[Full-disclosure] [SECURITY] [DSA 1105-1] New xine-lib packages fix denial of service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1105-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze July 7th, 2006 http://www.debian.org/security/faq - -- Package: xine-lib Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2006-2802 BugTraq ID : 18187 Debian Bug : 369876 Federico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, taht could allow a remote attacker to cause a denial of service. For the old stable distribution (woody) this problem has been fixed in version 0.9.8-2woody5. For the stable distribution (sarge) this problem has been fixed in version 1.0.1-1sarge3. For the unstable distribution (sid) this problem has been fixed in version 1.1.1-2. We recommend that you upgrade your libxine packages. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - Source archives: http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody5.dsc Size/MD5 checksum: 761 113ef134a39e2f37bc6395dc2e43b538 http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody5.diff.gz Size/MD5 checksum: 2339 194c32b8c93f5e85c873454412f63552 http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8.orig.tar.gz Size/MD5 checksum: 1766178 d8fc9b30e15b50af8ab7552bbda7aeda Alpha architecture: http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_alpha.deb Size/MD5 checksum: 261022 3314df47933eadc0af5b5cf4a36afdfe http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_alpha.deb Size/MD5 checksum: 816024 897664eee06d09f43375f5320be1f17b ARM architecture: http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_arm.deb Size/MD5 checksum: 302960 9dee75c3d13aabb5e83978e0d75ec4ce http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_arm.deb Size/MD5 checksum: 671494 dafc6c14181802dd56c887583bbf5140 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_i386.deb Size/MD5 checksum: 260788 3a98e4d713d1c341fe69a717c8de0072 http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_i386.deb Size/MD5 checksum: 807996 1dd6e453aa93c420a145dd5397ee99bd Intel IA-64 architecture: http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_ia64.deb Size/MD5 checksum: 260864 46ae5bb7b3256421dd7291e7c8898369 http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_ia64.deb Size/MD5 checksum: 953654 887b267a44c50e00f8bf9e2190852ca8 HP Precision architecture: http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_hppa.deb Size/MD5 checksum: 260968 aa1ee745d7c5c6b9a8271c64f0a587a0 http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_hppa.deb Size/MD5 checksum: 846792 60ed39365a0c67db2d4fba67d2ba1583 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_m68k.deb Size/MD5 checksum: 292718 2a87b508bcc610a01abf8c9c3773d40d http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_m68k.deb Size/MD5 checksum: 617706 67075fef400071473fa948e5dd89b8fc Big endian MIPS architecture: http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_mips.deb Size/MD5 checksum: 299478 5b0c49b3745472f71725dd052b60d712 http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_mips.deb Size/MD5 checksum: 653086 0044bef2d6ebeb01385d1a20a716046a Little endian MIPS architecture: http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody5_mipsel.deb Size/MD5 checksum: 299568 79851707d297d94d74b613d5abaa6b3a http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody5_mipsel.deb Size/MD5 checksum: 655030 0868f2d006c6b5282c8880a8460fed77
Re: [Full-disclosure] Re: Google and Yahoo search engine zero-day code
I never reply to this mailing list but I feel that this blatant and unashamed plagiarism should be exposed! This 'breaking' news by the n3td3v research branch was written about by Michal Zalewski in his excellent book, 'silence on the wire'. Maybe Zalewski is part of the 'fearsome' :) netdev group but I doubt it! On 7/5/06, Dave No, not that one Korn [EMAIL PROTECTED] wrote: Denis Jedig wrote: n3td3v wrote: Today's disclosure involves Google and Yahoo search engines: All you need to do is put in the code to a web page, when Google and Yahoo visit it, then the code exploits the software they use and makes them start caching 'other' pages. Including 'no index' pages, where sites have setup a robot