Re: [Full-disclosure] n3td3v: viva end of n3td3v----and security group
Yeah, netnoodles going to learn to read and write, including grammar, tence and punctuation ! n3td3v wrote: n3td3v with the beginning Spetember 1st 2006 is the end of n3td3v commentry via Full-Disclosure list or any other medium. This is because n3td3v is moving into the professional scene, so underground hacker scene isn't suitable for the n3td3v agenda. The agenda now is to lay low and say nothing. n3td3v understands the security community needs n3td3v, but n3td3v needs to follow career paths into an academic life style away from the homebred/international hacker community. Thank you Yahoo and Google for being a part of my life during the past 7/half years, its been a blast. Take care security community, the force of n3td3v is with you. Our final death wish is that the security community cross-posts to [EMAIL PROTECTED], see our mailing list at http://groups.google.com/groups/n3td3v ---all communications for n3td3v group are being passed over to co-commandersthe n3td3v founder and commander in chief is no longer in charge of n3td3v operational decisions-enjoy the rest of your life. We'll be in touchdon't forget the power of n3td3v, we're not dead, we're changing command..good bye---for now. Its time for n3td3v to goto academic and move on with the agenda that serves us. Google and Yahoo, good bye, your staff have been briefed on operational detail in private for the following years ahead as we prepare to reduce public relatiions on mailing lists and go fully underground! Add the n3td3v mailing list to your books, this has been a n3td3v production...the rest is upto you to bring the biggest corporations to its knees! rest in peace... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] ScatterChat Advisory 2006-02: Win32 Tor Client Routing and Denial of Service Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ScatterChat Advisory 2006-02: Win32 Tor Client Routing and Denial of Service Vulnerabilities Technical Report September 2nd, 2006 CVE ID: CVE-2006-4508 OSVDB: 28276, 28277 SUMMARY ScatterChat (http://www.scatterchat.com/) is an instant messaging project that aims to provide encryption and anonymity support with Tor to non-technical users such as human rights activists and political dissidents. Vulnerabilities were found in the external Tor program that is packaged with the Windows installer. This vulnerability allows a Tor entry node to route traffic through the client, or to cause a denial of service by crashing the Tor process with malformed input. The impact of this vulnerability is low. DETAILS The official Tor advisory can be found at: http://archives.seul.org/or/announce/Aug-2006/msg1.html IMPACT The end-user impact of this issue is low. Should a malicious or compromised Tor entry node successfully exploit these issues, the local user's Tor process would crash, and/or the user's machine would route traffic to other Tor nodes. Routing unwanted traffic would cause bandwidth resources to be consumed as long as ScatterChat is running. SOLUTION All Windows users who employ ScatterChat's anonymity feature are strongly encouraged to upgrade to ScatterChat v1.0.2: http://www.scatterchat.com/download/v1.0.2/scatterchat-1.0.2.exe http://www.scatterchat.com/download/v1.0.2/scatterchat-1.0.2.exe.sig CONTACT J. Salvatore Testa II jtesta--at--hacktivismo--dot--com http://www.scatterchat.com/jtesta_2006.asc 3428 E58E 715E C37D 2AA7 C55E 97D1 DE8C 4B26 2B62 - - A less technical summary of this advisory can be found at: http://www.scatterchat.com/advisories/2006-02_non_tech.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFE+iHXl9HejEsmK2IRAinIAKC9dHPNc+XJzcX4EeNXI2xilDxOFACfW9LG qtJQVqTJoHgbb/vXCv0+sQo= =mw1y -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Browzar Is BS?
http://digg.com/security/New_secure_browser_Browzar_is_fake_and_full_of_adwa re ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [OT for crybaby list-nazis] blah blah now D.O.A.P.
--On September 2, 2006 10:20:08 PM -0400 "Randal T. Rioux" <[EMAIL PROTECTED]> wrote: I'm guessing it ends with the world exploding. Because the only thing worse than the asshat we now have at the wheel here (USA) would be Cheney steering us into an iceberg. (Trivia! Cheney and I have the same cardiologist... WTF) The only thing worse than the asshat we have now is the one we had before and probably the one we'll have next. And we clearly have a lot of idiots in the country. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ p7sK65ex4Hdyx.p7s Description: S/MIME cryptographic signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [OT for crybaby list-nazis] blah blah now D.O.A.P.
