participate in the 2nd MoST
workshop.

Mobile Security Technologies (MoST) brings together researchers,
practitioners, policy makers, and hardware and software developers of
mobile systems to explore the latest understanding and advances in the
security and privacy for mobile devices, applications, and systems.

The list of this year's...

Breakpoint 2013 Call For Papers cfp (May 01)
Breakpoint 2013 Call For Papers
Melbourne, Australia, October 24th-25th
Intercontinental Rialto
http://www.ruxconbreakpoint.com

.[x]. Introduction .[x].

The Ruxcon team is pleased to announce Call For Papers for Breakpoint 2013.

Breakpoint showcases the work of expert security researchers from around the
world on a wide range of topics. This conference is organised by the Ruxcon
team and offers a specialised security conference to...

Re: BSIMM Diagrams Craig Heath (Apr 23)
Thanks Ivan! Unfortunately I wasn't able to look at this straight away,
and when I go to the link now I get "ME-ERR-002 Sorry, we couldn't find the
page you were looking for."

Would you be able to put it up again?

Cheers!

- Craig.

Comparing a firm's BSIMM measurement against a benchmark Iván Arce (Apr 20)
Hello

I've updated the BSIMM visualizations I posted about yesterday.

Here are two sample visualizations to compare a firm's measurement
against a benchmark ("Earth").

The first one uses the size of the boxes to indicate how prevalent is
the activity (percentage of firms where the activity was observed) and
color to indicate that the activity was observed at the firm.

http://www-958.ibm.com/v/298285

In the second treemap...

Re: BSIMM Diagrams Daniel Halber (Apr 19)
Thanks for sharing Ivan,
However, java in the browser is not acceptable, so could you please find
another way to share the visualization tool please?
This may not be an easy request to fulfill since I would not launch any
executable code (java or otherwise), without a minimal level of assurance...

Best regards,

Daniel Halber
daniel.halber () gmail com

------------------------------
*From*: Iván Arce <ivan.w.arce () gmail com>
*Date*:...

Re: BSIMM Diagrams Iván Arce (Apr 19)
oh I forgot to mention. The treemap example sent previously isn't useful
for comparison against a benchmark. It is useful for comparing a firm's
score against the overall model with finer granularity that a radial
graph but less detail than a Sammy Migues' "equalizer graph".

I'm working on a treemap useful for comparing against a benchmark.

-ivan

Re: BSIMM Diagrams Iván Arce (Apr 18)
Here's a treemap visualization of the same BSIMM measurement from Craig
Heath's blogpost.

http://www-958.ibm.com/v/297862

The ordering I've found most useful is Domain->Maturity Level->Practice
with the area of rectangular boxes based on the total coun tof
activities in each (practice,level) combination and coloring based on
count of observed activities. Level->domin-Practice seems useful too.
The data file I used is...

Dennis Fisher: How I Got Here podcast series Gary McGraw (Apr 17)
hi sc-l,

I just recorded a "How I Got Here" podcast with Dennis Fisher. I absolutely love the format. Lots of stuff about why
I think the way I do. And lots of stuff about software security (of course). Hope you like it!

http://threatpost.com/en_us/blogs/how-i-got-here-gary-mcgraw-041513
or
http://bit.ly/ZWFFI2

Your feedback is always welcome.

gem

company www.cigital.com
podcast www.cigital.com/silverbullet
blog...

W2SP 2013 - Web 2.0 Security and Privacy workshop Larry Koved (Apr 12)
Call for participation!

The workshop and program chairs invite you to participate in the 7th W2SP
workshop.

The goal of this one-day workshop is to bring together researchers and
practitioners from academia and industry to focus on understanding Web
security and privacy issues, and to establish new collaborations in these
areas.

The list of this year's accepted papers / presentations can be found on
the workshop home page:...

MoST 2013 - Mobile Security and Technology workshop Larry Koved (Apr 12)
Call for participation!

The workshop and program chairs invite you to participate in the 2nd MoST
workshop.

Mobile Security Technologies (MoST) brings together researchers,
practitioners, policy makers, and hardware and software developers of
mobile systems to explore the latest understanding and advances in the
security and privacy for mobile devices, applications, and systems.

The list of this year's accepted papers / presentations...

Educause Security Discussion — Securing networks and computers in an academic environment.

Re: Question About Password Resets Schumacher, Adam J. (May 17)
We have two mechanisms in place. One is a two-factor online reset process. When a person activates their account,
they must provide answers to security questions as well as either an external email or cell phone number to which we
send a reset code. Once they've answered the questions and entered the code, they can set a new password.

The other mechanism is for individuals who either can't remember the answers to their questions,...

