Someone needs to be more careful with their auto-blacklist. This
message was reported to Razor and is NOT spam...tisk tisk.
On Thu, 14 Nov 2002 at 01:04:51PM +0800, Patrick Hsieh wrote:
> ?b 2002 [EMAIL PROTECTED] 14 ?P???| 12:45?AMike Dresser ?g?D:
> > Any word from the security team on what's g
On Thursday 14 November 2002 14:24, Noah L. Meyerhans wrote:
> On Wed, Nov 13, 2002 at 11:45:19PM -0500, Mike Dresser wrote:
> > Any word from the security team on what's going on with potato's bind?
>
> Both potato and woody are vulnerable. Fixes are on there way, but
> disclosure of this vulnera
在 2002 十一月 14 星期四 12:45,Mike Dresser 寫道:
> Any word from the security team on what's going on with potato's bind?
>
> Mike
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
http://www.isc.org/products/BIND/bind-security.html
Is the Woody bind also vulnerable?
--
Patrick Hsi
Any word from the security team on what's going on with potato's bind?
Mike
Hello,
This morning I've read the following in my snort.alert log:
[**] [116:46:1] (snort_decoder) WARNING: TCP Data Offset is less than 5! [**]
11/13-21:21:31.736604 200.207.87.24:0 -> 80.84.232.115:0
TCP TTL:117 TOS:0x0 ID:19244 IpLen:20 DgmLen:40
***F Seq: 0x3A6D74 Ack: 0x110 Win: 0x
On Wed, Nov 13, 2002 at 11:45:19PM -0500, Mike Dresser wrote:
> Any word from the security team on what's going on with potato's bind?
Both potato and woody are vulnerable. Fixes are on there way, but
disclosure of this vulnerability was very badly organized (not by the
security team), and the se
Quoting Raymond Wood ([EMAIL PROTECTED]):
> The question is obviously an unpopular one :)
Well, I think it got old. Moreover, and more to the point, FAQed.
> Even though Sid is officially not supported by the security team,
> still 99 times out of a hundred, a patch or new version will appear i
Someone needs to be more careful with their auto-blacklist. This
message was reported to Razor and is NOT spam...tisk tisk.
On Thu, 14 Nov 2002 at 01:04:51PM +0800, Patrick Hsieh wrote:
> ?b 2002 ?Q?@?? 14 ?P???| 12:45?AMike Dresser ?g?D:
> > Any word from the security team on what's going on wit
Sarge (and everyone else who does not read the bottom of list emails),
Read the bottom of the email and send your request to:
[EMAIL PROTECTED]
It isn't that difficult and I'm only giving you this advice because this
is the second unsuccessful attempt you've made at unsubscribing.
On Wed, 20
On Thu, Nov 14, 2002 at 09:43:24AM +0900, Junichi Uekawa wrote:
> > I try to block on character sets: ie.,
> >
> > ^Content-Type.*charset.*[gG][bB]2312
> >
> > This catches quite a few spams I can't read.
> >
>
> Some mail I try to reply have latin-1
> chars.
>
> They will be translated to J
On Thu, Nov 14, 2002 at 07:45:34AM +0700, Jean Christophe ANDRÉ imagined:
> Raymond Wood écrivait :
> > Jean Christophe ANDRÉ remarked:
> > > Raymond Wood écrivait :
> > > > Respectfully, does anyone know when Sid will receive
> > > > patches for the previous Apache vulnerabilities that
> > > >
¦b 2002 ¤Q¤@¤ë 14 ¬P´Á¥| 12:45¡AMike Dresser ¼g¹D:
> Any word from the security team on what's going on with potato's bind?
>
> Mike
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
http://www.isc.org/products/BIND/bind-security.html
Is the Woody bind also vulnerable?
--
P
Any word from the security team on what's going on with potato's bind?
Mike
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Sarge (and everyone else who does not read the bottom of list emails),
Read the bottom of the email and send your request to:
[EMAIL PROTECTED]
It isn't that difficult and I'm only giving you this advice because this
is the second unsuccessful attempt you've made at unsubscribing.
On Wed, 20
On Thu, Nov 14, 2002 at 09:43:24AM +0900, Junichi Uekawa wrote:
> > I try to block on character sets: ie.,
> >
> > ^Content-Type.*charset.*[gG][bB]2312
> >
> > This catches quite a few spams I can't read.
> >
>
> Some mail I try to reply have latin-1
> chars.
>
> They will be translated to J
On Thu, Nov 14, 2002 at 07:45:34AM +0700, Jean Christophe ANDRÉ imagined:
> Raymond Wood écrivait :
> > Jean Christophe ANDRÉ remarked:
> > > Raymond Wood écrivait :
> > > > Respectfully, does anyone know when Sid will receive
> > > > patches for the previous Apache vulnerabilities that
> > > >
> I try to block on character sets: ie.,
>
> ^Content-Type.*charset.*[gG][bB]2312
>
> This catches quite a few spams I can't read.
