Netcraft is reporting that apache.org has been compromised. The apache blog posted the following message indicating an SSH key compromise. "This is a short overview of what happened on Friday August 28 2009 to the apache.org services. A more detailed post will come at a later time after we complete the audit...
Article: Bypassing DBMS_ASSERT in certain situations
David "I like to beat up on oracle" Litchfield has published a new paper outlining how DBMS_ASSERT can be misused in such a way that SQL Injection is possible. From the whitepaper "The DBMS_ASSERT builtin package can be used by PL/SQL developers to protect against SQL injection attacks[1]. In [2] Alex Kornbrust...
Flash Worm - SANS Analysis
Sans has write up about a recent flash worm. "A few days ago a lot of media wrote about a Flash worm. I managed to get hold of samples and analyzed it (thanks to Peter Kruse of CSIS for the samples). First of all, while the exploit code contains Flash, it is...
WASC Distributed Open Proxy Honeypot Update - XSS in User-Agent Field
"In case you missed it, the WASC Distributed Open Proxy Honeypot Project launched Phase III at the end of July. We have a few sensors online and as we start gathering data, we are starting our analysis. Our goal is to be able to release "events of interest" to the community to...
AppSec DC 2009
"OWASP Announces International Application Security Conference for 2009 Speaker Agenda Released and Registration Open for 2009's Largest Web Application Security Event Washington DC August 20th, 2009 -- Following in the footsteps of the Open Web Application Security Project's (OWASP, http://www.owasp.org ) immensely successful and popular conferences earlier this year in Australia, Poland,...
WASC Threat Classification v2 updates
We're nearing the completion of the WASC Threat Classification v2 (2 sections left!) and have added the following new sections since my last couple of posts. Null Byte Injection Integer Overflows We've also heavily updated the following sections Buffer Overflows (in depth discussion of heap vs stack vs integer overflows) SQL Injection...
Bypassing OWASP ESAPI XSS Protection inside Javascript
"Everyone knows the invaluable XSS cheat sheet maintained by "RSnake". It is all about breaking things and features all the scenarios that can result in XSS. To complement his efforts, there is an excellent XSS prevention cheat sheet created by "Jeff Williams" (Founder and CEO, Aspect Security). As far as I have...
Wordpress Admin Password Reset Vulnerability
"Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and...
Mac OS X v10.5.8 Update
Apple has published the 10.5.8 Mac OS X update addressing security issues in the following products. bzip2 CFNetwork ColorSync CoreTypes Dock Image RAW ImageIO Kernel launchd Login Window MobileMe Networking XQuery Download Update: http://www.apple.com/support/downloads/ Detailed Information: http://support.apple.com/kb/HT3606
Next Phase of WASC's Distributed Open Proxy Honeypot Project Begins
Fellow WASC Officer Ryan Barnett has started the next phase of the Distributed Open Proxy Honeypot Project where people deploy open relay proxies and send the results to a central host for analysis. I met up with Ryan at blackhat where he showed me the central console displaying metrics for each proxy...
Gary McKinnon loses appeal
"Gary McKinnon has lost a judicial review against his extradition to the United States on hacking charges. Lawyers for the Briton hoped his recent diagnosis with Asperger's Syndrome would be enough to persuade judges to overturn previous rulings and allow McKinnon to be tried in the UK." - The Register Long story...
Why you never use ATMs in the hotel defcon is hosted in, or near
Just got back from vegas and finally started catching up. Looks like a fake ATM was placed at defcon (no surprise). "As the conference was kicking off a few days ago, attendees noticed that at ATM placed in the Riviera Hotel, which plays host to the annual event, didn't quite look right,...