date:20110217

[Full-disclosure] [SECURITY] [DSA 2166-1] chromium-browser security update

2011-02-17 Thread Giuseppe Iuculano

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- -
Debian Security Advisory DSA-2166-1   secur...@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
February 16, 2011  http://www.debian.org/security/faq
- -

Package: chromium-browser
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID : CVE-2011-0777 CVE-2011-0778 CVE-2011-0783 CVE-2011-0983 
CVE-2011-0981 CVE-2011-0984 CVE-2011-0985


Several vulnerabilities were discovered in the Chromium browser.
The Common Vulnerabilities and Exposures project identifies the
following problems:


CVE-2011-0777

  Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote
  attackers to cause a denial of service or possibly have unspecified other
  impact via vectors related to image loading


CVE-2011-0778

  Google Chrome before 9.0.597.84 does not properly restrict drag and drop
  operations, which might allow remote attackers to bypass the Same Origin
  Policy via unspecified vectors


CVE-2011-0783

  Unspecified vulnerability in Google Chrome before 9.0.597.84 allows
  user-assisted remote attackers to cause a denial of service
  (application crash) via vectors involving a bad volume setting.


CVE-2011-0983

  Google Chrome before 9.0.597.94 does not properly handle anonymous blocks,
  which allows remote attackers to cause a denial of service or possibly have
  unspecified other impact via unknown vectors that lead to a stale pointer.


CVE-2011-0981

  Google Chrome before 9.0.597.94 does not properly perform event handling for
  animations, which allows remote attackers to cause a denial of service or 
  possibly have unspecified other impact via unknown vectors that lead to a
  stale pointer.


CVE-2011-0984

  Google Chrome before 9.0.597.94 does not properly handle plug-ins, which
  allows remote attackers to cause a denial of service (out-of-bounds read)
  via unspecified vectors


CVE-2011-0985

  Google Chrome before 9.0.597.94 does not properly perform process termination
  upon memory exhaustion, which has unspecified impact and remote attack 
vectors.



For the stable distribution (squeeze), these problems have been fixed
in version 6.0.472.63~r59945-5+squeeze2

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed
in version 9.0.597.98~r74359-1

We recommend that you upgrade your chromium-browser packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-annou...@lists.debian.org

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk1b8jYACgkQNxpp46476arpVwCcDk8m1FxNskmuPa+iyiv4EFF+
fEoAoIL8BoA5WUbg6xSEy2SONl6KgxC+
=8gqL
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [SECURITY] [DSA 2167-1] phpmyadmin security update

2011-02-17 Thread Thijs Kinkhorst

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- -
Debian Security Advisory DSA-2167-1   secur...@debian.org
http://www.debian.org/security/   Thijs Kinkhorst
February 16, 2011  http://www.debian.org/security/faq
- -

Package: phpmyadmin
Vulnerability  : sql injection
Problem type   : remote
Debian-specific: no
CVE ID : CVE-2011-0987

It was discovered that phpMyAdmin, a a tool to administer MySQL over
the web, when the bookmarks feature is enabled, allowed to create a
bookmarked query which would be executed unintentionally by other users.

For the oldstable distribution (lenny), this problem has been fixed in
version 4:2.11.8.1-5+lenny8.

For the stable distribution (squeeze), this problem has been fixed in
version 4:3.3.7-5.

For the testing distribution (wheezy) and unstable distribution (sid),
this problem has been fixed in version 4:3.3.9.2-1.

We recommend that you upgrade your phpmyadmin packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-annou...@lists.debian.org
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJNXBLYAAoJEOxfUAG2iX57PAUH/3WO+oTC931ZOM8yJAjF5iOL
aQk5VVYYmtzvLSR/eevGSb2WgTiWFtPCO1fUP7dJk9YdxpxmtgiIE54QEwOxveUt
wcNkXkytK4n7gC+y/8jqgviorbFQf5qUD2akDQ8kWMM5whwJCQOVuwk8Fn7qWP4l
8NmqeR0HVYdR3LGa+yG545EuO3kLYp2vka10s9ZicACH4r/lMDglWTpAfzSci0gR
u4acRHgNLHIfjO5Lqac45vUkkDoOwrNWbLRWmuq3nsNIWHOBOGECmJdgttEpLU9E
aUSD2IzBBh78vSFLwds4V0lHnca3ABv2yFymsRP0mAEsxezNsWqPxT5E7cHQlEI=
=luQx
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [SECURITY] [DSA 2169-1] telepathy-gabble security update

