Re: [Full-disclosure] Sendmail/Postfix Storybook
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 doesnt look remote to me since you need to upload the malicious .forward file in the home, much a local bug allowing remote exec rather than a remote bug. kcope wrote: Look, it's the Sendmail/postfix the Storybook -- -- -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iD8DBQFHY8IAdS4H/t4eKFARAsMAAJ9eK1VZi+aPl9/TGKLH6f84Fp6cTQCaA+2Q DeBhMmyBjKcxmsKVHBtbVCE= =9AoX -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Sendmail/Postfix Storybook
wtf? remote exploit? you need an user account and all you get is.. a command executed by the same user account. Isn't easier just to login on the box? CtrlAltCa kcope wrote: Look, it's the Sendmail/postfix the Storybook ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Sendmail/Postfix Storybook
So a kid posts his first found exploit to every mailing list and you are going to bash him? If you scare him off or discourage him then we wont get code and screenshots from his future high-risk 0day. On Dec 15, 2007 7:29 AM, fabio [EMAIL PROTECTED] wrote: wtf? remote exploit? you need an user account and all you get is.. a command executed by the same user account. Isn't easier just to login on the box? CtrlAltCa kcope wrote: Look, it's the Sendmail/postfix the Storybook ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Small Design Bug in Postfix - REMOTE
this kid spent many hard hours reading man pages looking for 0day, gives it to us along with hello world python networking code ( that is incapable of parsing replies so any unintended behaviour causes exit), and you are going to bash it? You are probably just jealous you do not have the technical ability required to find these types of vulnerabilities and write reliable remote exploits for them. On Dec 14, 2007 3:11 PM, [EMAIL PROTECTED] wrote: On Fri, 14 Dec 2007 13:52:33 CST, Adam N said: No, the idea is that you are a user with no login access, only FTP. By doing this, you get shell access (with sane privileges, thankfully) when you're supposed to only have FTP. And this is why, for at least 2 decades, it's been recommended that people doing the FTP-only user put the writeable directories for that user under ~ftp/$USER or some such, rather than ~$USER, and make the login shell for the user /bin/false, and other such things. For bonus points - if it's an FTP-only userid, why does the sysadmin not have e-mail for the userid *blocked*? After all, if they can't login, they can't *read* any mail that gets delivered to the system. Even if you fix the MTA to drop mail directly in $HOME/mbox, it's the rare FTP daemon that understands the locking needed to make this work - that's the primary reason why the POP protocol was invented. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Professional IT Security Providers - Exposed] Cyberklix ( F+ )
I have been following your blog alot and think the idea is really awesome but this one line... On Dec 13, 2007 2:23 PM, secreview [EMAIL PROTECTED] wrote: true Ethical Hacker talent. Was this meant to be humorous? You realize that 'ethical hacker' ( as in the certification) is a bunch of X geek squad guys running nmap and nessus waiting for the last day where they learn about the coveted Stack Overflow? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Professional IT Security Providers - Exposed] Cyberklix ( F+ )
Reepex, unlike you we do not subscribe to definitions as set fourth by such certification. Did you like working for geek squad? ;) Thanks for reading. On Sat, 15 Dec 2007 08:58:36 -0500 reepex [EMAIL PROTECTED] wrote: I have been following your blog alot and think the idea is really awesome but this one line... On Dec 13, 2007 2:23 PM, secreview [EMAIL PROTECTED] wrote: true Ethical Hacker talent. Was this meant to be humorous? You realize that 'ethical hacker' ( as in the certification) is a bunch of X geek squad guys running nmap and nessus waiting for the last day where they learn about the coveted Stack Overflow? Regards, The Secreview Team http://secreview.blogspot.com Professional IT Security Service Providers - Exposed -- Click to become an artist and quit your boring job. http://tagline.hushmail.com/fc/Ioyw6h4d5AHkF6TxCnSKgXAQ9dZMme8JfwdpkgC5JEUBC366m97eju/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Thomas Ptacek and Wikipedia
ALERT ALERT Quick cheeky posting by unknown gobble member staff over Thomas Ptacek's latest Wikipedia absurdness. lol ... Finally Symantec has taken notice, and started to add there own stuff to SF .. FINALLY !!! http://turkeychargen.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Thomas Ptacek and Wikipedia
On Dec 14, 2007 8:22 AM, Gobbles is back [EMAIL PROTECTED] wrote: ... Quick cheeky posting by unknown gobble member staff over Thomas Ptacek's latest Wikipedia absurdness. PS: Your Homework Assignments Thomas Ptacek to retract all stupid commentary from world wide web. examples: I don't think this is a timing attack; it's a side-channel attack that exploits the fact that OpenSSL's impact on the branch prediction cache leaks information. correction: timing attacks are a subset of side channel attacks, therefore the above comment is stupid. examples: we were turning out more lines of code per day than my old employer! Turns out I forgot about a little thing called QA correction: detailing how poorly build security in and solid engineering are applied to your forthcoming security product is bad. it makes executives and marketing angry! many more to list. i expect 3,463,492 words rewritten double spaced on formal retraction by end of week. GOBBLES your homework is less gossip more sploits. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Thomas Ptacek and Wikipedia
On Dec 15, 2007 2:51 PM, coderman [EMAIL PROTECTED] wrote: ... I don't think this is a timing attack; it's a side-channel attack that exploits the fact that OpenSSL's impact on the branch prediction cache leaks information. someone says to me, Branch Prediction Analysis side channel attacks are not traditional timing attacks. sure, not _traditional_ timing attack. active interference for targeted misses gives much more key than traditional passive timing. but this is still a timing attack, even if one much more effective than most. someone is now informed. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/