Chercher :
Newsletter :  
Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs




Sponsors :

Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- Commentaires

Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs

Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

Secumail :
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS/XML :
- Articles
- Brèves
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter
- Secunia
- Full Disclosure
- Bugtraq
- DailyDave
- Vulnwatch
- Vulndiscuss
- FunSec
- Focus-IDS
- WebAppSec
- Security-Basis

RSS SecuObs :
- sécurité
- exploit
- windows
- microsoft
- réseau
- attaque

RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network

RSS Videos :
- vmware
- security
- virus
- biometric
- windows
- lockpicking

RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco

RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques

RSS OPML :
- Français
- International



Revue de presse francophone :
- Stonesoft propose un accès mobile et sécurisé au cloud
- Auditez gratuitement votre parc informatique avec Sophos Computer Security Scan
- Retarus réseaux zombies, nouvelle menace pour les systèmes informatiques
- Commune Image opte pour la fibre optique et le CENTREX IP avec Celeste
- France les constructeurs auto prennent doucement la mesure du 2.0
- L'Atelier numérique N 323
- Aidez-nous à améliorer les magazines
- Equinix obtient la certification LEED pour son Data Center de la Silicon Valley
- NCP engineering annonce sa technologie Pather Finder
- NovaForge devient la forge du consortium OW2
- OpenSSL buffer overflow via bn_wexpand
- Sur Wikipédia, la diversité des collaborateurs fait la qualité du contenu
- De nouveaux problèmes de patches pour Microsoft
- FreeBSD, NetBSD, OpenBSD déni de service de ftpd
- emission du 14 mars 10

Dernier articles de SecuObs :
- Edenwall obtient une subvention de la DGA
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- Une faille dans l’implémentation RSA de OpenSSL
- Flint un scanner pour simuler, vérifier et nettoyer les règles de filtrage
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- 100 000 dollars pour le Pwn2own 2010
- Un botnet qui rapporte gros
- Webraider offre un reverse shell contre une simple injection SQL
- Des nouvelles du traité secret ACTA
- Keimpx un outil d'audit pour les réseaux Microsoft Windows

Revue de presse internationale :
- Smart Card Alliance Transportation Council announced
- CO Littleton Pizza Hut employees angry over personal info breach
- State leads investigation of sheriff s deputy alleged to have taken reports, data
- S.Korea to probe huge online data leak
- Ask Not What Cybersecurity Can Do for You...
- IT contractors convicted of UK casino hack scam
- Spamassassin Milter Plugin Remote Root Attack, Mon, Mar 15th
- US Government Accountability Office National Security Council s Comprehensive National Cybersecurity Initiative Deemed Defective
- Lisa Benson Nanny Nation
- LifeLock Coughs Up 12,000,000, Settles FTC Lawsuit
- On A Claire Day You re Welcome
- Koobface Redirectors and Scareware Campaigns Now Hosted in Moldova
- Classmates.com settles suit over misleading e-mails
- XP Professional SP2 ita calc.exe - 36 bytes
- Open Compact FTPd 1.2 Pre-Authentication Buffer Overflow meta

Annuaire des videos
- Shmoocon 2010 An Existential Threat To Security As We Know It 3
- Metasploit Meterpreter Reverse wmv
- Convert File exe To shellcode avi
- new botnet infects 13 millon computers overseas
- VMware Site Recovery Manager SRM 02 SAN Setup using Lefthand VSA
- How to restore your windows login Password
- iptables Walkthrough Linux Firewall
- Nieuwslicht Een computervirus maken dat kan iedereen Dutch news clip
- Bypassing AV with Metasploit
- Fluoride from China Census Healthcare reconciliation worker biometric ID card illegal
- Immigration reform goes biometric
- How hack a remote system using Metasploit
- Iptables ogv
- Robot Following a Colored Target
- US to Use Immigration to Push National Biometric ID

Revue Twitter
- Dunno. Tried 2 add Firewall ACL via Ruby IRB got:NameError: undefined local variable or method `firewall' for main:Object from (irb):6
- RT @Viss: @Beaker oh man didn't you get the memo? they dont need security. they have magic quotes and the cloud. HA.
- so, from google app script, i can make HTTP requests from the google app cloud. time to turn my spreadsheet into a reverse proxy server.
- RT @JoseSelvi: Explotando Internet Explorer con IEPeers (Metasploit) en Pentester.es http://bit.ly/bQK6ZW
- Collection of security checks for Linux http://bit.ly/a7IH7m
- http://bit.ly/bomZOS - Funny I've seen many pentests where no internet connection and wiping HDD is mandatory (no phones, no usb etc.)
- SSH Proxy: [link] http://bit.ly/dfpGog
- Secure mobile access to the cloud with StoneGate Virtual SSL VPN 1.4 - http://tinyurl.com/yzrwzxj
- Linux Advisory Watch: March 14th, 2010 - http://tinyurl.com/yjlyawv
- USENIX HotSec '10 Call for Papers Now Available - http://tinyurl.com/yger4ab

