[Full-disclosure] Randi Harper aka Sektie demolished
Oh, Randi Harper! I see you're single now. It was going so well! What happened? Many people thought it funny how you ran around calling yourself a FreeBSD developer, when you're really just QA. We watch you suck enough dick to get jobs via your boyfriends and then play WoW at work all day while snorting meth in the bathrooms and we just have to laugh. You lose job after job to incompetence, drug addiction, general whitetrashiness and pre-schoolesque infighting and you somehow feel you have the right to continue strutting around like some unsullied princess. What is even more funny is that you aren't anywhere near an unsullied princess, you're a filthy used up whore. You thought you could pull a heist on some dotcom faggot. You fed him some hilarious story about how after you had your first kid, you cleaned up your act and nearly regained your lost innocence. *YOU* of all people, spinning a tale about being a born again virgin. The irony was delicious. We couldn't help but giggle. You see, darling, long ago we rooted your server at ThePlanet. We took your homedir and mailspool, laughed at the contents, and waited for the right moment to strike. You were going to be married. You were going to have a normal life. What better time than now? What better place than here? I present to you all the prize, FreeBSDgirl's archived homedir and mailspool, complete with lulzy emails, passwords (m0nk3y!) and shitty code: http://man.in.a.dress.anxietychat.net/homedir.tar.gz Mark's lucky we came to his rescue. You had him fooled. He was going to fall for one of the oldest tricks in the book. Literally so, it was described in Genesis 34-- Shechem fell in love with Dinah, even though she'd been sucking the dicks of her brothers as they wandered around as lost nomads. He stuck his dick in a stupid fat pig and it was ~love~. With you, of all people. Even after you took every dick on the FreeBSD dev team, even zb's Jewish micropenis. Had he stuck around with you he might have ended up like Shechem: dead due to dick-related problems. I think Mark was desperate enough that if you had been honest with him from the front instead of feeding him some stupid redemption-centered story that it might have worked out. When confronted with the truth I think that Mark was more disgusted with your gigantic series of lies than anything else. First shocker! SEKTIE IS NOT A BORN AGAIN VIRGIN. ./Maildir/cur/1141571814.78290_2.freebsdgirl.com:2,Sfh contains a hilarious rant from her ex-boyfriend Mike about their BDSM practices. Ok, I WILL regret sending this later. I'm looking at the collar and cuffs... This has nothing to do with our relationship. This is about what I wanted you to be when you put that collar on. So many things i never said because I was to ashamed. No more. In the books, Jonathan wasn't all there. I would have been him until this week. Maybe you won't be offended by this. Dunno if i could tell you some of the things sober, but we could do it on the phone. I'll definately need a few drinks. Again, this isn't about you and i being together, the recent events, etc. I want to know the feeling of having complete and utter control over you. FUCKING LOL Shocker #2: MIKE KNOCKED SEKTIE UP AND SHE HAD AN ABORTION. The livejournal post is here: http://community.livejournal.com/abortionhelp/24287.html (see it before she deletes it!) http://i41.tinypic.com/2vwidll.png (screenshotted for historical records) We found the reply notification emails for the contents on this post in your mailspool. I run a fairly high-profile blog (non-lj), and I've had to keep all mentions of this out of it, because I'm worried about the attacks. I also worry for my boyfriend, the male side of this equation. I have to protect his privacy as well. I created this (relatively) anonymous livejournal account just because I needed to get it out, somewhere. I'm nearly 15 weeks pregnant, and I've been trying to get an abortion since I knew, 7 weeks ago. The irony of how you comment about fearing attacks based on publicly revealing your abortion makes this extra delicious. Bonus lol: ./Maildir/cur/1132430214.25970_0.freebsdgirl.com:2,Sefh