skip to main | skip to sidebar
_ Where facts are few, experts are many
  • Home
  • Advisories
  • Daily News Paper
  • About Me
  • Contact
    • Mail
    • Archived Blog
    • Business Card
  • Subscribe RSS
Advisories - FPROT,Clamav
[Tuesday, June 16, 2009 | 0 comments ]

Subscribe to the RSS feed in case you are interested in updates


  • [TZO-33-2009] FPROT generic bypass (TAR)
  • [TZO-40-2009] Clamav generic bypass (RAR,ZIP,CAB)
  • [TZO-34-2009] FPROT generic bypass (RAR,LHA,ARJ)
  • [TZO-43-2009] Clamav generic bypass (CAB)

Links to this post
Advisories: Apple, F-prot, Norman,Ikarus, Kaspersky
[Tuesday, June 09, 2009 | 0 comments ]

Subscribe to the RSS feed in case you are interested in updates
  • [TZO-30-2009] Kaspersky generic PDF evasion (update: Kaspersky got in touch)
  • [TZO-31-2009] Ikarus generic evasion (ZIP,RAR,CAB)
  • [TZO-32-2009] Norman generic evasion (RAR)
  • [TZO-33-2009] F-Prot generic evasion (TAR)
  • [TZO-36-2009] Apple Safari & Quicktime Denial of Service
  • [TZO-37-2009] Apple Safari Remote code execution

Links to this post
Home

About Me

My Photo
Thierry Zoller
Welcome to my personal Blog - I blog about Information Security and in general anything I regard as newsworthy. On the professional side I am currently working as an EMEA Practice Lead at Verizon Business for Threat and Vulnerability Management based in Luxembourg.

Quick-links
▪ My vulnerability disclosure policy
▪ About me / Profile
▪ Tools / Talks / Whitepapers
▪ Contact Me

The views and opinions expressed on this blog are my personal views and are not intended to reflect the views of my employer or any other entity.
View my complete profile

Follow by Email

Cluster Map

Popular Posts

  • IIS 6 / IIS 5 / IIS 5.1+ Webdav auth bypass [Final]
    Table of Contents Updates Bulletins Am I at risk ? Tools Technical details 0.1 Personal message Several news stories seem to allu...
  • PCI compliance, Security in isolated systems and Parking Tellers
    A colleague of mine spotted the below while we were doing our expenses - The photograph below shows two separate receipts from two parking ...
  • CVE-2010-x+n - Loadlibrary/Getprocaddress roars its evil head in 2010
    Subscribe to the RSS feed in case you are interested in updates After Acrossecurity , published an interesting vulnerability and HDmoo...
  • The BEAST summary - TLS, CBC, Countermeasures (Update 4)
    Lots of good information floating on the internet on the Proof of Concept (dubbed 'BEAST) against TLS 1.0 by Juliano Rizzo and Thai Duong ...
  • CVE-2010-2568 - LNK Code execution - Proof of concept (Update)
    Subscribe to the RSS feed in case you are interested in updates  Ivanlef0u released a POC for the exploit used in targeted attacks : http...

Twitter Updates

Blogs I read

  • Metasploit
    "Pass the hash" with Nexpose and Metasploit - I am proud to announce that Nexpose 5.1.0 now supports "pass the hash", a technique to remotely authenticate against a Windows machine (or any SMB/CIFS s...
    6 hours ago
  • Leblanc
    Blog Post: Windows Azure Troubleshooting - Taking specific Windows Azure Instance offline -
    9 hours ago
  • Schneier on Security
    Password Sharing Among American Teenagers - Interesting article from the *New York Times* on password sharing as a show of affection. "It's a sign of trust," Tiffany Carandang, a high school senior...
    14 hours ago
  • Securosis Highlights
    Friday Summary: January 27, 2012 - This is the Securosis Friday Summary. For those of you who don’t know this is where Rich and I vent. When I started working with Rich I used to loathe wr...
    20 hours ago
  • IBM Internet Security Systems Frequency X Blog
    CVE-2012-0003 Exploited in the Wild -
    1 day ago
  • Ma petite parcelle d'Internet...
    De la fermeture de Megaupload... - L a fermeture par le FBI de Megaupload la semaine dernière a eu l'effet d'une bombe. Pas un média, tout support confondu, n'a pu se retenir d'en parler. Mê...
    1 day ago
  • Troy Hunt
    .NET Rocks talks security with Carl, Richard and Troy - Yep, *this *Troy! Right at the tail end of my Christmas holidays a couple of weeks back I had the pleasure of having a great chat with these guys: [image...
    3 days ago
  • Cognitive Dissidents
    Nomination for Most Educational Blog - It’s an honor just to be nominated. A few weeks ago, the nominations for the 2012 Social Security Bloggers Awards came out. Given how spanky new this blog ...
    4 days ago
  • root labs rdist
    More on the evolution of password security - Last time, we covered three factors that affect actual security of a password: Entropy — How many possibilities does the attacker need to consider? Guess r...
    1 week ago
  • VRT
    A New Hope - Rep. Mike Rogers (R-MI) and Rep. Dutch Ruppersberger (D-MD) know a secret: The Federal government is REALLY good at watching people, much better than, say...
    3 weeks ago
  • /dev/ttyS0
    Reaver Now Goes to 11 - The decision has been made to open source the Reaver command line tool. The commercial version will contain the all the features the open source command-li...
    3 weeks ago
  • ...And You Will Know me by the Trail of Bits
    Pwn2Own Pre-Game - Just in time to get warmed up for Pwn2Own, we are delivering a joint offering of the training courses “Bug Hunting and Analysis 0×65” by Aaron Portnoy and ...
    1 month ago
  • Androguard
    Virtual Machine for Android Reverse Engineering - Hi !! Now, it's possible to download a virtual machine (for VirtualBox) with all interesting tools around android RE. So you can test directly Androguard, D...
    2 months ago
  • ax330d's blog
    Summing up SVG fuzzing in browsers - Hi there. As the title states, this is a summary of SVG fuzzing results. Today I would like to prattle a bit about what I was doing for some 2 weeks in t...
    4 months ago
  • Cup of Security
    Remove a Certification Authority from Mac OS X Keychain (UPDATE) - This post is an update (and a translation) of a previous one I published more than a year ago to explain how to remove a Certification Authority (CA) from ...
    4 months ago
  • Nynaeve
    NWScript JIT engine: Wrap-up (for now) - Yesterday, I provided a brief performance overview of the MSIL JIT backend versus my implementation of an interpretive VM for various workloads. Today, I’l...
    1 year ago
Show 5 Show All

Blogroll

  • Joe Sandbox
  • Hack.lu
  • SVEN
  • Cup of Security Blog
  • Heise Security
  • Korbens Blog
  • Joebox
  • Beatrix
  • Metasploit

Labels

  • Advisory (52)
  • Rants from Thierry (19)
  • Tool (14)
  • Vulnerabilties (10)
  • Misc (7)
  • How-to (6)
  • Lectures (2)
  • Whitepaper (2)
  • zero day (1)
 
Copyright Musings on Information Security Template by Michael Jubel