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse
Annuaires des videos : vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux

+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter



Top bi-hebdo des articles de SecuObs
- Apprendre à parler Skype pour mieux le faire taire !
- Des nouvelles du traité secret ACTA
- Une faille dans l’implémentation RSA de OpenSSL
- SET 0.4.1 - Social Engineering Toolkit - une plateforme de Social Engineering
- Keimpx un outil d'audit pour les réseaux Microsoft Windows
- Webraider offre un reverse shell contre une simple injection SQL
- 100 000 dollars pour le Pwn2own 2010
- Imposter 0.9 une plateforme de phishing ciblant les navigateurs Web
- Flint un scanner pour simuler, vérifier et nettoyer les règles de filtrage
- Un botnet qui rapporte gros

Top bi-hebdo de la revue de presse
- How to Jailbreak iPhone 3.1.3 IPSW with PwnageTool 3.1.5
- Dev Team Confirms iPhone 3.1.3 IPSW Jailbreak
- Rozlyn Papa sex tape rumours lead to malware
- FREE Kaspersky Internet Security 2010 Activation Code Valid for 6 Months
- Nouveau dictionnaire WPA Livebox
- installer backtrack 4 [tuto]
- Sea World killer whale attack video leads to malware
- Windows 7 browser choice screen March 1 Office 2010 ballot screen Highly critical Firefox vulnerability Google CEO Schmidt knows everything about you
- Le premier faux antivirus gratuit-payant
- Flight simulator, c est périmé

Top bi-hebdo de l'annuaire des videos
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- install MacOSX Snow Leopard in Windows PC using Vmware Workstation as virtual machine
- Blaze botnet in action www opensc ws
- Ettercap Tutorial Man In The Middle Arp Attack
- Basic Squid Proxy Server Tutorial Part 3 of 3
- Windows XP Pro SP3 in VMWare off iSCSI Target using gPXE over 802.11n
- Running Wireshark on Mac OS X 10 6 Snow Leopard
- Windows Backtrack 4 in Virtualbox Part 1
- Avast Internet Security 5 0 396 Final Free Full Download Licensed with Serial Key
- vSphere 4 0 update 1 VMware Update Manager and EMC PowerPath VE

Top bi-hebdo de la revue Twitter
- Wirshark + SSH = Wireshark Remote Capturing - http://www.howtoforge.com/wireshark-remote-capturing (via @welias)
- RT @FrikiFeeds: The newbie's guide to hacking the Linux kernel | TuxRadar Linux http://dlvr.it/6sQp
- RT @manicode: Very interesting Java ESAPI-like library coming out of Apache : http://bit.ly/9poefg
- Watching Metasploit Tricks 1 from @mubix - http://vimeo.com/9695470
- Exploit for Apache mod_isapi = 2.2.14 Dangling Pointer (CVE2010-0425) vulnerability ported to Metasploit http://bit.ly/ctDQjk
- Discoverer: Automatic Protocol Reverse Engineering from Network Traces #pdf http://ow.ly/1gHd1
- RT @damienmiller: Help test the new OpenSSH release (it's a big one): http://bit.ly/avLI9B #openbsd #openssh
- Product Watch: Free Tool Cleans Up Rusty, Unsafe Firewall Settings - Dark Reading http://bit.ly/d8hGhS #Security
- Nux Keylogger 0.0.1 http://packetstormsecurity.org/filedesc/nuxkeylogger0.0.1.c.html
- Apache releases version 2.2.15 with 5 security fixes including OpenSSL issue. http://bit.ly/9OGP6H

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- Microsoft Gazelle, mini-OS virtuel basé sur MashupOS pour une navigation Web sécurisée par isolation
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- GreenSQL un proxy MySQL pour filtrer les requêtes SQL et contrer les injections

Les derniers commentaires publiés sur SecuObs (1-5):
- WhatWeb v0.4 - released
- SQLmap 0.8 has been Released
- Video : Discovering CSRF with OWASP's CSRFTester Tool
- How your email gets hacked
- Sniff-n-Spit v1.0 - intercepting communications
[Message Precedent sur la mailing][Message Suivant sur la mailing][Precedent dans le fil][Prochain dans le fil][Index par Date][Index par fil] Re: [Full-disclosure] Samba Remote Zero-Day Exploit
Hello Paul, First and foremost I did not know about the configuration setting which closes the bug when i posted the advisory. So this was my mistake.

But for the most servers which are not entirely hardened (and my assumption is that this applies to many servers in internal networks) the traversal can be a serious issue, because a samba user (even nobody) can create the symlinks. It would in my point of view be more secure to only allow administrators to create symlinks as it is intended.

Again I might be wrong with this thought.

I first audited Windows Server 2008 for the new SMB2 hardlinking features. Symlinking on a windows server is possible but only when the remotely logged in account is the Administrator. Creating symlinks to paths outside the directory of the given share is not possible. However accessing a symlink in a directory which points to for example c:\ is possible. I don't say that because Samba should have the same semnatics as Windows, but because it's implemetation of handling remote to local and local to remote symbolic links is more secure.

After failing in auditing the Windows servers on the potential vulnerabilites I just gave samba a try and the default configuration of my Ubuntu Desktop System and CentOS Server allowed me to conduct the attack out of the box. Turning off symlink support in samba closes the hole but then no access to symlinks created by the administrator is possible or am I wrong? With Respect, Kingcope Am Samstag, den 06.02.2010, 09:43 +1100 schrieb paul.szabo@xxxxxxxxxxxxx: > Dear Dan, > > > The bug here is that out-of-path symlinks are remotely writable. ...

> > You mean "creatable".

> > > ... the fact that he can *generate* the symlink breaks ...

> > Nothing breaks if the admin sets "wide links = no" for that share: the > link is not followed.

> > > But Samba supports dropping a user into a path ...

> > I never noticed such support documented: references please? > > > ... and it really does need to keep him there.

> > You cannot "break out" of shares with "wide links = no".

> > > ... Samba is supposed to match Windows semantics in general.

> > No please, do not dumb it down.

> > Cheers, Paul > > Paul Szabo psz@xxxxxxxxxxxxxxxxx link://[click] > School of Mathematics and Statistics University of Sydney Australia Full-Disclosure - We believe in it.

Charter: link://[click] Hosted and sponsored by Secunia - link://[click]

Archives de la liste de diffusion Secunia
Archives de la liste de diffusion BugTraq
Archives de la liste de diffusion DailyDave
Archives de la liste de diffusion FunSec
Archives de la liste de diffusion Full Disclosure
Archives de la liste de diffusion Focus-IDS (FD)
Archives de la liste de diffusion Webappsec (FD)
Archives de la liste de diffusion Security-basics (FD)
Archives de la liste de diffusion Vulndiscuss
Archives de la liste de diffusion Vulnwatch






Les derniers commentaires publiés sur SecuObs (6-25):
- RFID reader for iPhone
- Fimap alpha v0.8 released
- ESRT @Opexxx - Add IPv6 DNS Brute Forcing - Metasploit DNS Enum module
- ESRT @nevdull77 - XSS demo steals password from password manager
- Video : ESRT @SecurityTube - Video Internet Explorer Iepeers Pointer Exploit
- ESRT @0x58 @packet_storm - Adobe PDF LibTiff Integer Overflow
- Video : ESRT @TimelessP - Aurora Exploit with alternate payload passing throu
- ESRT @ITVulnerability - PeerSec MatrixSSL - Embedded SSL and TLS implementati
- ESRT @packet_storm - Nux Keylogger 0.0.1
- ESRT @threatpost - New capabilities are strengthening the ZeuS botnet allowin
- Wireshark Display Filters cheatsheet v2.0
- tcpdump cheatsheet v2.0
- ESRT @virturity - Virtualization security assessment modules for Metasploit V
- ESRT @opexxx - Meterpreter script for extracting information from Windows lnk
- Update on Microsoft Security Advisory 981374
- SSD Tools Crack Passwords 100 Times Faster
- phpMyAdmin version 3.3.0 suffers from a cross site scripting vulnerability
- libcap-ng 0.6.3
- iScanner v0.4 released - Malicious codes scanner
- A vulnerability in Apple Safari, caused by an integer overflow error in Color

SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Archives Failles Secunia :
- SA38905 Debian update for linux-2.6
- SA38927 Fedora update for cups
- SA38932 Apple Safari Multiple Vulnerabilities
- SA38900 Eros Webkatalog id SQL Injection Vulnerability
- SA38888 Unbound Memory Alignment Denial of Service

Archives Mailing Full Disclosure :
- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e).
- Re: Full-disclosure HITB-Announce HITBSecConf2010 - Dubai Agenda Released
- Full-disclosure HITB-Announce HITBSecConf2010 - Dubai Agenda Released
- Re: Full-disclosure SecurityFocus to partially shut down
- Re: Full-disclosure SecurityFocus to partially shut down

Archives Mailing Bugtraq :
- VUPEN Security Research - Apple Safari ColorSync Profile Integer Overflow Vulnerability
- XSS I found a xss in phpmyadmin 3.3.0 when we create new database in interface!
- SECURITY DSA 2014-1 New moin packages fix several vulnerabilities
- USN-911-1 MoinMoin vulnerabilities
- iDefense Security Advisory 03.11.10: Multiple Vendor WebKit HTML Element Use After Free Vulnerability
- SECURITY DSA 2013-1 New egroupware packages fix several vulnerabilities

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :