[Full-disclosure] [SECURITY] [DSA 2058-1] New glibc packages fix several vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2058-1 secur...@debian.org http://www.debian.org/security/ Aurelien Jarno June 10, 2010 http://www.debian.org/security/faq - Package: glibc, eglibc Vulnerability : multiple Problem type : remote (local) Debian-specific: no CVE Id(s) : CVE-2008-1391 CVE-2009-4880, CVE-2009-4881 CVE-2010-0296 CVE-2010-0830 Debian Bug : 583908 Several vulnerabilities have been discovered in the GNU C Library (aka glibc) and its derivatives. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1391, CVE-2009-4880, CVE-2009-4881 Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon family of functions. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. CVE-2010-0296 Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. CVE-2010-0830 Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges. For the stable distribution (lenny), these problems have been fixed in version 2.7-18lenny4 of the glibc package. For the testing distribution (squeeze), these problems will be fixed soon. For the unstable distribution (sid), these problems has been fixed in version 2.1.11-1 of the eglibc package. We recommend that you upgrade your glibc or eglibc packages. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - Debian (stable) - --- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/g/glibc/glibc_2.7-18lenny4.diff.gz Size/MD5 checksum: 749289 dcb022bd274969ef458933d45b06cca8 http://security.debian.org/pool/updates/main/g/glibc/glibc_2.7.orig.tar.gz Size/MD5 checksum: 15386750 8816fbab13a072c0ccef6640c9d20833 http://security.debian.org/pool/updates/main/g/glibc/glibc_2.7-18lenny4.dsc Size/MD5 checksum: 2564 f5b705bcda1bc7674aa33fb07f417f98 Architecture independent packages: http://security.debian.org/pool/updates/main/g/glibc/glibc-source_2.7-18lenny4_all.deb Size/MD5 checksum: 16007014 fd3b316ef085ea9ce71dc67fefd92dc0 http://security.debian.org/pool/updates/main/g/glibc/locales_2.7-18lenny4_all.deb Size/MD5 checksum: 4488186 b9beabe612fbfb014faadef6543e7fab http://security.debian.org/pool/updates/main/g/glibc/glibc-doc_2.7-18lenny4_all.deb Size/MD5 checksum: 1629166 da396340195ba0214d1d7827ed225341 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/g/glibc/libc6.1-pic_2.7-18lenny4_alpha.deb Size/MD5 checksum: 1769494 7082c894a96d6fdc009e15c7773c3108 http://security.debian.org/pool/updates/main/g/glibc/libc6.1-dbg_2.7-18lenny4_alpha.deb Size/MD5 checksum: 5716658 7ab5b5510afdbeb0e20ccc2ae1df1778 http://security.debian.org/pool/updates/main/g/glibc/libnss-files-udeb_2.7-18lenny4_alpha.udeb Size/MD5 checksum:18210 e65e4f7d9f55c3e6974fe2112ed076a2 http://security.debian.org/pool/updates/main/g/glibc/libc6.1-dev_2.7-18lenny4_alpha.deb Size/MD5 checksum: 3029160 d05c22d8263423dbc334a60c04acec89 http://security.debian.org/pool/updates/main/g/glibc/libnss-dns-udeb_2.7-18lenny4_alpha.udeb Size/MD5 checksum:10600 c6af958e690622f8a204ed1401f44ce9 http://security.debian.org/pool/updates/main/g/glibc/libc6.1_2.7-18lenny4_alpha.deb Size/MD5 checksum: 5184660 a1f37830cb0ae5ee79bf479cc92094e4 http://security.debian.org/pool/updates/main/g/glibc/libc6.1-prof_2.7-18lenny4_alpha.deb Size/MD5 checksum: 2491830 e3e70cb621bd954acb41700e7fb00fba http://security.debian.org/pool/updates/main/g/glibc/nscd_2.7-18l
Re: [Full-disclosure] RDP, can it be done safely?
Hello Full Disclosure, I'd like to warn you about a bonehead group of software developers. One group of boneheads are in complex in state in US is that called in Redmond. With exploit in hand to be released in future I give you to PoC: arg1="%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s" 0:004> !exploitable Exploitability Classification: EXPLOITABLE Recommended Bug Title: Exploitable - Data Execution Prevention Violation starting at Unknown Symbol @ (NO MO FREE BUGS UNTIL THE FUTURE) called from +0xISAIDNOFREEBUGS (Hash=0x485afe60.0x4f3dfe60) 0:004> g (1ea4.1f42): Access violation - code c005 (!!! second chance !!!) eax=NO ebx=FREE ecx=MORE edx=BUGS esi=NO edi=FREE eip=deadbabe esp=BUGS ebp=MORE iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs= efl=0206 deadbabe ?? ??? This exploit for sale affects all. I give you worky worky remote shell. Starting price of $50,000.00 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Thu, Jun 10, 2010 at 11:36 AM, Susan Bradley wrote: > I'm not an enterprise customer, but I am a mouthy female. > > Hello Full Disclosure, I'd like to warn you about PMS! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Vulnerabilities in Belavir for WordPress
Hello Full-Disclosure! I want to warn you about security vulnerabilities in plugin Belavir for WordPress. It's security plugin. - Advisory: Vulnerabilities in Belavir for WordPress - URL: http://websecurity.com.ua/4160/ - Affected products: all versions of plugin Belavir. - Timeline: 15.10.2009 - found vulnerabilities. 24.04.2010 - announced at my site. 25.04.2010 - informed developers. 10.06.2010 - disclosed at my site. - Details: These are Information Leakage and Full path disclosure vulnerabilities. Information Leakage and Full path disclosure: http://site/wp-content/uploads/my-md5.txt Information leakage about all php-files at the site and their full path at the server (i.e. FPD for all php-files at the site). Full path disclosure: http://site/wp-content/plugins/belavir.php Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Susan, I wish I had the time to hold your hand through getting up to speed on the disclosure debate. Instead, I would suggest starting with the links in my advisory which were intended to give you enough background to understand the issues involved (skip to the Notes section, if you like). As I cannot hope to speak as eloquently on the topic as Bruce, I will not attempt to repeat them for you here. If after researching the topic you still have questions, please let me know. Thanks, Tavis. On Thu, Jun 10, 2010 at 08:36:09AM -0700, Susan Bradley wrote: > I'm not an enterprise customer, but I am a mouthy female. So here's my > question back to you, for my education, how exactly did MSRC contact you > back? > > Since June 5th have you tried emailing back or any of your contacts from > past interactions and asked what was up? I'm disappointed in this lack > of communication I see on both sides. You are ...well... Tavis > Ormandy... I seriously doubt MSRC is blowing you off here. > > Keep in mind we just had a LARGE patch week to deal with. I don't know > what was going on on their side, nor making excuses as I don't know what > communication you've had in the past and had on this issue ... I'm just > saying I would have spent a little more time getting mad at them and > sent a lot more emails back to them before posting this. > > (And try dealing with Microsoft licensing sometime if you think security > communication is lacking) > -- - tav...