This particular gem has Randi's mom threatening to take her to court for not paying child support for the crotchdropping she left at mom's house. Let this be a lesson to IRC whores: if you want to clean up your life and pretend that years of repeated sexual abuse from sexually deprived nerds didn't happen, you better completely disappear. We keep records and your actions will come back to haunt you. You will want a normal life and a husband someday, and unless you disappear off the face of the earth we will be there to make sure you never get it. If you live a life of immoral acts and parasitism you should repent your sins and seek salvation from the GNAA before it is too late. Randi: You have been brutally exposed; demolished. You will not recover. For more
Re: [Full-disclosure] Randi Harper aka Sektie demolished
Nothing since 2006, a handful of personal emails, and a copy of her website? That's a pretty lame tarball. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Randi Harper aka Sektie demolished
But aren't gnaa retired anyway? -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Sandy Vagina Sent: 28. april 2010 11:59 To: Gary Niger Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Randi Harper aka Sektie demolished Nothing since 2006, a handful of personal emails, and a copy of her website? That's a pretty lame tarball. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
It appears that the content of the security audit procedures (the PDF download-able from https://www.pcisecuritystandards.org/security_standards/pci_dss_download_agr eement.html) still has not crept into this discussion by some who consider PCI a waste of effort, merely a comment on the 12 section headings of PCI DSS. Judging anything by responding to key words, without considering context, usually leads to expensive and potentially non-compliant outcomes in my experience. This is particularly true of PCI DSS compliance efforts among many companies I've worked with. Just on anti-malware solutions per PCI DSS, to take one example. Take a piece of paper and list the ways in which malware controls can be implemented, then see how many are point solutions from vendors. Here's a start, using mechanisms that can be PCI DSS compliant: * Most Anti-virus software products (the easy route in some platforms. Particularly good when non-Windows platforms exchange complex content with Windows platforms e.g mail relays, web servers etc) * Application whitelisting (hard to tune, but good in some scenarios, esspecially servers) * File integrity controls (good, once tuned and applied comprehensively to the target servers) * Using an operating system that is not commonly suspcetibale to malware (rare, but does happen) Some of the options listed above can be free, other than some labour time to implement the necessary changes. Although a product is marketed as an anti-virus product, it may not meet all PCI DSS expectations e.g. detecting malware is one criteria on which some solutions fail. The above ignores the update, logging, monitoring and reponses processes behind the above options, for simplicity in this discussion. lyal _ From: Christian Sciberras [mailto:uuf6...@gmail.com] Sent: Tuesday, 27 April 2010 11:33 PM To: Lyal Collins Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds Has everyone on this list read the PCI DSS requirements? They are freely available, at www.pcisecuritystandards.org http://www.pcisecuritystandards.org/ . Were you even following the thread? There's been at least 4 times were different people cited different parts of the standard. But I would suppose that there's always the possibility of someone imagining the standard, who knows! AV is about 4 requirements out of over 230 requirements Actually, it's the 5th out of 12... https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml Many views in this thread sound like drowning people who reject a lifeboat because it doesn't match their eye colour. And I take it the lifeboat matched your eye-colour? By your comparison, it doesn't match my eye colour and neither the amount of holes in the lifeboat as I would deem safe. Sure, some people would evacuate on a handkerchief if it means less money more compliance. I don't think you grasped the point either, so I won't argue with the rest of your message. On Tue, Apr 27, 2010 at 12:34 AM, Lyal Collins ly...