Brandon

Members
 View Profile  See their activity

  • Content Count

    550

  • Joined

  • Last visited

 Content Type 

Posts posted by Brandon

  2. Dreamcast Is Back!

    in Open Chat

    Posted

    And Goldeneye on the 64 was the best 1st-person shooter...until halo...i loved wasting time inside these games!

    Forgot about Goldeneye007...I was never good at that game..but it was a cool first person shooter once you started playing it.

  4. Microsoft Internet Explorer Multiple Vulnerabilities

    in Security Alerts

    Posted

    Five vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to view potentially sensitive information, to trick users into downloading and executing arbitrary programs, and to compromise a user's system.

    1) A design error in the processing of keyboard shortcuts for certain security dialogs can e.g. be exploited to delay the "File Download" dialog box and trick users into executing a malicious ".bat" file after pressing the "r" key.

    2) A design error in the processing of mouse clicks in new browser windows and the predictability of the position of the "File Download" dialog box can be exploited to trick the user into clicking on the "Run" button of the dialog box. This is exploited by first causing a "File Download" dialog box to be displayed underneath a new browser window, and then tricking the user into double-clicking within a specific area in the new window. This will result in an unintended click of the "Run" button in the hidden "File Download" dialog box.

    3) An error exists in Internet Explorer when used with a HTTPS proxy server that requires clients to use Basic Authentication. This may cause web addresses that are sent from Internet Explorer to be disclosed to a third-party even when HTTPS connection is used.

    4) An error exists when certain COM objects that are not intended to be used with Internet Explorer are instantiated in Internet Explorer. This can be exploited to execute arbitrary code via a malicious webpage that instantiates a vulnerable COM object.

    This is related to:

    SA16480

    5) An error exists in the initialisation of certain objects when the "window()" function is used in conjunction with the "<body onload>" event. This can be exploited to execute arbitrary code via a malicious webpage.

    For more information:

    SA15546

    The vulnerabilities #1, #2, and #5 have been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.

    Solution:

    Apply patches.

    Internet Explorer 5.01 SP 4 on Microsoft Windows 2000 (requires SP 4):

    http://www.microsoft.com/downloa...B74A-D6...B1-276686B4A428

    Internet Explorer 6 SP 1 on Microsoft Windows 2000 (requires SP 4) or on Microsoft Windows XP (requires SP 1):

    http://www.microsoft.com/downloa...3CD2-D9...0E-BD7E19FCB994

    Internet Explorer 6 for Microsoft Windows XP (requires SP 2):

    http://www.microsoft.com/downloa...BA57-D4...54-2869E371C9D1

    Internet Explorer 6 for Microsoft Windows Server 2003 (with or without SP 1):

    http://www.microsoft.com/downloa...FB20-C7...64-6DBC9A542CC6

    Internet Explorer 6 for Microsoft Windows Server 2003 (Itanium) (with or without SP 1):

    http://www.microsoft.com/downloa...90B9-E5...C3-FCB3289D7E9C

    Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition:

    http://www.microsoft.com/downloa...23E5-79...BD-2C1A534BF995

    Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition:

    http://www.microsoft.com/downloa...2B4A-63...CF-D2A844C24F70

    Advisory

  5. Opera Suppressed Download Dialog File Execution Vuln

    in Security Alerts

    Posted

    Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into downloading and executing arbitrary programs on a user's system.

    A design error in the processing of mouse clicks in new browser windows and the predictability of the position of the "File Download" dialog box can be exploited to trick the user into clicking on the "Run" button of the dialog box. This is exploited by first causing a "File Download" dialog box to be displayed underneath a new browser window, and then tricking the user into double-clicking within a specific area in the new window. This will result in an unintended click of the "Open" button in the hidden "File Download" dialog box.

    The vulnerability has been confirmed in version 8.01. Other versions may also be affected.