2011-02-17 Thread Nico Golde

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- -
Debian Security Advisory DSA-2169-1   secur...@debian.org
http://www.debian.org/security/Nico Golde
February 16, 2011  http://www.debian.org/security/faq
- -

Package: telepathy-gabble
Vulnerability  : insufficient input validation
Problem type   : remote
Debian-specific: no
CVE ID : none yet

It was discovered that telepathy-gabble, the Jabber/XMMP connection manager
for the Telepathy framework, is processing google:jingleinfo updates without
validating their origin.  This may allow an attacker to trick telepathy-gabble
into relaying streamed media data through a server of his choice and thus
intercept audio and video calls.


For the oldstable distribution (lenny), this problem has been fixed in
version 0.7.6-1+lenny1.

For the stable distribution (squeeze), this problem has been fixed in
version 0.9.15-1+squeeze1.

For the testing (wheezy) and unstable (sid) distributions, this problem
will be fixed soon.

We recommend that you upgrade your telepathy-gabble packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-annou...@lists.debian.org

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk1cS7AACgkQHYflSXNkfP8qmgCfWPI4bRODwj/mt/FirGAfMQNg
6PgAn3a2JuMBRQzXT9Hgm2DNW4y4M2AK
=AabH
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] WordPress User Photo Component Remote File Upload Vulnerability

2011-02-17 Thread ADVtools Advisories

WordPress User Photo Component Remote File Upload Vulnerability

Product Name: User Photo
Vendor: http://wordpress.org/extend/plugins/user-photo/
Versions Affected: 0.9.4 and probably previous versions
Severity: High

Credit: Sebastien Andrivet, Flora Bottaccio, ADVtools.com
Website: http://www.advtools.com
Contact: advisor...@advtools.com
Date: 2011-02-17


I. Product Description

User Photo is a WordPress component that allows a user to associate a
photo with her account and for this photo to be displayed in  posts
and comments.


II. Vulnerability description

When a photo is uploaded, it is only partially validated and it is
possible to upload a backdoor on the server hosting WordPress. This
backdoor can be called (executed) even if the photo has not been yet
approved.


III. Analysis

1. Image type validation

When a file is uploaded, its type is validated. Only the following
types are accepted:

$userphoto_validtypes = array(
image/jpeg = true,
image/pjpeg = true,
image/gif = true,
image/png = true,
image/x-png = true
);

The type is validated by the following code:

if(@!$userphoto_validtypes[$_FILES['userphoto_image_file']['type']])
$error = sprintf(__(The uploaded file type ldquo;%srdquo; is 
not
allowed., 'user-photo'), $_FILES['userphoto_image_file']['type']);

This code verifies the MIME type of the uploaded file. A navigator
infers the MIME type from the file itself or from its extension but it
is possible to intercept the HTTP request and change it (using a proxy
such as WebScarab). This way, any file can be uploaded as if it were
an image. The HTTP header to change is Content-type:

Content-type: image/gif

2. Image resizing

When a photo (an image) is uploaded, its size is checked. If it is too
big, it is resized. To avoid this resizing, the uploaded file has to
look like a small image. The verification of the size of the image is
done with code such as:

$imageinfo = getimagesize($tmppath);

In the case of GIF, this PHP function simply looks at the beginning of
the GIF header and extracts the size of the image. A GIF header starts
with:

Offset   Length   Contents
  0  3 bytes  GIF
  3  3 bytes  87a or 89a
  6  2 bytes  Logical screen width in little-endian byte order
  8  2 bytes  Logical screen height in little-endian byte order

getimagesize ignores the remaining of the binary data. It is thus easy
to create a file that looks like a small GIF image but that is in fact
something else.

3. PHP file

A PHP file can contain binary data. This data are reflected on the
output steam without interpretation. Only data between ?php and ?
are interpreted as PHP code (see
http://www.php.net/manual/en/language.basic-syntax.phpmode.php). Using
this characteristic and the previous point, it is thus possible to
construct a file that looks like a small GIF image but that is in fact
a PHP file. For example (in hexadecimal):

47 49 46 38 39 61 14 00 14 00 3C 3F 70 68 70 20 70 68 70 69 6E 66 6F
28 29 3B 20 3F 3E

This file is recognized as a GIF image with a width and a height of 20
pixels and also as a PHP file containing a call to phpinfo(). Using
the same technic, it is possible to upload a backdoor.

