[Full-disclosure] strange domain name in phishing email

2006-03-11 Thread Jianqiang Xin 
hi, 
I received several phishing emails. One interesting thing is the link to phishing website has the link:
http://1406379699/dbweb/ws/ebay/index.htm

If you click it, it goes to a fake ebay server. The DNS result shows:

 1406379699
Server: 
Address: 

Name: ip-166-179.sn2.eutelia.it
Address: 83.211.166.179

I do not understand why 1406379699 equal to ip-166-179.sn2.eutelia.it? Thanks for your help.


yours,
jqxin2006
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] strange domain name in phishing email

2006-03-11 Thread [EMAIL PROTECTED] 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
 
google is cool

http://www.alexcarlock.com/ip.asp

Jianqiang Xin wrote:
 hi,
 I received several phishing emails. One interesting thing is the
 link to phishing website has the link:
 http://1406379699/dbweb/ws/ebay/index.htm

 If you click it, it goes to a fake ebay server. The DNS result shows:

  1406379699
 Server:
 Address:

 Name:ip-166-179.sn2.eutelia.it http://ip-166-179.sn2.eutelia.it
 Address:  83.211.166.179 http://83.211.166.179

 I do not understand why 1406379699 equal to
 ip-166-179.sn2.eutelia.it http://ip-166-179.sn2.eutelia.it? Thanks
 for your help.


 yours,
 jqxin2006

 --

 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/

 __ NOD32 1.1438 (20060310) Information __

 This message was checked by NOD32 antivirus system.
 http://www.eset.com


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.1 (MingW32)
 
iD8DBQFEEqCWFJS99fNfR+YRAtKmAKCnpts+WgH6xXo/6FY1Ic3KjkDa+gCfaYaa
HBpMyL+whXgLoHo/tg//MD0=
=mlVo
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] strange domain name in phishing email

2006-03-11 Thread Brian Dessent 
Jianqiang Xin wrote:

 I received several phishing emails. One interesting thing is the link
 to phishing website has the link:
 http://1406379699/dbweb/ws/ebay/index.htm

This is a very old technique.  Most people think that dotted-quad
decimal is the only way to express an IP address but they can in fact be
written in a variety of formats - octal, hexadecimal, and/or combined as
a single 32 bit word.  Read http://www.pc-help.org/obscure.htm for
more.

Brian
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] strange domain name in phishing email

2006-03-11 Thread Nancy Kramer 

Could it be a 301 permanent redirect?

Regards,

Nancy Kramer
Webmaster http://www.americandreamcars.com
Free Color Picture Ads for Collector Cars
One of the Ten Best Places To Buy or Sell a Collector Car on the Web


At 04:57 AM 3/11/2006, Jianqiang Xin wrote:


hi,
I received several phishing emails. One interesting thing is the link to 
phishing website has the link:

http://1406379699/dbweb/ws/ebay/index.htmhttp://1406379699/dbweb/ws/ebay/index.htm

If you click it, it goes to a fake ebay server. The DNS result shows:

 1406379699
Server:
Address:

Name:http://ip-166-179.sn2.eutelia.itip-166-179.sn2.eutelia.it
Address:  http://83.211.166.17983.211.166.179

I do not understand why 1406379699 equal to 
http://ip-166-179.sn2.eutelia.itip-166-179.sn2.eutelia.it? Thanks for 
your help.



yours,
jqxin2006
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.1.375 / Virus Database: 268.2.1/278 - Release Date: 3/9/2006



--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.375 / Virus Database: 268.2.1/278 - Release Date: 3/9/2006


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] INFIGO-2006-03-01 exploit

2006-03-11 Thread Micheal Turner 
http://prdelka.blackart.org.uk/exploitz/prdelka-vs-GNU-peercast.c



___ 
NEW Yahoo! Cars - sell your car and browse thousands of new and used cars 
online! http://uk.cars.yahoo.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] AntiVir PersonalEdition Classic: Local Privilige Escalation

2006-03-11 Thread Ramon 'ports' Kukla 

Application: AntiVir PersonalEdition Classic
Site:http://www.free-av.de/
Version: 7 and maybe lower
OS:  Windows XP, Windows 2000
Bugs:Local Privilige Escalation


Product:
=
AntiVir PersonalEdition Classic Windows from Avira GmbH protects your
computer from viruses, malware, unwanted programs and other dangers.


