This post was imported from an old blog archive, and predates the creation of AdamCaudill.com.
If you’re using AWStats v5.7 – 6.2, you’re life just got even worse than it was.
As you should know, those version are vulnerable to a now widely known exploit that gives an attacker your server, now here’s where it gets even worse: There’s a new exploit floating around that works on not one, but all three of the methods being used.
So if you’ve not updated, now would be a good time, if it’s not too late.
AWStats 6.x Multiple Remote Command Execution (Shell) Exploit
This post was imported from an old blog archive, and predates the creation of AdamCaudill.com.
Wow, the summer’s over and I’m finally home!
After spending the last five months in New York (quite a difference from my native Florida), I’ve finally made it back home. Much has happened while I’ve been away, not the least of which is the death of Imspire and a few related projects. While giving up on these dreams has been difficult, I believe the result will be for the best.
This post was imported from an old blog archive, and predates the creation of AdamCaudill.com.
Visual Basic provides a less than elegant method of saving data in the Windows registry, the GetSetting & SaveSetting functions. These functions store setting in HKEY_CURRENT_USER\Software\VB and VBA Program Settings\<AppName>\<Section> not very pretty is it?
The APISettings module is a drop-in replacement using pure Win32 API for its processing power and increased stability. The reason for developing this and for making it drop-in compatible is to all those new to the Win32 API to add its functionality with minimal difficulty.
This post was imported from an old blog archive, and predates the creation of AdamCaudill.com.
I was actually rather lucky to have this brand of WinModem, as the good people over at Linuxant.com offer a very high quality driver that makes installation a breeze! But, they have recently changed their marketing methods and charge $15 for the driver, so these really lives no viable, free alternative (a rarity to say the least for linux).
Earlier this year, a vulnerability was discovered in the Jackson data-binding library, a library for Java that allows developers to easily serialize Java objects to JSON and vice versa, that allowed an attacker to exploit deserialization to achieve Remote Code Execution on the server. This vulnerability didn’t seem to get much attention, and even less documentation. Given that this is an easily exploited Remote Code Execution vulnerability with little documentation, I’m sharing my notes on it.
While looking into PL/SQL Developer – a very popular tool for working with Oracle databases, to see how it encrypts passwords I noticed something interesting. When testing Windows applications, I make it a habit to have Fiddler running, to see if there is any interesting traffic – and in this case, there certainly was.
PL/SQL Developer has an update mechanism which retrieves a file containing information about available updates to PL/SQL Developer and other components; this file is retrieved via HTTP, meaning that an attacker in a privileged network position could modify this file.
