This Metasploit module exploits a stack overflow in the NetApi32 NetpManageIPCConnect function using the Workstation service in Windows 2000 SP4 and Windows XP SP2. In order to exploit this vulnerability, you must specify a the name of a valid Windows DOMAIN. It may be possible to satisfy this condition by using a custom dns and ldap setup, however that method is not covered here. Although Windows XP SP2 is vulnerable, Microsoft reports that Administrator credentials are required to reach the vulnerable code. Windows XP SP1 only requires valid user credentials. Also, testing shows that a machine already joined to a domain is not exploitable.

continue reading.....

This Metasploit module exploits a stack based buffer overflow in Timbuktu Pro version

continue reading.....

This Metasploit module exploits a stack overflow in the IBM Tivoli Storage Manager Express CAD Service. By sending a ping packet containing a long string, an attacker can execute arbitrary code. NOTE: the dsmcad.exe service must be in a particular state (CadWaitingStatus = 1) in order for the vulnerable code to be reached. This state doesn’t appear to be reachable when the TSM server is not running. This service does not restart.

continue reading.....

Recently there was a message posted upon the debian-user-german mailing list asking if there is a way to create BIND-compliant DNS-Updates with regulars dyndns-clients from routers. The Idea behind this is to get rid of dyndns.org services and provide …

continue reading.....

We’ve always had a lot of fun with Indianapolis-based startup ChaCha. They launched in 2007 as a human powered search engine – meaning a human found you answers when you typed in a query. Pranksters, obviously, loved it. And we noted the high cost of hiring humans to basically do Google searches and return results to people.

The human powered web search never really worked out. But ChaCha evolved. In 2008 they launched a mobile version of the service that lets users ask questions via SMS. Putting a human into the mix makes sense with mobile, with poor (or no) data connectivity and hard to use keyboards. But all phones have SMS, and ChaCha had a hit on their hands (they also had the infamous Eiffel Tower incident).

And ChaCha also made another smart move. They started archiving questions and answers on their website in January 2009. 300 million of them are now published on their website – you can view and search them from the ChaCha home page. Those pages have lots of ads generating revenue, and the search engines tend to rank pages like these highly. The company serves just under a million page views to answer pages per day, they say.

CEO Scott Jones says the company has had “explosive growth” in usage of their mobile product. In fact, the company has had to take steps in the past to control that growth, by limiting the number of questions people can ask each month. Even so, people now ask ChaCha a million questions a day via SMS. They recently passed Google and ChaCha is the no. 1 SMS search service according to Nielsen Mobile.

continue reading.....

I have got e.g. two servers with Apache and Postfix and a virtual IP (from heartbeat-1). Well, heartbeat is working well and it is simple to deal with complete server outages, but how can I configure heartbeat, so that it also switches the server, if …

continue reading.....

Lower the Lifeboats and hoist the Mains’l, this is going to be a rough ride. While companies worldwide look for ways to reduce costs, shed dead weight from their labor resources and streamline their businesses, it makes me wonder if Linux will survive the global economic meltdown. Oh, I know it will survive in terms of us geeks who use it and tout its goodness. It will survive in ISP data centers, some cloud-based businesses and as the de facto platform for virtualization. But will businesses such as hospitals, law firms, trucking companies and retail stores adopt it for their productive operating system of choice?

continue reading.....

This Metasploit module exploits a buffer overflow in the Eureka Email 2.2q client that is triggered through an excessively long ERR message. NOTE: this exploit isn’t very reliable. Unfortunately reaching the vulnerable code can only be done when manually checking mail (Ctrl-M). Checking at startup will not reach the code targeted here.

continue reading.....

The NTP service that uses network-time servers to keep your computer’s clock from drifting is another thing that Ubuntu includes by default but must be added to Debian if you want to use it.

continue reading.....

Monopoly capitalism exemplifies everything that’s gone wrong with American politics, and we need to do something about it — soon.

continue reading.....