    Solution:

    Update to version 8.02 or later.

    http://www.opera.com/download/

    Advisory

  9. Dos Exploit For Firefox 1.5

    in Security Alerts

    Posted

    The patch is expected to be released early next year and the users of the Mozilla Firefox 1.5 browsers would get it through the integrated auto-update mechanism. The patch would be included in the next regularly scheduled stability build of Firefox. This means that the next updated version is expected to arrive by late January or early February.

    Story

  17. Dos Exploit For Firefox 1.5

    in Security Alerts

    Posted

    The weakness is caused due to an error in the handling of large history information. This can be exploited to fill the history file "history.dat" with large history information by tricking a user into visiting a malicious web site with an overly large title (e.g. set via JavaScript).

    Successful exploitation causes the browser to consume a large amount of CPU and memory resources on a vulnerable system when the affected browser is started up again after an attack. Users may have to remove the "history.dat" file in order to be able to use the affected browser.

    The weakness has been confirmed in version 1.5. Other versions may also be affected.

    Solution:

    Configure Firefox to clear history information when closing the browser. This affects functionality.

    Tools -> Options... --> Privacy --> Settings...

    Story

  19. Consumers Improving Security, But Gaps Remain

    in Security Alerts

    Posted

    The Online Safety Study, conducted by America Online and the National Cyber Security Alliance, analyzed the security of 354 broadband and dial-up users' computers. The study found that the number compromised by spyware dropped to 61 percent, from 80 percent a year ago, and the fraction infected with an active virus dropped to 12 percent from 19 percent a year ago. AOL and the NCSA sent technicians to the homes of each survey participant to check their computer security.

    While improvements are evident, consumers still have a long way to go, said Tatiana Platt, chief trust officer for America Online.

    "Although we have made some strides in helping consumers protect themselves, the threats are growing broader and more dangerous, so the risk of failure can be that much more catastrophic," Platt said in a statement announcing the study. "When a single virus, a simple scam or hidden spyware program can shut down your computer or cause a person to lose their bank account, their family pictures, or all of their personal records, it is vital that consumers take every possible step to protect themselves."

    Attacks targeting consumers have become more worrisome as the attacker's tools have become more sophisticated. Current attacks mainly attempt to gain personal information for identity theft or compromise PCs connected to broadband Internet accounts. Attacker-controlled PCs, known as zombies or bots, can then be used for further attacks.

    Phishing, in particular, has become a worry, according to the study. Each month, about a quarter of online Americans saw an fraudulent e-mail aimed at convincing them to give up personal information. Almost 70 percent of the surveyed customers thought such phishing attacks were e-mail messages from a legitimate company, and 18 percent said a friend or family member had fallen victim to such an attack.

    Almost three-quarters of the people surveyed use their computers for sensitive transactions online, suggesting that successful phishing attacks could easily gain access to financial information, the study said.

    Identity theft using information gleaned from consumers' systems is growing quickly, but still pales in comparison to offline identity theft.

    In 2004, online identity fraud totaled 11.6 percent of all cases of identity theft, according to a survey of 552 people conducted by Javelin Strategy and Research. Data from the survey suggests that online identity theft only accounted for some $600 million of the total estimated loss of $52.6 billion for the United States for that year.

    "Our numbers show that fears about online identity fraud may be out of proportion to the relative risk, causing consumers to ignore the most glaring issues," James Van Dyke, founder and principal analyst for Javelin Strategy and Research, said in a statement announcing the identity-theft study earlier this year. "Indeed, most instances of identity fraud occur through traditional channels and are paper-based, not Internet-based."

    Yet, the growth in phishing, spyware and other consumer-focused attacks has Internet service providers, like America Online, concentrating on defense and education. The company frequently scans its network, intercepts potential spyware and viruses, blacklists malicious Web sites and offers free Internet security tools, AOL's Platt said.

    "We do everything we can to make sure that malicious scans and spyware don't ever reach our users," she said. "To the extent that we can push protections directly to users, we are actually extending our reach, because our consumers have told us that is what they want."

    While more than 80 percent of the online consumers surveyed believe they are secure, about the same number have not installed necessary security software or have a misconfiguration that affects security, the study said.