Re: Palo Alto Firewall and Sorenson VP 200 (Video Phones) Peter Setlak (May 17)
Harry,

We use PA 5050's on our edge. We do not use Sorenson video phones. However,
we did experience an issue with Jumbo Frames with a device on our network.
Are the video phones wired? Are they on 1Gb or 100Mb ports? Try 100Mb and
see if that fixes the issue. There are also settings on the FW to allow
jumbo frames (which we did not adjust as we're hesitant to change the
entire edge for one device). Otherwise, are the video phones...

Palo Alto Firewall and Sorenson VP 200 (Video Phones) Harry Zahlis (May 17)
Our District just purchased and implemented a new Palo Alto Networks firewall. We have run across an issue which has
stumped a lot of people.

Our deaf faculty and students use a device provided by Sorenson (Sorenson ntouch VP-200) for telecommunication. At
first we opened the specific ports required by the Sorenson devices but we could not place phone calls. We opened all
ports, TCP and UDP in both directions (any-any) and we still cannot...

email address as directory information John Forker (May 17)
We are deliberating over whether we should or shouldn't include student
email addresses in our list of directory information elements as allowed
by FERPA. If you institution has chosen not to include email addresses as
part of directory information, how do you control unauthorized access in a
way that doesn't stymy collaboration among students and among students and
industry representatives If your institution has chosen email...

REN-ISAC and SANS partner for highly discounted technical and awareness training; WEBCAST May 21 Doug Pearson (May 17)
SANS and REN-ISAC are partnering to bring exceptional security awareness
and technical training to the education community at substantially
discounted pricing.

An interactive webcast is scheduled for Tuesday, May 21 to explain the
program and provide opportunity for Q&A.

The special pricing is available during a purchase commitment window,
June 1 through July 31, for:

- SANS Securing The Human security awareness training,
- SANS...

Re: Question About Password Resets Valdis Kletnieks (May 16)
On Thu, 16 May 2013 11:00:00 -0500, Jim Pardonek said:

No matter what you end up doing, remember to leave a flag for "this account
may not be reset by phone/self-serve/whatever", so you can flag high-value
or high-risk accounts as "tough noogies, they have to come in with official ID".

And remember - it doesn't have to be a high-priv account. I've heard of
plenty of incidents of stalkers and ex-SO's social...

Re: Question About Password Resets David Curry (May 16)
We require everyone to provide their university identification number,
their username, and their date of birth. If the person is (or ever has
been) an employee, we also require the last four digits of their SSN/ITIN.

If the individual does not know his or her username he or she can look it
up by providing identification number and last name.

If the individual does not know his or her identification number, the
various departments (Human...

Re: Question About Password Resets David Seidl (May 16)
Jim
We use a voice recognition process - our helpdesk finds a co-worker who is known to us who we can conference in with
that person to identify them. It's not ideal, but we can almost always find someone who we do know and recognize. If
that fails - and it does at times - we don't feel as bad about making them come in with their ID in hand.
David

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV...

Re: Question About Password Resets Roger A Safian (May 16)
We have security questions and answers set when the accounts are created. I'm not a fan of them myself, but, I
recognize their usefulness in situations like this. If those fail, the user would need to contact a department chair,
program coordinator, etc. and have that person contact our help desk in order to authorize the change.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf...

Question About Password Resets Jim Pardonek (May 16)
We've recently had some issues with our current password reset process, particularly when a faculty or staff member is
out of town and calls for a password reset. We also have an issue because our campuses are spread out geographically
which makes it difficult for someone to come in person. I apologize if this has been discussed before, but I was
wondering what other institutions are doing regarding password resets via telephone? Or do...

Job Openings - Appalachian State University - CISO and Director of Information Analytics Anthony J. Santucci (May 15)
Greetings!

We have two new positions at AppState that are currently being advertised.
Please pass this along to anyone you think might be interested in coming to
the beautiful Blue Ridge Mountains of North Carolina!

Chief Information Security Officer
http://hrs.appstate.edu/employment/epa-jobs/801

Reporting to the Associate Vice Chancellor and Chief Information Officer of
Information Technology Services, the Chief Information Security Officer...

clickable links in instant messaging programs Fowler, Becky Thurmond (May 15)
I'm trying to gauge what other institutions are doing regarding clickable links in instant messaging programs. We
currently block links that are sent through our Microsoft Lync implementation but we'd like to determine what other
peer institutions are doing.

Does your university block clickable links through technical means? Do you allow clickable links but display a pop-up
or warning message? Or do you deal with this issue...

Job: Info Sec Analyst in Salem, MA George Moore (May 14)
Greetings:
I'm hiring an Information Security Analyst (ISA) for Salem State University in Salem Massachusetts. An ideal candidate
is motivated and enthusiastic about security. The ISA is responsible for monitoring the university network for security
vulnerabilities and compromised systems. The candidate accomplishes these goals by monitoring intrusion detection
systems, performing vulnerability assessments and management of network...

