SEARCH RESULTS
 
Showing 1-10 of 10 records
1
 
Expand article

Changing the SSL cipher order in Internet Explorer 7 on Windows Vista

2007-11-07 05:37:47 by Steve Riley in Steve Riley on Security
 
...NULL MD5 TLS RSA WITH NULL SHA When you study the list, you'll see that IE presents the algorithms in decreasing order of strength, but places the shorter bit-lengths first. Why? If longer bit lengths are more secure, shouldn't they be listed first Remember, encryption is the thing that buys you time against Immutable Law #3 . But performing...
 
Tags: sha, null sha, cbc sha p384, cbc sha, cbc sha p521, shorter bit lengths, bit lengths, cbc sha p256, 256-bit aes
 
 
 
 
Expand article

Enabling hierarchical nant builds

2008-03-07 05:49:00 by Keith Brown in Security Briefs
 
...null == relativePathToFoundFile) throw new BuildException(string.Format( CultureInfo.CurrentCulture, "Couldn't find a file named {0}" + " in a parent directory of {1}", fileName, Project.BaseDirectory)); // have to use a relative path here // because task uses // Path.Combine(projectDir, BuildFileName) // to get the full path BuildFileName =...
 
Tags: nant, root script defines, script, root, task, simple nant task, root nant project, return path, return
 
 
 
 
Expand article

Responsible-ish Disclosure

2008-05-08 20:50:57 by Chris Eng in Zero in a bit
 
...NULL .text:00405C3E mov ecx, esi ; Memcpy with our length .text:00405C40 mov esi, [ebp+pDestionationAddr] .text:00405C43 mov [ebx+4], eax ; new result is used as dest .text:00405C46 mov edi, eax ; address without checks. .text:00405C48 mov eax, ecx .text:00405C4A add esp, 4 .text:00405C4D shr ecx, 2 .text:00405C50 rep movsd ; AV due to...
 
Tags: text, esi, 00405c1b mov esi, ecx, 00405c31 push esi, 00405c3e mov ecx, recent dos vulnerability, vulnerability, 00405c21 test esi
 
 
 
 
Expand article

Storm-Bot stripshow analysis

2007-12-23 22:06:00 by Russ McRee in HolisticInfoSec.org
 
...null),0,(null 4030df WinExec(netsh firewall set allowedprogram "C:WINDOWSdisnisa.exe" enable,100 71ab52c6 LoadLibraryA(C:WINDOWSsystem32mswsock.dll)=71a50000 71a5716a LoadLibraryA(C:WINDOWSsystem32mswsock.dll)=71a50000 71aa14eb GlobalAlloc 40da1b bind(8c, port=26790 77e7ac53 CreateRemoteThread(h=ffffffff, start=404b05 40da1b bind(b8,...
 
Tags: 40d9f1 connect, w32tm config syncfromflags, config, time, quick time check, w32tm config, exe, src78, dst192
 
 
 
 
Expand article

Enabling hierarchical nant builds

2008-03-07 12:49:00 by keith-brown in Security Briefs
 
...null == relativePathToFoundFile) throw new BuildException(string.Format( CultureInfo.CurrentCulture, "Couldn't find a file named {0}" + " in a parent directory of {1}", fileName, Project.BaseDirectory)); // have to use a relative path here // because task uses // Path.Combine(projectDir, BuildFileName) // to get the full path BuildFileName =...
 
Tags: nant, root script defines, script, root, task, simple nant task, root nant project, return path, return
 
 
 
 
Expand article

Enabling hierarchical nant builds

2008-03-07 12:49:00 by keith-brown in Security Briefs
 
...null == relativePathToFoundFile) throw new BuildException(string.Format( CultureInfo.CurrentCulture, "Couldn't find a file named {0}" + " in a parent directory of {1}", fileName, Project.BaseDirectory)); // have to use a relative path here // because task uses // Path.Combine(projectDir, BuildFileName) // to get the full path BuildFileName =...
 
Tags: nant, root script defines, script, root, task, simple nant task, root nant project, return path, return
 
 
 
 
Expand article

PrincipalPermissionAttribute and Static ctor Leads to DoS

2007-12-03 09:03:00 by Keith Brown in Security Briefs
 
...null static void becomeSuperUser string[] roles = { "SuperUser Thread.CurrentPrincipal = new GenericPrincipal new GenericIdentity("Alice"), roles Here's the output of the above program, exactly as written. Notice that the call order is such that the privileged user accesses the protected class first, so things work as you'd expect Inside...
 
Tags: class sensitive, sensitive, class, class level, static constructor, inside static constructor, class program, static constructor leads, static void
 
 
 
 
Expand article

European Commission Moves Forward on In-Flight Mobile Plan

The Article has images
2008-04-07 12:21:42 by Glennf in Wi-Fi Networking News
...null carrier that associates with the phone yet provides it no path. No mentioned here is the 1700 MHz and 850 MHz frequencies used by GSM in the U.S., which one would expect would alos need to be blocked, even though quad-band GSM phones include the 1800 MHz band for use. Perhaps through automated selection that's not an issue
 
Tags: mhz, mhz band, mhz frequencies, mhz bands, pan-european telecom rules, rules, in-flight service, service, ground stations
 
 
 
 
Expand article

NULL pointer exploit excites researchers

2008-04-17 00:00:00 by HASH0x8b3cd84 in Network World on Security
 
In 1996 it was Aleph One's astounding paper, "Smashing the Stack for fun and Profit" that introduced a generation of Information Security researchers, and eventually the world at large, to the inherent exploitability of buffer overflows and introduced techniques that would form the basis of proving that a vulnerability was exploitable (as well...
 
Tags: information security researchers, inherent exploitability, basis, buffer overflows, exploits, stack, form, world, profit
 
 
 
 
Expand article

BSDNews.com is hacked and user information is exposed

The Article has images
2008-04-25 08:10:33 by Evan Francen in The Breach Blog
...NULL Do what you want to do with it Please, if u think i didnt hacked it, search forums/google , you dont find anything THIS IS MY FIRST RELEASE HERE i kept everything as i got it so there can be info what is usefull uploaded at my host Evan] There is a link in this Golden-Warez post that leads to a compressed (.rar) file. In the RAR...