Rants

Heap Exploitation

July 9th 2008

Just back from SyScan Singapore, which once again was filled with great speakers, guests, and one of the best hosts in the conference circuit. Our presentation detailing some heap exploitation techniques for Windows 2003 can be found in the Publications section.

We have published a vulnerability advisory detailing the heap overflow vulnerability in MS SQL Server 2005. It can be found in the Advisories section.

Time vs Time

June 18th 2008

Symantec released a patch for a shatter attack vulnerability in the Altiris Notification Agent. An advisory can be found in the Advisories section.

SyScan Singapore 2008 is nearly upon us. The current lineup looks like it includes some great speakers and topics. If you are going to be there, then be sure to say hello.

Advisory Day

May 16th 2008

Symantec released a patch that fixes a couple of security vulnerabilities we found. Check out the Advisories section for the details.

In other news.. A baby boy has arrived for BDP, and a little storm is still brewing.


Kiwicon 2k8

May 1st 2008

The CFP is out for Kiwicon 2k8 in Wellington, New Zealand. Kiwicon will be held on the weekend of the 27th and 28th of September, 2008 and it is not to be missed. Check out http://www.kiwicon.org for more details.

We have finally got round to finishing Access Through Access, a whitepaper covering some technical details of MS Jet exploitation.

Radio And Bugs

April 2nd 2008

Patrick Gray caught up with Brett Moore recently to talk about the market for vulnerabilities, very relevant given the recent cash offers at CanSecWest. You can listen to the podcast here

The team over at CMS Made Simple have released a security update that addresses an unauthenticated file upload issue we identified and reported to them.

And on the Symantec front, they are still working on some proper fixes.

The Brightstar conference that was held in Auckland, New Zealand, is over. We have posted our presentation, Increasing The Value Of Penetration Testing, to the publications section.


Just Another Day In The Life Of Responsible Disclosure Take 2

March 12th 2008

Without wanting to repeat myself
"As some of you may be aware, Symantec released an advisory on the 10th March 2008 crediting Insomnia in a security patch release. The question has been asked "Where is the Insomnia advisory release?". Well after we tested the patch we found it still lacking, and so are waiting for a corrected patch to be released before we make the information public.

This is a different issue to the one I mentioned before. 06 Feb 2008

One bonus is that its giving me material for releasing Shatter Attacks against DEP protected win2k3.


Just Another Day In The Life Of Responsible Disclosure

Feb 27th 2008

As some of you may be aware, Symantec released an advisory on the 6th Feb 2008 crediting Insomnia in a security patch release. The question has been asked "Where is the Insomnia advisory release?". Well after we tested the patch we found it still lacking, and so are waiting for a corrected patch to be released before we make the information public.

So it may not happen overnight... but it will happen.


Roach
Roach
Roach
Roach