text file on their server to protect corporate and consumer interests. I think you missed the concept here. Whatever is on the webservers and is available to the public is... well... available to the public. It does not help security matters to introduce a robots.txt - the purpose of this directives file is not to secure something but to reduce traffic and keep irrelevant content out of search engines. If you need security, you introduce some kind of authentication *before* access is allowed to sensitive data. You will find that a sign reading Do not enter and do not steal any gold will not help much at the Fort Knox entrance if it is the only security measure. Also, Google and Yahoo *do* respect the robots.txt file and do check it for every server they fetch files from, and the whole thing is garbage. His so-called 'example' is a fraud because it shows yahoo caching a page from the site mtf.news.yahoo.com, which DOES NOT HAVE A ROBOTS.TXT FILE. cheers, DaveK -- Can't think of a witty .sigline today ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Critical SQL Injection PHPNuke
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 DaRk14 wrote: pls .. i want a script who creates an admin account in php-nuke site`s ... www.site.com/admin.php http://www.site.com/admin.php exemple...understand ? pls if you know what i speak, and have that script in your PC, plss mail`me :) thx I think you've missed an essential. It's one thing to disclose product vulnerabilities for the greater good of the community. It's an entirely different thing to go searching for cracks to gain unauthorized access to a system. kw -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFErnJv7XWNuvsOTiYRAkVGAKCgZ+1wv/hVDmt1ebQZtJK4d7MV0ACg1h2U LHJdL7T77rESctIaO+msap4= =AsJF -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Re: [WEB SECURITY] Cross Site Scripting in Google
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin O'Neal wrote: I personally also believe in full disclosure, but it has to be delivered in a responsible fashion. Dispatching vulnerabilities to a public list without even attempting to contact the vendor is clearly not in the best interest of the vendors nor the great majority of the user base. Actually, I think this is the point the author was trying to make. We should not be thinking about the interests of a company who has ignored issues in the past. The great majority of the user base will listen to the company -- not us -- anyways. They are not on this list(s) and thus will not see what we see. We are not making the Google website better here, rather we are trying to alert people of a possible issue with the website that they should be aware of and learn from this issue. The author did the right thing here by posting examples in the past of Google ignoring possible issues with their website. I think the author actually went above and beyond the requirements of the list(s) and its reader base as well. And the debate continues... Mike Duncan [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFErnK1OSRBehttuMoRAu2KAKDCWdH1z3RuZ4stX0PeQY5ely3KiQCfaR8b y4pY794d1xgNW6P1tsIdqtk= =a/SO -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: [WEB SECURITY] Cross Site Scripting in Google
On 7/7/06, Mike Duncan [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE-And the debate continues... I think its a closed an issue.. google was quick to react on this round http://www.threadwatch.org/node/7266#comment-41639 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: Full-Disclosure Digest, Vol 17, Issue 12
I've been wondering when n3td3v would die.. he's such a sore loser. On 07/07/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Send Full-Disclosure mailing list submissions to full-disclosure@lists.grok.org.uk To subscribe or unsubscribe via the World Wide Web, visit https://lists.grok.org.uk/mailman/listinfo/full-disclosure or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than Re: Contents of Full-Disclosure digest... Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you. Today's Topics: 1. Re: The truth about Rob Levin aka Liloofirc.freenode.net (Dave No, not that one Korn) 2. Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs (Juha-Matti Laurio) 3. Re: Two-Factor Authentication on the Web (mikeiscool) 4. [SECURITY] [DSA 1105-1] New xine-lib packages fix denial of service (Martin Schulze) 5. Re: Re: Google and Yahoo search engine zero-day code (Patrick Fitzgerald) -- Message: 1 Date: Fri, 7 Jul 2006 02:36:36 +0100 From: Dave \No, not that one\ Korn [EMAIL PROTECTED] Subject: [Full-disclosure] Re: The truth about Rob Levin aka Liloofirc.freenode.net To: full-disclosure@lists.grok.org.uk Message-ID: [EMAIL PROTECTED] Eliah Kagan wrote: On 7/6/06, Edward Pearson wrote: Yes, shame on you. If Rob took you to court, you'd be in big fucking trouble. Wow, feel the hate. evilrabbi pointed it out, but maybe you didn't catch it...court records are public... Benjamin Krueger spoke of, SSN, birthdate, and other personal data, but see, nobody posted any of that...Andrew A posted some information from PUBLIC COURT RECORDS... -Eliah You appear to have come in part way through this thread and missed the first post that started it, which had Rob Levin's SSN, birthdate and personal data. What makes you look even dafter is that the post by Andrew A, which you clearly *have* seen, re-quoted the entire thing beneath the top-post, including Rob Levin's SSN, birthdate and personal data. If you can't see things such as an SSN, birthdate, and personal data, when they're right there in front of you, please don't try and help anyone else by discussing the absence of SSN, birthdate, and personal data, from posts that you clearly didn't pay the slightest attention to when you read them. cheers, DaveK -- Can't think of a witty .sigline today -- Message: 2 Date: Fri, 7 Jul 2006 05:22:29 +0300 (EEST) From: Juha-Matti Laurio [EMAIL PROTECTED] Subject: [Full-disclosure] Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs To: full-disclosure@lists.grok.org.uk Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; Charset=iso-8859-1; Format=Flowed Several updates to First Microsoft Excel 0-day Vulnerability FAQ document at http://blogs.securiteam.com/?p=451 has been done. * Several exploits for this vuln and other Excel issues has been released recently * PoC sample file Nanika.xls was posted to Bugtraq on Monday already (NOTE: Several vendors see this as a separate vulnerability) * New Trojan variant names added to the document * Some other updates and fixes Word 'First' to the FAQ document title was added in June to clarify the situation after several Excel vuln disclosures. At time of writing new 'Nanika' issue uses Repair Mode too (and user interaction is needed). There is no exact information is this a totally new type vulnerability, however. - Juha-Matti -- Message: 3 Date: Fri, 7 Jul 2006 12:25:53 +1000 From: mikeiscool [EMAIL PROTECTED] Subject: [Full-disclosure] Re: Two-Factor Authentication on the Web To: [EMAIL PROTECTED] [EMAIL PROTECTED] Cc: [EMAIL PROTECTED], full-disclosure@lists.grok.org.uk full-disclosure@lists.grok.org.uk Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 7/6/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: http://www.theregister.co.uk/2005/04/04/fingerprint_merc_chop/ Carjackers swipe biometric Merc, plus owner's finger honestly, this guy should sue mercedes. this absoutely had to forsee this possibility and they did not care. something like that needs to happen so that we can finall put an end to the stupidity that is biometrics. -- mic -- Message: 4 Date: Fri, 7 Jul 2006 08:43:43 +0200 (CEST) From: [EMAIL PROTECTED] (Martin Schulze) Subject: [Full-disclosure] [SECURITY] [DSA 1105-1] New xine-lib packages fixdenial of service To: debian-security-announce@lists.debian.org (Debian Security Announcements) Message-ID: [EMAIL PROTECTED] Content-Type: text/plain;
[Full-disclosure] rPSA-2006-0122-1 kernel
