Posted by Stefan Kanthak on Dec 21
Hi @ll,
in <http://seclists.org/fulldisclosure/2015/Nov/101> I showed
general mitigations for DLL hijacking via runtime dependencies
(<https://msdn.microsoft.com/en-us/library/ms685090.aspx>).
DLL hijacking is but also possible via load-time dependencies
(<https://msdn.microsoft.com/en-us/library/ms684184.aspx>)!
Example:
Quite some executable installers use the function timeGetTime()
(<…
Posted by Stefan Kanthak on Dec 21
Hi @ll,
the executable installer [°] of ESET’s NOD32 antivirus,
eset_nod32_antivirus_live_installer_.exe, loads and executes
(at least) the rogue/bogus/malicious Cabinet.dll and DbgHelp.dll
eventually found in the directory it is started from [‘] (the
“application directory”).
For software downloaded with a web browser this is typically the
“Downloads” directory: see
<…
Posted by Bacon Zombie on Dec 21
For the lazy;
# Title : PFSense <= 2.2.5 Directory Traversal
# Date : 18/12/2015
# Author : R-73eN
# Tested on : PFSense 2.2.5
# Software : https://github.com/pfsense/pfsense
# Vendor : https://pfsense.org/
# ___ __ ____ _ _
# |_ _|_ __ / _| ___ / ___| ___ _ __ / | |
# | || ‘_ | |_ / _ | | _ / _ ‘_ / _ | |
# | || | | | _| (_) | |_| | __/ | | | / ___ | |___
# |___|_| |_|_|…
Posted by Luiz Eduardo on Dec 21
Hello Full-Disclosure readers and sorry for the possible cross-postings you
might see, on behalf of the conference’s organization team I would like to
let you know that YSTS X’s CFP is currently opened.
YSTS 10th Edition
Where: Sao Paulo, Brazil
When: June 13th, 2016
Call for Papers Opens: December 13th, 2015
Call for Papers Close: March 1st, 2016
@ystscon
INTRODUCTION
This is the celebratory 10th edition…
EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session.
I am pleased to announce the immediate availability of versions 5.5 and 5.6 of the MySQL on CentOS Linux 7 x86_64, delivered via a Software Collection (SCL) built by the SCLo Special Interest Group (https://wiki.centos.org/SpecialInterestGroup/SCLo). QuickStart ---------- You can get started in three easy steps (example of MySQL 5.6): $ sudo yum install centos-release-scl $ sudo yum install rh-mysql56 $ scl enable rh-mysql56 bash At this point you should be able to use MySQL just as a normal application. An examples of commands run might be: $ systemctl start rh-mysql56-mysqld $ mysql In order to view the individual components included in this collection, including additional subpackages plugins, you can run: $ sudo yum list rh-mysql56* About Software Collections -------------------------- Software Collections give you the power to build, install, and use multiple versions of software on the same system, without affecting system-wide installed packages. Each collection is delivered as a group of RPMs, with the grouping being done using the name of the collection as a prefix of all packages that are part of the software collection. The collection rh-mysql56 delivers version 5.6 of the MySQL server (with daemon called rh-mysql56-mysqld) and related client tools. The collection mysql55 delivers version 5.5 of the MySQL server (with daemon called mysql55-mysqld) and related client tools. Both the collections include no client library libmysqlclient.so and client applications are advised to use the client library available in mysql-libs package from base system. For more on the MySQL, see https://www.mysql.com. The SCLo SIG in CentOS ---------------------- The Software Collections SIG group is an open community group co-ordinating the development of the SCL technology, and helping curate a reference set of collections. In addition to the MySQL collections being released here, we also build and deliver other databases, web servers, and language stacks including multiple versions of MariaDB, PostgreSQL, MongoDB Apache HTTP Server, NodeJS, Ruby, Python and others. Software Collections SIG release was announced at https://lists.centos.org/pipermail/centos-announce/2015-October/021446.html You can learn more about Software Collections concepts at: http://softwarecollections.org You can find information on the SIG at https://wiki.centos.org/SpecialInterestGroup/SCLo ; this includes howto get involved and help with the effort. We meet every second Wednesday at 16:00 UTC in #centos-devel (ref: https://www.centos.org/community/calendar), for an informal open forum open to anyone who might have comments, concerns or wants to get started with SCL's in CentOS. Enjoy! Honza SCLo SIG member