lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 16 Oct 2007 13:06:04 -0500
From: phioust <phioust@...il.com>
To: full-disclosure@...ts.grok.org.uk, andy.davis@...plc.com
Subject: Re: IRM Vendor Alerts: Six critical remote
	vulnerabilities in TIBCO SmartPGM FX

LOL

Results *1* - *10* of about *464* for *"TIBCO SmartPGM FX"*. (*0.24*seconds)

why does irm waste their research on shit that no one uses? Is irm going to
be the next morning_wood?

ps: thanks for your ollydbg tutorial at http://milw0rm.com/papers/178.
There is not already 1000s of guides online explaining how to set
breakpoints and find imports so thanks for this valuable information.

On 10/16/07, Andy Davis <andy.davis@...plc.com> wrote:
>
> IRM have discovered six critical remote vulnerabilities in TIBCO SmartPGM
> FX. Five of these vulnerabilities could potentially result in an attacker
> gaining remote administrative control of the server on which SmartPGM FX is
> running and therefore, also allow access to any data stored on or being
> communicated by the server.
>
> The final vulnerability, a Denial of Service attack, would stop the
> SmartPGM FX service so that file transfers could not be performed.
>
> More information can be found at the following location:
>
> http://www.irmplc.com/index.php/111-Vendor-Alerts
>
> Once TIBCO has produced either workarounds or patches to mitigate these
> vulnerabilities, IRM will release advisories which will include full
> technical details.
>
>
>
> Andy Davis| Chief Research Officer
>
> Information Risk Management Plc
> 8th Floor | Kings Building | Smith Square | London SW1P 3JJ
> Tel: +44 (0) 1242 225 205
> Fax: +44 (0) 1242 225 215
> www.irmplc.com
>
> The information contained in this email is privileged and confidential and
> is intended only for the use of the addressee. Unauthorised disclosure,
> copying or distribution of the contents is strictly prohibited. Please reply
> immediately if you receive this email in error and then immediately delete
> it from your system.
>
> Where relevant, any quotation contained within this email is exclusive of
> VAT at the current rate and valid for 30 days from the date of this email.
> Information Risk Management Plc (IRM) does not authorise the creation of
> contracts on its behalf by email. All information contained within this
> email and its attachments are subject to IRM's standard terms and
> conditions, a copy of which is available upon request.
>
> All attachments have been scanned for viruses using regularly updated
> programs. IRM cannot accept liability for any damage you incur as a result
> of virus infection and we advise that you should carry out such virus and
> other checks as you consider appropriate.
> IRM is a company registered in England with company number 3612719. The
> above address is the official registered office of IRM.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists