ep's blog

Multiple Vulnerabilities in the Solaris 8 and 9 sadmind(1M) Daemon May Lead to Remote Arbitrary Code Execution


Solaris 8 and 9 sadmind contains heap and integer overflow
vulnerabilities. This could lead to local or remote unprivileged
execution of arbitrary code with root privilege.

This does not affect Solaris 10 or OpenSolaris which does not come with

Affected versions:

SPARC Platform:
- Solaris 8 without patch 116455-02
- Solaris 9 without patch 116453-03

Multiple Symantec Products Intel Common Base Agent Remote Command Execution Vulnerability


An exploit concerning various versions of SAV is in the wild. It allows
for remote exploitation of machines with SYSTEM privileges.

Symantec has released updates and patches to fix the issue.

Please read their release notes for further information.

Two Adobe Reader 0-day vulnerabilities


It appears that two new vulnerabilities in Adobe Reader 9.1, 8.1.4 and
7.1.1 are being used today. These are more buffer overflows in the
Javascript interpreter that could lead to remote code execution by
reading malicious PDF files.

The exploit currently being seen targets Linux computers running Adobe's
software, but other platforms are susceptible to the same vulnerability.

Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution 969136


Microsoft Security Advisory (969136)

"An attacker who successfully exploited this vulnerability could gain
the same user rights as the local user. Users whose accounts are
configured to have fewer user rights on the system could be less
affected than users who operate with administrative user rights."

Adobe Reader 7, 8 and 9 code execution through buffer overflow


A buffer overflow in Adobe Reader allows for code execution when a user
opens a malicious PDF file.

Adobe will be releasing updates to v9 on March 11, 2009. Version 8 and
7 patches will follow soon after.

The exploit is currently active and uses Javascript embedded in the PDF
file to inject its payload into the heap.

Security Team creates a Rogue CA by targeting MD5 weaknesses


A group that presented at the the Chaos Communication Congress in Berlin
showed the ability to convert a non-CA certificate into a CA
certificate, breaking the trust of the PKI.

This was done by using a large array of fast computers (200 Playstation
3's) in order to create a CSR that would force a weakly signed
Certificate. This certificate normally would not be allowed to sign
other CSRs.