Firefox 3.0.7 Released

Wednesday, March 4th, 2009

Firefox 3.0.7 has been released today and this version fixes several issues found in Firefox 3.0.6. Fixed several security issues: -URL spoofing with invisible control characters -Upgrade PNG library to fix memory safety hazards -XML data theft via RDFXMLDataSource and cross-domain redirect -Mozilla Firefox XUL Linked Clones Double Free Vulnerability -Crashes with evidence of memory corruption (rv:1.9.0.7) Fixed ...

Posted in Internet, Linux, Windows | 2 Comments

Fast-Track 4.0 – Automated Penetration Testing Suite

Wednesday, February 18th, 2009

For those of you new to Fast-Track, Fast-Track is a python based open-source project aimed at helping Penetration Testers in an effort to identify, exploit, and further penetrate a network. Fast-Track was originally conceived when David Kennedy was on a penetration test and found that there was generally a lack ...

Posted in Coding, Internet, Linux, Privacy, Security | No Comments

Telnetd exploit on FreeBSD 7

Monday, February 16th, 2009

A posting on the Full Disclosure mailing list has revealed what the FreeBSD Security team call a semi-remote root exploit for the telnetd service in FreeBSD 7, and later. By default, this service is disabled. To exploit the vulnerability, a maliciously crafted library must be placed on the victim system beforehand, ...

Posted in Coding, Linux, Security | No Comments

Denial of Service using Partial GET Request in Mozilla Firefox 3.06

Thursday, February 12th, 2009

The Partial GET Request (HTTP 206 Status Code) of a WAV file results in a Denial of Service of the application. Last HTTP packet from Firefox before the DoS is listed below in RAW format: GET /fpaudio/footprints_waves.wav HTTP/1.1 Accept: */* User-Agent: NSPlayer/11.0.6001.7001 WMFSDK/11.0 UA-CPU: x86 Accept-Encoding: gzip, deflate Range: bytes=34848- Unless-Modified-Since: Mon, 09 Jul 2007 12:44:57 GMT If-Range: "4f0018-440f2-434d403204440" Host: ...

Posted in Coding, Internet, Linux, Security, Software, Windows | No Comments

BackTrack 4 Beta Released

Wednesday, February 11th, 2009

This is it!  After many months of effort from the Remote Exploit Dev team, BackTrack 4 Beta is ready and available.  I thought I'd post up some "getting started" notes, to help people out with the first surge of questions. Default password to BackTrack 4 hasn't changed, still root / toor. KDE ...

Posted in Coding, Internet, Linux, Networking, Privacy, Security, Software | No Comments

Copyright 2008-2024 PC Sympathy - Entries (RSS) - Sitemap