Re: OSX - trojan apps can bypass authentication controls and gain root privilages
Grok Headline matches for Re: OSX - trojan apps can bypass authentication controls and gain root privilages
Linpha 0.9.4: authentication bypass
Linpha 0.9.4: authentication bypass
07/29/2004 03:31 PMRubén Molina (Jul 29 2004)
Jaws 0.4: authentication bypass
Jaws 0.4: authentication bypass
07/30/2004 03:19 AMRubén Molina (Jul 29 2004)
MySQL Authentication Bypass
MySQL Authentication Bypass
07/05/2004 02:38 PMNGSSoftware Insight Security Research (Jul 05 2004)
MailWorks Professional - Authentication
bypass
MailWorks Professional - Authentication
bypass
09/02/2004 07:18 PMheadpimp_at_pimp-industries.com (Sep 02 2004)
Cisco IOS IKE Xauth Authentication
Bypass Vulnerabilities
Cisco IOS IKE Xauth Authentication
Bypass Vulnerabilities
04/07/2005 03:25 AMfrSIRT Apr 7 2005 8:12AM GMT
LinPHA User Authentication Bypass
Vulnerability
LinPHA User Authentication Bypass
Vulnerability
08/01/2004 11:45 AMDirect and Related Links
for 'LinPHA User Authentication Bypass Vulnerability'
“Description: Fernando Quintero has reported a vulnerability
in LinPHA, which can be exploited by malicious people to conduct SQL
injection attacks….The vulnerability has been reported in
version 0.9.4. Other versions may also be affected. Solution: A fix is
available in the CVS repository.”…
Mailworks User Authentication Bypass
Vulnerability
Mailworks User Authentication Bypass
Vulnerability
09/07/2004 01:32 AMDirect and Related
Links for 'Mailworks User Authentication Bypass Vulnerability'
“CRITICAL: Moderately critical IMPACT: Security Bypass WHERE:
From remote Paul Craig has reported a vulnerability in Mailworks,
which can be exploited by malicious people to bypass the user
authentication. The problem is that the application doesn’t
verify if a user is logged on. It merely checks if a cookie with the
appropriate “uId” and “auth” parameters is
set. Successful exploitation allows a malicious person to log on as
any user. SOLUTION: The vendor has reportedly…
[waraxe-2004-SA#018 - Admin-level
authentication bypass in phpnuke
6.x-7.2]
[waraxe-2004-SA#018 - Admin-level
authentication bypass in phpnuke
6.x-7.2]
04/12/2004 04:55 PMJanek Vind (Apr 12 2004)
Cisco IOS IKE XAUTH ISAKMP IPSec SA
Establish Authentication Bypass
Cisco IOS IKE XAUTH ISAKMP IPSec SA
Establish Authentication Bypass
04/17/2005 10:34 AMAddict3d.org Apr 17 2005 12:19PM GMT
[waraxe-2004-SA#017 - User-level
authentication bypass in phpnuke
6.x-7.2]
[waraxe-2004-SA#017 - User-level
authentication bypass in phpnuke
6.x-7.2]
04/12/2004 04:55 PMJanek Vind (Apr 12 2004)
Vulns: Motorola WR850G Wireless Router
Remote Authentication Bypass
Vulnerability
Vulns: Motorola WR850G Wireless Router
Remote Authentication Bypass
Vulnerability
09/26/2004 05:11 PMSecurityFocus Sep 26 2004 8:09PM GMT
Easily run X11 apps that require root
Easily run X11 apps that require root
02/12/2004 11:33 AM
Some X11 applications need to be run as root or sudo-ed. For example,
ethereal needs to be run as root, otherwise you won't get proper
access to the network interfaces to sniff the traffic.
I was looking for a way to not ...
A simple way to launch GUI apps as root
A simple way to launch GUI apps as root
07/16/2004 11:50 AMThe site mac-forums.com has a really nice writeup on launching GUI
apps as root. After searching macosxhints.com fruitlessly I found this
hint to be succinct and useful.
[robg adds: I haven't needed a GUI app running as root...
CA tool kit enables shared security
controls to be integrated with existing
apps
CA tool kit enables shared security
controls to be integrated with existing
apps
06/24/2005 08:54 PMLast time out I spoke about smaller, more tightly focused, industry
events (conferences, trade shows, user group meetings, etc.). All of
that reminded me to mention something that occurred at the Gartner IT
Summit in Washington, D.C. earlier this month. At that conference,
Computer Associates announced its eTrust Identity and Access
Management (IAM) Toolkit. While it's aimed at commercial developers,
in-house programmers might benefit more from this release.
[Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability
[Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability
05/30/2004 01:49 AMidlabs-advisories_at_idefense.com (May 27 2004)
Re: [Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability
Re: [Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability
05/28/2004 12:24 PMSeth Alan Woolley (May 27 2004)
UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco
contains a buffer overflow that could be
exploited to gain root privileges.
UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco
contains a buffer overflow that could be
exploited to gain root privileges.
07/31/2004 05:36 AMplease_reply_to_security_at_sco.com (Jul 30 2004)
Speech Web apps gain boost from VoiceXML
(XML & Web Services Magazine)
Speech Web apps gain boost from VoiceXML
(XML & Web Services Magazine)
06/04/2002 06:01 AMOpenServer 5.0.6 OpenServer 5.0.7 : Xsco
contains a buffer overflow that could be
exploited to gain root privileges.