>
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset when I
reply to them, so people are conveniently
blocking some of my
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Wed, Nov 13, 2002 at 03:22:20PM -0500, Raymond Wood wrote:
> On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDR? remarked:
>
> > Raymond Wood ?crivait :
> > > Respectfully, does anyone know when Sid will receive patches
> > > for the previous Apache vulnerabilities that were fixed f
How long does it take to unsubscribe? I did it 2-3 days ago and I'm
still getting messages...
On Wed, 2002-11-13 at 14:18, Jonathan Crockett wrote:
> Either spell it right or punctuate it correctly.
>
> go damn mother fuckers or goddamn mother fuckers.
> Your choice. Of course since you are un-s
> I try to block on character sets: ie.,
>
> ^Content-Type.*charset.*[gG][bB]2312
>
> This catches quite a few spams I can't read.
>
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset when I
reply to them, so people are conveniently
blocking some of my
On Wed, Nov 13, 2002 at 03:22:20PM -0500, Raymond Wood wrote:
> On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDR? remarked:
>
> > Raymond Wood ?crivait :
> > > Respectfully, does anyone know when Sid will receive patches
> > > for the previous Apache vulnerabilities that were fixed f
How long does it take to unsubscribe? I did it 2-3 days ago and I'm
still getting messages...
On Wed, 2002-11-13 at 14:18, Jonathan Crockett wrote:
> Either spell it right or punctuate it correctly.
>
> go damn mother fuckers or goddamn mother fuckers.
> Your choice. Of course since you are un-s
On Wed, Nov 13, 2002 at 08:15:58PM +0100, Lupe Christoph wrote:
> Is Debian affected?
I checked a few hours ago, and it was not, at least the mirror I'm
using.
--
Lionel
pgpRBCwvNmdOx.pgp
Description: PGP signature
On Wed, Nov 13, 2002 at 08:15:58PM +0100, Lupe Christoph wrote:
> Is Debian affected?
I checked a few hours ago, and it was not, at least the mirror I'm
using.
--
Lionel
msg07715/pgp0.pgp
Description: PGP signature
On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDRÉ remarked:
> Raymond Wood écrivait :
> > Respectfully, does anyone know when Sid will receive patches
> > for the previous Apache vulnerabilities that were fixed for
> > Potato and Woody, but not Sid? It's been days... Raymond
> Becau
On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDRÉ remarked:
> Raymond Wood écrivait :
> > Respectfully, does anyone know when Sid will receive patches
> > for the previous Apache vulnerabilities that were fixed for
> > Potato and Woody, but not Sid? It's been days... Raymond
> Becau
Either spell it right or punctuate it correctly.
go damn mother fuckers or goddamn mother fuckers.
Your choice. Of course since you are un-subscribed
my words are in vain.
On Wed, Nov 13, 2002 at 04:44:46PM -0200, [EMAIL PROTECTED] wrote:
>
> godamn mother fuckers
>
>
>
> --
> To UNSUBSCRIB
Either spell it right or punctuate it correctly.
go damn mother fuckers or goddamn mother fuckers.
Your choice. Of course since you are un-subscribed
my words are in vain.
On Wed, Nov 13, 2002 at 04:44:46PM -0200, [EMAIL PROTECTED] wrote:
>
> godamn mother fuckers
>
>
>
> --
> To UNSUBSCRIB
Raymond Wood écrivait :
> Respectfully, does anyone know when Sid will receive patches for
> the previous Apache vulnerabilities that were fixed for Potato and
> Woody, but not Sid? It's been days... Raymond
Because Sid's aim is to allow you to test bugs... and enjoy viruses! ;-)
Sid is work-in-
Raymond Wood écrivait :
> Respectfully, does anyone know when Sid will receive patches for
> the previous Apache vulnerabilities that were fixed for Potato and
> Woody, but not Sid? It's been days... Raymond
Because Sid's aim is to allow you to test bugs... and enjoy viruses! ;-)
Sid is work-in-
Hi!
Please read
http://www.hlug.org/modules.php?op=modload&name=News&file=article&sid=6&mode=thread&order=0&thold=0
Is Debian affected?
Thanks,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Big Misunderstandings #6398: The Titanic was not supposed to
Hi!
Please read
http://www.hlug.org/modules.php?op=modload&name=News&file=article&sid=6&mode=thread&order=0&thold=0
Is Debian affected?