Information Security Analyst posting at U Colorado Brad Judy (May 10)
We have just posted a newly created position here in the System
Administration division of the University of Colorado. This division is
similar to what some other multi-campus systems call the Office of the
President. That means we're small (<400 staff, 100 of which are IT) and
have no faculty or students - purely administrative staff. We are located
in our own office building in downtown Denver (1800 Grant St), just a few
blocks from...

Re: SANS Training - VA Tech, 5/20-25/2013- Securing Windows and Resisting Malware (SEC 505) Valdis Kletnieks (May 10)
On Thu, 09 May 2013 19:08:24 -0000, "McDowell, Karen (krm6r)" said:

Unlike some SANS classes, this one can be done without a laptop.

The official word from SANS on the need for a laptop is available here:

http://www.sans.org/course/securing-windows

Exerpts:

"Please note that bringing a laptop is optional, but recommended, and it's nice
to bring a CD-ROM drive too."

...

"What if I do not have a laptop or...

Internet Issues and Infrastructure

NANOG — The North American Network Operators' Group discusses fundamental Internet infrastructure issues such as routing, IP address allocation, and containing malicious activity.

Re: High throughput bgp links using gentoo + stipped kernel Nikola Kolev (May 19)
Hello Nick,

You might be maxing out your server's PCI bus throughput, so it might be a better idea if you can get Ethernet NICs
that are sitting at least on PCIe x8 slots.

Leaving that aside, I take it you've configured some sort of CPU/PCI affinity?

As for migration to another OS, I find FreeBSD better as a matter of network performance. The last time I checked
OpenBSD was either lacking or was in the early stages of multiple...

Re: Vpn tunnel Asa 5505 to fortigate 60c Fred Reimer (May 19)
Almost all firewalls support NAT-T, which allows for using a private IP
address on the "outside" of the firewall (which is translated to a
routable public IP address before it gets on the Internet). You will need
UDP 500 (for IKE) and UDP 4500 (for IPsec NAT-T) open, so no devices
between the firewalls can block those ports. I know the ASA supports
this, because I have setup customers with "private" IP addresses on their...

High throughput bgp links using gentoo + stipped kernel Nick Khamis (May 19)
Hello Everyone,

We are running:

Gentoo Server on Dual Core Intel Xeon 3060, 2 Gb Ram
Ethernet controller: Intel Corporation 82571EB Gigabit Ethernet
Controller (rev 06)
Ethernet controller: Intel Corporation 82573E Gigabit Ethernet
Controller (rev 03)

2 bgp links from different providers using quagga, iptables etc....

We are transmitting an average of 700Mbps with packet sizes upwards of
900-1000 bytes when the traffic graph begins to...

Re: Looking for Netflow analysis package Valdis . Kletnieks (May 19)
On Fri, 17 May 2013 10:02:53 -0700, John Starta said:

There's another way.

Educate the technology-challenged people who mandated the disclaimer.

Re: Looking for Netflow analysis package Jimmy Hess (May 18)
The disclaimer requirements seem dumb, but not entirely unreasonable
-- we should just tolerate them. As for spam... no good there.

I would caution against taking the advise of setting up a SSH tunnel
to "follow corporate rules". In some cases, that might be subverting
the intended affects of corporate rules.

The outgoing SSH session (or any encrypted session or tunnel) to an
unapproved non-company resource could still be a policy...

Re: Remote Hands Nation-Wide? Justin M. Streiner (May 18)
I seem to recall discussion of someone running something like a "remote
hands have/need" blog/message board, but my Google-fu is failing me at the
moment. It was a good idea, but I don't know if it ever took off.

I remember there being sites for coordinating remote hands/volunteer efforts
after 9/11, Katrina, and Sandy, but I haven't been able to find one that is
more general in nature.

jms

Re: Remote Hands Nation-Wide? Rodrick Brown (May 18)
Looking for someone who can do remote hands in the LN3 Savvis data
center email me off list with rate and availability.

Would essentially need someone to rack/stack do basic cable runs and
initial switch/router/server setup.

No real technical skills required.

Sent from my iPhone

Re: Remote Hands Nation-Wide? Brandon Ross (May 18)
We do.

Worldwide, in fact.

Re: Vpn tunnel Asa 5505 to fortigate 60c Kenneth McRae (May 18)
What is the public peer address on the ISP end?

Re: CDN server log Ryan Malayter (May 18)
Djamel,

If you are looking for a CDN log trace to do academic research work on say, caching algorithms, please be
straightforward about your needs and someone (including myself) might be able to help.

If your purposes are commercial, asking for free data won't likely get you far. If you're trying to turn the data into
money expect to pay someone for it.

Vpn tunnel Asa 5505 to fortigate 60c akurenath (May 18)
Hi nanog,

I have a fortigate 60c connecting a vpn tunnel to an asa 5505. I have the connection setup, but it will not connect
because unfortunately the isp at the fortigate end decided to give us a 192.168.13/24 address. Now what I'd like to
know is if there is any way to get this vpn connection to work through a pat connection until the isp resolves this
issue?