OpenServer 5.0.6 OpenServer 5.0.7 : Xsco
contains a buffer overflow that could be
exploited to gain root privileges.
07/31/2004 08:55 AMplease_reply_to_security_at_sco.com (Jul 30 2004)
[ GLSA 200409-18 ] cdrtools: Local root
vulnerability in cdrecord if set SUID
root
[ GLSA 200409-18 ] cdrtools: Local root
vulnerability in cdrecord if set SUID
root
09/14/2004 10:12 PMSune Kloppenborg Jeppesen (Sep 14 2004)
Stock-Index Futures Gain; Motorola,
Intel Gain in Europe on Nokia Forecast
Stock-Index Futures Gain; Motorola,
Intel Gain in Europe on Nokia Forecast
12/22/2004 01:28 AMBloomberg Dec 20 2004 10:33AM GMT
Re: a dangerous fast spreading (yet
simple) trojan horse (Now
IRC.Trojan.Fgt)
Re: a dangerous fast spreading (yet
simple) trojan horse (Now
IRC.Trojan.Fgt)
10/28/2003 11:06 PMK-OTiK Security (Oct 28 2003)
3D Controls
3D Controls
04/24/2004 04:42 AMversion 0.6b of 3D Controls
Re: a litle bypass with IE
Re: a litle bypass with IE
05/10/2004 05:38 PMNeil Briscoe (May 10 2004)
a litle bypass with IE
a litle bypass with IE
05/10/2004 01:08 PMNuno Costa (May 10 2004)
Who Controls Your Media?
Who Controls Your Media?
09/21/2004 04:55 PMDirect and Related Links for 'Who Controls Your
Media?'
When will the media companies learn. Just because someone wants to
record a program off of TV does not mean that they have an intention
of trying to go behind their back to resell it or do other evil,
illegal things with that content. And why bother adding USB and
Firewire ports if there is no intention of allows users to have access
to backing up their media content?…
Who controls the internet?
Who controls the internet?
06/04/2004 03:54 PMPC Magazine UK Jun 4 2004 8:31PM GMT
US criticised over web controls
US criticised over web controls
05/11/2004 06:17 AMBBC May 11 2004 11:09AM GMT
Data Controls
Data Controls
12/22/2003 11:31 AMDataControls enable dynamic properties at Mfg. Company
Net Users Bypass Browser
Net Users Bypass Browser
01/02/2004 08:22 AMIBM to launch Microsoft bypass
IBM to launch Microsoft bypass
05/09/2004 10:39 PMInternational Business Machines has raised the stakes in its battle
with Microsoft by developing a software technology that would allow
large corporations to bypass Microsoft operating systems and
applications on PCs or handheld computers.
This is the latest of increasingly aggressive moves by IBM, the
world's largest computer company, to grab market share as global
information technology markets strengthen following three years of
downturn. It comes as Microsoft is under pressure from corporate
customers unhappy with security issues in its software and the cost of
licences.
Net users bypass browser
Net users bypass browser
01/05/2004 12:01 AMCNET Asia Jan 4 2004 10:54PM ET
Understanding ASP.NET Validation
Controls
Understanding ASP.NET Validation
Controls
09/06/2004 06:28 PMWebDevInfo Sep 6 2004 8:28PM GMT
Remote Controls Proliferate
Remote Controls Proliferate
07/05/2004 09:37 AMAP via Los Angeles Times Jul 5 2004 2:13PM GMT
US edges towards spyware controls
US edges towards spyware controls
06/18/2004 04:48 AMUS law-makers move towards controls on hidden software that can
secretly spy on online habits.
Longhorn: Controls and XAML
Longhorn: Controls and XAML
12/18/2003 12:58 AMLonghorn platform applications typically consist of an Application
object and a set of user interface pages that you write in a
declarative markup language called XAML.
The Application object is a singleton and persists throughout the
lifetime of the application. It allows your application logic to
handle top-level events and share code and state among pages. The
Application object also determines whether the application is a single
window application or a navigation application.
You typically write each user interface page using a dialect of XML
named Extensible Application Markup Language (XAML). Each page
consists of XAML elements, text nodes, and other components organized
in a hierarchical tree. The hierarchical relationship of these
components determines how the page renders and behaves.
You can also consider a XAML page to be a description of an object
model. When the runtime creates the page, it instantiates each of the
elements and nodes described in the XAML document and creates an
equivalent object model in memory. You can manipulate this object
model programmatically—for example, you can add and remove elements
and nodes to cause the page to render and behave differently.
Oracle says it controls PeopleSoft
Oracle says it controls PeopleSoft
12/29/2004 08:06 AMCNN Money Dec 29 2004 12:39PM GMT
J# Browser Controls v1.1b (Beta)
J# Browser Controls v1.1b (Beta)
02/17/2004 01:22 AMJ# Browser Controls provide developers with a way to migrate their
existing Java applet source code to run within the context of the .NET
Framework. J# Browser Controls have full access to the .NET Framework,
including the ability to access native support for XML Web services.
They also provide J# developers with a way to enable rich, client-side
functionality within a Web-based application.
Remote Controls Run Amok
Remote Controls Run Amok
07/06/2004 05:15 AMCBS News Jul 6 2004 9:37AM GMT
Grok Description matches for Re: OSX - trojan apps can bypass authentication controls and gain root privilages
GrokA matches for Re: OSX - trojan apps can bypass authentication controls and gain root privilages
Re: OSX - trojan apps can bypass authentication controls and gain root privilages