4. Uploading

Once uploaded, the PHP file is always located at the same place:

wp-content/uploads/userphoto/alice.php

where alice is the login name (nickname) of the user uploading the file.

Important: This file is present even if it has not yet been approved
by the moderator.

5. Limitation

Since the PHP file begins with a fake GIF header, this header will be
output for every response. In practice, this is not really a problem:
it can be simply ignored (in the case of a backdoor outputting HTML)
or manually removed (in the case of the downloading of file). In some
cases (for example when images are dynamically returned), a backdoor
has to be slightly modified to avoid outputting two GIF headers.

6. Special case

In some installations, PHP files are interpreted as Unicode (16 bits).
Since the beginning of the GIF header is 16-bit aligned, it is not an
issue. The PHP code has to be written in Unicode.

7. Other concerns

This component contains also a XSS vulnerability located in the same
lines of code.


IV. Versions affected

Version 0.9.4 (latest version as of January 2011).

Other versions were not tested.


V. Impact

The exact impact depends of the configuration of the web server and of
the operating system:

- In the worst case, if Apache is running as root or as an
Administrator, the server is compromised (owned).

- If the Apache server is running as a dedicated low privilege user,
the backdoor will have limited access. Most of the time, the backdoor
will have read access but no write access except in very specific
places. To compromise the server, another vulnerability is necessary
(escalation).


VI. Proof of concept / Exploit

See

Re: [Full-disclosure] Pen-Testing Companies in Quebec

2011-02-17 Thread Alexis McDuff

I have received a lot of feedback which will be of great help. Thank you all.

Regards,

Alexis McDuff

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Announcing NVD CVE parser for Ruby on Rails

2011-02-17 Thread Dominik Elsbroek

Hello list!

I'd like to announce the public release of the FreeBSD licensed FIDIUS
CVE-DB RubyGem.

The FIDIUS CVE-DB gem is used to create and run your own vulnerability
database. It uses the National Vulnerability Database to gather
vulnerability entries which are based on the Common Vulnerabilities
and Exposures (CVE) identifiers.

Therefore it includes rake tasks to download and parse XML files provided
by the NVD, to store and update them in your personal database.
Furthermore it includes ActiveRecord models, migrations and example
database configuration to store vulnerabilities easily.

This gem is developed in the context of the students project FIDIUS
at the Universitaet Bremen, and is available here:

https://rubygems.org/gems/fidius-cvedb
https://github.com/fidius/cvedb

For more information about FIDIUS visit

http://fidius.me/en/news/release-fidius-cvedb

Cheers

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Old Timer

andrew:

Cal is a blackhat with criminal convictions, I hope he is forced from the
list by an uprising of whitehats.

I'm a whitehat and its upsetting to see the disclosure community being taken
over by criminals.

Andrew


hahahah

Why don't you have a quick glance at the list charter and see who founded
this list ?  Then go look them up in wikipedia

While yer at it, check out Scott Chasin, who founded bugtraq...

And 8lgm, who were prolific bugtraq posters...

the list goes on and on (and on and on).  How old are you, son ?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] xt:Commerce 3.X - Second Order SQL Injection

2011-02-17 Thread Felix

xt:Commerce 3.X Second Order SQL Injection Vulnerability 
(xtc_validate_email)
felix |at| malloc.im
===

Overview:

xt:Commerce 3 is an open source shopping software based on osCommerce.
It is vulnerable to a second order SQL injection attack that can be used
to reset the password of arbitary users and admins

Risk: Critical

Details:

xt:Commerce 3.X is vulnerable to a second order SQL injection
in the password_double_opt.php file. The script uses the deprecated
eregi 
function (http://php.net/manual/en/function.eregi.php) to 
validate customer e-mail addresses:

  function xtc_validate_email($email) {
$valid_address = true;

$mail_pat = '^(.+)@(.+)$';
$valid_chars = [^] \(\)@,;:\.[];
$atom = $valid_chars+;
$quoted_user='(\[^\]*\)';
$word = ($atom|$quoted_user);
$user_pat = ^$word(\.$word)*$;
$ip_domain_pat='^
\[([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\]$';
$domain_pat = ^$atom(\.$atom)*$;

if (eregi($mail_pat, $email, $components)) {
 
.
.
return $valid_address;
  }
 


eregi is vulnerable to nullbyte injections, the function considers
an embedded nullbyte as the end of the string and won't parse
characters after it.