William Lefkovics wrote: > Tangental to this discussion is the no doubt (to be) controversial UK film > D.O.A.P. soon to be screening in Toronto. > > http://www.e.bell.ca/filmfest/2006/media_centre/news_releaseItem.asp?id=261 > > It's a docu-drama of the possible ramifications following the ficticious > assassination of George Bush in Chicago in 2007. > > Is it the London Bridge you have for sale? > I'm guessing it ends with the world exploding. Because the only thing worse than the asshat we now have at the wheel here (USA) would be Cheney steering us into an iceberg. (Trivia! Cheney and I have the same cardiologist... WTF) Politics aside, I like movies that stir the pot. It could be interesting. As for the bridge... sure, L.B. works. We may have a buyer from Dallas ;-) Randy ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: Full-Disclosure Digest, Vol 19, Issue 2
Message: 10Date: Fri, 1 Sep 2006 20:13:50 +0100From: n3td3v < [EMAIL PROTECTED]>Subject: [Full-disclosure] n3td3v: viva end of n3td3vand securitygroupTo: full-disclosure@lists.grok.org.ukMessage-ID: <[EMAIL PROTECTED]>Content-Type: text/plain; charset=ISO-8859-1; format=flowed n3td3v with the beginning Spetember 1st 2006 is the end of n3td3vcommentry via Full-Disclosure list or any other medium. This isbecause n3td3v is moving into the professional scene, so undergroundhacker scene isn't suitable for the n3td3v agenda. The agenda now is to lay low and say nothing. n3td3v understands the security communityneeds n3td3v, but n3td3v needs to follow career paths into an academiclife style away from the homebred/international hacker community.Thank you Yahoo and Google for being a part of my life during the past 7/half years, its been a blast. Take care security community, theforce of n3td3v is with you. Our final death wish is that the securitycommunity cross-posts to [EMAIL PROTECTED] , see our mailing listat http://groups.google.com/groups/n3td3v ---all communications forn3td3v group are being passed over to co-commandersthe n3td3v founder and commander in chief is no longer in charge of n3td3voperational decisions-enjoy the rest of your life. We'll be intouchdon't forget the power of n3td3v, we're not dead, we'rechanging command..good bye---for now. Its time for n3td3v to goto academic and move on with the agenda that serves us. Google and Yahoo,good bye, your staff have been briefed on operational detail inprivate for the following years ahead as we prepare to reduce publicrelatiions on mailing lists and go fully underground! Add the n3td3v mailing list to your books, this has been a n3td3v production...therest is upto you to bring the biggest corporations to its knees! restin peace... Why you doing this?? I miss you. I born to make fun you, I live to make fun you. But now? You go? I leave high dry? Oh... so google yahoo important? PRIVATE MESSAGE? me you forget? I deserve not some privacy? I dedicate time to read crap.. You reciprocate like this? You break heart of mine. And.. and.. I dont get the lousy one message of information of your retirement. And what about all of us who know zero security? Who we depend on for ground breaking security essay? I join full -disclosure for you? And you leave? You not just steal list of core security stuff.. you als steal enjoyment of tem minutes my day. I hate you .. I hate you.. Oh my god i hate you.. Oh my god I love you!! And this is your reply. Go die in jump from big valley. You wont fine one more person because you break spirit of love. Still I love you. Hope you take care of all of us even from underground. Careful, bunny tells me people not nice there. With remembrance of happy times Jeb Osama aka Mike M ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: TippingPoint don't "Get it"
From: n3td3v <[EMAIL PROTECTED]> Subject: [Full-disclosure] TippingPoint don't "Get it"To: full-disclosure@lists.grok.org.ukMessage-ID:< [EMAIL PROTECTED]>Content-Type: text/plain; charset=ISO-8859-1; format=flowedHackers for years, including my hackers have been trying to do what TPis doing. If folks from TP/3Com read Full-Disclosure list they'll know even with "Full Disclosure" you cannot change companies to "fast uptheir security response". It is neat that the folks at TP/3Com aretrying half disclosure tactics, but if agressive folks like you and me can't change the bug priorty of high profile vendors, then itsunlikely a "reduced disclosure" policy on the TP/3Com sight is goingto turn heads. 3Com if they "really" want to get vendors to fix TP reported bugs is to mail those disclosure not only to the TP/3Com sitebut to the wider security community via mailing lists.Link 1: http://news.com.com/2061-10789_3-6111474.html Hey.. You killed Jeb!! Not nice :( ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: George Bush appoints a 9 year old to...blah blah blah
D.O.A.P ain't got shit on S.O.A.P! We've lost avionics I want these motherfucking snakes of this motherfucking plane! -KF William Lefkovics wrote: Tangental to this discussion is the no doubt (to be) controversial UK film D.O.A.P. soon to be screening in Toronto. http://www.e.bell.ca/filmfest/2006/media_centre/news_releaseItem.asp?id=261 It's a docu-drama of the possible ramifications following the ficticious assassination of George Bush in Chicago in 2007. Is it the London Bridge you have for sale? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Whitepaper: Awakening the Sleeping Giant v1.0
Awaking the Sleeping Giant v1.0 Demystifying Cross Site Scripting Attacks Author: David Kierznowski (david.kierznowski_at_gmail.com) This paper attempts to demystify and categorise current XSS entry nodes, attack capabilities and trends. XSS attacks are gaining popularity quickly. There are loads of vulnerabilities waiting to be found. It can be simple and difficult to prevent. it can propogate around the Internet in hours, exploit internal or private networks and offers the ability to manipulate web services for fun and profit without compromising a single system. The whitepaper can be found at: http://michaeldaw.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Re: George Bush appoints a 9 year old to...blah blah blah
Tangental to this discussion is the no doubt (to be) controversial UK film D.O.A.P. soon to be screening in Toronto. http://www.e.bell.ca/filmfest/2006/media_centre/news_releaseItem.asp?id=261 It's a docu-drama of the possible ramifications following the ficticious assassination of George Bush in Chicago in 2007. Is it the London Bridge you have for sale? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randal T. Rioux Sent: Friday, September 01, 2006 10:56 PM To: Paul Schmehl Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Re: George Bush appoints a 9 year old to...blah blah blah Paul Schmehl wrote: > --On Tuesday, August 29, 2006 17:34:24 -0400 [EMAIL PROTECTED] wrote: > >> On Tue, 29 Aug 2006 14:55:09 CDT, Paul Schmehl said: >>> > 1] Hezbollah has managed to become an important presence in the >>> > Lebanese Parliament >>> >>> They just left out - by killing opposition leaders and threatening >>> others. >> >> Like your government doesn't do that too? >> > Uhright. Wow. I have a bridge for sale... interested? Is there a library at your school? Stop by sometime. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
