-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 896-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 15th, 2005
[xfocus-AD-051115]Multiple antivirus failed to scan malicous filename
bypass vulnerability
discoverer by [EMAIL PROTECTED]
class: design error
Threat level: medium
Vulnerable anti-virus Engine:
Kaspersky Antivirus
Symantec AntiVirus
F-Prot Antivirus
ClamWin Antivirus
Avast A
>
> > Could you please stop mailing your Bug-Fix-Reports aka "Package xyz
> > updated" to the Full*-Mailinglist?
>
> I don't find those mailings objectionable. I think this is an
> appropriate forum.
These mailings are not objectionable but when they have their own
Mail list so why send a copy
> Offtopic: Is the 64bit version of Windows XP
> worth getting? My gf just bought a new Compaq
> with a 64bit Turion in it, and it came with the
> regular XP Home. She's debating whether or not
> to buy the 64bit version, and I'm of no help
> since I don't really use Windows on any of my
> ma
but the term "yester year" was used so convicingly ...dont you argee
~pingywon
- Original Message -
From: "Rob Thompson" <[EMAIL PROTECTED]>
To: "n3td3v" <[EMAIL PROTECTED]>
Cc:
Sent: Monday, November 14, 2005 3:22 PM
Subject: Re: [Full-disclosure] FAO Mark Murtagh from Websense
On 1
On Tue, 15 Nov 2005 02:32:32 +
John Cartwright <[EMAIL PROTECTED]> wrote:
> On Tue, Nov 15, 2005 at 03:24:29AM +0100, Rembrandt wrote:
> > Could you please stop mailing your Bug-Fix-Reports aka "Package xyz
> > updated" to the Full*-Mailinglist?
>
> Hi
>
> Vendors are actively encouraged to
Rembrandt wrote:
On Mon, 14 Nov 2005 21:29:16 -0500
Byron Sonne <[EMAIL PROTECTED]> wrote:
Could you please stop mailing your Bug-Fix-Reports aka "Package xyz
updated" to the Full*-Mailinglist?
Then you need to run off and start your own list. Funny to see you
complain about something that
I took about 2 minutes out of my life several months ago and created
rules in Thunderbird which put all those update messages into a special
folder that I ignore. It wasn't incredibly hard to do, and now I'm
happy AND I didn't have to complain on the list! Win-win!
Rembrandt wrote:
Could you
On Mon, 14 Nov 2005 21:29:16 -0500
Byron Sonne <[EMAIL PROTECTED]> wrote:
> > Could you please stop mailing your Bug-Fix-Reports aka "Package xyz
> > updated" to the Full*-Mailinglist?
>
> I don't find those mailings objectionable. I think this is an
> appropriate forum.
I think this list shoul
On Tue, Nov 15, 2005 at 03:24:29AM +0100, Rembrandt wrote:
> Could you please stop mailing your Bug-Fix-Reports aka "Package xyz
> updated" to the Full*-Mailinglist?
Hi
Vendors are actively encouraged to provide such information to the
community. Please don't attempt to judge what others may or m
Could you please stop mailing your Bug-Fix-Reports aka "Package xyz
updated" to the Full*-Mailinglist?
I don't find those mailings objectionable. I think this is an
appropriate forum.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok
Could you please stop mailing your Bug-Fix-Reports aka "Package xyz
updated" to the Full*-Mailinglist?
I'm sure you've an OWN mailinglist for such things.
If not: Create one
Such things just suck and NERVE all others who don't use the OS/Distri.
It's not related to you personaly and you're no
-
Fedora Legacy Update Advisory
Synopsis: Updated bzip2 packages fix security issues
Advisory ID: FLSA:158801
Issue date:2005-11-14
Product: Red Hat Linux, Fedora Core
Keywords:
-
Fedora Legacy Update Advisory
Synopsis: Updated rp-pppoe package fixes security issue
Advisory ID: FLSA:152794
Issue date:2005-11-14
Product: Red Hat Linux, Fedora Core
Keywords:
-
Fedora Legacy Update Advisory
Synopsis: Updated xchat package fixes security issue
Advisory ID: FLSA:123013
Issue date:2005-11-14
Product: Fedora Core
Keywords: Bugfix
CVE
As I sit here and read this, I keep glancing at my phone waiting for
it to display April 1...
"http://www.geocities.com/n3td3v/home/hackerstoday.html";
What amazed me is that the dude had the chutzpah to post a link hosted
on geocities, and expected to be taken seriously!