Thank you for any help.

Zane

Sent from Samsung mobile

Re: looking for documents describing frequent causes for line cuts Ryan Gard (May 18)
Here's one I came across from Southern Telecom that seems to give some hard
numbers on incidents they've experienced with their fibre lines being
severed.

Hope this is useful for your needs.

Link: http://www.southern-telecom.com/AFL%20Reliability.pdf

Re: looking for documents describing frequent causes for line cuts Kyle Creyts (May 18)
thanks!

also amusing:
http://blog.lafayetteprofiber.com/2008/06/nutria-ratsand-fiber.html
http://news.techeye.net/internet/internet-attacked-by-bears#.TnZXk5rhOv8.reddit

but I'm looking for something slightly more efficacious than anecdotal.

off-list replies (and, why not, some of them are really funny) anecdotes
are welcome.

Re: Entry level WDM gear? follow-up Chuck Anderson (May 18)
Typically you would use an Optical Add/Drop Multiplexer at each
intermediate site and a regular Optical Mux at the endpoint sites, but
you should be able to simplify this to just two OMUXes, one at "A" and
the other at campus, sending the lambda for "B" through the
cross-connect as long as you don't need more than one lambda at "B".

Should work fine with your existing 1550 ER optics, as long as you
have enough...

Re: looking for documents describing frequent causes for line cuts staticsafe (May 18)
On an amusing note:
http://blog.level3.com/level-3-network/the-10-most-bizarre-and-annoying-causes-of-fiber-cuts/

The RISKS Forum — Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.

Risks Digest 27.28 RISKS List Owner (May 17)
RISKS-LIST: Risks-Forum Digest Friday 17 May 2013 Volume 27 : Issue 28

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.28.html>
The current issue can be...

Risks Digest 27.27 RISKS List Owner (May 05)
RISKS-LIST: Risks-Forum Digest Saturday 4 April 2013 Volume 27 : Issue 27

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.27.html>
The current issue can be...

Risks Digest 27.26 RISKS List Owner (Apr 24)
RISKS-LIST: Risks-Forum Digest Tuesday 23 April 2013 Volume 27 : Issue 26

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.26.html>
The current issue can be...

Risks Digest 27.25 RISKS List Owner (Apr 19)
RISKS-LIST: Risks-Forum Digest Friday 19 April 2013 Volume 27 : Issue 25

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.25.html>
The current issue can be...

Risks Digest 27.24 RISKS List Owner (Apr 07)
RISKS-LIST: Risks-Forum Digest Sunday 7 April 2013 Volume 27 : Issue 24

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.24.html>
The current issue can be...

Risks Digest 27.23 RISKS List Owner (Mar 31)
RISKS-LIST: Risks-Forum Digest Saturday 30 March 2013 Volume 27 : Issue 23

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.23.html>
The current issue can be...

Risks Digest 27.22 RISKS List Owner (Mar 24)
RISKS-LIST: Risks-Forum Digest Saturday 23 March 2013 Volume 27 : Issue 22

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.22.html>
The current issue can be...

Risks Digest 27.21 RISKS List Owner (Mar 22)
RISKS-LIST: Risks-Forum Digest Thursday 21 March 2013 Volume 27 : Issue 21

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.21.html>
The current issue can be...

Risks Digest 27.20 RISKS List Owner (Mar 18)
RISKS-LIST: Risks-Forum Digest Monday 18 March 2013 Volume 27 : Issue 20

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.20.html>
The current issue can be...

Risks Digest 27.19 RISKS List Owner (Mar 12)
RISKS-LIST: Risks-Forum Digest Monday 11 March 2013 Volume 27 : Issue 19

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.19.html>
The current issue can be...

Risks Digest 27.18 RISKS List Owner (Mar 06)
RISKS-LIST: Risks-Forum Digest Wednesday 6 March 2013 Volume 27 : Issue 18

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.18.html>
The current issue can be...

Risks Digest 27.17 RISKS List Owner (Feb 25)
RISKS-LIST: Risks-Forum Digest Sunday 24 February 2013 Volume 27 : Issue 17

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.17.html>
The current issue can be...

Risks Digest 27.16 RISKS List Owner (Feb 14)
RISKS-LIST: Risks-Forum Digest Thursday 14 February 2013 Volume 27 : Issue 16

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.16.html>
The current issue can...

Risks Digest 27.15 RISKS List Owner (Jan 29)
RISKS-LIST: Risks-Forum Digest Tuesday 29 January 2013 Volume 27 : Issue 15

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.15.html>
The current issue can be...

Risks Digest 27.14 RISKS List Owner (Jan 23)
RISKS-LIST: Risks-Forum Digest Tuesday 22 January 2013 Volume 27 : Issue 14

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.14.html>
The current issue can be...

Data Loss — Data Loss covers large-scale personal data loss and theft incidents. This archive combines the main list (news releases) and the discussion list.