Thanks,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Big Misunderstandings #6398: The Titanic was not supposed to
godamn mother fuckers
godamn mother fuckers
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
I'm subscribed to this list for a few weeks, but this type of message
seems not to be very rare here. Does anyone actualy read messages here,
because there is a note at the end of every message on how to
unsubscribe. Actually I have been successfully unsubscribed from
debian-laptop so now I know it
On Wed, Nov 13, 2002 at 04:33:30PM +0100, Martin Schulze remarked:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> - --
> Debian Security Advisory DSA 195-1 [EMAIL PROTECTED]
> http://www.debian.org/s
I'm subscribed to this list for a few weeks, but this type of message
seems not to be very rare here. Does anyone actualy read messages here,
because there is a note at the end of every message on how to
unsubscribe. Actually I have been successfully unsubscribed from
debian-laptop so now I know it
Yth Bpk/Ibu
di tempat
Mohon maaf bila menggangu waktu anda sebentar.
Kami dari sebuah Team Bisnis Online-Offline menawarkan kesempatan Berwirausaha
yang
SANGAT MENARIK kepada Anda untuk memiliki bisnis Offline yang baru 2 tahun
terakhir ini Go-Online
dengan hasil yang spektakuler.
Bisnis kami
UNSUBSCRIBE
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Jan Niehusmann <[EMAIL PROTECTED]> writes:
> I assume lynda will get a lot of emails...
Yes, this is an interesting way of distributing critical security
patches. Anybody can get the patches from there, so it's very likely
that the underground has them now.
--
Florian Weimer
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> writes:
> I can't speak for the security team (since I'm not part of it). As
> far as I know these vulnerabilities are there in the Debian version. As a
> matter of fact ISS seems to have given only 9 hours of previous notice to
> vendors (a
On Tue, 12 Nov 2002 at 02:45:52PM +0100, Alexander Neumann wrote:
Greets from cold Michigan...
> Is there a new apache-exploit in the wild?
Only the old one. It does not mean apache was exploded. Someone could
have rooted you and decided they wanted a web server. They left your
apache config al
UNSUBSCRIBE
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
The below is from snort running on 192.168.1.200 and talking to
192.168.1.1 Any ideas as to what could be
causing this? I even tried turning off all internal iptables. Nothing
improved.
BAD TRAFFIC & MISC Large UDP Packet
[**] [1:1322:4] BAD TRAFFIC bad frag bits [**]
[Classificati
Jan Niehusmann <[EMAIL PROTECTED]> writes:
> I assume lynda will get a lot of emails...
Yes, this is an interesting way of distributing critical security
patches. Anybody can get the patches from there, so it's very likely
that the underground has them now.
--
Florian Weimer
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> writes:
> I can't speak for the security team (since I'm not part of it). As
> far as I know these vulnerabilities are there in the Debian version. As a
> matter of fact ISS seems to have given only 9 hours of previous notice to
> vendors (a
On Tue, 12 Nov 2002 at 02:45:52PM +0100, Alexander Neumann wrote:
Greets from cold Michigan...
> Is there a new apache-exploit in the wild?
Only the old one. It does not mean apache was exploded. Someone could
have rooted you and decided they wanted a web server. They left your
apache config al
On Wed, Nov 13, 2002 at 09:52:09AM +0100, Jan Niehusmann wrote:
> ISC recommends that BIND installations should be upgraded to BIND version
> 4.9.11, 8.2.7, 8.3.4 or to BIND version 9.
>
> (from http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469)
Well, sorry, I should have c
On Wed, Nov 13, 2002 at 09:39:05AM +0100, Javier Fernández-Sanguino Peña wrote:
> Unfortunately the only way to fix it currently (since even ISCs
> has not published patches although there seems to be some patches
> available from unofficial sources) is to upgrade to bind9. Yuck
ISC recommen
On Wed, Nov 13, 2002 at 12:31:48AM -0500, Roger Ward wrote:
> It is my understanding all of these vulnerabilities exist in the *stock*
> version of Bind 8.3.3-REL from ISC.
>
> Have any of these issues been addressed in the current version?
I can't speak for the security team (since I'm
On Wed, Nov 13, 2002 at 09:52:09AM +0100, Jan Niehusmann wrote:
> ISC recommends that BIND installations should be upgraded to BIND version 4.9.11,
>8.2.7, 8.3.4 or to BIND version 9.
>
> (from http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469)
Well, sorry, I should have ch
On Wed, Nov 13, 2002 at 09:39:05AM +0100, Javier Fernández-Sanguino Peña wrote:
> Unfortunately the only way to fix it currently (since even ISCs
> has not published patches although there seems to be some patches
> available from unofficial sources) is to upgrade to bind9. Yuck
ISC recommen
On Wed, Nov 13, 2002 at 12:31:48AM -0500, Roger Ward wrote:
> It is my understanding all of these vulnerabilities exist in the *stock* version of
>Bind 8.3.3-REL from ISC.
>
> Have any of these issues been addressed in the current version?
I can't speak for the security team (since I'm
57 matches
Mail list logo