@swiftdsl.com.au wrote: Has everyone on this list read the PCI DSS requirements? They are freely available, at www.pcisecuritystandards.org. AV is about 4 requirements out of over 230 requirements, covering secure coding/development, patching, network security, hardening systems, least privilege, robust authenticaiton, staff probity, physical security, obligations on third parties, annual risk assessments and improvements, pluss annually re validating all of these security control areas. Many views in this thread sound like drowning people who reject a lifeboat because it doesn't match their eye colour. PCI DSS isn't perfect, but it is fairly comprehensive about confidentiality. In terms of all organisational information security threats, PCI DSS lacks a focus on DR/BCP and integrity of data and system (other than that subset of threats affecting protection of card data). I posit that DR and data integrity are as much a commercial decision as a information security goals, for which simple, repeatable processes are already available and resonably well known amongst IT professionals. Anti-virus and anti-malware products are not perfect either, but they are better than the alternative of 'doing nothing until a perfect solution is found, an undertone I see so often in this list and among many well-intentioned but unsuccessful security professionals at sites I visit. Implementing any halfway decent solution is almost always better than doing nothing, when it comes to reducing risk and increasing assurance. Implementing ongoing improvements is cost effective spend of scarce security/IT dollars. Building the perfect' security solution is too expensive and takes too long - by the time it's delviered, security threats have moved on, and you remain vulnerable. There are some dreadful compliance programs out there. There are some
Re: [Full-disclosure] redefining research: vulnerability journalism
As Chen found out, simply stating I'm a journalist will not save your computer when armed men come knocking on your door to execute a search warrant. I'm not sure your interpretation holds up; the protections that Wired alluded to states an exception if there is probable cause to believe that the person possessing such materials has committed or is committing the criminal offense to which the materials relate... [1] But I'm no lawyer. [1] http://www.law.cornell.edu/uscode/42/2000aa.html http://www.law.cornell.edu/uscode/42/2000aa.html On Tue, Apr 27, 2010 at 6:31 PM, J Roger securityho...@gmail.com wrote: Discovered a security flaw in a production system you had no authority or permission to audit? Afraid to disclose the information for fear of prosecution? Don't stress too much, you have some protection if you redefine yourself as a vulnerability journalist According to a recent Wired article on the stolen Apple iphone fiasco, The federal Privacy Protection Act prohibits the government from seizing materials from journalists and others who possess material for the purpose of communicating to the public. The government cannot seize material from the journalist even if it’s investigating whether the person who possesses the material committed a crime. Instead, investigators need to obtain a subpoena, which would allow the reporter or media outlet to challenge the request and segregate information that is not relevant to the investigation. Perhaps the journalist title isn't even necessary thanks to the and others bit there but it also couldn't hurt, besides it sounds kind of cool right. Now this of course doesn't imply that you can't be prosecuted for a crime, just that they can only use subpoenas and not warrants. Naturally, being a ethical and moral vulnerability journalist you would never rm any incriminating evidence as part of the process to segregate information that is not relevant to the investigation. Out: Narcissistic Vulnerability Pimp In: Vulnerability Journalist ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
On Tue, Apr 27, 2010 at 08:58:24AM -0400, Honer, Lance wrote: What's your choice: Company A installs an anti-virus and updates it regularly (BTW regularly includes once a year). Company B has a recovery concept, incident response team, vulnerability monitoring, patch management, NIDS, security training but no anti-virus. You do realize that PCI says everything you stated above needs to be done, right? I never stated what needs to be done or what PCI might require :) And I didn't ask to compare the two statements but just choose your priority: A = Spend money on compliance but don't *think* about your threats B = Think about security, reduce your risks and don't waste money on compliance 'nuff said ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDVSA-2010:084 ] java-1.6.0-openjdk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:084 http://www.mandriva.com/security/ ___ Package : java-1.6.0-openjdk Date: April 28, 2010 Affected: 2009.0, 2009.1, 2010.0, Enterprise Server 5.0 ___ Problem Description: Multiple Java OpenJDK security vulnerabilities has been identified and fixed: - TLS: MITM attacks via session renegotiation (CVE-2009-3555). - Loader-constraint table allows arrays instead of only the b ase-classes (CVE-2010-0082). - Policy/PolicyFile leak dynamic ProtectionDomains. (CVE-2010-0084). - File TOCTOU deserialization vulnerability (CVE-2010-0085). - Inflater/Deflater clone issues (CVE-2010-0088). - Unsigned applet can retrieve the dragged information before drop action occurs (CVE-2010-0091). - AtomicReferenceArray causes SIGSEGV - SEGV_MAPERR error (CVE-2010-0092). - System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (CVE-2010-0093). - Deserialization of RMIConnectionImpl objects should enforce stricter checks (CVE-2010-0094). - Subclasses of InetAddress may incorrectly interpret network addresses (CVE-2010-0095). - JAR unpack200 must verify input parameters (CVE-2010-0837). - CMM readMabCurveData Buffer Overflow Vulnerability (CVE-2010-0838). - Applet Trusted Methods Chaining Privilege Escalation Vulner ability (CVE-2010-0840). - No ClassCastException for HashAttributeSet constructors if run with -Xcomp (CVE-2010-0845) - ImagingLib arbitrary code execution vulnerability (CVE-2010-0847). - AWT Library Invalid Index Vulnerability (CVE-2010-0848). Additional security issues that was fixed with IcedTea6 1.6.2: - deprecate MD2 in SSL cert validation (CVE-2009-2409). - ICC_Profile file existence detection information leak (CVE-2009-3728). - JRE AWT setDifflCM stack overflow (CVE-2009-3869). - JRE AWT setBytePixels heap overflow (CVE-2009-3871). - JPEG Image Writer quantization problem (CVE-2009-3873). - ImageI/O JPEG heap overflow (CVE-2009-3874). - MessageDigest.isEqual introduces timing attack vulnerabilities (CVE-2009-3875). - OpenJDK ASN.1/DER input stream parser denial of service (CVE-2009-3876, CVE-2009-3877) - GraphicsConfiguration information leak (CVE-2009-3879). - UI logging information leakage (CVE-2009-3880). - resurrected classloaders can still have children (CVE-2009-3881). - Numerous static security flaws in Swing (findbugs) (CVE-2009-3882). - Mutable statics in Windows PLF (findbugs) (CVE-2009-3883). - zoneinfo file existence information leak (CVE-2009-3884). - BMP parsing DoS with UNC ICC links (CVE-2009-3885). Additionally Paulo Cesar Pereira de Andrade (pcpa) at Mandriva found and fixed a bug in IcedTea6 1.8 that is also applied to the provided packages: * plugin/icedteanp/IcedTeaNPPlugin.cc (plugin_filter_environment): Increment malloc size by one to account for NULL terminator. Bug# 474. Packages for 2009.0 are provided due to the Extended Maintenance Program. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837
Re: [Full-disclosure] Randi Harper aka Sektie demolished
the GNAA seems to be alive and well once more, http://www.gnaa.eu/ http://encyclopediadramatica.com/Firefox_XPS_IRC_Attack On Wed, Apr 28, 2010 at 5:09 AM, Anders Klixbull a...@experian.dk wrote: But aren't gnaa retired anyway? -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Sandy Vagina Sent: 28. april 2010 11:59 To: Gary Niger Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Randi Harper aka Sektie demolished Nothing since 2006, a handful of personal emails, and a copy of her website? That's a pretty lame tarball. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] ZDI-10-079: Realnetworks Helix Server NTLM Authentication Invalid Base64 Remote Code Execution Vulnerability
