skip to main | skip to sidebar
_ Where facts are few, experts are many
  • Home
  • Advisories
  • Daily News Paper
  • About Me
  • Contact
    • Mail
    • Archived Blog
    • Business Card
  • Subscribe RSS
Advisories - FPROT,Clamav
[Tuesday, June 16, 2009 | 0 comments ]

Subscribe to the RSS feed in case you are interested in updates


  • [TZO-33-2009] FPROT generic bypass (TAR)
  • [TZO-40-2009] Clamav generic bypass (RAR,ZIP,CAB)
  • [TZO-34-2009] FPROT generic bypass (RAR,LHA,ARJ)
  • [TZO-43-2009] Clamav generic bypass (CAB)

0 comments

Post a Comment

Newer Post Older Post Home

About Me

My Photo
Thierry Zoller
Welcome to my personal Blog - I blog about Information Security and in general anything I regard as newsworthy. On the professional side I am currently working as an EMEA Practice Lead at Verizon Business for Threat and Vulnerability Management based in Luxembourg.

Quick-links
▪ My vulnerability disclosure policy
▪ About me / Profile
▪ Tools / Talks / Whitepapers
▪ Contact Me

The views and opinions expressed on this blog are my personal views and are not intended to reflect the views of my employer or any other entity.
View my complete profile

Follow by Email

Cluster Map

Popular Posts

  • IIS 6 / IIS 5 / IIS 5.1+ Webdav auth bypass [Final]
    Table of Contents Updates Bulletins Am I at risk ? Tools Technical details 0.1 Personal message Several news stories seem to allu...
  • PCI compliance, Security in isolated systems and Parking Tellers
    A colleague of mine spotted the below while we were doing our expenses - The photograph below shows two separate receipts from two parking ...
  • CVE-2010-x+n - Loadlibrary/Getprocaddress roars its evil head in 2010
    Subscribe to the RSS feed in case you are interested in updates After Acrossecurity , published an interesting vulnerability and HDmoo...
  • The BEAST summary - TLS, CBC, Countermeasures (Update 4)
    Lots of good information floating on the internet on the Proof of Concept (dubbed 'BEAST) against TLS 1.0 by Juliano Rizzo and Thai Duong ...
  • CVE-2010-2568 - LNK Code execution - Proof of concept (Update)
    Subscribe to the RSS feed in case you are interested in updates  Ivanlef0u released a POC for the exploit used in targeted attacks : http...

Twitter Updates

Blogs I read

  • Schneier on Security
    Friday Squid Blogging: Squid's Beard - It's an acoustic bluegrass band. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
    1 day ago
  • Securosis Highlights
    Friday Summary: February 10, 2012 - They say it takes 10,000 hours of practice at a task to become an expert. This isn’t idle supposition, but something that’s been studied scientifically –...
    1 day ago
  • Troy Hunt
    Security, Security, Security! Helping the LIDNUG community build safer software - Today I had the pleasure of spending about an hour and a half talking to Peter Shaw from LIDNUG about security, security and, uh, security! If the Linked...
    2 days ago
  • Leblanc
    Blog Post: AX for Retail: Receipt footer is not displaying Tax information -
    2 days ago
  • IBM Internet Security Systems Frequency X Blog
    Remote Code Execution in PHP 5.3.9 -
    5 days ago
  • Cup of Security
    Free Mobile ou Roaming Orange, vérifiez le vous-même avec votre iPhone ou smartphone Android - Si comme moi vous avez changé d'opérateur Mobile pour Free Mobile, vous n'avez pas pu passer à côté des lourdes accusations portées contre Free Mobile par ...
    6 days ago
  • Metasploit
    Getting The Most Out of Metasploit: Pentesting, Password Auditing, and Vulnerability Validation - When we talk to Metasploit users, they usually use it for either penetration testing, password auditing or vulnerability validation, but few use it for m...
    1 week ago
  • root labs rdist
    Why stream ciphers shouldn’t be used for hashing - I recently saw a blog post that discussed using RC4 as an ad-hoc hash in order to show why CBC mode is better than ECB. While the author’s example is merel...
    1 week ago
  • VRT
    Android.Counterclank: Malware or Adware? - This weekend I noticed a ComputerWorld article titled "Massive Android malware op may have infected 5 million users". After reading, it seemed to be exactl...
    1 week ago
  • Ma petite parcelle d'Internet...
    De la fermeture de Megaupload... - L a fermeture par le FBI de Megaupload la semaine dernière a eu l'effet d'une bombe. Pas un média, tout support confondu, n'a pu se retenir d'en parler. Mê...
    2 weeks ago
  • Cognitive Dissidents
    Nomination for Most Educational Blog - It’s an honor just to be nominated. A few weeks ago, the nominations for the 2012 Social Security Bloggers Awards came out. Given how spanky new this blog ...
    2 weeks ago
  • /dev/ttyS0
    Reaver Now Goes to 11 - The decision has been made to open source the Reaver command line tool. The commercial version will contain the all the features the open source command-li...
    5 weeks ago
  • ...And You Will Know me by the Trail of Bits
    Pwn2Own Pre-Game - Just in time to get warmed up for Pwn2Own, we are delivering a joint offering of the training courses “Bug Hunting and Analysis 0×65” by Aaron Portnoy and ...
    2 months ago
  • Androguard
    Virtual Machine for Android Reverse Engineering - Hi !! Now, it's possible to download a virtual machine (for VirtualBox) with all interesting tools around android RE. So you can test directly Androguard, D...
    3 months ago
  • ax330d's blog
    Summing up SVG fuzzing in browsers - Hi there. As the title states, this is a summary of SVG fuzzing results. Today I would like to prattle a bit about what I was doing for some 2 weeks in t...
    4 months ago
  • Nynaeve
    NWScript JIT engine: Wrap-up (for now) - Yesterday, I provided a brief performance overview of the MSIL JIT backend versus my implementation of an interpretive VM for various workloads. Today, I’l...
    1 year ago
Show 5 Show All

Blogroll

  • Joe Sandbox
  • Hack.lu
  • SVEN
  • Cup of Security Blog
  • Heise Security
  • Korbens Blog
  • Joebox
  • Beatrix
  • Metasploit

Labels

  • Advisory (52)
  • Rants from Thierry (19)
  • Tool (14)
  • Vulnerabilties (10)
  • Misc (7)
  • How-to (6)
  • Lectures (2)
  • Whitepaper (2)
  • zero day (1)
 
Copyright Musings on Information Security Template by Michael Jubel