Re: CanSecWest/core06 Vancouver April 3-7
This conference currently costs $1546 USD! :-( what moneybags loser is going to pay up so much just to go to a conference? buy yourself a nice computer, or hell, donate the money to openbsd.org instead! :-D drop a zero or two and it would be worth the trip Tuesday, March 7, 2006, 8:45:30 PM, you wrote: > The call for papers is now closed and the proposals have been reviewed > for the CanSecWest/core06 Applied Technical Security Conference held > on April 5-7 2006 at the Mariott Renaissance Harbourside in Vancouver, > B.C. Canada. > The selected submissions are : >An hour of Rap and Comedy about SAP - Steve Lord >Next Generation Sebek - Edward Balas - Indiana University >RF Bugsweeping - Tim Johnson - Technical Security Consultants Inc. >Magstripe Madness - Major Malfunction >Metasploitation (and a dash of IPS) - HD Moore - BreakingPoint >Carrier VoIP Security - Nico Fischbach - COLT >Attacking VoIP Networks - Hendrik Scholz - Freenet Cityline GmbH >Security Issues Related to Pentium System Management Mode - Looc Duflot >Advancements in Anonymous eAnnoyance - Christopher Abad - Cloudmark >Real Time Threat Mitigation Techniques - Josh Ryder - University of Alberta >Stunt Profiling: Securing a System While You Wait - Crispin Cowan - Novell >Visualizing Source Code for Auditing - Lisa Thalheim >Attacking Web Services - Alex Stamos, Scott Stender - iSEC Partners >Reverse Engineering Microsoft Binaries - Alexander Sotirov - Determina >Zen and the art of collecting and analyzing Malware - Fred Arbogast and > Sascha Rommelfangen - S.E.S. Astra >How to test an IPS - Renaud Bidou - RADWare >Insiders View: Network Security Devices - Dennis Cox - BreakingPoint >More on Uninitialized Variables - Halvar Flake >Eric Byres - SCADA - BCIT >Panel Discussion - Vulnerability Commercialization >Terri Forslof, 3Com, Manager of Security Response >Michael Sutton iDefense Labs, Director of iDEFENSE Labs >Others TBA >Vendor Elevator Focus Groups > David Meltzer, Cambia > Ofir Arkin, Insightix > Others TBA >Lightning Talks > Some talks from the PacSec/core05 conference in Tokyo in November and > the EUSecWest/core06 conference in London during February were highly > rated and have been invited for encore presentations at CanSecWest: >Attacking the IPv6 protocol suite - van Hauser - THC / n.runs GmbH >Protecting the Infrastructure - Jim DeLeskie & Danny McPherson - Teleglobe, > Arbor Networks > Security Masters Dojo Courses > April 3-5 Vancouver >Network Reconnaissance with Nmap 4 - Fyodor & Doug Hoyte >Network Vulnerability Scanning: Turning Nessus into Metasploit - Renaud > Deraison & Nicolas Pouvesle >Reverse Engineering: Rapid Bug Discovery and Input Crafting - Halvar >Assembly for Exploit Writing - Gerardo Richarte >Advanced IDS Deployment and Optimization - Marty Roesch >Advanced Honeypot Tactics - Thorsten Holz >Mastering the network with Scapy - Philippe Biondi >Securing your critical Cisco network infrastructure - Nico Fischbach >Practical 802.11 WiFi (In)Security - Cidric Blancher >Bluetooth Auditing and Technology - Martin Herfurt, Adam Laurie, Marcel > Holtmann > Conference registration on line can be found at: > http://cansecwest.com/register.html > Security Masters Dojo Vancouver registration can be found at > http://cansecwest.com/dojo.html > cheers, > --dr
is openbsd 3.9 php vulnerable? (Re[2]: [UPDATE] php5 to version 5.1.2 (IMPORTANT))
Hello,
Can someone please give a straight answer about these PHP security
holes? OpenBSD 3.9 released yesterday had packages supporting:
php 4.4.1p0
php 5.0.5p0
are either of these vulnerable? if so, is someone going to release
updated packages (not just ports)?
the php 5.1.3 release:
The security issues resolved include the following:
* Disallow certain characters in session names.
* Fixed a buffer overflow inside the wordwrap() function.
* Prevent jumps to parent directory via the 2nd parameter of the tempnam()
function.
* Enforce safe_mode for the source parameter of the copy() function.
* Fixed cross-site scripting inside the phpinfo() function.
* Fixed offset/length parameter validation inside the substr_compare()
function.
* Fixed a heap corruption inside the session extension.
* Fixed a bug that would allow variable to survive unset().
thanks
Monday, May 1, 2006, 7:18:50 AM, you wrote:
> Hi.
> I haven't recieved a single test report, but I still get
> letters about asking for an update. How's that?
> This tarball also includes mysqli, fastcgi and hardened php support:
> http://gi.unideb.hu/~robert/php.tar.gz
> On (28/04/06 01:59), Robert Nagy wrote:
>> Hi.
>>
>> Finally after fighting with pear I've managed to create a working update
>> for the php5 port.
>> The PHP guys have changed the installation method of pear to use some crappy
>> PHP_Archive. With this move they broke the installation of pear on serveral
>> linux distros (e.g. Frugalware), OpenDarwin and on OpenBSD of course.
>> Any other crappy package managements where they install files directly to
>> ${LOCALBASE}
--
Best regards,
paulmailto:[EMAIL PROTECTED]
exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
Is there some reason this issue is being ignored? What, you people
need to see an exploit before you will even LOOK at it and answer
whether it is vuln?
> Can someone please give a straight answer about these PHP security
> holes? OpenBSD 3.9 released yesterday had packages supporting:
> php 4.4.1p0
> php 5.0.5p0
> are either of these vulnerable? if so, is someone going to release
> updated packages (not just ports)?
> the php 5.1.3 release:
> The security issues resolved include the following:
> * Disallow certain characters in session names.
> * Fixed a buffer overflow inside the wordwrap() function.
> * Prevent jumps to parent directory via the 2nd parameter of the tempnam()
> function.
> * Enforce safe_mode for the source parameter of the copy() function.
> * Fixed cross-site scripting inside the phpinfo() function.
> * Fixed offset/length parameter validation inside the substr_compare()
> function.
> * Fixed a heap corruption inside the session extension.
> * Fixed a bug that would allow variable to survive unset().
> thanks
> Monday, May 1, 2006, 7:18:50 AM, you wrote:
>> Hi.
>> I haven't recieved a single test report, but I still get
>> letters about asking for an update. How's that?
>> This tarball also includes mysqli, fastcgi and hardened php support:
>> http://gi.unideb.hu/~robert/php.tar.gz
>> On (28/04/06 01:59), Robert Nagy wrote:
>>> Hi.
>>>
>>> Finally after fighting with pear I've managed to create a working update
>>> for the php5 port.
>>> The PHP guys have changed the installation method of pear to use some crappy
>>> PHP_Archive. With this move they broke the installation of pear on serveral
>>> linux distros (e.g. Frugalware), OpenDarwin and on OpenBSD of course.
>>> Any other crappy package managements where they install files directly to
>>> ${LOCALBASE}
--
Best regards,
paulmailto:[EMAIL PROTECTED]
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
php is required in order to use many of the more mature web applications such as forum software. i run apache chroot, use modsecurity, and use ipf to limit the www user. a tight systrace policy might help but not very much incremental gain. everyone says php is a security breach waiting to happen, so what else can i do if i want to use these large apps without rewriting them from scratch in another language? also, i wish openbsd would release updated packages instead of just the patches. i would do it myself but who would trust a binary some random guy posts? openbsd maintainers have to step up and do this. why aren't you guys releasing package updates anyway? when you post a source patch on your errata page, take the few extra minutes to make a updated package and post that as well please! :) thanks
Re: The Apache Question (lighttp remote holes just fixed)
lighttpd just fixed a remote hole (case insensitive file systems) in the CURRENT VERSION! Does this inspire confidence? I mean for fck sake, the version just before they fixed %00 append bug! Next thing they will discover directory traversal. o_O YEAH, yeah I want this FINE PIECE OF SOFTWARE running on my production servers. Bummer too, because the hype had it sounded pretty cool until I realized how recent those remote holes were :( > I think you have way more chance to ever see lighttpd replace apache 1.3 > oppose to have apache 2.x for sure. I am not talking for the project > what so ever, but the archive make it very obvious that apache is not > going to go higher then where it is now. Plus lighttpd does have a BSD > license, so that would be my bet. But don't expect that to change soon I > think. -- Best regards, paulmailto:[EMAIL PROTECTED]
Re: httpd question - solved (ProutDNS)
Hello Frank, here ya go buddy: http://www.prout.be/ProutDNS/ http://www.prout.be/ProutDNS/download/ProutDNS-0.6.2.tar.gz Tuesday, February 7, 2006, 10:54:33 AM, you wrote: > At 04:17 AM 2/6/06, Alexander Farber wrote: >>And there is also ipcheck.py >> >>On 2/6/06, Keith Richardson <[EMAIL PROTECTED]> wrote: >> > This will handle the pesty case of your IP changing. >> > >> > 1. dyndns.org - get a free subdomain to map to your IP. >> > 2. ddclient package - updates your DNS whenever your IP changes. > Are there scripts available to do what dyndns.org does at the server > side? I have an OpenBSD box with a static ip address hosting a few > domains. I'd like to setup several machines as subdomains that are behind > dynamic ip addresses. I'd like to install something on the system with > static ip address to provide the same service dyndns.org does, but cannot > seem to find thos scripts. > Frank -- Best regards, paulmailto:[EMAIL PROTECTED]