In Mileston, Miss., the struggle against poor nutrition and poverty is being fought in the black community’s own backyard.

continue reading.....

There is no "war" against terrorism. What George W. Bush launched and Barack Obama insists on perpetuating does not qualify.

continue reading.....

The Tea Party Express is trying to capitalize on the Tea Party movement for crass and self-serving political purposes — mainly as a fundraising machine for Republican causes.

continue reading.....

Monopoly capitalism exemplifies everything that’s gone wrong with American politics, and we need to do something about it — soon.

continue reading.....

This Metasploit module exploits a stack-based buffer overflow in HP Application Recovery Manager OmniInet daemon. By sending a specially crafted MSG_PROTOCOL packet, a remote attacker may be able to execute arbitrary code.

continue reading.....

This Metasploit module exploits a stack overflow in the IBM Tivoli Storage Manager Express Remote Client Agent service. By sending a dicuGetIdentify request packet containing a long NodeName parameter, an attacker can execute arbitrary code. NOTE: this exploit first connects to the CAD service to start the RCA service and obtain the port number on which it runs. This service does not restart.

continue reading.....

This Metasploit module exploits a buffer overflow in Computer Associates BrighStor ARCserve r11.5 (build 3884). By sending a specially crafted RPC request to opcode 0×342, an attacker could overflow the buffer and execute arbitrary code. In order to successfully exploit this vulnerability, you will need set the hostname argument (HNAME).

continue reading.....

As the Web becomes more social, privacy becomes harder and harder to come by. People are over-sharing on Facebook and Twitter, broadcasting their whereabouts every ten steps on Foursquare and Gowalla, and uploading photos and videos of their most private moments to the Web for all to see. It’s easy to say that privacy is dead, we all live in public now, and just deal with it.

But things are a bit more complicated. It used to be that we lived in private and chose to make parts of our lives public. Now that is being turned on its head. We live in public, like the movie says (except via micro-signals not 24-7 video self-surveillance), and choose what parts of our lives to keep private. Public is the new default.

continue reading.....

[SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation

continue reading.....

[SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation

continue reading.....

RE: Tests about semicolon zero-day (BID 37460)

continue reading.....

[ MDVSA-2009:346 ] kde

continue reading.....

Debian Linux Security Advisory 1957-1 – It was discovered that aria2, a high speed download utility, is prone to a buffer overflow in the DHT routing code, which might lead to the execution of arbitrary code.

continue reading.....

This exploit takes advantage of a stack based overflow. Once the stack corruption has occurred it is possible to overwrite a pointer which is later used for a memcpy. This gives us a write anything anywhere condition similar to a format string vulnerability.

continue reading.....

Foursquare, the geo-location based check-in game, just announced its first venue that is combining badges and promotions. On Foursquare you get badges for checking into places. The person who checks into a place the most becomes the “Mayor.” You also get promotions from restaurants and bars nearby based on your location. Now those two elements are being tied together. For instance, Blynk Organic a restaurant in Charlotte, North Carolina is the first venue to offer this promotion:

Mayor eats for free! Just show us your phone after checking in to validate. 25% off egg sandwiches for all Gym Rats (Foursquare badge required)

continue reading.....

Re: RE: Tests about semicolon zero-day (BID 37460)

continue reading.....

Google’s Android market is bursting with great applications. We look at some of the best for your phone.

continue reading.....

Mandriva Linux Security Advisory 2009-244 – Xfig in Debian GNU/Linux, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10) xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID] is a process ID. This update provides a solution to this vulnerability. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

continue reading.....

Bruce Byfield, avoiding a look back at his last years’ predictions, looks ahead and makes nine specific predictions about what to expect in 2010.

continue reading.....

This code was released to mitigate the Microsoft IIS semi-colon vulnerability. It’s intended for IIS 4.0, 5.x, and 6.0.

continue reading.....