[REVS] Vulnerabilities in Your Code and Advanced Buffer Overflows

From: support@securiteam.com
Date: 11/17/02

  • Next message: support@securiteam.com: "[EXPL] Linux Rsync Remote Exploit Code" 
    From: support@securiteam.com
To: list@securiteam.com
Date: 17 Nov 2002 22:10:19 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    Beyond Security would like to welcome Tiscali World Online
    to our service provider team.
    For more info on their service offering IP-Secure,
    please visit http://www.worldonline.co.za/services/work_ip.asp
    - - - - - - - - -

      Vulnerabilities in Your Code and Advanced Buffer Overflows
    ------------------------------------------------------------------------

    SUMMARY

    A paper by CoreSecurity that underlines some of the most common mistakes
    made by programmers, presented as ten examples. Paper shows the exact
    location of vulnerabilities in codes, providing detailed explanations and
    exploits for each one found.

    DETAILS

    The complete paper can be found at:
     <http://www.core-sec.com/examples/core_vulnerabilities.pdf>
    http://www.core-sec.com/examples/core_vulnerabilities.pdf

    ADDITIONAL INFORMATION

    The information has been provided by gera of <http://www.core-sec.com/>
    Core Security.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

    Relevant Pages

    • HP-UX security bulletins digest
      ... Security Bulletin Digest Split ... cluster SNMP MIB to obtain the correct status for the cluster. ...
      (Bugtraq)
    • Sec. Vulnerability in SNMP (rev. 1)
      ... The information in the following Security Bulletin should be acted ... Vulnerabilities in SNMP request and trap handling. ... cluster SNMP MIB to obtain the correct status for the cluster. ...
      (comp.security.misc)
    • Sec. Vulnerability in SNMP (rev. 1)
      ... The information in the following Security Bulletin should be acted ... Vulnerabilities in SNMP request and trap handling. ... cluster SNMP MIB to obtain the correct status for the cluster. ...
      (comp.security.unix)
    • Neue Sicherheits-Bulletins - KRITISCHE UPDATES - Bitte beachten
      ... Bulletin Anfang. ... Microsoft is releasing the following four new security bulletins for newly discovered vulnerabilities: ... Windows Services for UNIX, ...
      (microsoft.public.de.german.visio)
    • Sec. Vulnerability in SNMP (rev. 9)
      ... The information in the following Security Bulletin should be acted ... Vulnerabilities in SNMP request and trap handling. ... Patches for some affected systems are available now. ...
      (comp.security.misc)