June 2006

OpenOffice has its vulnerabilities too

More information available at Security Bulletin 2006-06-29.

They use CVEs to identify three separate issues.

* Java Applet sandbox restriction bypass issue is openoffice.org/security/CVE-2006-2199.html.
Disabling support for Java Applets is a workaround provided.

* Issue related to BASIC macros is openoffice.org/security/CVE-2006-2198.html, in turn.

* And finally, flaws in XML documents handling are being covered at openoffice.org/security/CVE-2006-3117.html.
Credits goes to Wade Alcorn of NGSSoftware, see advisory here.

It is worth of mentioning that both 1.1.x and 2.0.x releases are affected. Fixes for version 1.1.5 are not available yet, however. But they will be released soon.

Update: Sun StarOffice and StarSuite are affected to these issues too.
Details available at Sun security advisories.

    SecuriTeam Secure Disclosure

    SecuriTeam Secure Disclosure (SSD) helps researchers turn their vulnerability discovery skills into a highly paid career. Contact SSD to get the most for your hard work.

Memory Leak #4 (comic strip)

Memory Leak, fourth strip of this new comics.

Memory Leak #4

Click on the image for full size.

    SecuriTeam Secure Disclosure

    SecuriTeam Secure Disclosure (SSD) helps researchers turn their vulnerability discovery skills into a highly paid career. Contact SSD to get the most for your hard work.

diSlib (A Python PE Parser)

gil dabah (arkon), the creator of the fastest stream disassembler around, which also happens to be open source, distorm, released dislib, a python pe parser. i’ve discussed it before briefly while covering distorm.

dislib (a python pe parser):

dislib is a an easy to use python module to parse pe executables. it will give you all necessary information such as:

* sections with their accompanying information
* imported functions and their addresses (iat)
* exported functions by name, ordinal and address
* supports imagebase relocation
* relocated entries by offsets and their original dword values.
* lets you apply the relocations
* uses exceptions and oo interface (thanks to shenberg!)

enjoy,

gadi evron,
ge@beyondsecurity.com.

    SecuriTeam Secure Disclosure

    SecuriTeam Secure Disclosure (SSD) helps researchers turn their vulnerability discovery skills into a highly paid career. Contact SSD to get the most for your hard work.

Joanna’s Blue Pill – Invisible Rootkits

the overly cool joanna rutkowska has been working on what she calls blue pill technology. using advanced virtualization technology from amd called svm/pacifica, her research shows she can create “invisible malware”. this is not related to any bug or os dependent, although she says it she will demonstrate how she gets by vista’s interesting technology to prevent unsigned code from being injected to the kernel.

you can read more about it in her blog.

gadi evron,
ge@beyondsecurity.com.

    SecuriTeam Secure Disclosure

    SecuriTeam Secure Disclosure (SSD) helps researchers turn their vulnerability discovery skills into a highly paid career. Contact SSD to get the most for your hard work.

How to defeat China’s Great Firewall

Clayton, Murdoch and Watson have got a paper up on how to defeat the “Great Firewall” of China, it’s a really interesting read, if I was based in China I’d test it out myself, as I’m not though…

Read More

    SecuriTeam Secure Disclosure

    SecuriTeam Secure Disclosure (SSD) helps researchers turn their vulnerability discovery skills into a highly paid career. Contact SSD to get the most for your hard work.

Leo Stoller Targets CastleCops (!)

leo stoller is targeting castlecops, apparently trying to bully them into paying him settlement money for their trademark.

castlecops are doing important work in the realm of anti phishing, for no charge.

it pisses me off considerably when injustice online is done, especially when it is done to those who can’t afford expensive lawyers!

leo stoller is known for such attacks, and apparently makes a living from it. you can read about him here, here and here.

you can read more from castlecops who are going live in a couple of minutes here:
http://www.castlecops.com/a6615-leo_stoller_targets_castlecops_trademark.html

castlecops is one of us, and it hurts us all when one of us is targeted.

gadi evron,
ge@beyondsecurity.com.

    SecuriTeam Secure Disclosure

    SecuriTeam Secure Disclosure (SSD) helps researchers turn their vulnerability discovery skills into a highly paid career. Contact SSD to get the most for your hard work.

Microsoft’s Real Test with Vista is Vulnerabilities

Vista is not the Holy Grail or some “silver bullet”. It is a test for Microsoft. It will be a clear indication of how far Microsoft has advanced in the realm of developing secure software, if at all.

Read More

    SecuriTeam Secure Disclosure

    SecuriTeam Secure Disclosure (SSD) helps researchers turn their vulnerability discovery skills into a highly paid career. Contact SSD to get the most for your hard work.