Open Source Tool Development

Metasploit — Development discussion for Metasploit, the premier open source remote exploitation tool

Re: Wmic through the windows api egypt (May 17)
Extensions should be submitted as a pull request in the meterpreter
repo: https://github.com/rapid7/meterpreter
If you have already written the ruby side, that should be a pull
request on the framework repo, with a link to the meterpreter pull
request in the description.

Thanks!
egypt

Re: Wmic through the windows api Abuse 007 (May 16)
Hi Brian,

Perhaps you need to allocate some memory in a process, write your custom
data structure there, and then make the call with a pointer/reference to
the custom data structure in the memory you allocated for it.

Cheers,
B

Ruxcon 2013 Call For Papers cfp (May 07)
Ruxcon 2013 Call For Presentations
Melbourne, Australia, October 26th-27th
CQ Function Centre
http://www.ruxcon.org.au/call-for-papers/

The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon 2013.

This year the conference will take place over the weekend of the 26th and 27th
of October at the CQ Function Centre, Melbourne, Australia.

.[x]. About Ruxcon .[x].

Ruxcon is ia premier technical computer security conference...

Breakpoint 2013 Call For Papers cfp (Apr 30)
Breakpoint 2013 Call For Papers
Melbourne, Australia, October 24th-25th
Intercontinental Rialto
http://www.ruxconbreakpoint.com

.[x]. Introduction .[x].

The Ruxcon team is pleased to announce Call For Papers for Breakpoint 2013.

Breakpoint showcases the work of expert security researchers from around the
world on a wide range of topics. This conference is organised by the Ruxcon
team and offers a specialised security conference to...

Re: framework Digest, Vol 63, Issue 13 Vlad Ovtchinikov (Apr 27)
Try exploit-db.com

Sent from my iPhone

Re: framework Digest, Vol 63, Issue 13 Prabhu (Apr 27)
Hi,
I surfed privilege Esclation exploits in unix/local and linux/local
category, I found most of them works only with linux kernel 2.4 and 2.6.
But I am looking exploits for kernel 3.0 and above, could some one suggest
me a exploit to handle this.

Re: help Joshua Smith (Apr 25)
You beat me Tod, I was gonna say
$ msfconsole

but seriously man, you need to give more details.

Re: help Tod Beardsley (Apr 25)
http://ifconfig.me

Re: framework Digest, Vol 63, Issue 12 Michael Schierl (Apr 25)
Am 25.04.2013 19:59, schrieb Tod Beardsley:

Seconded.

Also, please note that a piece of shellcode is not an exploit (just like
a pinch of gunpowder is not a firearm, or like a satellite is not a
space rocket). In fact the shellcode is usually the easiest part for a
new exploit as Metasploit ships lots of them to easily integrate into
any exploit.

When you have installed Metasploit, have a look at the unix/local/ and
linux/local/ category if...

help gri sma (Apr 25)
how to use external ip on metasploit

Re: framework Digest, Vol 63, Issue 12 Tod Beardsley (Apr 25)
please don't run random blobs of shellcode you find on the internet.
It's not healthy.

That's kind of why we do Metasploit.

If you would like to start using Metasploit, please see
http://metasploit.pro and pick the right version for your needs.

Thanks!

Re: framework Digest, Vol 63, Issue 12 Prabhu (Apr 25)
Hi,

I picked a exploit from below link, and I compile it manually in test
environment. I end up with a error message stating that
error: lvalue required as left operand of assignment

http://www.shell-storm.org/shellcode/files/shellcode-548.php

Could you suggest me a shellcode to proceed.

Re: framework Digest, Vol 63, Issue 11 Prabhu (Apr 25)
Hi Tod,

Thank you for response, I'm looking at this exploit. could you help me to
sort this.

http://pastebin.com/GC824ayU

Re: framework Digest, Vol 63, Issue 11 h4lp.php () gmail com (Apr 24)
did you find somethings at exploit-db or 1337day?
and maybe you should tell what did you do and how ,more and your metasploit 's version

Prabhu <flyingcolours47 () gmail com>编写：

Re: framework Digest, Vol 63, Issue 11 Tod Beardsley (Apr 24)
Which Metasploit module is giving you trouble?

Wireshark — Discussion of the free and open source Wireshark network sniffer. No other sniffer (commercial or otherwise) comes close. This archive combines the Wireshark announcement, users, and developers mailing lists.

Wireshark 1.6.15 is now available Wireshark announcements (May 17)
I'm proud to announce the release of Wireshark 1.6.15.

What is Wireshark?

Wireshark is the world's most popular network protocol analyzer.
It is used for troubleshooting, analysis, development and
education.

What's New

Bug Fixes

The following vulnerability has been fixed.

o wnpa-sec-2013-25

The ASN.1 BER dissector could crash. (Bug 8599)

Versions affected: 1.8.0 to 1.8.6, 1.6.0 to 1.6.14....