ZDI-10-079: Realnetworks Helix Server NTLM Authentication Invalid Base64 Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-079 April 28, 2010 -- CVE ID: CVE-2010-1317 -- Affected Vendors: RealNetworks -- Affected Products: RealNetworks Helix Server -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6378. For further product information on the TippingPoint IPS, visit: http://www.tippingpoint.com -- Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication provided by the administrative web interface and is only present if it is configured to use NTLM. The vulnerability can be triggered by specifying invalid Base64 string within the Authorization header. If the string is not proper Base64 the vulnerable function returns -1 which is not verified and is later used as a length to a string copy routine. -- Vendor Response: RealNetworks states: This issue has been addressed in v14: http://www.realnetworks.com/helix-support/security-updates.aspx -- Disclosure Timeline: 2009-07-14 - Vulnerability reported to vendor 2010-04-28 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Anonymous -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
A = Spend money on compliance 'A' is *mandatory* if you choose to do certain operations in-house. Why is this so hard to understand? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDVSA-2010:078-1 ] sudo
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:078-1 http://www.mandriva.com/security/ ___ Package : sudo Date: April 28, 2010 Affected: 2009.0 ___ Problem Description: A vulnerability has been found and corrected in sudo: The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426 (CVE-2010-1163). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. Update: Packages for 2009.0 are provided due to the Extended Maintenance Program. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163 ___ Updated Packages: Mandriva Linux 2009.0: 7e7362e28da1dadf1e9e49688c2388fa 2009.0/i586/sudo-1.6.9p17-1.4mdv2009.0.i586.rpm bc3a2e562beff984298dec1a5de1e88b 2009.0/SRPMS/sudo-1.6.9p17-1.4mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 8edb8fe51c5e20485dfb05e77fed1810 2009.0/x86_64/sudo-1.6.9p17-1.4mdv2009.0.x86_64.rpm bc3a2e562beff984298dec1a5de1e88b 2009.0/SRPMS/sudo-1.6.9p17-1.4mdv2009.0.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team security*mandriva.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFL2Eq3mqjQ0CJFipgRArpxAJ9w90PWOFVNLqOLJ6Uq8aznqQtKhACg3akj +5Y4dX7esddCQCLEz8mg0ho= =I7ob -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDVSA-2010:085 ] pidgin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:085 http://www.mandriva.com/security/ ___ Package : pidgin Date: April 28, 2010 Affected: 2009.0 ___ Problem Description: Security vulnerabilities has been identified and fixed in pidgin: The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client (CVE-2009-3615). Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon (CVE-2010-0013). Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon (CVE-2010-0013). Certain malformed SLP messages can trigger a crash because the MSN protocol plugin fails to check that all pieces of the message are set correctly (CVE-2010-0277). In a user in a multi-user chat room has a nickname containing 'br' then libpurple ends up having two users with username ' ' in the room, and Finch crashes in this situation. We do not believe there is a possibility of remote code execution (CVE-2010-0420). oCERT notified us about a problem in Pidgin, where a large amount of processing time will be used when inserting many smileys into an IM or chat window. This should not cause a crash, but Pidgin can become unusable slow (CVE-2010-0423). Packages for 2009.0 are provided due to the Extended Maintenance Program. This update provides pidgin 2.6.6, which is not vulnerable to these issues. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 http://pidgin.im/news/security/ ___ Updated Packages: Mandriva Linux 2009.0: ff6ea030872577e6b0554d9ad92a396a 2009.0/i586/finch-2.6.6-0.1mdv2009.0.i586.rpm af78075de6309e9b6bee73321c26407f 2009.0/i586/libfinch0-2.6.6-0.1mdv2009.0.i586.rpm 844a556786c447a1ca145701079fdbdf 2009.0/i586/libpurple0-2.6.6-0.1mdv2009.0.i586.rpm 07909a8b9a8dc94d32d4334887f95e60 2009.0/i586/libpurple-devel-2.6.6-0.1mdv2009.0.i586.rpm add7f860c109470332a924abdde94867 2009.0/i586/pidgin-2.6.6-0.1mdv2009.0.i586.rpm 473b623dd01143484f56aeec8198c038 2009.0/i586/pidgin-bonjour-2.6.6-0.1mdv2009.0.i586.rpm ebbc0a0da115f42d557086d92952a593 2009.0/i586/pidgin-client-2.6.6-0.1mdv2009.0.i586.rpm c2e797ac95c71799df4c5e07655c7102 2009.0/i586/pidgin-gevolution-2.6.6-0.1mdv2009.0.i586.rpm b96046816302e5bb7f671282534acebe 2009.0/i586/pidgin-i18n-2.6.6-0.1mdv2009.0.i586.rpm 312ea5008d2d2925e146c097a042a2bc 2009.0/i586/pidgin-meanwhile-2.6.6-0.1mdv2009.0.i586.rpm c1deaff7c0b2bcc8287b4e2d44a917b4 2009.0/i586/pidgin-mono-2.6.6-0.1mdv2009.0.i586.rpm 8966ecdef85c226fd04331a71a8d59a3 2009.0/i586/pidgin-perl-2.6.6-0.1mdv2009.0.i586.rpm 615e6e69dc77419a52df58f9500f3278 2009.0/i586/pidgin-plugins-2.6.6-0.1mdv2009.0.i586.rpm 6c5d548b6aead8023952b710662a0fdd 2009.0/i586/pidgin-silc-2.6.6-0.1mdv2009.0.i586.rpm 4c7e7cf01343077a7d880b049bfbeb89 2009.0/i586/pidgin-tcl-2.6.6-0.1mdv2009.0.i586.rpm bc18b444b5c2c5bf1e6dbf5b350d120c 2009.0/SRPMS/pidgin-2.6.6-0.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 73f00980b1022b260483fb1186a8a857 2009.0/x86_64/finch-2.6.6-0.1mdv2009.0.x86_64.rpm 098f9f209c84f4f3cff9eebb225df45c 2009.0/x86_64/lib64finch0-2.6.6-0.1mdv2009.0.x86_64.rpm 4365bea65c0ef5b7d027820056c43ee7
[Full-disclosure] [ MDVSA-2009:332-1 ] gimp
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:332-1 http://www.mandriva.com/security/ ___ Package : gimp Date: April 28, 2010 Affected: 2009.0 ___ Problem Description: A vulnerability was discovered and corrected in gimp: Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow (CVE-2009-3909). Additionally the patch for CVE-2009-1570 in MDVSA-2009:296 was incomplete, this update corrects this as well. This update provides a solution to this vulnerability. Update: Packages for 2009.0 are provided due to the Extended Maintenance Program. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3909 ___ Updated Packages: Mandriva Linux 2009.0: 08f37521c1ba172d6eda620d925a9048 2009.0/i586/gimp-2.4.7-1.1mdv2009.0.i586.rpm 9b6fe73b7858ce50341efdf30ffb6db8 2009.0/i586/gimp-python-2.4.7-1.1mdv2009.0.i586.rpm 69d49ca77ba5285eae05d59ecf210d13 2009.0/i586/libgimp2.0_0-2.4.7-1.1mdv2009.0.i586.rpm 8073bbabb60927b11cd958fa045aaafe 2009.0/i586/libgimp2.0-devel-2.4.7-1.1mdv2009.0.i586.rpm a9003d4d72d0a259fc4f3c395dbf1823 2009.0/SRPMS/gimp-2.4.7-1.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 48c32dcef5d236f61752b61f7425fd1a 2009.0/x86_64/gimp-2.4.7-1.1mdv2009.0.x86_64.rpm 2664b2c3a85abad3e8945d82a895c3f0 2009.0/x86_64/gimp-python-2.4.7-1.1mdv2009.0.x86_64.rpm c48c2b71945dbb6e9fab5f419689aa78 2009.0/x86_64/lib64gimp2.0_0-2.4.7-1.1mdv2009.0.x86_64.rpm d23bd89da73160a8e905317813b41a7b 2009.0/x86_64/lib64gimp2.0-devel-2.4.7-1.1mdv2009.0.x86_64.rpm a9003d4d72d0a259fc4f3c395dbf1823 2009.0/SRPMS/gimp-2.4.7-1.1mdv2009.0.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team security*mandriva.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFL2GfNmqjQ0CJFipgRAqD5AJ9BJje4UYmagnpeszpZ25p4zynXyQCgye+G sTSYsvywzEwVZsThiorFgK8= =xIuH -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Deadline Extension: ACCESS 2010 || September 20-25, 2010 - Valencia, Spain
INVITATION: = Please consider to contribute to and/or forward to the appropriate groups the following opportunity to submit and publish original scientific results. = == ACCESS 2010 | Call for Papers === CALL FOR PAPERS, TUTORIALS, PANELS ACCESS 2010: The First International Conferences on Access Networks, Services and Technologies September 20-25, 2010 - Valencia, Spain General page: http://www.iaria.org/conferences2010/ACCESS10.html Call for Papers: http://www.iaria.org/conferences2010/CfPACCESS10.html Submission deadline: May 4 , 2010 Sponsored by IARIA, www.iaria.org Extended versions of selected papers will be published in IARIA Journals: http://www.iariajournals.org Publisher: CPS ( see: http://www2.computer.org/portal/web/cscps ) Archived: IEEE CSDL (Computer Science Digital Library) and IEEE Xplore Submitted for indexing: Elsevier's EI Compendex Database, EI's Engineering Information Index Other indexes are being considered: INSPEC, DBLP, Thomson Reuters Conference Proceedings Citation Index Please note the Poster Forum and Work in Progress options. The topics suggested by the conference can be discussed in term of concepts, state of the art, research, standards, implementations, running experiments, applications, and industrial case studies. Authors are invited to submit complete unpublished papers, which are not under review in any other conference or journal in the following, but not limited to, topic areas. All tracks are open to both research and industry contributions, in terms of Regular papers, Posters, Work in progress, Technical/marketing/business presentations, Demos, Tutorials, and Panels. Before submission, please check and conform with the Editorial rules: http://www.iaria.org/editorialrules.html ACCESS 2010 Tracks (tracks' topics and submission details: see CfP on the site) NEXTACCESS: Next generation access technologies Interactivity, unlimited access and full-scale media support; Energy-aware and efficiency-oriented technologies; Sustainable access network business (standard DSL vs. fiber vs. wireless access); 3G/4G wireless technologies; Multiservice access (DSL, fiber, WiMAX, POTS); FTTH; Ethernet P2P vs. xPON; FTTx with VDSL2, or Ethernet, or DOCSIS 3.0; Radio extension, 802.xx (Wi-Fi, WiMax, etc.); LTE, LTE-advanced; IMT-advanced networks; Mesh and relay networks (IEEE 802.11s, IEEE802.16j, etc.); Quality of experience (QoE) FEMTO: Femtocells-based access Femtocells architectures; Femtocells requirements ands specifications; Femtocells protocols; Femtocells services and applications; Traffic and QoS in Femtocells; Performance analysis in Femtocells; Femtocells control and management; Interoperability of Femtocells devices; Femtocells operation optimization; Femtocells specific solutions for mobility; OFDMA Femtocells: interference avoidance; Macrocell-Femto cell interference issues and mitigation; Macrocell-Femto cell handover strategies; WiMAX Fentocells; Standardization of Femtocells BROADBAND: Broadband wireless Internet access New architectures, technologies, protocols for broadband wireless access; QoS in mobile and broadband wireless access networks; Broadcast and multicast support; Physical and data link layer issues; Medium access control, SLA and QoS; Radio resource management and call admission control; Space-time coding for broadband wireless Internet; Modulation, coding and antennas (MIMO); Spectrum management; Scalability and reliability issues; Wireless mesh networks; Capacity planning and traffic engineering; Security and privacy issues; Interoperability aspects (fixed/mobile LANs/MANs, WANs); Experiences/lessons from recent deployments OPTICAL: Optical access networks Optical access network architecture design; Optical access network components and systems; New PON developments and testbeds; WDM and OFDM PON technologies; MAC and bandwidth allocation; RoF network architecture and MAC; RoF components and systems; Signal processing for new modulation formats; Optical spectral management; Multimode fiber technology and applications; Performance monitoring and diagnosis; Deployment and economic analysis MOBILE WIRELESS: Mobile wireless access Mobile Broadband Wireless Access; Wireless/Mobile Access Protocols; Wireless/Mobile Web Access; Ubiquitous and mobile access; Mobile/vehicular environment access; Multi-Homing and Vertical Handoff; Localization and tracking; Context-aware services and applications; Context-aware protocols and protocol architectures; Interactive applications; Mobile and Wireless Entertainment; Mobile Info-services; Wireless ad hoc and sensor networks DYNAMIC: Dynamic and cognitive access Dynamic spectrum access; Architectures and platforms for dynamic spectrum access networks; Spectrum sensing, measurement and models; Efficient and broadband spectrum sensing; Interference metrics and measurements; New spectrum
[Full-disclosure] Israel IP range legit or false?