    "More than anything, this reinforces the need for some people to be more vigilant online," Platt said. "The bottom line is, if you get an e-mail that asks for personal information or sends you to a web site that asks for sensitive information, don't click on it."

    Symantec, the parent company of SecurityFocus, is a member of the National Cyber Security Alliance, which commissioned the study.

    Story

    Note: The original article incorrectly characterized the participants in the Online Safety Study. The respondents were selected randomly from the general online user population in the United States.

  20. Dos Exploit For Firefox 1.5

    in Security Alerts

    Posted

    An exploit for the new Firefox 1.5 browser was released today that causes a denial of service condition using a simple web page as a trigger.

    The heart of the problem lies with the history.dat file that Firefox creates, according to a posting on Packet Storm. The exploit creates a very large entry which Firefox then saves into the history.dat file. This causes the browser to crash the next time it is opened, and each time after that until the history.dat file is deleted from the system.

    The author of the exploit points out that average users may have difficulty figuring out this fix, preventing browser use and effectively creating a denial of service condition. In the past there have been debates over browser bugs and if they are truly denial of service attacks - today’s bug is sure to rekindle these arguments.

    The final line of the exploit description warns that code execution is a possibility with some modifications to the sample exploit.

    Story

  23. Bots "doing" The Mambo

    in Security Alerts

    Posted

    A new bot is spreading in the wild, with attackers looking to compromise vulnerable installations of the popular Mambo open-source content management system.

    A recent analysis by SecurityFocus confirms that a vulnerability first published on November 16th has resulted in numerous websites being defaced. Now, a bot has been released that compromises the web server and provides additional functionality for an attacker. Reports claim that the bot allows for arbitary code execution, DoS attacks (via TCP, UDP and HTTP floods), port scanning capabilities, and the ability to discover other vulnerable hosts through Google searches.

    Web-based worms are on the rise and any Internet-facing operating system platform running the open-source software can be targeted, including Windows, Unix and Linux. However, Linux remains the predominant server OS of choice for web hosting, and therefore attacks that evolve into bots or worms highlight vulnerable Linux systems much more than others. Mambo administrators are urged to download the latest security patch immediately.

    Story

  24. Msblast Worm Infection

    in Security Alerts

    Posted · Edited by Brandon

    The MSBlast, or Blaster, worm spread to more systems than any other piece of malicious software in history and led to significant changes in Microsoft's handling of security, a member of the company's anti-malware response team stated in a recently released paper.

    The worm, which started spreading on August 11, 2003, compromised systems using a vulnerability in Microsoft Windows 2000 and Windows XP. More than 5 months later, the software giant released the Windows Blaster Worm Removal Tool. Windows Update offered the tool to people whose computers exhibited signs of the MSBlast worm, a group numbering more than 25 million unique computers in the six months following the tool's release, Matthew Braverman, program manager for Microsoft's anti-malware technology team, wrote in the paper.

    The impact on Microsoft was enormous, Braverman stated in the paper.

    "In the first five days after the release of MSBlast, Microsoft's Customer Service and Support organization received over three million calls--only a small subset of which were answered--from end-user and enterprise customers," Braverman wrote in Win32/Blaster: A Case Study from Microsoft's Perspective. Braverman gave the paper at the 2005 Virus Bulletin Conference in October, but Microsoft only released the paper publicly on December 1.

    Initial analysis of the spread of MSBlast using sensor networks estimated that the worm had infected at most 500,000 systems. In April, early data from Microsoft showed that the scope of the worm was actually almost 20 times higher. With the latest data, Microsoft can reliably say that more than 25 million computers have been infected with MSBlast and, of those, approximately 12 million have been cleaned using the company's free tool.

    The extent of the spread convinced Microsoft to create its Anti-Virus Reward Program program and expand its release of the removal tool for other types of malicious code. While the bounty has produced a notable success by leading to the author of the Sasser worm, the only break in the MSBlast case involved the arrest and conviction of a teenager that modified the original worm to create a minor variant.

    Story