Malware Defender 1.1.3(2008-09-24)及以下版本多处内核拒绝服务漏洞

作者:MJ0011

Malware Defender(简称MD)是一个HIPS & Anti-Rootkit工具。

Malware Defender最新版本1.1.3(2008-09-24)的内核驱动存在多处内核拒绝服务漏洞,任意权限的用户在安装了MD可引发蓝屏出问题的组件:mdcore.sys(安装后随机命名) 版本1.1.0.0 CheckSum = 0x0003C26C TimeStamp = 0x48d88131
阅读全文 »

Tags: ,

中网S3主机安全系统2008版本3.5.0.2(及以下)多处内核拒绝服务漏洞

作者:MJ0011

中网S3是一款号称4D & 4M齐全的防火墙、HIDS/HIPS软件

其最新版本3.5.0.2及以下所有版本的驱动程序存在多出内核拒绝服务漏洞,可使任何权限用户在安装了中网S3的系统上引发蓝屏

出问题的组件(已验证版本):NCFileMon.sys ,版本:5.2.3700.0(囧) , CheckSum = 0x00036d61,TimeStamp = 0x46f774e2
阅读全文 »

Tags: ,

php utf8 decode漏洞

来源:80sec

漏洞说明: php是一款被广泛使用的编程语言,可以被嵌套在html里用做web程序开发。但是在php里使用的某些编码函数在处理畸形的utf8序列时会产生不正确的结果,这样在某些情况下可能会引起应用程序的安全漏洞,绕过某些逻辑过滤等等。

漏洞成因:php在处理utf8编码时,对畸形的序列处理不当,如
阅读全文 »

Tags: , , ,

IE中限制flash访问document对象的一个bug

作者:

虽然IE备受批评,但是从某些安全性上来说,IE还是做的挺不错的。
比如IE中iframe拦截本地cookie,IE在iframe里实现一个security属性。这些特性都是FF没有的。

而今天则看到了另外一个安全问题。
在浏览器里,如果直接访问某个swf文件,浏览器会自动加上embed标签
阅读全文 »

Tags: ,

Blind SQL Injection by Dichotomy Function

PHP二分法注射猜解

来源:Web安全手册

<?php

#  Name -> Blind SQL Injection by Dichotomy Function
#    Credits -> charles "real" F. <charlesfol[at]hotmail.fr>
#  Date -> 13-04-08
 阅读全文 »
Tags: ,

Hello ClearClick, Goodbye Clickjacking!

来源:hackademix.net

Finally NoScript 1.8.2.1 is out, featuring the announced new anti-clickjacking countermeasures enabled by default, independent from IFRAME and plugin content blocking settings.

The most specific and ambitious is called ClearClick: whenever you click or otherwise interact, through your mouse or your keyboard, with an embedded element which is partially obstructed, transparent or otherwise disguised, NoScript prevents the interaction from completing and reveals you the real thing in “clear”. At that point you can evaluate if the click target was actually the intended one, and decide if keeping it locked or unlock it for free interaction. This comes quite handy now that more dangerous usages of clickjacking are being disclosed, such as enabling your microphone or your webcam behind your back to spy you through the interwebs.
阅读全文 »

Tags: ,

Clickjacking Details

来源:ha.ckers.org

Today is the day we can finally start talking about clickjacking. This is just meant to be a quick post that you can use as a reference sheet. It is not a thorough advisory of every site/vendor/plugin that is vulnerable – there are far too many to count. Jeremiah and I got the final word today that it was fine to start talking about this due to the click jacking PoC against Flash that was released today (watch the video for a good demonstration) that essentially spilled the beans regarding several of the findings that were most concerning. Thankfully, Adobe has been working on this since we let them know, so despite the careless disclosure, much of the work to mitigate this on their end is already complete.
阅读全文 »

Tags:

Clickjacking的一些细节

作者:Monyer

昨天晚上Rsnake放出了clickjacking的Detail,今天大致看了下,这种攻击对于Flash来说,危险性是加倍的。想你不经意间的鼠标点击,你的摄像头就被控制了或者你的麦克风就被录音了,这是不是很恐怖?
阅读全文 »

Tags: