lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 15 Jan 2008 12:59:59 -0600
From: "Fredrick Diggle" <fdiggle@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: [FDSA] Multiple Vulnerabilities in Your Computer
	(all versions)

#######################################################################

                             Fredrick Diggle Security Advisory

Application: Your Computer
Versions: All Versions Affected
Platforms: All Platforms Affected
Bugs: Buffer Overflows
Severity: Xtreme!!!!
Date: 15 Jan 2008
Credit: Fredrick Diggle

#######################################################################

1) Introduction
2) Bugs
4) Fix

#######################################################################

===============
1) Introduction
===============

Fredrick Diggle Security Services is probably the best application
security researchers on the scene this month. They have identified
several hundred thousand vulnerabilities this week for which Priv8
0dayz have been developed. Fredrick Diggle Security Team has decided
to release several of these vulnerabilities to the community at large
(Pre Vendor Release!!!!). Fred Diggle would like to ensure that you
understand this is 0DAY!!!. The vendors are completely unaware of this
vulnerabilities.

#######################################################################

=======
2) Bugs
=======

OpenSSL 0.9.7j
  openssl-0.9.7j/fips-1.0/aes/fips_aesavs.c 973: User supplied data
copied into fixed length buffer on the stack with no length
verification.

SSH 3.2.9.1
  ssh-3.2.9.1/lib/zlib/contrib/minizip/minizip.c 187: User supplied
data copied into fixed length buffer on the stack with no length
verification.

Apache 1.3.37
  src/regex/split.c 164: User supplied data copied into fixed length
buffer on the stack with no length verification.

Samba 3.0.25b
  samba-3.0.25b/source/popt/poptparse.c 27: Integer overflow in size_t
which is later used in heap allocation. Buffer then copied into this
memory resulting in heap overflow.


Fredrick Diggle would like you to note that this is very small subset
of the 0dayz that Fredrick Diggle Security Team has available. If you
are rich and would like to buy our Exploit codez Fredrick Diggle would
very much like to hear from you.


#######################################################################

======
4) Fix
======

There is no fix :> We are doomed :<

#######################################################################

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