@cmpxchg8b.com | pgp encrypted mail preferred --- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Susan, this is what is called "full disclosure", and my response was relevant. I will not answer anymore uninformed questions on this topic. Thanks, Tavis. On Thu, Jun 10, 2010 at 09:02:37AM -0700, Susan Bradley wrote: > I'm not asking about disclosure. I'm asking what happened to the level > of communication between you and MSRC that after 4 days you posted this? > > Tavis Ormandy wrote: > >Susan, I wish I had the time to hold your hand through getting up to > >speed on the disclosure debate. Instead, I would suggest starting with > >the links in my advisory which were intended to give you enough > >background to understand the issues involved (skip to the Notes section, > >if you like). > > > >As I cannot hope to speak as eloquently on the topic as Bruce, I will > >not attempt to repeat them for you here. > > > >If after researching the topic you still have questions, please let me > >know. > > > >Thanks, Tavis. > > > >On Thu, Jun 10, 2010 at 08:36:09AM -0700, Susan Bradley wrote: > > > >>I'm not an enterprise customer, but I am a mouthy female. So here's my > >>question back to you, for my education, how exactly did MSRC contact you > >>back? > >> > >>Since June 5th have you tried emailing back or any of your contacts from > >>past interactions and asked what was up? I'm disappointed in this lack > >>of communication I see on both sides. You are ...well... Tavis > >>Ormandy... I seriously doubt MSRC is blowing you off here. > >> > >>Keep in mind we just had a LARGE patch week to deal with. I don't know > >>what was going on on their side, nor making excuses as I don't know what > >>communication you've had in the past and had on this issue ... I'm just > >>saying I would have spent a little more time getting mad at them and > >>sent a lot more emails back to them before posting this. > >> > >>(And try dealing with Microsoft licensing sometime if you think security > >>communication is lacking) > >> > >> > > > > -- - tav...@cmpxchg8b.com | pgp encrypted mail preferred --- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Thu, Jun 10, 2010 at 12:18 PM, Susan Bradley wrote: > Nope Mr. Live, other than dealing with .NET updates and a 982331 that keeps > wanting to have UAC turned off on some Win7/Vistas to get installed, this is > just my normal calm, try to also consider the consumers and patchers > viewpoint person today. > > musnt live wrote: > > >> On Thu, Jun 10, 2010 at 11:36 AM, Susan Bradley > sbrad...@pacbell.net>> wrote: >> >>I'm not an enterprise customer, but I am a mouthy female. >> >> >> Hello Full Disclosure, I'd like to warn you about PMS! >> > Hello Full Disclosure, please forgive for me my premature mail. What is I meant to now say is, I would like to warn you about Denial: http://en.wikipedia.org/wiki/Denial Denial is a defense mechanism postulated by Sigmund Freud, in which a person is faced with a fact that is too uncomfortable to accept and rejects it instead, insisting that it is not true despite what may be overwhelming evidence. I once had denial from vulnerable company I will release in the future: targetFile = "C:\NOFREEBUGNAMES.ocx" prototype = "Invoke_Unknown LayoutURL As String" memberName = "LayoutURL" progid = "no.free.bugs" argCount = 1 arg1=String(4116, "A") target.LayoutURL = arg1 0:000> !exploitable -v HostMachine\HostUser Executing Processor Architecture is x86 Debuggee is in User Mode Debuggee is a live user mode debugging session on the local machine Event Type: Exception Exception Faulting Address: 0xdeadbabe First Chance Exception Type: STATUS_ACCESS_VIOLATION (0xC005) Exception Sub-Type: Read Access Violation Faulting Instruction: call dword ptr [ecx] Exception Hash (Major/Minor): 0x237f6e51.0x456c465d Stack Trace: nomore!CBaseBSCB::KickOffDownload+0x82 nomore!URLOpenStreamW+0x41 nomore!URLOpenStreamA+0x94 freebugs!DllUnregisterServer+0x5974 freebugs!BufferComparator::operator=+0x497a freebugs!msgi_lookup+0x46e61 freebugs!msgi_lookup+0x4f705 vbscript!IDispatchInvoke2+0xb2 vbscript!IDispatchInvoke+0x59 vbscript!InvokeDispatch+0x13c vbscript!InvokeByName+0x43 vbscript!CScriptRuntime::RunNoEH+0x1158 vbscript!CScriptRuntime::Run+0x64 vbscript!CScriptEntryPoint::Call+0x51 vbscript!CSession::Execute+0xc8 vbscript!COleScript::ExecutePendingScripts+0x146 vbscript!COleScript::SetScriptState+0x14d scrobj!ScriptEngine::Activate+0x1a scrobj!ComScriptlet::Inner::StartEngines+0x6e scrobj!ComScriptlet::Inner::Init+0x156 scrobj!ComScriptlet::New+0x3f scrobj!ComScriptletConstructor::CreateScriptletFromNode+0x26 scrobj!ComScriptletConstructor::Create+0x4c wscript!CHost::RunXMLScript+0x277 wscript!CHost::Execute+0x1cb wscript!CHost::Main+0x38b wscript!StringCchPrintfA+0xc3f wscript!WinMain+0x18b wscript!WinMainCRTStartup+0x5d kernel32!BaseThreadInitThunk+0xe ntdll!__RtlUserThreadStart+0x70 ntdll!_RtlUserThreadStart+0x1b Instruction Address: 0x Description: Read Access Violation on Control Flow Short Description: ReadAVonControlFlow Exploitability Classification: EXPLOITABLE Recommended Bug Title: Exploitable - Read Access Violation on Control Flow starting at nomore!CBaseBSCB::KickOffDownload+0x0082 (Hash=0x237f6e51.0x456c465d) This bug too exploitable is as is my engrish. Starting bid affects all Windows versions and server remotely. Starting bid $50,000.00 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Thu, Jun 10, 2010 at 12:59 PM, Christian Sciberras wrote: > Susan, if you want my advise, don't even bother with Mr Live. > > Cheers. > > > Hello Full Disclosure, I will now speak to you about chauvinism. For starters here Mrs. Susan chose to call me Mr. not knowing the identity of this mine gender followed by this woman named Christian. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Thu, Jun 10, 2010 at 07:02:03PM +0200, Thomas Kristensen wrote: > Tavis, > > Nice find, but during our analysis we discovered that your hotfix > unfortunately is inadequate. > > For more information see: > http://secunia.com/blog/103/ > Patches are, of course, welcome. Thanks, Tavis. -- - tav...@cmpxchg8b.com | pgp encrypted mail preferred --- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Thu, Jun 10, 2010 at 07:21:48PM +0200, Tavis Ormandy wrote: > On Thu, Jun 10, 2010 at 07:02:03PM +0200, Thomas Kristensen wrote: > > Tavis, > > > > Nice find, but during our analysis we discovered that your hotfix > > unfortunately is inadequate. > > > > For more information see: > > http://secunia.com/blog/103/ > > > > Patches are, of course, welcome. > > Thanks, Tavis. Thomas, on some examination, your theory looks accurate, good catch :-) This doesnt seem unsurmountable, but I'm reluctant to update the patch which was only intended as a last resort. I'll work on some ideas to address this. If you have any thoughts, please let me know. Thanks, Tavis. -- - tav...@cmpxchg8b.com | pgp encrypted mail preferred --- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Hey just wanted to say that my default installation of Windows 7 doesnt seem vulnerable~no hcp protocol handler. Just thought some people would like to take note :) - Original Message From: Tavis Ormandy To: full-disclosure@lists.grok.org.uk Cc: bugt...@securityfocus.com Sent: Wed, June 9, 2010 4:46:21 PM Subject: Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing help documents directly via URLs by installing a protocol handler for the scheme "hcp", a typical example is provided in the Windows XP Command Line Reference, available at http://technet.microsoft.com/en-us/library/bb490918.aspx. Using hcp:// URLs is intended to be safe, as when invoked via the registered protocol handler the command line parameter /fromhcp is passed to the help centre application. This flag switches the help centre into a restricted mode, which will only permit a whitelisted set of help documents and parameters. This design, introduced in SP2, is reasonably sound. A whitelist of trusted documents is a safe way of allowing interaction with the documentation from less-trusted sources. Unfortunately, an implementation error in the whitelist allows it to be evaded. URLs are normalised and unescaped prior to validation using MPC::HTML::UrlUnescapeW(), which in turn uses MPC::HexToNum() to translate URL escape sequences into their original characters, the relevant code from helpctr.exe 5.1.2600.5512 (latest at time of writing) is below. .text:0106684C Unescape: .text:0106684Ccmp di, '%' ; di contains the current wchar in the input URL. .text:01066850jnz short LiteralChar; if this is not a '%', it must be a literal character. .text:01066852pushesi ; esi contains a pointer to the current position in URL to unescape. .text:01066853callds:wcslen; find the remaining length. .text:01066859cmp word ptr [esi], 'u' ; if the next wchar is 'u', this is a unicode escape and I need 4 xdigits. .text:0106685Dpop ecx ; this sequence calculates the number of wchars needed (4 or 2). .text:0106685Esetzcl ; i.e. %u (four needed), or %XX (two needed). .text:01066861mov dl, cl .text:01066863neg dl .text:01066865sbb edx, edx .text:01066867and edx, 3 .text:0106686Ainc edx .text:0106686Binc edx .text:0106686Ccmp eax, edx ; test if I have enough characters in input to decode. .text:0106686Ejl short LiteralChar; if not enough, this '%' is considered literal. .text:01066870testcl, cl .text:01066872movzx eax, word ptr [esi+2] .text:01066876pusheax .text:01066877jz short NotUnicode .text:01066879callHexToNum ; call MPC::HexToNum() to convert this nibble (4 bits) to an integer. .text:0106687Emov edi, eax ; edi contains the running total of the value of this escape sequence. .text:01066880movzx eax, word ptr [esi+4] .text:01066884pusheax .text:01066885shl edi, 4 ; shift edi left 4 positions to make room for the next digit, i.e. total <<= 4; .text:01066888callHexToNum .text:0106688Dor edi, eax ; or the next value into the 4-bit gap, i.e. total |= val. .text:0106688Fmovzx eax, word ptr [esi+6]; this process continues for the remaining wchars. .text:01066893pusheax .text:01066894shl edi, 4 .text:01066897callHexToNum .text:0106689Cor edi, eax .text:0106689Emovzx eax, word ptr [esi+8] .text:010668A2pusheax .text:010668A3shl edi, 4 .text:010668A6callHexToNum .text:010668ABor edi, eax .text:010668ADadd esi, 0Ah ; account for number of bytes (not chars) consumed by the escape. .text:010668B0jmp short FinishedEscape .text:010668B2 .text:010668B2 NotUnicode: .text:010668B2callHexToNum ; this is the same code, but for non-unicode sequences (e.g. %41, instead of %u0041) .text:010668B7mov edi, eax .text:010668B9movzx eax, word ptr [esi] .text:010668BCpusheax .text:010668BDcallHexToNum .text:010668C2shl eax, 4 .text:010668C5or edi, eax .text:010668C7add esi, 4 ; account for number of bytes (not chars) consumed by the escape. .text:010668CA .text:010668CA Finis
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On 06/10/2010 09:26 AM, Susan Bradley wrote: > You commented that Microsoft needs to address a communication > problem. It's irrelevant to the full disclosure issue in my mind. > > I'd honestly like to know if there is a break down in communication at > the MSRC that needs to be addressed. It appears there is one? > No. He didn't. What he said was: "Those of you with large support contracts are encouraged to tell your support representatives that you would like to see Microsoft invest in developing processes for faster responses to external security reports." That sounds like he is suggesting that companies put pressure on Microsoft to invest more resources in external security reports to me. Microsoft has historically been exceedingly slow to address any reported vulnerabilities *except when people light a fire under them by publishing exploits*. Anything less typically takes months to years to fix. Even publicly shaming Microsoft isn't always enough. There are known, serious, published vulnerabilities that Microsoft didn't fix for *years*. I personally found and publicized one of them in 1998 - which *8 years later* was still not fixed http://en.wikipedia.org/wiki/Cross-site_cooking> It isn't about *communication*, it's about Microsoft treating external reports seriously and *taking action in a timely way - even if they don't have an 'exploit in hand'*. Tavis indicated he suspects that the 'black hats' already know about this particular exploit (IOW he thinks it is a '0-day' exploit already loose in the wild). So who, exactly, would be protected by his *NOT* publishing it? End users? They are probably already being exploited by it. -- Benjamin Franz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 2059-1] New pcsc-lite packages fix privilege escalation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2059-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst June 10, 2010 http://www.debian.org/security/faq - Package: pcsc-lite Vulnerability : buffer overflow Problem type : local Debian-specific: no CVE Id(s) : CVE-2010-0407 It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. For the stable distribution (lenny), this problem has been fixed in version 1.4.102-1+lenny1. For the unstable distribution (sid), this problem has been fixed in version 1.5.4-1. We recommend that you upgrade your pcsc-lite package. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - Source archives: http://security.debian.org/pool/updates/main/p/pcsc-lite/pcsc-lite_1.4.102-1+lenny1.diff.gz Size/MD5 checksum:13669 57f321f638760ed9d4ffa8e5d20b7a3f http://security.debian.org/pool/updates/main/p/pcsc-lite/pcsc-lite_1.4.102.orig.tar.gz Size/MD5 checksum: 643165 bcfa5dd5d76b3020f94b029da764d288 http://security.debian.org/pool/updates/main/p/pcsc-lite/pcsc-lite_1.4.102-1+lenny1.dsc Size/MD5 checksum: 1269 6cc38279a2aa18de8e45de59dccf535f alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/p/pcsc-lite/pcscd_1.4.102-1+lenny1_alpha.deb Size/MD5 checksum:84574 55f245ccb1f080a244cda293e2698c92 http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite-dev_1.4.102-1+lenny1_alpha.deb Size/MD5 checksum:67326 1fcd3c4620704c7d71e84bdcf7f0caf3 http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite1_1.4.102-1+lenny1_alpha.deb Size/MD5 checksum:44900 af2ee71b9d4b7d1b8bacf73683aa974b amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite1_1.4.102-1+lenny1_amd64.deb Size/MD5 checksum:44496 4e1f0b316c8d819dd07ad57ac0332af4 http://security.debian.org/pool/updates/main/p/pcsc-lite/pcscd_1.4.102-1+lenny1_amd64.deb Size/MD5 checksum:80330 209015698bb67708c56b5a52fdad9be2 http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite-dev_1.4.102-1+lenny1_amd64.deb Size/MD5 checksum:60068 cf3d779f5c9a66247541a158249b0631 arm architecture (ARM) http://security.debian.org/pool/updates/main/p/pcsc-lite/pcscd_1.4.102-1+lenny1_arm.deb Size/MD5 checksum:75114 367d324be81389af2202f41a074fb667 http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite-dev_1.4.102-1+lenny1_arm.deb Size/MD5 checksum:56764 c77f0754c1808025a77c67a940a328cf http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite1_1.4.102-1+lenny1_arm.deb Size/MD5 checksum:42664 cd268fd93919d0b007d19b2f3e2ed1e9 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite-dev_1.4.102-1+lenny1_armel.deb Size/MD5 checksum:57520 5eb78a5391827c623eac2a848c045a1b http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite1_1.4.102-1+lenny1_armel.deb Size/MD5 checksum:43352 f1929cfc47191a6ea69ebccf89cee3b3 http://security.debian.org/pool/updates/main/p/pcsc-lite/pcscd_1.4.102-1+lenny1_armel.deb Size/MD5 checksum:75994 9fa5f28353bfcb7b9997c61ce6c8c884 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/p/pcsc-lite/pcscd_1.4.102-1+lenny1_hppa.deb Size/MD5 checksum:80706 348af403e00f9e8e312cf0bc8661cf2b http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite-dev_1.4.102-1+lenny1_hppa.deb Size/MD5 checksum:61286 0b09123c0c92d5c03e318c6320867328 http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite1_1.4.102-1+lenny1_hppa.deb Size/MD5 checksum:44848 69e2a92970836d441d6f0c81776d976a i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite-dev_1.4.102-1+lenny1_i386.deb Size/MD5 checksum:55572 e6b291f0d9b2e22ad4b8fbab3f30ac57 http://security.debian.org/pool/updates/main/p/pcsc-lite/libpcsclite1_1.4.102-1+lenny1_i386.deb Size/MD5 checksum:42138 2a19b41907a89c26d060f5eb7a099b65 http://security.debian.org/pool/updates/main/p/pcsc-lit
