Archive for the ‘advisory’ Category

Exploits for Kaminsky’s DNS Cache Poisoning Flaw

July 23, 2008

I patched the second Kaminsky told us all to ~15 days ago… did you?



Metasploit blog post about these exploits.


CAU-EX-2008-0001: Solaris ypupdated Command Execution

April 4, 2008

Metasploitized version of a recent Solaris rpc.ypupdated exploit from milw0rm:

CAU-2008-0001: Slowly Closing Door Race Condition

April 1, 2008

Today we have a new advisory for you, CAU-2008-0001, the Slowly Closing Door Race Condition:

EDIT (04/02/2008):  April Fools!!!

CAU-2006-0001: Trojaned Navigation Menu

November 16, 2007

CAU-2007-0001: Window Transparency Information Disclosure

April 1, 2007

An information disclosure attack can be launched against buildings that make use of windows made of glass or other transparent materials by observing externally-facing information through the window.

CAU-2005-0001: Chat Service Users – “Oops! Wrong Window” Information Disclosure

April 1, 2005

A potential information disclosure vulnerability exists with all users
of chat services. When users do not adequately pay attention to which
window or application has focus on their workstation, they may
inadvertently type sensitive information like passwords or personal
information into the chat service.

6 New AIX Security Advisories by intropy

June 7, 2004

IBM AIX invscout Commandline Argument Overflow

IBM AIX paginit Command-line Argument Format String

IBM AIX diagTasksWebSM Commandline Argument Overflow

IBM AIX getlvname Commandline Argument Overflow

IBM AIX p* Commandline Argument Overflow

IBM AIX swcons Commandline Argument Overflow

CAU-2004-0001: Mutliple Screensaver – Information Disclosure

April 1, 2004

An information disclosure vulnerability exists with some popular screensavers. Screensavers that use snapshots of the underlying desktop may reveal sensitive information if the screensaver is intended to lock a user’s workstation while they are away.