tag:blogger.com,1999:blog-9327176569721932472008-08-21T05:50:18.488-07:00Stevenoreply@blogger.comBlogger17125tag:blogger.com,1999:blog-932717656972193247.post-55055546797252984602008-08-21T05:46:00.000-07:002008-08-21T05:50:18.502-07:00

OllySocketTrace is a plugin for OllyDbg to trace the socket operations being performed by a process. It will record all buffers being sent and received. All parameters as well as return values are recorded and the trace is highlighted with a unique color for each socket being traced. The socket operations currently supported are: WSASocket, WSAAccept, WSAConnect, WSARecv, WSARecvFrom, WSASend,

Harmony Securityhttp://www.blogger.com/profile/01721796390165002069noreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-34164775866874745312008-08-20T09:36:00.000-07:002008-08-20T09:53:56.198-07:00

We are soon to be offering several new services, including:Malware Analysis This service offers detailed malware reports and customised solutions for malware outbreaks.Vulnerability Discovery This service offers to discover critical vulnerabilities in your software products.Exploit Development This service offers the development of reliable proof of concept exploits for software

Harmony Securityhttp://www.blogger.com/profile/01721796390165002069noreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-65391194548858286952008-06-05T07:28:00.000-07:002008-06-25T07:09:20.234-07:00

iDefense have published an advisory for a local privilege escalation vulnerability (CVE-2007-5671) in the VMware Tools HGFS driver which was discovered by Stephen Fewer of Harmony Security. You can read the full iDefense advisory here: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712 And the VMware advisory here: http://www.vmware.com/security/advisories/VMSA-2008-0009.

Harmony Securityhttp://www.blogger.com/profile/01721796390165002069noreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-511701475099899812008-05-28T02:52:00.000-07:002008-06-25T07:09:20.235-07:00

iDefense have published advisories for multiple vulnerabilities in EMC AlphaStor which were discovered by Stephen Fewer of Harmony Security. You can read the full iDefense advisories here: EMC AlphaStor Server Agent Multiple Stack Buffer Overflow Vulnerabilities http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=702 EMC AlphaStor Library Manager Arbitrary Command Execution

Harmony Securityhttp://www.blogger.com/profile/01721796390165002069noreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-85384441050097577342008-04-11T02:29:00.000-07:002008-06-25T07:09:20.235-07:00

iDefense have published advisories for multiple vulnerabilities in EMC DiskXtender which were discovered by Stephen Fewer of Harmony Security. You can read the full iDefense advisories here: EMC DiskXtender Authentication Bypass Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=683 EMC DiskXtender File System Manager Buffer Overflow Vulnerability http://

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-51359190790457399012008-02-21T05:57:00.000-08:002008-06-25T07:09:20.236-07:00

iDefense has published an advisory for multiple remote pre-authentication code execution vulnerabilities in the EMC RepliStor software suite which were discovered by Stephen Fewer of Harmony Security. You can read the full iDefense advisory here: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-58893538242978912282008-01-09T16:51:00.000-08:002008-06-25T07:09:20.237-07:00

iDefense has published an advisory for a vulnerability in the Novell NetWare Client which was discovered by Stephen Fewer of Harmony Security. It is a local privilege escalation vulnerability whereby an unprivileged user can execute malicious code in kernel mode by exploiting an insecure IOCTL in the NCIM device driver. You can read the full iDefense advisory here: http://labs.idefense.com/

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-46039603317289005462008-01-09T16:44:00.000-08:002008-06-25T07:09:20.237-07:00

iDefense has published an advisory for a vulnerability in the Motorola netOctopus Agent which was discovered by Stephen Fewer of Harmony Security. It is a local privilege escalation vulnerability whereby an unprivileged user can reliably execute malicious code in ring 0 by hijacking the SYSENTER_EIP_MSR via an improperly exposed interface in the NantSys device driver. You can read the full

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-75820430744565259902008-01-09T16:40:00.000-08:002008-06-25T07:09:20.238-07:00

iDefense has published an advisory for a vulnerability in the Novell ZENworks Endpoint Security Management (ESM) Security Client which was discovered by Stephen Fewer of Harmony Security. It is a local privilege escalation vulnerability whereby an unprivileged user can trivially run executables with SYSTEM privileges. You can read the full iDefense advisory here: http://labs.idefense.com/

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-46532289306425842832007-12-13T14:19:00.000-08:002008-06-25T07:09:33.852-07:00

OllyHeapTrace is a plugin for OllyDbg (version 1.10) to trace the heap operations being performed by a process. It will monitor heap allocations and frees for multiple heaps, as well as operations such as creating or destroying heaps and reallocations. All parameters as well as return values are recorded and the trace is highlighted with a unique colour for each heap being traced. The primary

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-86830119373971470522007-11-13T14:06:00.000-08:002008-06-25T07:09:20.238-07:00

iDefense has published an advisory for a vulnerability in the Novell NetWare Client which was discovered by Stephen Fewer of Harmony Security. It is a local privilege escalation vulnerability whereby an unprivileged user can exploit the vulnerable driver nwfilter.sys and gain kernel mode code execution. Novell is issuing a patch that will remove the vulnerable driver. You can read the full

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-77176092155214976442007-11-06T16:01:00.000-08:002008-06-25T07:09:20.239-07:00

iDefense has published an advisory for a privilege escalation vulnerability in the Microsoft DebugView tool which was discovered by Stephen Fewer of Harmony Security. You can read the full iDefense advisory here: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=621

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-40446879005264283832007-10-22T15:29:00.000-07:002008-06-25T07:09:33.852-07:00

OllyCallTrace is a plugin for OllyDbg (version 1.10) to trace the call chain of a thread allowing you to monitor it for irregularities to aid in the debugging of stack based buffer overflows as well as to quickly plot the execution flow of a program you are reversing. You can download OllyCallTrace from here: http://www.harmonysecurity.com/OllyCallTrace.html

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-62121767741413495482007-10-10T17:09:00.000-07:002008-06-25T07:09:20.240-07:00

iDefense has published an advisory for a high-risk vulnerability in the Kaspersky online virus scanner which was discovered by Stephen Fewer of Harmony Security. You can read the full iDefense advisory here: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=606 And you can read the Kaspersky response here: http://www.kaspersky.com/news?id=207575572

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-6372840264198681142007-08-09T19:51:00.000-07:002008-06-25T07:09:20.241-07:00

WinGate by Qbik IP Management Limited is a sophisticated gateway and server product used in over 600,000 networks across the globe. WinGate provides a number of network services including an SMTP server for email. It is this SMTP server component that is vulnerable to a remotely exploitable format string vulnerability that can lead to a remote DoS attack, resulting in the entire WinGate service

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-68214904169454351792007-06-28T15:24:00.000-07:002008-06-25T07:09:20.241-07:00

Two Cross Site Scripting (XSS) vulnerabilities have been identified in K2, a popular theme for Wordpress. These are reflected XSS vulnerabilities and can allow for an attacker to craft a malicious URL which when accessed by a victim will allow an attacker to run arbitrary code, typically JavaScript, in the victims browser.You can read the advisory here: http://www.harmonysecurity.com/HS-A006.html

Stevenoreply@blogger.comtag:blogger.com,1999:blog-932717656972193247.post-49132592468273964172007-03-12T23:11:00.000-07:002008-06-25T07:09:58.442-07:00

We are pleased to announce the long overdue overhaul of the Harmony Security website. An obvious addition has been the blog where we will be periodically posting news, views and various technical content on topics that are being worked on. Subscribe now to stay informed.

Stevenoreply@blogger.com