Xanda’s Blog !~!

SektionEins has finished the english translation of the PHP Security Poster and sends it now to interested PHP programmers for free. You only have to fill out the order form. The poster is of DIN A0 size and details the most important aspects of configuring PHP securely and writing secure PHP code..

The poster contains the following topics:

• Vulnerabilities & Concepts
• Security Related PHP Funktionen
• Secure Programming
• Hardening the PHP Configuration
• Server Protection with Suhosin

The order form for the poster is available here.

xanda IT Related php, poster, security

Happy Kernel Code Execution Via Internet Explorer

Read more:

• http://www.microsoft.com/technet/security/Bulletin/MS09-065.mspx
• http://www.w3.org/Submission/2008/SUBM-EOT-20080305/#FileFormat
• http://www.iss.net/threats/354.html

Prevention/Solution..

Update ur Windows.. How? Errr… Here

xanda IT Related exploit, kernel, microsoft, security, windows

Even as you read this, people around the world are hunting for vulnerabilities in software applications.  Odds are some of them will be successful.  Depending on their motives and what they find, your software and systems may be put at risk.  So how do you protect your software from unknown vulnerabilities that may or may not exist?  One option is to use security mitigations.

Microsoft offers a number of different mitigation technologies that are designed to make it more difficult for an attacker to exploit vulnerabilities in a given piece of software.  Take a look at Michael Howard’s article “Protecting Your Code with Visual C++ Defenses” (http://msdn.microsoft.com/en-us/magazine/cc337897.aspx) for a brief overview of some of these technologies.

Supported mitigations include:

• SEHOP
• Dynamic DEP
• NULL page allocation
• Heap spray allocation

[Read more: HERE]

xanda IT Related EMET, exploit, microsoft, protection, RE, reverse engineering, security, software

Damn Vulnerable Linux (DVL) is a Slackware and Slax-based live DVD purposefully stuffed with broken, ill-configured, outdated and exploitable software, began life as a training system used during the author’s university lectures.

Its primary goal is to design a Linux system that is as vulnerable as possible — in order to teach and demonstrate a variety of security topics, including reverse code engineering, buffer overflows, shell code development, web exploitation, and SQL injection.

It contains older, easily breakable versions of Apache, MySQL, PHP, and FTP and SSH daemons, as well as several tools available to help you compile, debug, and break applications running on these services, including GCC, GDB, NASM, strace, ELF Shell, DDD, LDasm, LIDa, and more.

So if you are looking for a new playground, DVL is a good choice for you.

xanda IT Related linux, secure, security, vulnerable

For those who are still booting into Microsoft Windows, a new version (0.60) of our F-Secure Exploit Shield Beta is now available.

You may also remember that Microsoft patched MS08-078 around the same time. Multiple versions of Internet Explorer were affected on multiple versions of the Windows OS and exploit code was circulating at the time. Exploit Shield 0.5 was able to proactively protect against those exploits.

Exploit Shield is designed to shield Web browsers between the development of an exploit and the release of the vendor’s patch.

To sum up, Exploit Shield provides:

• Zero Day Defense: Protects unpatched machines.
• Patch-Equivalent Protection: Vulnerability “shield” updates.
• Proactive Measures: Heuristic detection techniques.
• Protects Against All Websites: Regardless if untrusted or trusted and malicious or hacked.
• Automatic Feedback: detected exploit attempts are automatically reported to F-Secure.

Here’s the main menu:

Version 0.60 now includes 32-bit Vista support, includes more vulnerability coverage and also includes engine improvements.

Look for the download link from: www.f-secure.com/labs.

If you want or need a reason to test Exploit Shield, consider this month’s Microsoft Updates. There were two vulnerabilities in Internet Explorer 7 for Windows XP and Windows Vista that were patched last week…

Firefox isn’t completely immune either, see Mozilla’s Security Center for details on recent vulnerability patches.

[source: F-Secure Weblog]

P/S: Version 0.5 users will now see a prompt that their installation has expired. The database channel is now closed, but the existing shields and the proactive protections remain.

*** [updated on 22/2/2009] ***

F-Secure Exploit Shield proactively protected against MS09-002 (a vulnerability in Internet Explorer 7) without the need for a shield update.

xanda IT Related exploit, Exploit Shield, f-secure, MS09-002, security