_
On 11/14/05, Samuel Beckett <[EMAIL PROTECTED]> wrote:
> > http://forum.crime-research.org/teech-me-how-to-hack-vt6.html?highlight=
>
> "I'm I want to become a hacker. By the way, whats "netbus"?"
> Posted: Sun Mar 27, 2005 7:30 pm
>
> http://www.geocities.com/n3td3v/home/about.html
>
> "Extensive
On 11/13/05, n3td3v <[EMAIL PROTECTED]> wrote:
> I never said MW was right or wrong. Morning Wood didn't launch a
> personal attack on me. You were just someone who came on the thread
> and started your attacks. If it was anyone's position to launch a
> personal attack against me, it was MW and no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Y'know...I usually take what you have to say with a grain of
salt...and maybe a few grains of pain killer...and let it go, but
enough already. "If it wasn't for me you wouldn't have an internet
to sent your packets on right now"??
There have been a f
On 11/13/05, n3td3v <[EMAIL PROTECTED]> wrote:
> EMINEM LYRICS
>
> "Say What You Say"
This thread, is it some kind of a joke?
As I sit here and read this, I keep glancing at my phone waiting for
it to display April 1...
"http://www.geocities.com/n3td3v/home/hackerstoday.html";
Is like a bad acc
Hi,
I'd like to thank all of you for your feedback. I also apologise for
the ugly typo that should've been anywhere but in the line applying the
ACL exactly where I was really trying to make a point !
As I mentioned in my original post, I have had no issues at my
workplace with this blockin
I am releasing my collision generators for MD4 and MD5. They have significant
time improvements over the ones described in the papers by Wang, et al.
MD4 collisions can be generated almost instantly, MD5 can be generated in
approximately 45 minutes on my p4 1.6ghz (on average).
http://www.stachl
On Mon, 14 Nov 2005 13:37:28 +0100, Peer Janssen said:
> How do you know these are the same person?
>
> Could it be a decoy?
> A social engineering test against the forum?
> A clue test against the members of this list? (Who could be interesting
> in detailed profiling of the security community?
I should add that the page below has been updated on wiki with an
example. Whomever did that, Thanks! :)
Ken Pfeil wrote:
> Please do not feed n3td3v..
>
> http://tinyurl.com/28o42
>
> Thank you for your cooperation.
>
> We now return you to your regularly scheduled program "How I saved the
> I
On 11/8/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
[...]
> Note that rpm will only do that if the person who packaged the updated RPM
> specified a 'postinstall' scriptlet requesting it. So RPM *can* restart a
> daemon, but it's a function of the package, not of rpm.
[...]
Sorry for the lat
I was forwarded a very similiar message late last week.
When I loaded the page in IE it brought up the homepage of the domain
being phished and and a pop up window with a captcha image. Some more
analysis of the page showed that the image was being pulled from a
Russian email site while the rest
On 11/14/05, James Eaton-Lee <[EMAIL PROTECTED]> wrote:
> On Mon, 2005-11-14 at 01:02 +, n3td3v wrote:
> > Yet another fuckwit basing their opinion on someone they don't know.
> > If it wasn't for me you wouldn't have an internet to sent your packets
> > on right now. You take people at face va
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 895-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 14th, 2005
~~~
Application:Walla TeleSite
Vendors:http://www.walla.co.il
Versions: 3.0 and perior
Platforms: Windows (ISAPI, a few vulnerabilities apply Linux too)
Bug:Multiple Vulnerabilities
Exploitat
~~~
Application: Internet Explorer
Vendors: http://www.microsoft.com
Versions: 6.0.2900.2180.xpsp_sp2_rtm.040803-2158
Patched With: SP2;
Platforms: Windows
Bug: Remote File
On Mon, 2005-11-14 at 01:02 +, n3td3v wrote:
> Yet another fuckwit basing their opinion on someone they don't know.
> If it wasn't for me you wouldn't have an internet to sent your packets
> on right now. You take people at face value instead of getting to know
> them first.
Oh no, guys! He's
Have moved to xp 64 me so but honestly if
it is for your girlfriend , I suggest here to stay on 32-bit because you have
to find 64-bit drivers wich is not finger in the nose, many applications
incompatibility, + if you wants to buy it you have to buy a small hardware with
it … nor with luck
_Obviously_ he's just asking so he can record the reaction of the hackers.