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Hello list, The included POC seems to work fine with IE7 or IE8 installed, however I am not able to run any javascript code on a clean XP SP2 with IE6. Does that mean that you require a newer browser to use the defer trick?, is machines with IE6 for a change unaffected? I see that Tavis says "assuming a recent IE" but later down he says "Machines running version of IE less than 8 are, as usual, in even more trouble." Does anyone care to clarify? Regards, Giorgio Sardo _ Sign up for a 6mb FREE email from http://www.spl.at Take a look at our new message boards! http://chat.spl.at ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hacxx Anti Malware for Windows XP
don't make me say it On Mon, Jun 7, 2010 at 7:33 AM, Harry Behrens wrote: > at least he's got chuzpe..;-) > > > netinfinity wrote: > > *Hacxx Anti Malware for Windows XP blocks virus and worms using known > filenames. > > To install it simply visit http:///antimalware.x10.bz and click in Run > Hacxx Anti Malware. > You must accept the ActiveX and the source is available in the site.* > > I'll stick to my antivirus program :D > > You really think that someone will fall to that HERE? > > -- > www.google.com > > -- > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hacxx Anti Malware for Windows XP
say what ese 2010/6/11 Geoff Plourde > don't make me say it > > On Mon, Jun 7, 2010 at 7:33 AM, Harry Behrens wrote: > >> at least he's got chuzpe..;-) >> >> >> netinfinity wrote: >> >> *Hacxx Anti Malware for Windows XP blocks virus and worms using known >> filenames. >> >> To install it simply visit http:///antimalware.x10.bz and click in Run >> Hacxx Anti Malware. >> You must accept the ActiveX and the source is available in the site.* >> >> I'll stick to my antivirus program :D >> >> You really think that someone will fall to that HERE? >> >> -- >> www.google.com >> >> -- >> >> ___ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> ___ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
In my humble opinion, he could have waited a couple more days just in case Microsoft decided to do the unprecedented. In which case, I progressive change of policies at Microsoft are better than a couple of users getting hacked from pron sites... Cheers. On Thu, Jun 10, 2010 at 8:20 PM, Benjamin Franz wrote: > On 06/10/2010 09:26 AM, Susan Bradley wrote: > > You commented that Microsoft needs to address a communication > > problem. It's irrelevant to the full disclosure issue in my mind. > > > > I'd honestly like to know if there is a break down in communication at > > the MSRC that needs to be addressed. It appears there is one? > > > > No. He didn't. What he said was: "Those of you with large support > contracts are encouraged to tell your support representatives that you > would like to see Microsoft invest in developing processes for faster > responses to external security reports." That sounds like he is > suggesting that companies put pressure on Microsoft to invest more > resources in external security reports to me. > > Microsoft has historically been exceedingly slow to address any reported > vulnerabilities *except when people light a fire under them by > publishing exploits*. Anything less typically takes months to years to > fix. Even publicly shaming Microsoft isn't always enough. There are > known, serious, published vulnerabilities that Microsoft didn't fix for > *years*. I personally found and publicized one of them in 1998 - which > *8 years later* was still not fixed > http://en.wikipedia.org/wiki/Cross-site_cooking> > > It isn't about *communication*, it's about Microsoft treating external > reports seriously and *taking action in a timely way - even if they > don't have an 'exploit in hand'*. > > Tavis indicated he suspects that the 'black hats' already know about > this particular exploit (IOW he thinks it is a '0-day' exploit already > loose in the wild). > > So who, exactly, would be protected by his *NOT* publishing it? End > users? They are probably already being exploited by it. > > -- > Benjamin Franz > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Secunia Research: Creative Software AutoUpdate Engine 2 ActiveX Control Buffer Overflow
== Secunia Research 11/06/2010 - Creative Software - - AutoUpdate Engine 2 ActiveX Control Buffer Overflow - == Table of Contents Affected Software1 Severity.2 Vendor's Description of Software.3 Description of Vulnerability.4 Solution.5 Time Table...6 Credits..7 References...8 About Secunia9 Verification10 == 1) Affected Software * Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0 as bundled with Creative Software AutoUpdate 1.40.01. NOTE: Other versions may also be affected. == 2) Severity Rating: Highly critical Impact: System compromise Where: Remote == 3) Vendor's Description of Software "Creative Software Autoupdate detects Creative products and software installed on your PC and determines whether your PC contains the latest versions of Creative software and drivers.". Product Link: http://www.creative.com/support/downloads/su.asp == 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Creative Software AutoUpdate Engine 2 ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in a callback function used when handling the "BrowseFolder()" method. This can be exploited to cause a stack-based buffer overflow via an overly long string argument. Successful exploitation allows execution of arbitrary code. == 5) Solution Set the kill-bit for the affected ActiveX control. The vulnerability is reportedly fixed in an upcoming version 2.0.13. == 6) Time Table 26/03/2010 - Vendor contacted to obtain security contact details. 29/03/2010 - Vendor response with details on security contact. 29/03/2010 - Vulnerability report sent to security contact (along with references to SA30403 and SA26800). 07/04/2010 - Vendor response (requesting additional details). 07/04/2010 - Additional details provided. 08/04/2010 - Vendor response (fix expected within 2-3 days). 16/04/2010 - Status update requested. 16/04/2010 - Vendor response (build ready and now preparing deployment strategy). 24/05/2010 - Status update requested. 31/05/2010 - Status update requested (2nd attempt). 01/06/2010 - Vendor response (still verifying deployment method). 04/06/2010 - Vendor response (fixes are deployed early next week). 04/06/2010 - Vendor informed that the Secunia advisory is scheduled for Wednesday 9th June 2010. Asked the vendor for version information on fixes. 09/06/2010 - Vendor response (information on fixed versions). Noticed that the vulnerable versions are still available. 10/06/2010 - Vulnerable versions still available instead of the fixed versions. Vendor informed that the advisory will go out on Friday 11th June 2010. 11/06/2010 - Public disclosure. == 7) Credits Discovered by Carsten Eiram, Secunia Research. == 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2010-0990 for the vulnerability. == 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://secunia.com/advisories/business_solutions/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/advisories/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliabi
[Full-disclosure] [ MDVSA-2010:114 ] dhcp
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:114 http://www.mandriva.com/security/ ___ Package : dhcp Date: June 11, 2010 Affected: 2009.1, 2010.0 ___ Problem Description: A vulnerability has been found and corrected in dhcp: ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID (CVE-2010-2156). The updated packages have been patched to correct this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156 ___ Updated Packages: Mandriva Linux 2009.1: ca0e18771bae325324d45f8c881957b4 2009.1/i586/dhcp-client-4.1.0-5.6mdv2009.1.i586.rpm d2821b6d3c4b9a2d885d91a80d885f5e 2009.1/i586/dhcp-common-4.1.0-5.6mdv2009.1.i586.rpm be0312249bd3d4aa6abe3e7bba250ffd 2009.1/i586/dhcp-devel-4.1.0-5.6mdv2009.1.i586.rpm 56ef4ebe348a6c029dd31a04405c0be9 2009.1/i586/dhcp-doc-4.1.0-5.6mdv2009.1.i586.rpm c397f3ded9ec7ff7c4c6fb0f05694aaf 2009.1/i586/dhcp-relay-4.1.0-5.6mdv2009.1.i586.rpm c348f093fbe6fd618493315bb21ee0e4 2009.1/i586/dhcp-server-4.1.0-5.6mdv2009.1.i586.rpm b37e34eebb02721497899b73f2091fa4 2009.1/SRPMS/dhcp-4.1.0-5.6mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: dd463d2c5d4bb3866f65faac52b86825 2009.1/x86_64/dhcp-client-4.1.0-5.6mdv2009.1.x86_64.rpm b4ab08a52f677d9154197361bb3beb71 2009.1/x86_64/dhcp-common-4.1.0-5.6mdv2009.1.x86_64.rpm 465ccd781073d4acd1820dfbe354d2c5 2009.1/x86_64/dhcp-devel-4.1.0-5.6mdv2009.1.x86_64.rpm 9479f7bb5755991cba4fe42a5762929f 2009.1/x86_64/dhcp-doc-4.1.0-5.6mdv2009.1.x86_64.rpm 4f07bb126d71a42bd4605817a6342e0f 2009.1/x86_64/dhcp-relay-4.1.0-5.6mdv2009.1.x86_64.rpm 17ac7274866aba46a64f39193516d527 2009.1/x86_64/dhcp-server-4.1.0-5.6mdv2009.1.x86_64.rpm b37e34eebb02721497899b73f2091fa4 2009.1/SRPMS/dhcp-4.1.0-5.6mdv2009.1.src.rpm Mandriva Linux 2010.0: 28f36037b4f4175aac2aa8c54db0230c 2010.0/i586/dhcp-client-4.1.0p1-2.4mdv2010.0.i586.rpm d5926e37a24c74a6f23aeb33f3311fd4 2010.0/i586/dhcp-common-4.1.0p1-2.4mdv2010.0.i586.rpm e763e2e523dcdc07499c3617bccf3377 2010.0/i586/dhcp-devel-4.1.0p1-2.4mdv2010.0.i586.rpm 7454f1929d461ae1473e5f083c906be9 2010.0/i586/dhcp-doc-4.1.0p1-2.4mdv2010.0.i586.rpm 1a9d158430198c933bbc6f3a4a9c3fbe 2010.0/i586/dhcp-relay-4.1.0p1-2.4mdv2010.0.i586.rpm 59c94ecf403cf53a5f25a88377977409 2010.0/i586/dhcp-server-4.1.0p1-2.4mdv2010.0.i586.rpm 4406b97779a93db5e62609e8a847af2d 2010.0/SRPMS/dhcp-4.1.0p1-2.4mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 8eb8a46bdc51c5d8ef6b1f080d371dbb 2010.0/x86_64/dhcp-client-4.1.0p1-2.4mdv2010.0.x86_64.rpm 2fb5ca5e007b7b70bbaabf29a50a68f6 2010.0/x86_64/dhcp-common-4.1.0p1-2.4mdv2010.0.x86_64.rpm f808f1b130b73880aa2692f01e6d63d9 2010.0/x86_64/dhcp-devel-4.1.0p1-2.4mdv2010.0.x86_64.rpm c892404112bf109541ddfd22d0a904db 2010.0/x86_64/dhcp-doc-4.1.0p1-2.4mdv2010.0.x86_64.rpm 6a11b5dd6f0b764bd8bea7287c72b27d 2010.0/x86_64/dhcp-relay-4.1.0p1-2.4mdv2010.0.x86_64.rpm b9fd585ed151638c822610c474c288bb 2010.0/x86_64/dhcp-server-4.1.0p1-2.4mdv2010.0.x86_64.rpm 4406b97779a93db5e62609e8a847af2d 2010.0/SRPMS/dhcp-4.1.0p1-2.4mdv2010.0.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMEgRYmqjQ0CJFipgRAtKfAJ49Y82PyYgsJdrlkNTJbyha4rH0QwCdHgxB GaSAf/bABHAXQ3UVRzkx8o0= =bg0v -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Consequently, in my humble opinion I think there should be less focus on the emotional interaction between Microsoft and Travis' findings. Of course it's easy for me to assert this; when I wake up in the morning I don't have the same challenges of wading through a soup of emotional fog and displacing the priority of actual vulnerabilities in favor of emotional interaction with Microsoft. While it's fun to be a Microsoft apologist, and even more fun to be ruled by emotion, I would be ashamed to have published what Susan did. Even more shaming is the call to arms which you so eagerly answered only to appear as foolish as Susan herself. It's hard to tell who the trolls are, perhaps Susan is indeed a troll, and decided to fork the conversation about actual vulnerabilities and security events and derail them by introducing drivel about interacting with Microsoft. I believe this may be one of the disadvantages of an unmoderated list, perhaps it encourages or enables others to treat it like a social networking site. Date: Fri, 11 Jun 2010 11:40:55 +0200 From: uuf6...@gmail.com To: jfr...@freerun.com CC: full-disclosure@lists.grok.org.uk; bugt...@securityfocus.com Subject: Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly In my humble opinion, he could have waited a couple more days just in case Microsoft decided to do the unprecedented. In which case, I progressive change of policies at Microsoft are better than a couple of users getting hacked from pron sites... Cheers. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Thu, Jun 10, 2010 at 12:16 PM, Tavis Ormandy wrote: > > I will not answer anymore uninformed questions on this topic. > > Riddle me this Tavis. For why not responsible disclosure you put millions of Microsoft customers at risk. Hello list, I'd like to warn you about reckless disclosure. Imagine if you will a car maker say Toyota. Owner of Toyota know of vulnerability that when drive car, car go fast. Its a security risk. Imagine what happen when driver go to Toyota: "Hey Chinky Car Maker Is You Car Go Fast Vroom Vroom and can kill someone!*&%$!" Car maker think fast with risk assessment: 1) Does the public know? a) No they not know - recall not necessary we spend money on recall b) No public not fully aware - somewhat aware - we bribe those aware c) Public know - we now look like fool - damage reputation of Tavis who reported risk List, I'd like to warn you about Microsoft politics for disclosure. True politics people who not report security do not see in real world perspective. 2010-05-07 - Mustnlive contact Microsoft for 0day which take over MSN Messenger with a single message need point of contact 2010-05-08 - Microsoft Security Response center reply: Hello, Thank you for this report. How would an attacker get the code onto a victim system? Best Regards, (Name remove to protect lowly customer service monkey) 2010-05-08 Mustnlive reply: Hi, No you no understand, I send you message on you MSN and you MSN run my code like it or not. Here is my PoC. Inshallah! 2010-05-10 MSRC reply: Hello, ActiveX are considered unsafe filetypes in Windows and other Microsoft products. The MSRC does not open cases on file types that are designed to run code and considered unsafe. If you find that there is a vector to reproduce the issue that does not require the execution of an unsafe file type please reply with details. Best Regards, (Name remove to protect lowly customer service monkey) 2010-05-10 Musntlive scratch head and think: "You make ActiveX you MSRC monkey!" 2010-05-11 Musntlive move up the MSRC foodchain Blackhat ShmooFoo style to open a can of whoop ass: Hi, My colleague (name remove to protect super cool MS fellow) let me know that you reached out to him on this issue. If you have additional information on this issue sec...@microsoft.com is the appropriate contact for it. Have you been able to reproduce the issue without leveraging an unsafe file type? or through a remote vector? Best Regards, (name remove to protect innocent MSRC monkey) 2010-05-10 Musntlive scratch head again and think: "You stupid MSRC monkey! Do you not see the code! Do you not see I pwn all is your system?!" 2010-06-01 Musntlive make exploit live weapon of IM destruction and test test retest test test 2010-06-05 Mustnlive test on unsuspecting hot woman. Send message, instant camera control via MSN (latest version on Vista, 7, XP) 2010-06-10 Mustnlive semidiscloses weapon of IM destruction 2010-06-10 Musntlive offer IM weapon he call Yudayajin Kuma for sale on black market beginning bid $10,000.00 You see Susan and other non hacker monkeys, companies do not care for fix issue they is care for covering their bungerholes. I applaud Tavis, wish people would know the process to report bug and runaround companies give researchers who try to report problems. No Full Disclosure, no more free bugs. Companies is not care to fix things that are not in the spotlight. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On 06/11/2010 02:40 AM, Christian Sciberras wrote: > In my humble opinion, he could have waited a couple more days just in > case Microsoft decided to do the unprecedented. > In which case, I progressive change of policies at Microsoft are > better than a couple of users getting hacked from pron sites... As I said: Travis indicated in his original post he believes the exploit *was already being used in the wild*. So NOT releasing it wouldn't protect users. It would just keep it "secret" from everyone except Microsoft *and the black hats who were already using it*. While maintaining a false air of intact security for everyone else. That is better, how? -- Benjamin Franz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
because when she gets 0wn3d she can be all like 'ruh roh, well, 0day can happen to anyone' On Fri, Jun 11, 2010 at 4:01 PM, Benjamin Franz wrote: > On 06/11/2010 02:40 AM, Christian Sciberras wrote: >> In my humble opinion, he could have waited a couple more days just in >> case Microsoft decided to do the unprecedented. >> In which case, I progressive change of policies at Microsoft are >> better than a couple of users getting hacked from pron sites... > As I said: Travis indicated in his original post he believes the exploit > *was already being used in the wild*. So NOT releasing it wouldn't > protect users. It would just keep it "secret" from everyone except > Microsoft *and the black hats who were already using it*. While > maintaining a false air of intact security for everyone else. > > That is better, how? > > -- > Benjamin Franz > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
It's a good thing I ran that anti-hacker script!!! On Fri, Jun 11, 2010 at 11:28 AM, Benji wrote: > because when she gets 0wn3d she can be all like 'ruh roh, well, 0day > can happen to anyone' > > On Fri, Jun 11, 2010 at 4:01 PM, Benjamin Franz > wrote: > > On 06/11/2010 02:40 AM, Christian Sciberras wrote: > >> In my humble opinion, he could have waited a couple more days just in > >> case Microsoft decided to do the unprecedented. > >> In which case, I progressive change of policies at Microsoft are > >> better than a couple of users getting hacked from pron sites... > > As I said: Travis indicated in his original post he believes the exploit > > *was already being used in the wild*. So NOT releasing it wouldn't > > protect users. It would just keep it "secret" from everyone except > > Microsoft *and the black hats who were already using it*. While > > maintaining a false air of intact security for everyone else. > > > > That is better, how? > > > > -- > > Benjamin Franz > > > > ___ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hacxx Anti Malware for Windows XP
On Fri, 11 Jun 2010 11:06:47 +0200, huj huj huj said: > say what ese Most English transliterations of the Yiddish spell it "chutzpah" rather than "chuzpe". And the Yiddish 'ch' is closer to an aspirated h than the standard English 'ch as in chicken'. pgpBO3hXnSjd9.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Fri, Jun 11, 2010 at 11:28 AM, Benji wrote: > because when she gets 0wn3d she can be all like 'ruh roh, well, 0day > can happen to anyone' Hello list. I'd like to warn you about Susan Bradley. I've seen her pictures and for its you must be desperate to want to own her. http://www.smbnation.com/Portals/0/speakers/speaker_susan-bradley.jpg Ms. Bradley, I'd like to warn you about getting owned: http://www.nogeekleftbehind.com/images/WebcastWindows7CrystalMethforGeeks_8EB4/image.png Would not last a day for if around my neck of the sand Ms. Bradley is nothing more than a big mouth trying to make a name for herself. Nothing more than an MS cheerleader. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Fri, Jun 11, 2010 at 12:03 PM, T Biehn wrote: > It's a good thing I ran that anti-hacker script!!! It's a good thing there is to be a local bomb squad near me. http://www.cbc.ca/world/story/2005/06/13/canadian-bomb050613.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Totally, I'd work on getting a dog too. On Jun 11, 2010 12:20 PM, "musnt live" wrote: On Fri, Jun 11, 2010 at 12:03 PM, T Biehn wrote: > It's a good thing I ran that a... It's a good thing there is to be a local bomb squad near me. http://www.cbc.ca/world/story/2005/06/13/canadian-bomb050613.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Fri, Jun 11, 2010 at 1:06 PM, T Biehn wrote: > Totally, I'd work on getting a dog too. > > On Jun 11, 2010 12:20 PM, "musnt live" wrote: > > On Fri, Jun 11, 2010 at 12:03 PM, T Biehn wrote: >> It's a good thing I ran that a... > > It's a good thing there is to be a local bomb squad near me. > > http://www.cbc.ca/world/story/2005/06/13/canadian-bomb050613.html > Is Annette (your mom) available? A call to her could always have her be answer for herself: Annette Biehn (former known to be Annette Penney) 3395 Gail Circle Doylestown, PA 18901 (215) 794-9220 Or maybe so your dad Brant to be upset ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Fri, Jun 11, 2010 at 1:43 PM, T Biehn wrote: > Maybe you can call twice and get both of them really upset? > Maybe I will. Would she let me sit on her bed? http://images.realogyfg.com/j/2/5/15907460/62A47ADD-C353-4F73-94FB-742937D88A0B-6.jpg Oh n00z all this information for on this little wannabe unabummer. Go play now with some explosives and fux0r yourself before I is posting your family's SS CC #'s rookie ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
> Hello list. I'd like to warn you about Susan Bradley. I've seen her > pictures and for its you must be desperate to want to own her. > > http://www.smbnation.com/Portals/0/speakers/speaker_susan-bradley.jpg s/PMS/menopause/gi ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Maybe you can call twice and get both of them really upset? -Travis On Fri, Jun 11, 2010 at 1:21 PM, musnt live wrote: > On Fri, Jun 11, 2010 at 1:06 PM, T Biehn wrote: > > Totally, I'd work on getting a dog too. > > > > On Jun 11, 2010 12:20 PM, "musnt live" wrote: > > > > On Fri, Jun 11, 2010 at 12:03 PM, T Biehn wrote: > >> It's a good thing I ran that a... > > > > It's a good thing there is to be a local bomb squad near me. > > > > http://www.cbc.ca/world/story/2005/06/13/canadian-bomb050613.html > > > > Is Annette (your mom) available? A call to her could always have her > be answer for herself: > > Annette Biehn (former known to be Annette Penney) > 3395 Gail Circle > Doylestown, PA 18901 > (215) 794-9220 > > Or maybe so your dad Brant to be upset > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
On Fri, Jun 11, 2010 at 1:53 PM, T Biehn wrote: > So far so good. > You've been able to go from t biehn -> Travis Biehn -> Bomber Article > (parent's names, city, state, country) -> whitepages.com (Address and Phone > number) -> (not clear on your jump here, did you google their name or for > the address?) Real estate listings. > Now to pull the SS and CC #'s you're going to have to go the extra mile. I'd > enjoy seeing you pull our SS numbers, being that we're all Canadians. That is right. Canadians living in Pennsylvannia. Was it not: "You hated being in America" the reason? Was your dad not making enough at Merck he went to work at Dynavax? Did his Zostavax product not cure your mom from herpes? Shall we email him to ask? bbi...@dvax.com indeed no for is that to be rude. Run along now little one explosives await you. And I must for to warn you! I too do not like America therefore if is you not like it then leave I must be sure that no Americans will miss you Travis ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
So far so good. You've been able to go from t biehn -> Travis Biehn -> Bomber Article (parent's names, city, state, country) -> whitepages.com (Address and Phone number) -> (not clear on your jump here, did you google their name or for the address?) Real estate listings. Now to pull the SS and CC #'s you're going to have to go the extra mile. I'd enjoy seeing you pull our SS numbers, being that we're all Canadians. -Travis On Fri, Jun 11, 2010 at 1:50 PM, musnt live wrote: > On Fri, Jun 11, 2010 at 1:43 PM, T Biehn wrote: > > Maybe you can call twice and get both of them really upset? > > > > Maybe I will. Would she let me sit on her bed? > > http://images.realogyfg.com/j/2/5/15907460/62A47ADD-C353-4F73-94FB-742937D88A0B-6.jpg > > Oh n00z all this information for on this little wannabe unabummer. Go > play now with some explosives and fux0r yourself before I is posting > your family's SS CC #'s rookie > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDVSA-2010:115 ] perl
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:115 http://www.mandriva.com/security/ ___ Package : perl Date: June 11, 2010 Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0, Multi Network Firewall 2.0 ___ Problem Description: Multiple vulnerabilities has been discovered and corrected in Safe.pm which could lead to escalated privilegies (CVE-2010-1168, CVE-2010-1447). The updated packages have been patched to correct these issues. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447 ___ Updated Packages: Mandriva Linux 2009.0: 00d3098831f3c94fd3e301a2e9b3d3d2 2009.0/i586/perl-5.10.0-25.2mdv2009.0.i586.rpm 5eb7a1bda35c58f0bf353cfa845ef65e 2009.0/i586/perl-base-5.10.0-25.2mdv2009.0.i586.rpm e465d32e8e21049d63ebc6c44730b691 2009.0/i586/perl-devel-5.10.0-25.2mdv2009.0.i586.rpm 479cdd1789b4ddb41e9309ebf24ba418 2009.0/i586/perl-doc-5.10.0-25.2mdv2009.0.i586.rpm 7c0936a984a432ed2e1bfc44c0d09fc9 2009.0/i586/perl-suid-5.10.0-25.2mdv2009.0.i586.rpm 82a2602a2f8ae6cf3a675a6918e24d3e 2009.0/SRPMS/perl-5.10.0-25.2mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: d3f41fadc8bd3688a8b0189eb1968c77 2009.0/x86_64/perl-5.10.0-25.2mdv2009.0.x86_64.rpm e5655094bbf5d1925db468ff707b8e18 2009.0/x86_64/perl-base-5.10.0-25.2mdv2009.0.x86_64.rpm 3c7aa589dfc884a80e4e70b269140d44 2009.0/x86_64/perl-devel-5.10.0-25.2mdv2009.0.x86_64.rpm 96691039825e0d138ecfb4f4731736ea 2009.0/x86_64/perl-doc-5.10.0-25.2mdv2009.0.x86_64.rpm 6854569c6281b018af7afbb2f3bc04ad 2009.0/x86_64/perl-suid-5.10.0-25.2mdv2009.0.x86_64.rpm 82a2602a2f8ae6cf3a675a6918e24d3e 2009.0/SRPMS/perl-5.10.0-25.2mdv2009.0.src.rpm Mandriva Linux 2009.1: 32ac91fdee352364f14770ec855e0375 2009.1/i586/perl-5.10.0-25.1mdv2009.1.i586.rpm a6d92fad394404c4f6e4ecdedf0ef3d0 2009.1/i586/perl-base-5.10.0-25.1mdv2009.1.i586.rpm 6ec44b6cd15d787afa051aa2f7a079a0 2009.1/i586/perl-devel-5.10.0-25.1mdv2009.1.i586.rpm 56cc85abe12ffc13e91c7d606c3f5a2f 2009.1/i586/perl-doc-5.10.0-25.1mdv2009.1.i586.rpm 6e5389395602f29f3678c9e8a5f1aa15 2009.1/i586/perl-suid-5.10.0-25.1mdv2009.1.i586.rpm d67bc28faa49cd0656ac8256c7cff801 2009.1/SRPMS/perl-5.10.0-25.1mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 5e955d0a68966fa5e8a408381e7046dd 2009.1/x86_64/perl-5.10.0-25.1mdv2009.1.x86_64.rpm 9de85776e7e93665721dce1731474229 2009.1/x86_64/perl-base-5.10.0-25.1mdv2009.1.x86_64.rpm 2dcc1876750306565ca77cfa69e83e2b 2009.1/x86_64/perl-devel-5.10.0-25.1mdv2009.1.x86_64.rpm 2a24a59f7557ecd5f9f231677b50fa00 2009.1/x86_64/perl-doc-5.10.0-25.1mdv2009.1.x86_64.rpm bb2d6a661623d31317822aeb7308b9dd 2009.1/x86_64/perl-suid-5.10.0-25.1mdv2009.1.x86_64.rpm d67bc28faa49cd0656ac8256c7cff801 2009.1/SRPMS/perl-5.10.0-25.1mdv2009.1.src.rpm Corporate 4.0: b326fe2db35f1dd9ac9169f9af6b5fc1 corporate/4.0/i586/perl-5.8.7-3.6.20060mlcs4.i586.rpm 3283f2531e5d33008b61575d7c90cedd corporate/4.0/i586/perl-base-5.8.7-3.6.20060mlcs4.i586.rpm 2dea5e372272c9990fb79d5e0b3d4c16 corporate/4.0/i586/perl-devel-5.8.7-3.6.20060mlcs4.i586.rpm 245ea4f820b232d147045b1e02e1bbb5 corporate/4.0/i586/perl-doc-5.8.7-3.6.20060mlcs4.i586.rpm 3e2bad0ffc7ed43c865c6ae1b76f05ef corporate/4.0/i586/perl-suid-5.8.7-3.6.20060mlcs4.i586.rpm 65dfaa9de6379b4d1f7a7b996b6af8be corporate/4.0/SRPMS/perl-5.8.7-3.6.20060mlcs4.src.rpm Corporate 4.0/X86_64: 2bb0dc22bd0bae5dd123d95f7f304934 corporate/4.0/x86_64/perl-5.8.7-3.6.20060mlcs4.x86_64.rpm 54dd2c26efb5f0b83f8f82cc6da12e46 corporate/4.0/x86_64/perl-base-5.8.7-3.6.20060mlcs4.x86_64.rpm 15f9345bd763e98aff10ffc36811f699 corporate/4.0/x86_64/perl-devel-5.8.7-3.6.20060mlcs4.x86_64.rpm 297218e6bf27da8dd414078b36218757 corporate/4.0/x86_64/perl-doc-5.8.7-3.6.20060mlcs4.x86_64.rpm 526f48beb05b4175e867bc1ec852fa77 corporate/4.0/x86_64/perl-suid-5.8.7-3.6.20060mlcs4.x86_64.rpm 65dfaa9de6379b4d1f7a7b996b6af8be corporate/4.0/SRPMS/perl-5.8.7-3.6.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 95bfe8ce07733fe7ec7890bacf1770f5 mes5/i586/perl-5.10.0-25.2mdvmes5.1.i586.rpm 04d8c9d3262848cae5211d136c83b995 mes5/i586/perl-base-5.10.0-25.2mdvmes5.1.i586.rpm 8186d5d14d1aec46e27b12540c98673a mes5/i586/perl-devel-5.10.0-25.2mdvmes5.1.i586.rpm 0f13e7c3e3ed27b539e1f1cb8a881be2 mes5/i586/perl-doc-5.10.0-25.2mdvmes5.1.i586.rpm 4e9f1aae20148662c3dee770a792f55c mes5/i586/perl-suid-5.10.0-25.2mdvmes5.1.i586.rpm d9e5230e96aa99ef5c5a5c52e3061c4a mes5/SRPMS/perl-5.10.0-25.2mdvmes5
Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
You're just jealous I had the intuition to protect myself. Sent from my iPhone On 11 Jun 2010, at 17:03, T Biehn wrote: It's a good thing I ran that anti-hacker script!!! On Fri, Jun 11, 2010 at 11:28 AM, Benji wrote: because when she gets 0wn3d she can be all like 'ruh roh, well, 0day can happen to anyone' On Fri, Jun 11, 2010 at 4:01 PM, Benjamin Franz wrote: > On 06/11/2010 02:40 AM, Christian Sciberras wrote: >> In my humble opinion, he could have waited a couple more days just in >> case Microsoft decided to do the unprecedented. >> In which case, I progressive change of policies at Microsoft are >> better than a couple of users getting hacked from pron sites... > As I said: Travis indicated in his original post he believes the exploit > *was already being used in the wild*. So NOT releasing it wouldn't > protect users. It would just keep it "secret" from everyone except > Microsoft *and the black hats who were already using it*. While > maintaining a false air of intact security for everyone else. > > That is better, how? > > -- > Benjamin Franz > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDVSA-2010:116 ] perl
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:116 http://www.mandriva.com/security/ ___ Package : perl Date: June 11, 2010 Affected: 2008.0, 2010.0 ___ Problem Description: Multiple vulnerabilities has been discovered and corrected in Path.pm and Safe.pm which could lead to escalated privilegies (CVE-2008-5302, CVE-2008-5303, CVE-2010-1168, CVE-2010-1447). The updated packages have been patched to correct these issues. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5303 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447 ___ Updated Packages: Mandriva Linux 2008.0: 74f13f5c2a193ad87e946fb1d743a79c 2008.0/i586/perl-5.8.8-12.3mdv2008.0.i586.rpm decce53cbd246cd380c0985b89703abe 2008.0/i586/perl-base-5.8.8-12.3mdv2008.0.i586.rpm 767064aa83aeb454927eafbe8068a95b 2008.0/i586/perl-devel-5.8.8-12.3mdv2008.0.i586.rpm 620d3bc66fa16f685a498bb6c6991527 2008.0/i586/perl-doc-5.8.8-12.3mdv2008.0.i586.rpm b8b47acd7c38dd7051955043822723b4 2008.0/i586/perl-suid-5.8.8-12.3mdv2008.0.i586.rpm 76551980f8370263a6779a7edd9632fb 2008.0/SRPMS/perl-5.8.8-12.3mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 7546033b4000e799f955deec07206284 2008.0/x86_64/perl-5.8.8-12.3mdv2008.0.x86_64.rpm 89107c7558a766436bec50ecc4eed5c0 2008.0/x86_64/perl-base-5.8.8-12.3mdv2008.0.x86_64.rpm ee70fb39ca45516da600ec0bd74df224 2008.0/x86_64/perl-devel-5.8.8-12.3mdv2008.0.x86_64.rpm 2807e604899d1f627d4baaf3668d468d 2008.0/x86_64/perl-doc-5.8.8-12.3mdv2008.0.x86_64.rpm 5d4120af9e43f94321d571f7c8c45d52 2008.0/x86_64/perl-suid-5.8.8-12.3mdv2008.0.x86_64.rpm 76551980f8370263a6779a7edd9632fb 2008.0/SRPMS/perl-5.8.8-12.3mdv2008.0.src.rpm Mandriva Linux 2010.0: acc75713ceb667d2be5fad9eff11b471 2010.0/i586/perl-5.10.1-3.1mdv2010.0.i586.rpm 6ca2a840fa007634505c9cfe0f074e2b 2010.0/i586/perl-base-5.10.1-3.1mdv2010.0.i586.rpm 1fa50757db9d329310fdc732a6b47cef 2010.0/i586/perl-devel-5.10.1-3.1mdv2010.0.i586.rpm 4e28137d359374d5e25073545f2af193 2010.0/i586/perl-doc-5.10.1-3.1mdv2010.0.i586.rpm 5819b00cdf8fc349eea18c54f8a25938 2010.0/i586/perl-suid-5.10.1-3.1mdv2010.0.i586.rpm 7d8419885965a965539d8c989004032e 2010.0/SRPMS/perl-5.10.1-3.1mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: a2367c0a7cc071ef6406db6a56ec6f0a 2010.0/x86_64/perl-5.10.1-3.1mdv2010.0.x86_64.rpm c436096f31e4254d10b81559fd9f2b89 2010.0/x86_64/perl-base-5.10.1-3.1mdv2010.0.x86_64.rpm ed4b9c4f537b826af11e1143cc7a7d7c 2010.0/x86_64/perl-devel-5.10.1-3.1mdv2010.0.x86_64.rpm 2c6263cec2e63cb10ce8c4a4a604570a 2010.0/x86_64/perl-doc-5.10.1-3.1mdv2010.0.x86_64.rpm c04288530931d3cb200c96f7812b8076 2010.0/x86_64/perl-suid-5.10.1-3.1mdv2010.0.x86_64.rpm 7d8419885965a965539d8c989004032e 2010.0/SRPMS/perl-5.10.1-3.1mdv2010.0.src.rpm ___ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com ___ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMEobOmqjQ0CJFipgRAmtIAJ9QbzJCN7V+05GgAq8iIXkk9NtpewCfcij4 jR9RRZ1n8uuR8qGNGEVIWnQ= =rki+ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] My private key
This is my private key. I'll explain later. TGP PrivateTest kUnv1MSq305Ebj8lSJbdMhJ03/mXU/eUrydhzbdrlksE2zwpdfnfuWbUXb4Tz8BibUXI3drAMx1llXwCArSP9zKblfOB78owYLp1haY8+yx+ZhKLv0s7y7WpdKdFzQxNeOBCdsz7mIUwgc8rGsyl4/3t/rA04IfkyZHRPwXpOz5YBnTHaVoo2gSZdR6xGk27Tq59PZNsb+z2BiMozKA6s3vXY/mKzPoMhm0hpOPCxx6Ho2QmYJHuPbOr2tLlFr6ICPyiAWZFw/g+qNBDST0LrQVHh6R0yAu15mo7L2R5WlERhOGTx8+/Y7pXWvH1sqxnLKUZ6sEqt2+zlW0lUYyvvpgDTabOvuHmsvZz3WthvdV8C0iManQkmSHQpaDKkzuYc8wv3Zz7uHbLTupEBA3MEckNXLvIwFRG6KGetLVG43Nxj/vhXQJjrBTEXB6Cnaf+Q+AKwhPDRv8e5lRcHoGK8jB59uLRx3DKUg6NC70Xr4do0sSWGCNdOtEVMVZuARiHgEtzzRnabQJDn6f8Mc2S+HKOvLxBnG4SBdYu1uWE/s7z8ygn8ROqWv5EN2R5Yo46ihB4NTHOg5CgiNO/QDTaXPqqMR1V7sVvdRLiME51X0fn/EFqD2+BmetpyiAb/QRQZvjHYkZgSi06nMTZ0u847nMnerlAsleak3NJuLH3au2YMIQ9UIMrUSWrtFsU99Xljje5lnQ2hKnwZUe3xpmXmo2Mm+3KOmw0/9cirHemcL9wcMd1ywCQjWwvcug+yIjU8UseLKtrH2se+VZB3EjagpH1SKOtroyH29lOrg45Q25EkE1Pk0xF+CdOL4pEmBFzw5Gxw6vkEzmWmMwmeCLKYD+dPP9TqsQM1V7czKeV/zUL3hSeO8svJdNHbNCN4fWI5STtEvdhSLh41S39HbIVOQbhAjAoD7LalhQRiTugkLLuqtmF8amGyAHmGA9aAldE0U28DHakcAKRWSPUTEluvWSTcnREgIpKAf7WSpUYqWq53Ht/c6HiZ2S+RgW4N8LCpIR8VCyxkfW46wzQVgurPP/UiddBZmzG0KpbYmktXNfb5L6SiECEpXfPQSoqjVqX7QYC/YjcvVUhIbtTddNJ8Tpsrno55gq+3fSx7nmKd1SDjjGl7z+2or/2d9GRe063ZnYg7GNjqjYN/wDZIuROUhKGYKF5+JhMU7UNZuuGy6P6NSWdJNwvnRcUu7WPOWO4WZocDmsY98PuvQt6FGjn+yIi3xYlNkvajxZDiAUUapM9CJssi1cmdpLasaCGdvKnXdDBQBGGdmHZuvkWLKGRIp6h1hTqlnt1Rne+04JaaQ4wGxxt4pKyVZoJinS35rrLuIsCr9Pa2HcSHUWcLMhG3Qpt7auZBU2m50EPNtqLgFGx8CQmGRD9EiLN/fqjc9j+GWWT/BeJrYXBUgkPWHTaDyIm+okMEQue1Zl59UYxFKhUeCM2b8PksoDWn851lgFO5EjPZ9mbGny9OAE9WzxdmpqnOaq6qYxuusg/9H/heQ6IjydPhUhH5FZl+e7q/n+nLDtuXjgkd/776T0SohGqIA88TKFNba9LpyhDKOO26uaK1GpGb/4gRgs+kLTdd2AYfW1u8nWO1Ug3/7WZ89inByJNtI5eHqyxPl7cTVl3WhSuGLcxfQnb+ajx8yZpBhrNtz7jC4T8xZm8rh2FVhV7Qu4l3VosSJh/giSrGmC55Mau9X1/K2tsDJuPOLibK3ZYSi4ZlAAuktLBDjomX3dbfNuvK5FthP+rjvfVAg8bRHvReTnsQ/cA2iMW11blCE42HcnSyq/ulFkch+Y6vlSNhNR+Crh5nXrXixaFDcA8hO3PjPHp5ocRGbZMXtBf3xptrFmfga9nMvzdJS5VminYHlV4kgh7HK8L+uh38UqVir/Dusj9JtJMxYzVZWmAqO2JO+rKdPdzXNEm896O/uF6zlgoHIG64HRE8I+NAyxxew8rN5lyIWFqhsx058sGsIiWoX7yAL4CIY8mgSsP4tR2wzBh2UhSlqwdSsUt/Flkk/cwS+8jrkIGxLDNHvcRqFlrH3iydqkz3LwUCproQrNZQ7sI2Wjmcsw+bETAVvRQhkvYdxUghGxZqM5MxjonuUrZ1fNWxFkQsaa9gJu1TK7lGIXtSA2RkS2HwYBNpp74fYpLiKSTeRMeMdmrClQ3CdHjv1epn6TZrqFtpvaMwVb5EbSzBSzmkSIKGtkP6ZOD6vItsp1Lkpvx0XeIEgY3sACUS+RhYiLxZF1XEDQXxbyNNl28XeQmL/v3qq3NlyviO8NqfttLHyl7tRc3Llx0LBjc2d34CEXFB19aFj2LHNG7Y1lpgOjKYjxRsFyy3I9Q3d3TUKWXqbgATYdc3UFT0OyRVXuFK2CRKO0T1JjH30m58RRw29Zsn6BLKxIPavwLD+MVxSeukYhD4Vr3j/Ke/yyklJMTpNqw+UQey9+Xu3hoVw== ir3Co+lV+P6GnGKKlCOeKOtyex/b0p2fNHgoIhuW9Ek= d9OkMGXGWswbSqhxw2VsUw== ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Test two
Sorry, more of my rantings... PFJTQUtleVZhbHVlPjxNb2R1bHVzPnRCdTVRR0w1K2J1VENGeFJvWE5WcUgxSlZKY2FJUnd6RVJZRTE5OWxveWZ5WmZ2UkxQclg1Z3JkTE1pRU9FLysxcDRLenZBM0VpQzlmTXJEWlVzbG1Jdk5hV2x4eDBPT0xRckFKYlFET0RUTkFJWG9sQnM0cFZXVGJ0VlpURkUyMkxXVjBWQmU2Ynk4cVZIVTU4R0RRNUdWVklsak9MZUVpdW9UMmdiSi9hVT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjwvUlNBS2V5VmFsdWU+ ThorPrivate oCHcmqvnf+ls8PJFic6dHTgiQdz5b2fuQc7nfWugFiVaY9ksexltoKFwbrf7MbI/em6SkuUBiXPqpu8t9qEJTiyxegOe7QaSN7aDiNDCtdvTx8OdKvovbpvTMMtlMSseo6m7qlFOPgD/+WoAWY/j84eSEe+HEYm8/iGoJo3+eDg= mVOI2QC+ZvG/u5CYITCxoZbuZrEADkov5kWuG56QiBgD/dl3R1iPIY65wEQxr715mWsEqH4vb8eePT9Q7hx/uVrE01DnJrKdGTzeZIHdN6hExTXN2Po8C8RYWuP221rW+zi7Q8ryG/KPj9U9cFUf8pjkn/+DZ0x9Od2uWHcBhKQ= J1C2T9ZSiXs4VZ8VqkLtTg== qtE5m0wQSP7+kUf8qrCZr9r23DrCxgDzR2yaf/JgUAo= ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/