Wireshark 1.8.7 is now available Wireshark announcements (May 17)
I'm proud to announce the release of Wireshark 1.8.7.

What is Wireshark?

Wireshark is the world's most popular network protocol analyzer.
It is used for troubleshooting, analysis, development and
education.

What's New

Bug Fixes

The following vulnerabilities have been fixed.

o wnpa-sec-2013-23

The RELOAD dissector could go into an infinite loop.
Discovered by Evan Jensen. (Bug 8364, (Bug 8546)...

Wireshark 1.8.7 is now available Gerald Combs (May 17)
I'm proud to announce the release of Wireshark 1.8.7.

What is Wireshark?

Wireshark is the world's most popular network protocol analyzer.
It is used for troubleshooting, analysis, development and
education.

What's New

Bug Fixes

The following vulnerabilities have been fixed.

o wnpa-sec-2013-23

The RELOAD dissector could go into an infinite loop.
Discovered by Evan Jensen. (Bug 8364, (Bug 8546)...

Re: [Wireshark-commits] rev 49380: /trunk-1.8/ /trunk-1.8/epan/dissectors/: packet-amr.c packet-tcp.c /trunk-1.8/docbook/: release-notes.xml /trunk-1.8/epan/: tvbuff.c Jeff Morriss (May 17)
Oops, yeah, that's a good point. But, you're also right that it
certainly won't hurt.

Re: [Wireshark-commits] rev 49380: /trunk-1.8/ /trunk-1.8/epan/dissectors/: packet-amr.c packet-tcp.c /trunk-1.8/docbook/: release-notes.xml /trunk-1.8/epan/: tvbuff.c Evan Huus (May 17)
I don't think this one was necessary in 1.8, since it doesn't have Jakub's
work on shrinking the ep scope that I remember, but it won't hurt.

Evan

Wireshark 1.6.7 Memory Corruption gobejishvili (May 17)
Hello,

I'm Security Researcher, found memory corruption vulnerability in
Wireshark 1.6.7 version 64BIT, vulnerability detect to kubuntu x64. Drag
and drop can to make memory corruption.
After running it in GDB.

Program received signal SIGSEGV, Segmentation fault.
0x000055555568527f in dnd_open_file_cmd ()

Re: Info for Sharkfest'13 Ahmed Elshaer (May 17)
ya me too , i'm from egypt and cant attend i hope it would be online
sessions

On Fri, May 17, 2013 at 1:38 PM, Edwin Abraham <edwin.abraham12 () gmail com>wrote:

Info for Sharkfest'13 Edwin Abraham (May 17)
Is there any session that will be held in a online sense.
I am interested in attending. But I won't be able to come due to the
distance.

Re: Sharkfset '13 - Hackfest Ahmed Elshaer (May 17)
i have a question how to make the GUI fast to render the data and never
hand or give u not responding ?

Sharkfset '13 - Hackfest Anders Broman (May 17)
Hi,
If anyone is participating in the Hackfest it might be a good idea to start discussion on topics of interest in case
preparations are needed.

- Bug fixing.

- New features ( How to implement, not I would like to have this developed by someone else ( well that's OK
too but don't expect it to actually happen :) ).

- Dissector development.

- Knowledge sharing, how to .... ( debug, profile ...)...

Re: Tapping Behaviour [Was: Export PDU:s] Evan Huus (May 16)
So it looks like we already basically do what I was suggesting. The bug was
a special case of inter-tap dependencies. Using a frame-end routine might
make for a simpler fix than all the manual try-catch blocks though.

Evan

Re: Tapping Behaviour [Was: Export PDU:s] Jeff Morriss (May 16)
[Without having read either bug recently and without having ever really
looked at tapping--so beware of glaring ignorance on my part...]

Would it make any sense to do call the tap in a frame-end routine
(register_frame_end_routine())? That's another way to handle exceptions
without having to catch them.

Code sharing between TLS and DTLS Hauke Mehrtens (May 16)
The DTLS rfc6347 describes just the differences to tls (ssl) and these
two protocols are very similar. Currently the wireshark dissectors for
tls and dtls are not sharing much code, just at little in ssl-utils.c.

I did some improvements for the DTLS dissector and much of this was
copying the code from tls and doing some small modifications to it. I
would like to place more code like the parsing of a some handshake
messages to ssl-utils.c, so the...

Re: New icon as seen over rdesktop Jeff Morriss (May 16)
Yep, you're right. Following the instructions here:

http://blog.dhampir.no/content/remote-desktop-does-not-support-colour-depth-24-falling-back-to-16

Gave me 24-bit color and now the jagged edge is gone.

Yeah, as I said, just wanted to mention it...

Re: recent fuzz failures Evan Huus (May 16)
I have also been unable to reproduce any but the out-of-memory issues.

Evan

Snort — Everyone's favorite open source IDS, Snort. This archive combines the snort-announce, snort-devel, snort-users, and snort-sigs lists.

This is familer James Lay (May 17)
Yay..just like that one --c32 malware that kept popping up everywhere
months ago, comes ded509 (google that..it's a hoot):

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any
(msg:"MALWARE-OTHER Compromised Website response - leads to Exploit
Kit"; flow:established,to_client; file_data; content:"";
distance:0; content:""; distance:0; metadata:policy
balanced-ips...

Re: Re : Different bpf filter for every multiple config used in snort C. L. Martinez (May 17)
Thanks Rmkml. I have configured one snort instance with multiple
configs, three in total. Due to limitation in ipvar to use ip ranges,
I need to discriminate what ip's and ip ranges and ports are monitored
by each one of this snort configs (and all ip ranges are in the same
network).

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security...

Re: question about config binding Russ Combs (May 17)
Did you try it? ;)

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d

Re: question about config binding C. L. Martinez (May 17)
Thanks Russ. But syntax is correct?

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d

Re: question about config binding Russ Combs (May 17)
Yes - that's exactly what it is for.

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d

Re: Different bpf filter for every multiple config used in snort Eoin Miller (May 17)
I always created a skeleton conf file and the custom conf file that I
would call when starting the process.

snort -c /etc/snort/customized_snort.conf

And then inside of customized_snort.conf you can have:

include /etc/snort/skelton_snort.conf

That way you just put in the variables that change for your instances
you are running in the small conf and don't have to edit the N-number of
conf's every time to setup something different....

Re : Different bpf filter for every multiple config used in snort Rm Kml (May 17)
Hi,

I don't known if I understand correctly but why don't use same -F bpf_file on every multiple snort cmd line ?

Regards
@Rmkml

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a...

Re : Different bpf filter for every multiple config used in snort Rm Kml (May 17)
Hi,

I don't known if I understand correctly but why don't use same -F bpf_file on every multiple snort cmd line ?

Regards
@Rmkml

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a...

Re: TCP session without 3-way handshake - Snort 2.9.4.5 waldo kitty (May 17)
it does make sense and i really asked it for the benefit of others... especially
those just getting started with snort... now the question is if they are reading
all posts to the list ;) O:)

ahhh... ok... i was kind of expecting to see something about performance
monitoring in which one might say how to determine how much traffic may be being
dropped and what one might be able to do to alleviate well known bottlenecks ;)

Re: TCP session without 3-way handshake - Snort 2.9.4.5 Russ Combs (May 17)
Yes, drops can cause this as can starting Snort mid-session.

Without a capture, you can rule out drops only if you don't have any.
The start up delay for require_3whs is pretty much essential for live
traffic unless you disable the rule.

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security...

Different bpf filter for every multiple config used in snort C. L. Martinez (May 17)
Hi all,

Is it possible to use one bpf filter config file for every multiple
config in snort 2.9.4.6?

Thanks.

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified...

Re: April 9th compiled Zeus debug upload James Lay (May 17)
Hey Joel,

Yea I looked at that one(been trying to look at rules BEFORE I start
making um for a refreshing change of pace :))..provided the UA matches
I'll bet it would. Only data I have though is the
"/test/debug.php"...would be nice to see a pcap that has this if anyone
can provide? Thanks Joel!

James

------------------------------------------------------------------------------
AlienVault Unified Security Management...

Re: April 9th compiled Zeus debug upload Joel Esler (May 17)
James,

Is 25050 not catching this? Just for clarification?

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial....

April 9th compiled Zeus debug upload James Lay (May 17)
alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"MALWARE-CNC
Win.Trojan.Zeus April 9th 2013 variant data upload";
flow:to_server,established; content:"POST"; http_method;
content:"|2f|test|2f|debug.php"; http_uri; metadata:impact_flag red,
policy security-ips drop, ruleset community, service http;
reference:url,http://securityblog.s21sec.com/2013/05/testing-your-zeus-variant.html;...

Re: Handling firewall rejected packets in SNort IPS waldo kitty (May 17)
it would seem to be pretty basic, but i'm not so sure about that ;)

this depends on where, in your firewall routing rules, you inject the rule to
send the traffic to snort...

consider a firewall script that starts off as

iptables -A Input jmptosnort
iptables -A Input jmptogood

OR

iptables -I Input jmptosnort
iptables -I Input jmptogood

in both cases, the actual ordering is not going to be what you expect it to
be... jmptosnort will...

OpenVAS — Development and announcements regarding OpenVAS, a free network security scanner which forked from Nessus. This is a combination of the English openvas-announce, openvas-devel, openvas-discuss, and openvas-plugins lists.

Re: openvasmd using all CPU YanQian (May 18)
Hi, Paula,
I got the same issue with OpenVAS 6 on RHEL6, the temporary workaround is add this option to openvas manager service.
"--disable-encrypted-credentials"

It was told by mime at #openvas IRC. I added it to the file /etc/sysconfig/openvas-manager on RHEL.

And I also want to know, if this option is used, does it mean that credentials are saved in some place with clear text?

regards,
YanQian

Date: Fri, 17 May 2013 17:51:53...

Re: Why openvas-scapdata-sync delete my plugins directory? Ulises Cuñé (May 17)
Hello Timo,
Yes, I have set SCAP_DIR and NVT_DIR on the same path.

2013/5/17 Timo Pollmeier <timo.pollmeier () greenbone net>

Re: openvasmd using all CPU Paula Gonzalez Muñoz (May 17)
Hello,

I have again the same problem on a completely different machine. Any idea
about the possible cause and how to solve it? It only happens when trying
to create credentials (I've been able to create other objects).

Regards,
Paula

2013/4/30 Paula Gonzalez Muñoz <p.gonmu () gmail com>

Re: Renaming "Full and fast" to "Best practice"? smkr (May 17)
If the goal is to give users something first hand what about "Default" and you
can add a short description.

Re: empty tasks.db Paula Gonzalez Muñoz (May 17)
Yes. It gives no clues.

I have just done a few more tests and the problem was that the problem was
that the 'om' user was not created correctly and the openvas-check-setup
gave a misleading error. It is described here:

http://aymanstechblog.blogspot.com.es/2013/01/error-number-of-nvts-in-openvas-manager.html

After changing the name to the folder it worked.

Maybe the openvas-check-setup should be reviewed so it gives more
informative...

Re: trouble building gsa from trunk btb (May 17)
CMakeLists.txt now looks like:

target_link_libraries (gsad_base "${LIBMICROHTTPD_LDFLAGS} ${LIBXML_LDFLAGS} ${GLIB_LDFLAGS} ${GTHREAD_LDFLAGS}
${LIBEXSLT_LDFLAGS} ${LIBXSLT_LDFLAGS} ${OPENVAS_LDFLAGS} ${GNUTLS_LDFLAGS}" -lgcrypt)

and it appears to build successfully.

thanks
-ben

Re: empty tasks.db Jan-Oliver Wagner (May 17)
have you checked openvasmd.log?

Re: Why openvas-scapdata-sync delete my plugins directory? Timo Pollmeier (May 17)
Hello Ulises,

It looks like the problem may be caused by the NVT and SCAP sync scripts
using the same directory. Do you have SCAP_DIR and NVT_DIR set as
environment variables to the same path?

Best regards,

Timo Pollmeier

Re: empty tasks.db Paula Gonzalez Muñoz (May 17)
Hi again,

I've done some more tests and my findings are the following:

tasks.db is created with correct permissions by using openvasmd --rebuild.
However the NVTs table is empty:
# ls -la /var/lib/openvas/mgr/tasks.db
-rw------- 1 root root 659456 May 17 12:39 tasks.db

I have checked and it should take around 49 Mb, not 659 Kb.

I have reinstalled openvas with no change. Attached you can find the
openvas-check-setup.log in case it give...

Re: trouble building gsa from trunk Michael Wiegand (May 17)
* btb [16. May 2013]:

I saw that too on 13.04 with 64 bit. I think libgcrypt needs to be
linked explicitly now. We will add this to the CMake files soon, in the
mean time you can work around this by adding " -lgcrypt" to the
"target_link_libraries (gsad_base ..." command in src/CMakeLists.txt.

Regards,

Michael

empty tasks.db Paula Gonzalez Muñoz (May 17)
Hello all,

I'm installing openvas on a new server and I'm getiing this error:

Step 2: Checking OpenVAS Manager ...
OK: OpenVAS Manager is present in version 4.0.0.
OK: OpenVAS Manager client certificate is present as
/var/lib/openvas/CA/clientcert.pem.
OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: OpenVAS...

Re: Always get the NONE threat result after scan Widget John (May 17)
Dear all,

Can anyone help me please? I alway get NONE threat result.

openvas-check-setup 2.2.1
Test completeness and readiness of OpenVAS-6
(add '--v4', '--v5' or '--v7'
if you want to check for another OpenVAS version)

Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss

Send us the log-file...

trouble building gsa from trunk btb (May 16)
on to the next piece :)

i'm having trouble building gsa from revision 16369 [on ubuntu 13.04]:

-- Found PkgConfig: /usr/bin/pkg-config (found version "0.26")
-- Configuring greenbone-security-assistant...
-- The C compiler identification is GNU 4.7.3
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Looking...

Re: trouble building libraries from trunk btb (May 16)
ah, very good then. i've checked out 16369 and rebuilt, and can report success.

thanks
-ben

Re: trouble building libraries from trunk Hani Benhabiles (May 16)
No implications for you. You are just using a new version of glib which
has deprecated the g_type_init() call. Added version check as revision
16369.

Cheers,

Hani.

More Lists

Related Resources

We're always looking for great network security related lists to archive. To suggest one, mail Fyodor.