For those of you that are participating in our Exploit Acquisition Program please contact [email protected] for information on how to access our new Secure Internet Live Conferencing (SILC) server for discussing your research in a secure way. Don’t try scanning for the server yourself because you won’t find it and your IP address will be…Details
We’ve started focusing on the security of appliances that are installed in corporate and government networks. To our amazement most of these appliances are more insecure than the operating systems and software that we’ve (being the security industry) been picking on so aggressively. In fact, we are looking at one appliance right now that is…Details
Netragard has released another vulnerability. This time it is a local root compromise using McAfee VirusScan for Mac. Granted this isn’t all that exciting but if you’re at all interested it can be found here.
Kevin Finisterre found a FrontBase Database <= 4.2.7. buffer overflow vulnerabilitiy that was recently released by SNOsoft on Netragard's website. This particular vulnerability enables an attacker to gain remote access to a system. The official advisory (that contains working Proof of Concept) can be found here.
The SNOsoft Research Team recently performed a light weight security assessment of the @Mail Webmail product. @Mail is very much like OWA with respect to look, feel and functionality. The result of this research project was the discovery of two bugs in the product. These bugs were released as formal advisories by Netragard and can…Details
Inspired by Kevin at digitalmunitions who also happens to be the Chief Research Officer at Netragard L.L.C., one of the original founders of SNOsoft, and his current Month of Apple Bugs (MOAB), SNOsoft will be working to produce the Month of Web Application Bugs (MOWAB). Any researchers interested in participating should email me directly at…Details