About:
=
A few days ago I discovered a little 'Local Privilege Escalation' Bug
in the current version of AntiVir PersonalEdition Classic.


Description:
=
Part of AntiVir PersonalEdition Classic is a service called 'AntiVir
PersonalEdition Classic Planer' which runs with SYSTEM rights. If you
start the update process using the GUI, AntiVir will show you a status
window. After finishing the process AntiVir offers you a report. Open
the report using the button 'Report' and AntiVir will open the report
in the well known application 'notepad.exe'. Well, since the update was
initiated by the service 'AntiVir PersonalEdition Classic Planer',
which runs with SYSTEM rights, notepad.exe inherits these rights now.
Use 'notepad.exe' to *run* 'compmgmt.msc' for example and...
Well, you know what might happen now.


History:
=
2006-03-04: Found the Bug and mailed Vendor
2006-03-05: Response from vendor, checking the problem
2006-03-09: Response from vendor, fix is on the way.



ports

--
SYS 64767
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] reduction of brute force log

2006-03-11 Thread Martijn Lievaart 

Gary E. Miller wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Yo Bob!

On Tue, 28 Feb 2006, Bob Radvanovsky wrote:

 


I am going to test these rules out -- this looks REALLy good!  But...I'v
e got just ONE question: why on Earth would you permit ICMP???
   



No ICMP means no P-MTU.  No P-MTU mean non-working tunnels.

You want to shoot yourself in the foot, tben go ahead and block ICMP.
 



All icmp messages related to pmtud are just that, RELATED. So they are 
allowed by a previous rule.


M4

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Skype emoticons problems and vulnerabilities

2006-03-11 Thread Alexander Hristov 
Affected versions : 1.x ( not tested on 2.x )
Skype is vulnerable to dos using the emoticons when u do a bigger
enough list of them like this :
:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D

--
Best Regards,
Aleksander Hristov  root at securitydot.net   http://securitydot.net 
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [INetCop Security Advisory] zeroboard IP session bypass XSS vulnerability

2006-03-11 Thread dong-hun you 



INetCop Security Advisory #2006-0x82-029



* Title: zeroboard IP session bypass XSS vulnerability


0x01. Description


Zeroboard is a popular web notice board used in Korea.

INetCop Security found XSS vulnerability in the latest zeroboard version 4.1 pl 
7 (2005. 4. 4).
Basically, zeroboard uses the following algorithm so that session may not be 
abused
by the attack related with cookie. (e.g: cookie spoofing, sniffing)

After login, is part that handle session: --

bbs/login_check.php:
...
24  // 회원로그인이 성공하였을 경우 세션을 생성하고 페이지를 이동함
25  if($member_data[no]) {
26
27  if($auto_login) {
28  makeZBSessionID($member_data[no]);
29  }
30
31  // 4.0x 용 세션 처리
32  $zb_logged_no = $member_data[no];
33  $zb_logged_time = time();
34  $zb_logged_ip = $REMOTE_ADDR; --- Recording IP address
35  $zb_last_connect_check = '0';
36
37  session_register(zb_logged_no);
38  session_register(zb_logged_time);
39  session_register(zb_logged_ip);
40  session_register(zb_last_connect_check);
41
--

If IP address is different from present session user's, connection terminates: 
--

bbs/lib.php:

94  // 세션 값을 체크하여 로그인을 처리
95  } elseif($HTTP_SESSION_VARS[zb_logged_no]) {
96
97  // 로그인 시간이 지정된 시간을 넘었거나 로그인
아이피가 현재 사용자의 아이피와 다를 경우 로그아웃 시킴
98  if(time()-$HTTP_SESSION_VARS[zb_logged_time]
$_zbDefaultSetup[login_time]||$HTTP_SESSION_VARS[zb_logged_ip]!=$REMOTE_ADDR)
 {
99
   100  $zb_logged_no=; // session 
initialization
   101  $zb_logged_time=;
   102  $zb_logged_ip=;
   103  session_register(zb_logged_no);
   104  session_register(zb_logged_ip);
   105  session_register(zb_logged_time);
   106  session_destroy();
   107
   108  // 유효할 경우 로그인 시간을 다시 설정
   109  } else {
--


This seems to be intercepting cookie hacking.
But, if we take advantage of IP session disablement technique, session 
bypassing may be possible.
Detailed explanation about the way to exploit this vulnerability is found at 
the following 

reference.

URL: http://x82.inetcop.org/h0me/papers/iframe_tag_exploit.txt (Korean)

As a result, hacker through administrator's web browser exploit code workably 
become.


--


0x02. Vulnerable Packages


Vendor site: http://www.nzeo.com/

Low versions including Zeroboard 4.1 pl 7 (2005. 4. 4) version.
-zb41pl7.tar.Z 

Disclosure Timeline:
2003-04.??: Vulnerabilities found.
2006-02.17: 1st vendor contact. (didn't respond)
2006-02.22: 2nd vendor contact. (didn't respond)
2006-02.25: Vendor responded, patch released.
2006-03.12: Public disclosure.


0x03. Exploit


We have 2 `Proof-of-Concept' exploit about this vulnerability.

This XSS vulnerability happens in memo box title and user email, homepage 
information input.
When administrator logins and checks a user information page, attack code can 
be achieved,
and there is another way, which injects an attack code in memo title.
After exploit, an attacker can inject PHP code through an administrator web 
page function.
Through this PHP code injection, the attacker(normal user) can change the 
password of 

administrator, 
and take administrator's privilege

To prevent the abuse of this vulnerabilty, INetCop Security will not publish 
POC code.


0x04. Patch


INetCop Security released temporary patch:
INetCop Security Patch URL: 
http://inetcop.net/upfiles/Zeroboard-4.1_pl7_patch.tgz

And vendor's patch after INetCop Security advisory:
Vendor Patch URL: http://www.nzeo.com/bbs/zboard.php?id=cgi_bugreport2no=5406

--
Thank you.

P.S: I give thanks to Securityproof that suffer translation.
Korean Advisory URL: 
http://www.inetcop.org/upfiles/33INCSA.2006-0x82-029-zeroboard.pdf


--
By dong-houn yoU (Xpl017Elz), in INetCop(c) Security.

MSN  E-mail: szoahc(at)hotmail(dot)com,
  xploit(at)hackermail(dot)com

INetCop Security Home: http://www.inetcop.org
 My World: http://x82.inetcop.org

GPG public key: http://x82.inetcop.org/h0me/pr0file/x82.k3y
--




-- 
___
Get your free email from http://www.hackermail.com
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] (no subject)

2006-03-11 Thread Dave King 
Advisory 2006-03-11 Buffer Overflow in Microsoft Windows XP

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Microsoft Windows XP crash or run arbitrary code by the 
use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft Windows XP has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006- to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*Dave King [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11Off-by-one in Microsoft Word

2006-03-11 Thread iDEFENSE Labs 
Advisory 2006-03-11 Off-by-one in Microsoft Word

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Microsoft Word crash by the use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft Word has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-407802 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*iDEFENSE Labs [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11DoS Vulnerability in Microsoft Windows 2003

2006-03-11 Thread iDEFENSE Labs 
Advisory 2006-03-11 DoS Vulnerability in Microsoft Windows 2003