Hello everyone:Tonight I was looking though some lookinformationI had saved on a hard driveWhen I cameacrossa few ip ranges.Ip ranges:212.143 *** i212.149212.159.0.2212.159.1.1212.159.1.4212.179.***Israelisisp's)212.208.0.12213.8.***.***what I am notgettingis did they update their Ip ranges or are they using some of them asfrontshere's an exp. (212.159.0.3 Should be an Israel Ip unless they updated if not then they are using it as front for some type ofinformationstorage.)LondonTelehouseLAN)LondonTelehouseL2TP)(What I would like to know is are these they real Ip ranges or were they the old the ones before updated.)James SmithEmail: ja...@smithwaysecurity.comWebsite: www.smithwaysecurity.comPhone Number: (877) 352-6665**The information contained in this message may be privileged and is confidential information intended for the use of the addressee listed above. If you are neither the intended recipient nor the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any disclosure copying, distribution or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [USN-933-1] PostgreSQL vulnerability
=== Ubuntu Security Notice USN-933-1 April 28, 2010 postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerability CVE-2010-0442 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: postgresql-8.1 8.1.20-0ubuntu0.6.06.1 Ubuntu 8.04 LTS: postgresql-8.3 8.3.10-0ubuntu8.04.1 Ubuntu 9.04: postgresql-8.3 8.3.10-0ubuntu9.04.1 Ubuntu 9.10: postgresql-8.4 8.4.3-0ubuntu9.10.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that PostgreSQL did not properly sanitize its input when using substring() with a SELECT statement. A remote authenticated attacker could exploit this to cause a denial of service via application crash. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.20-0ubuntu0.6.06.1.diff.gz Size/MD5:33787 98a0e6c5015c99a9428aabaa9e51ff0e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.20-0ubuntu0.6.06.1.dsc Size/MD5: 1135 7dfd50b87affea366e80f4e687dd6137 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.20.orig.tar.gz Size/MD5: 11542102 94a97733e140584fff301c32026b4880 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-doc-8.1_8.1.20-0ubuntu0.6.06.1_all.deb Size/MD5: 1531996 ed77c5f42ffd39a29da63e07ec37eb52 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 192384 0e6e0bd55513a0034999748c9ff398e1 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 384734 a9421ff302752196afb4c740ea19c355 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 213212 7c5b43941f22ee36b5d1cdbeaaf59eaf http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 214224 acaf824ff818d9f7c60d09d6b53e1516 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq-dev_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 362908 279cd1da17ce62b7328524b4934447e3 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpq4_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 305814 71ce97fced4ebe529b58c820a4ba7573 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-8.1_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 4356058 8d68d5454980ff4a622f25bb9d152cc4 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 1481292 3cd11f14b8edcd349f67dbf70bbac2b2 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 655498 691a856787a05ae2101ac720200031c8 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 209280 d56d4352a57c7146d9403fe5766ea62e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 203206 e8ef9a2c398d3956ace2e5e593c0f9ca http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 203500 77722ed653892d71fa9ceecc9a0e3dd5 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.20-0ubuntu0.6.06.1_amd64.deb Size/MD5: 638894 6840f57e310843aae43a850d1218b53c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-compat2_8.1.20-0ubuntu0.6.06.1_i386.deb Size/MD5: 191382 57a44201b880520443f146d4256f0bc1 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg-dev_8.1.20-0ubuntu0.6.06.1_i386.deb Size/MD5: 375164 d80d23f7dc1191c4685f7aa1266670d3 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libecpg5_8.1.20-0ubuntu0.6.06.1_i386.deb Size/MD5: 210952 ef933871f7e46f200332f9119e004907 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql-8.1/libpgtypes2_8.1.20-0ubuntu0.6.06.1_i386.deb Size/MD5: 212400 18c3aae156bd5cfe384d2a647f1745f8
[Full-disclosure] A socio-psychological analysis of the first internet war (Estonia)
Hi, In the past year I have been working in collaboration with psychologists Robert Cialdini and Rosanna Guadagno on a paper analyzing some of what I saw from the social perspective in Estonia, when I wrote the post-mortem analysis for the 2007 attacks, but didn't understand at the time. We analyze how the Russian-speaking population online was manipulated to attack Estonia (and Georgia) in the cyber war incidents, and how it could happen again (regardless of if any actor is behind it). Article on El Reg: http://www.theregister.co.uk/2010/04/28/web_war_one_anonymity/ Paper (for download with pay :( ): http://www.liebertonline.com/doi/abs/10.1089/cyber.2009.0134 Thanks, and any comments appreciated, Gadi. -- Gadi Evron, g...@linuxbox.org. Blog: http://gevron.livejournal.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