rPath Security Advisory: 2006-0122-1 Published: 2006-07-07 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local Deterministic Denial of Service Updated Versions: kernel=/[EMAIL PROTECTED]:devel//1/2.6.16.24-0.1-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2451 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2934 https://issues.rpath.com/browse/RPL-488 Description: Previous versions of the kernel package are vulnerable to two denial of service attacks. The first allows any local user to fill up file systems by causing core dumps to write to directories to which they do not have write access permissions. The second applies only to systems using the SCTP protocol, which is not enabled by default, and the tools required to configure it (lksctp-tools) are not included in rPath Linux. This vulnerability, which cannot apply to systems without lksctp-tools installed, enables a remote denial of service attack in which specially-crafted packets can crash the system. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDKSA-2006:118 ] - Updated OpenOffice.org packages fix various vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2006:118 http://www.mandriva.com/security/ ___ Package : OpenOffice.org Date: July 7, 2006 Affected: 2006.0, Corporate 3.0 ___ Problem Description: OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. (CVE-2006-2198) An unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. (CVE-2006-2199) Heap-based buffer overflow in OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka File Format / Buffer Overflow Vulnerability. (CVE-2006-3117) Updated packages are patched to address this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3117 ___ Updated Packages: Mandriva Linux 2006.0: 31bdb20cee474f7ae8e0d5d2632b6354 2006.0/RPMS/OpenOffice.org-1.1.5-2.3.20060mdk.i586.rpm b08f829503c62d4d12b3df8e4e882af5 2006.0/RPMS/OpenOffice.org-help-cs-1.1.5-2.3.20060mdk.i586.rpm 6920402e63e77bab25cd619da30b5528 2006.0/RPMS/OpenOffice.org-help-de-1.1.5-2.3.20060mdk.i586.rpm bf1b95f704be9ddd050a4984dd7fa481 2006.0/RPMS/OpenOffice.org-help-en-1.1.5-2.3.20060mdk.i586.rpm feefc8070ddb59769598164d97f7f8bf 2006.0/RPMS/OpenOffice.org-help-es-1.1.5-2.3.20060mdk.i586.rpm ab73d4db4bb874916e1808862cc16a11 2006.0/RPMS/OpenOffice.org-help-eu-1.1.5-2.3.20060mdk.i586.rpm 0a1ca1e7cc45a1a99c12d9a7272fff0b 2006.0/RPMS/OpenOffice.org-help-fi-1.1.5-2.3.20060mdk.i586.rpm 819c8b5641254eb312796abd8bcb77b2 2006.0/RPMS/OpenOffice.org-help-fr-1.1.5-2.3.20060mdk.i586.rpm 63f79bcc3b225c4050cf9fa6456fcd92 2006.0/RPMS/OpenOffice.org-help-it-1.1.5-2.3.20060mdk.i586.rpm f14f04fb4e2c6e1a22a96304738b3225 2006.0/RPMS/OpenOffice.org-help-ja-1.1.5-2.3.20060mdk.i586.rpm a62022f450e2a4ee8508d41cac852c44 2006.0/RPMS/OpenOffice.org-help-ko-1.1.5-2.3.20060mdk.i586.rpm b306582f53b788bb5905551a0b535136 2006.0/RPMS/OpenOffice.org-help-nl-1.1.5-2.3.20060mdk.i586.rpm a20de5737b2dbcc3e1c1647e34b5bb65 2006.0/RPMS/OpenOffice.org-help-pt_BR-1.1.5-2.3.20060mdk.i586.rpm a11f292691b77d3409522b100696f85c 2006.0/RPMS/OpenOffice.org-help-ru-1.1.5-2.3.20060mdk.i586.rpm 5f3922ded6bb5288bf858a4835e58962 2006.0/RPMS/OpenOffice.org-help-sk-1.1.5-2.3.20060mdk.i586.rpm 01fcba0de8b926f12cd2175953a35137 2006.0/RPMS/OpenOffice.org-help-sl-1.1.5-2.3.20060mdk.i586.rpm 76c097eae262b3f4f7499b1639ab4d97 2006.0/RPMS/OpenOffice.org-help-sv-1.1.5-2.3.20060mdk.i586.rpm d4b5b2beddeb2cb507a02ed0fb4a5ca7 2006.0/RPMS/OpenOffice.org-help-tr-1.1.5-2.3.20060mdk.i586.rpm d3926b6869137a66c0d1f1aaab31eb78 2006.0/RPMS/OpenOffice.org-help-zh_CN-1.1.5-2.3.20060mdk.i586.rpm ac221322d9bf0db752467683990ad308 2006.0/RPMS/OpenOffice.org-help-zh_TW-1.1.5-2.3.20060mdk.i586.rpm 74fbc53b7f145eadd5b84edaf71f016c 2006.0/RPMS/OpenOffice.org-l10n-af-1.1.5-2.3.20060mdk.i586.rpm 8a223c542078963b693de7979b7d23a0 2006.0/RPMS/OpenOffice.org-l10n-ar-1.1.5-2.3.20060mdk.i586.rpm dea2ba0801974e4392a00af845dfe461 2006.0/RPMS/OpenOffice.org-l10n-ca-1.1.5-2.3.20060mdk.i586.rpm ad3d18b937983bb206fc1e6e1c24a777 2006.0/RPMS/OpenOffice.org-l10n-cs-1.1.5-2.3.20060mdk.i586.rpm 9df5039d960df32f0e45eedb47b0d518 2006.0/RPMS/OpenOffice.org-l10n-cy-1.1.5-2.3.20060mdk.i586.rpm 632b8d6405a93498f3cf571db4d01db6 2006.0/RPMS/OpenOffice.org-l10n-da-1.1.5-2.3.20060mdk.i586.rpm a64f162e0d7e0d9577fdf5e82d9b110e 2006.0/RPMS/OpenOffice.org-l10n-de-1.1.5-2.3.20060mdk.i586.rpm 2060d065b162e880596960ed454bc0b5 2006.0/RPMS/OpenOffice.org-l10n-el-1.1.5-2.3.20060mdk.i586.rpm e02f3021f98334914880034aceb6811c 2006.0/RPMS/OpenOffice.org-l10n-en-1.1.5-2.3.20060mdk.i586.rpm 3a1b1c5ac8cd6c341560c89053cb3b10 2006.0/RPMS/OpenOffice.org-l10n-es-1.1.5-2.3.20060mdk.i586.rpm 9912141963c0f526280c86c96df8cf2a 2006.0/RPMS/OpenOffice.org-l10n-et-1.1.5-2.3.20060mdk.i586.rpm 6a092afe8c035141eb80fdf2af56d624 2006.0/RPMS/OpenOffice.org-l10n-eu-1.1.5-2.3.20060mdk.i586.rpm
Re: [Full-disclosure] Re: The truth about Rob Levin aka Liloofirc.freenode.net
On 7/6/06, Dave No, not that one Korn wrote: You appear to have come in part way through this thread and missed the first post that started it, which had Rob Levin's SSN, birthdate and personal data. You have a good point. I feel like a fool now, and with good reason. I thank you for the correction. What makes you look even dafter is that the post by Andrew A, which you clearly *have* seen, re-quoted the entire thing beneath the top-post, including Rob Levin's SSN, birthdate and personal data. I had misinterpreted the discussion as being accusing Andrew A of violating the law. There was no reason for me to interpret it that way, I just did. Given that the personal information was posted before and accessible to anybody who could read Andrew A's message (except, as you have pointed out, maybe me...) it does not seem to me that Andrew A is legally liable in any way. If you can't see things such as an SSN, birthdate, and personal data, when they're right there in front of you, please don't try and help anyone else by discussing the absence of SSN, birthdate, and personal data, from posts that you clearly didn't pay the slightest attention to when you read them. You're right, of course. My bad. -Eliah ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] i've found an exploit, but i want to make it do something before i report it
i understand that this is "full disclosure", but before i actually spill the beans on the exact nature of the exploit i've found, i'd like to make it actually do something.for now, know that it affects a popular plugin for a popular messaging program.i'm at the stage where i can run any command on the remote user's computer (just like start run...), or have them request remote assistance.other than showing them goatse, what can i do with this?___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: [WEB SECURITY] Cross Site Scripting in Google
On 7/7/06, Mike Duncan [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Martin O'Neal wrote: Actually, I think this is the point the author was trying to make. We should not be thinking about the interests of a company who has ignored issues in the past. Ignored what? A non-security alert that was probably understood as a joke? The author did the right thing here by posting examples in the past of Google ignoring possible issues with their website. Just because someone does not get a reply to an email does not mean that the issue(s) are ignored. I think the author actually went above and beyond the requirements of the list(s) and its reader base as well. I think not. http://www.wiretrip.net/rfp/policy.html And the debate continues... Nothing to really debate. This list is not a band wagon. You should not just jump on and assume you know the ACCEPTED and UNDERSTOOD guidelines. On top of that, what is up with your ignorance with adding every person in the thread to your CC list? You like duplicate emails so force them on other people? Read http://www.ietf.org/rfc/rfc1855.txt Mike Duncan [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFErnK1OSRBehttuMoRAu2KAKDCWdH1z3RuZ4stX0PeQY5ely3KiQCfaR8b y4pY794d1xgNW6P1tsIdqtk= =a/SO -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] i've found an exploit, but i want to make it do something before i report it
On Fri, 07 Jul 2006 14:29:05 PDT, ima cow said: other than showing them goatse, what can i do with this? Usually, finding the exploit is the hard part and deciding what to use it for is the easy part. I'm surprised you can't come up with something. But if you *really* need hints, get a copy of Metasploit, look at the payloads section, and start from there pgpWGCLDYryBx.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Unauthenticated access to BT Voyager config file
Could someone be so kind to test the following against a BT Voyager 2091 Wireless ADSL or similar model? http://www.ikwt.com/projects/btvoyager-getconfig.txt Many thanks in advance. -- pagvac [http://www.ikwt.com/] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