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Sending a specially crafted  malformed  packet to the services communication 
socket can create a loss of service.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft Windows 2003 has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-227302 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*iDEFENSE Labs [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11DoS Vulnerability in Microsoft Windows 2000

2006-03-11 Thread iDEFENSE Labs 
Advisory 2006-03-11 DoS Vulnerability in Microsoft Windows 2000

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Sending a specially crafted  malformed  packet to the services communication 
socket can create a loss of service.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft Windows 2000 has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-902351 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*iDEFENSE Labs [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11DoS Vulnerability in Microsoft Windows XP

2006-03-11 Thread iDEFENSE Labs 
Advisory 2006-03-11 DoS Vulnerability in Microsoft Windows XP

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Sending a specially crafted  malformed  packet to the services communication 
socket can create a loss of service.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft Windows XP has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-686948 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*iDEFENSE Labs [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11Local Privilege Escalation Vulnerability in AOL Client Software

2006-03-11 Thread ZATAZ Audits 
Advisory 2006-03-11 Local Privilege Escalation Vulnerability in AOL Client 
Software

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

AOL Client Software incorrectly validates user input

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

AOL Client Software has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-636555 to this issue.

APPENDIX A. - Vendor Information
http://www.aol.com
APPENDIX B. - References
NONE

CONTACT:
*ZATAZ Audits [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Directory Transversal in

2006-03-11 Thread Suresec Advisories \r\n 
Tripwire
Message-ID: [EMAIL PROTECTED]
X-Priority: 3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=iso-8859-1

Advisory 2006-03-11 Directory Transversal in 
Tripwire

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Remote exploitation of a directory traversal vulnerability in 
Tripwire could allow attackers to overwrite or view arbitrary files with 
user-supplied contents.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE


Tripwire has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-891531 to this issue.

APPENDIX A. - Vendor Information
http://www.tripwire.com/

APPENDIX B. - References
NONE

CONTACT:
* Suresec Advisories 
 [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Off-by-one in

2006-03-11 Thread mike king\r\n 
VMware
Message-ID: [EMAIL PROTECTED]
X-Priority: 3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=iso-8859-1

Advisory 2006-03-11 Off-by-one in 
VMware

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make 
VMware crash by the use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE


VMware has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-861530 to this issue.

APPENDIX A. - Vendor Information
http://www.vmware.com/

APPENDIX B. - References
NONE

CONTACT:
*mike king
 [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Integer Overflow in

2006-03-11 Thread Geo.\r\n 
ISC BIND
Message-ID: [EMAIL PROTECTED]
X-Priority: 3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=iso-8859-1

Advisory 2006-03-11 Integer Overflow in 
ISC BIND

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION


ISC BIND incorrectly parses integer data

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE


ISC BIND has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-205043 to this issue.

APPENDIX A. - Vendor Information
http://www.isc.org/index.pl?/sw/bind/

APPENDIX B. - References
NONE

CONTACT:
*Geo.
 [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 DoS Vulnerability in

2006-03-11 Thread Johannes Schneider\r\n 
Microsoft Windows 2000
Message-ID: [EMAIL PROTECTED]
X-Priority: 3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=iso-8859-1

Advisory 2006-03-11 DoS Vulnerability in 
Microsoft Windows 2000

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Sending a specially crafted  malformed  packet to the services communication 
socket can create a loss of service.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE


Microsoft Windows 2000 has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-541517 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com

APPENDIX B. - References
NONE

CONTACT:
*Johannes Schneider
 [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Directory Transversal in

2006-03-11 Thread Nic Werner\r\n 
Microsoft Access
Message-ID: [EMAIL PROTECTED]
X-Priority: 3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=iso-8859-1

Advisory 2006-03-11 Directory Transversal in 
Microsoft Access

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Remote exploitation of a directory traversal vulnerability in 
Microsoft Access could allow attackers to overwrite or view arbitrary files 
with user-supplied contents.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE


Microsoft Access has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-668264 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com

APPENDIX B. - References
NONE

CONTACT:
*Nic Werner
 [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 DoS Vulnerability in ISC OpenReg

2006-03-11 Thread KaiJern Lau 
Advisory 2006-03-11 DoS Vulnerability in ISC OpenReg

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Sending a specially crafted  malformed  packet to the services communication 
socket can create a loss of service.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

ISC OpenReg has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-662274 to this issue.