/me slaps ../../../../n3td3v
On a more serious note, why would someone with so much experience and what not use a Geocities account for their website? You'd think someone with his experience could make a better site th
I don't usually even say anything on this list, I just read for the most part, and I have to say n3td3v seems to be one of the singularly most annoying individuals I have ever seen anywhere on the internet. His messages are a waste of space in my inbox, and I'm sure other people feel the same w
ITS A TRICK TO CONFUSE THE ENEMY HE IS TALKING ABOUT IN EARLIER POSTS !!!oneoneone lolz
On 11/14/05, Samuel Beckett <[EMAIL PROTECTED]> wrote:
It makes sense to conduct a social engineering test against a forum,ask for help to become a hacker and use your homepage in the sig
No, the "connect" was certainly not a typo. But indeed the "http access"
was.
The 2nd typo was "numerics_IPs" instead of "numeric_IPs". I think, it is
o.k. to show up such pitfalls.
> BTW: I'm sure, it will break a lot of other things but skype, too.
Do you mean "I'm sure it will break a lot
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 894-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 14th, 2005
It makes sense to conduct a social engineering test against a forum,
ask for help to become a hacker and use your homepage in the signature
which states that you're already an experienced hacker since more than
six years.
On 11/14/05, Peer Janssen <[EMAIL PROTECTED]> wrote:
> How do you know thes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities Found by PROTOS IPSec Test
Suite
Advisory ID: 68158
http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml
Revision 1.0
For Public Release 2005 November 14 1100 GMT (UTC
Samuel Beckett wrote:
On 11/14/05, Disco Jonny <[EMAIL PROTECTED]> wrote:
I thought that this was an excellent bit of trolling and
deserving of food, until google and boredom brought me across this...
http://forum.crime-research.org/teech-me-how-to-hack-vt6.html?highlight=
"I'm I
> acl connect method CONNECT
This line is not necessary since standard squid.conf contains this line:
acl CONNECT method CONNECT
so simply use the uppercase version (squid does not check upper and
lower case in acl names)
> # Apply your acls
> http access deny connect numerics_IPs all
Respe
Hi list,
After several delays with the full rkdetector application, i have
published a beta of the rkdetector v2.0 filesystem module that includes:
- Filesystem scanner
- data recovery
- secure data deletion
- ADS scanner
- registry analyzer
U
On 11/14/05, Disco Jonny <[EMAIL PROTECTED]> wrote:
> I thought that this was an excellent bit of trolling and
> deserving of food, until google and boredom brought me across this...
>
> http://forum.crime-research.org/teech-me-how-to-hack-vt6.html?highlight=
"I'm I want to become a hacker. B
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 893-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 14th, 2005
I thought that this was an excellent bit of trolling and
deserving of food, until google and boredom brought me across this...
http://forum.crime-research.org/teech-me-how-to-hack-vt6.html?highlight=
As for the lack of basic English skills, I think that this is done
deliberately, if the spel
This line is not necessary since standard squid.conf contains this line:
That has nothing to do with the proposed configuration. No serious squid
implementation would have a standard ACL list, so every serious admin
would rewrite them. And if you are serious you have some sort of
convention for
Polarizer wrote,
> > acl connect method CONNECT
>
> This line is not necessary since standard squid.conf contains this line:
>
> acl CONNECT method CONNECT
>
> so simply use the uppercase version (squid does not check upper and lower case
> in acl names)
>
> > # Apply your acls
> > http access
you can always add exceptions for popular sites that connect by IP, as there
are not going to "that" many
-Original Message-
From: Polarizer <[EMAIL PROTECTED]>
To: full-disclosure@lists.grok.org.uk
Date: Mon, 14 Nov 2005 10:35:01 +0100
Subject: Re: [Full-disclosure] Blocking Skype
>
>
Hi Peter,
> I have had a number of reports of messages targetting users on domains
> for their credentials.
> The interesting part of this message is the very basic but effective
> encoding of the message. It appears that there are a couple of
> characters that instruct the mail program to disp
ý wrýte wid passi0n t00 !!wartevar cums ooout cums oouut
On 11/13/05, n3td3v <[EMAIL PROTECTED]> wrote:
WHAT, are you think launching personal attacks against someone issomthing to be proud of? I'm sure if you read the F-D charter infact
its outlawed on this list. I posted up something
hhh beware or the n3td3v kidz0r will p4ck37 j00!!!11oneonelolz
On 11/14/05, InfoSecBOFH <[EMAIL PROTECTED]> wrote:
> You're maing a complete idiot of yourself, because the world is> watching and the powers that be at Yahoo would back up everything i've
> been sayingActually they won't. I have
On 11/13/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I have had no problems at all with the above setup, and as a result,
> only Skype is blocked, as most(if not all) companies serious about
> having a web presence
> have registered domains and hence are referenced by their FQDN URLs.
This
52 matches
Mail list logo