APPENDIX A. - Vendor Information
http://www.isc.org/index.pl?/sw/openreg/
APPENDIX B. - References
NONE

CONTACT:
*KaiJern Lau [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Local Privilege Escalation Vulnerability in

2006-03-11 Thread Tim Saunders 
Advisory 2006-03-11 Local Privilege Escalation Vulnerability in 

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

 incorrectly validates user input

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

 has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-511492 to this issue.

APPENDIX A. - Vendor Information

APPENDIX B. - References
NONE

CONTACT:
*Tim Saunders [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Buffer Overflow in VMware

2006-03-11 Thread Randal 
Advisory 2006-03-11 Buffer Overflow in VMware

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make VMware crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

VMware has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-374780 to this issue.

APPENDIX A. - Vendor Information
http://www.vmware.com/
APPENDIX B. - References
NONE

CONTACT:
*Randal [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Local Privilege Escalation Vulnerability in Apple MacOSX

2006-03-11 Thread Evgeny Legerov 
Advisory 2006-03-11 Local Privilege Escalation Vulnerability in Apple MacOSX

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Apple MacOSX incorrectly validates user input

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Apple MacOSX has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-285537 to this issue.

APPENDIX A. - Vendor Information
http://www.apple.com/macosx/
APPENDIX B. - References
NONE

CONTACT:
*Evgeny Legerov [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Off-by-one in ISC INN

2006-03-11 Thread A. Ramos 
Advisory 2006-03-11 Off-by-one in ISC INN

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make ISC INN crash by the use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

ISC INN has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-116142 to this issue.

APPENDIX A. - Vendor Information
http://www.isc.org/index.pl?/sw/inn/
APPENDIX B. - References
NONE

CONTACT:
*A. Ramos [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Directory Transversal in Apple iTunes

2006-03-11 Thread Francisco Amato 
Advisory 2006-03-11 Directory Transversal in Apple iTunes

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Remote exploitation of a directory traversal vulnerability in Apple iTunes 
could allow attackers to overwrite or view arbitrary files with user-supplied 
contents.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Apple iTunes has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-148231 to this issue.

APPENDIX A. - Vendor Information
http://www.apple.com/itunes/
APPENDIX B. - References
NONE

CONTACT:
*Francisco Amato [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 DoS Vulnerability in Apple iTunes

2006-03-11 Thread Peter Besenbruch 
Advisory 2006-03-11 DoS Vulnerability in Apple iTunes

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Sending a specially crafted  malformed  packet to the services communication 
socket can create a loss of service.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Apple iTunes has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-596484 to this issue.

APPENDIX A. - Vendor Information
http://www.apple.com/itunes/
APPENDIX B. - References
NONE

CONTACT:
*Peter Besenbruch [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Off-by-one in Microsoft PowerPoint

2006-03-11 Thread Fortinet Research 
Advisory 2006-03-11 Off-by-one in Microsoft PowerPoint

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Microsoft PowerPoint crash by the use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft PowerPoint has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-167912 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*Fortinet Research [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Off-by-one in Ethereal

2006-03-11 Thread Tom Ferris 
Advisory 2006-03-11 Off-by-one in Ethereal

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Ethereal crash by the use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Ethereal has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-200917 to this issue.

APPENDIX A. - Vendor Information
http://www.ethereal.com/
APPENDIX B. - References
NONE

CONTACT:
*Tom Ferris [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Off-by-one in VMware

2006-03-11 Thread 3APA3A 
Advisory 2006-03-11 Off-by-one in VMware

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make VMware crash by the use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

VMware has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-617555 to this issue.

APPENDIX A. - Vendor Information
http://www.vmware.com/
APPENDIX B. - References
NONE

CONTACT:
*3APA3A [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-139995 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-121950 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 DoS Vulnerability in Microsoft Windows 2000

2006-03-11 Thread Aaron Horst 
Advisory 2006-03-11 DoS Vulnerability in Microsoft Windows 2000

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Sending a specially crafted  malformed  packet to the services communication 
socket can create a loss of service.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft Windows 2000 has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-505138 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*Aaron Horst [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-851795 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-618665 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-320353 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-987172 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-610618 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-802529 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Buffer Overflow in Microsoft Windows 2000

2006-03-11 Thread Paul Melson 
Advisory 2006-03-11 Buffer Overflow in Microsoft Windows 2000

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Microsoft Windows 2000 crash or run arbitrary code by 
the use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft Windows 2000 has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-658052 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*Paul Melson [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-915821 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-958918 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Heap Overflow in ISC INN

2006-03-11 Thread Paul Kurczaba 
Advisory 2006-03-11 Heap Overflow in ISC INN

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make ISC INN crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

ISC INN has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-660971 to this issue.

APPENDIX A. - Vendor Information
http://www.isc.org/index.pl?/sw/inn/
APPENDIX B. - References
NONE

CONTACT:
*Paul Kurczaba [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-866874 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-240993 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-912124 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-640866 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-483972 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-853279 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-508281 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-451029 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-391877 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-975090 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-522732 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-605933 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-871664 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 filthy nigger in Snort

2006-03-11 Thread Gadi Evron 
Advisory 2006-03-11 filthy nigger in Snort

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make Snort crash or run arbitrary code by the use of 
malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Snort has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-192403 to this issue.

APPENDIX A. - Vendor Information
http://lol.poo.poo.bbq.dave.aitel.sucks.cocks.org/
APPENDIX B. - References
NONE

CONTACT:
*Gadi Evron [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Heap Overflow in AOL Client Software

2006-03-11 Thread gat0r 
Advisory 2006-03-11 Heap Overflow in AOL Client Software

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

It is possible to make AOL Client Software crash or run arbitrary code by the 
use of malformed input.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

AOL Client Software has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-251293 to this issue.

APPENDIX A. - Vendor Information
http://www.aol.com
APPENDIX B. - References
NONE

CONTACT:
*gat0r [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Directory Transversal in Microsoft Windows 2000

2006-03-11 Thread Robert Perriero 
Advisory 2006-03-11 Directory Transversal in Microsoft Windows 2000

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Remote exploitation of a directory traversal vulnerability in Microsoft Windows 
2000 could allow attackers to overwrite or view arbitrary files with 
user-supplied contents.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Microsoft Windows 2000 has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-310292 to this issue.

APPENDIX A. - Vendor Information
http://www.microsoft.com
APPENDIX B. - References
NONE

CONTACT:
*Robert Perriero [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Advisory 2006-03-11 Directory Transversal in Apple MacOSX

2006-03-11 Thread Josh perrymon 
Advisory 2006-03-11 Directory Transversal in Apple MacOSX

I. BACKGROUND

Advisory marked for immediate release.

II. DESCRIPTION

Remote exploitation of a directory traversal vulnerability in Apple MacOSX 
could allow attackers to overwrite or view arbitrary files with user-supplied 
contents.

III. HISTORY

This advisory has no history.

IV. WORKAROUND

There are no known workarounds.

V. VENDOR RESPONSE

Apple MacOSX has not commented on this issue.

VI. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2006-442315 to this issue.

APPENDIX A. - Vendor Information
http://www.apple.com/macosx/
APPENDIX B. - References
NONE

CONTACT:
*Josh perrymon [EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/