This means a string like f...@example.com\00' SQL INJECTION will
pass the xtc_validate_email function.

The account_edit.php file allows registered customers
to change their email address and executes the following code:



$email_address = xtc_db_prepare_input($_POST['email_address']);
// xtc_db_prepare_input is a wrapper for stripslashes()
...
if (strlen($email_address)  ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$error = true;
$messageStack-add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR);
}
if (xtc_validate_email($email_address) == false) {
$error = true;
$messageStack-add('account_edit', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
}

After that the variable $email_address is stored in the database
using a prepared statement that is not vulnerable to a SQL injection.

The final step of this attack abuses the password recovery
function in the password_double_opt.php file:


 if (isset ($_GET['action'])  ($_GET['action'] == 'verified')){  
 $check_customer_query = xtc_db_query(select customers_id, 
customers_email_address, password_request_key from .TABLE_CUSTOMERS.
where customers_id = '.(int)$_GET['customers_id'].' 
and password_request_key = '.xtc_db_input($_GET['key']).'); 
$check_customer=xtc_db_fetch_arr($check_customer_query);

$newpass=xtc_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
$crypted_password=xtc_encrypt_password($newpass);
.
xtc_db_query(update .TABLE_CUSTOMERS. set customers_password = '
.$crypted_password.' where customers_email_address = '
.$check_customer['customers_email_address'].');

As you can see the stored email (customers_email_address) is extracted
out
of the database and is used without escaping for the UPDATE query in
the 
last line.
This enables an attacker to set the password of an arbitary user or
admin to the generated random string, which will be send to the 
email address before the nullbyte.

Exploit:

The following steps can reproduce the attack:

1. Register as a customer with an valid mail address (f...@evil.com)
2. Use the password recovery function to request a new password. 
   You will get an verification email with a randomized url you
   need in step 4.
3. Change your email address in the customer area
   to abuse the SQL Injection:
   f...@evil.com\0 or customers_id = 1
4. Visit the url specified in the verification email. 
   This will change the password of the administrator
   with id 1. This new password will arrive per mail.

Fix:

Change $check_customer['customers_email_address'] to
xtc_db_input($check_customer['customers_email_address']
and insert the following line at the beginning
of the xtc_validate_email function:

if (strpos($email,\0)!==false) {return false;}

This bug was reported in January 11 but no official
patch is available.


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Launched PasswordForensics.com - New Portal for Password Security !

2011-02-17 Thread Nagareshwar Talekar

Hey guys,

Today we have launched our new website PasswordForensics - a division
of SecurityXploded.com - is a dedicated portal for everything related
to Password Security !

It will host all kind of Password Recovery softwares  research
oriented Password Forensics articles describing password
encryption/decryption techniques and storage mechanism used by popular
applications. Currently it has 25+ FREE password recovery tools and
many research articles in password forensics area.

Check it out now  - http://passwordforensics.com/

Cheers
Nagareshwar
http://securityXploded.com

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

I refer everyone to:

http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw

On Thu, Feb 17, 2011 at 1:51 PM, andrew.wallace
andrew.wall...@rocketmail.com wrote:

On Wed, Feb 16, 2011 at 5:54 PM, Old Timer ot48...@gmail.com wrote:
andrew:

Cal is a blackhat with criminal convictions, I hope he is forced from
the
list by an uprising of whitehats.

I'm a whitehat and its upsetting to see the disclosure community being
taken
over by criminals.

Andrew

hahahah

Why don't you have a quick glance at the list charter and see who founded
this list ? Then go look them up in wikipedia

While yer at it, check out Scott Chasin, who founded bugtraq...

And 8lgm, who were prolific bugtraq posters...

the list goes on and on (and on and on). How old are you, son ?

n3td3v - Brief history of the consortium and timeline

How We Started

* Founded by entrepreneur and IT Security Consultant, Andrew Wallace.

* The aged 30-something year old was born in 1981 and started the
consultancy at the young age of 18.

* n3td3v - IT Security Consultancy was founded in 1999 and helped the
entrepreneur launch his career in IT Security.

* Today, 2011, we are one of the most well known non-profit IT Security
consortia in the UK.

Learn more: https://sites.google.com/site/n3td3v/

Andrew

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [SECURITY] [DSA 2169-1] telepathy-gabble security update

2011-02-17 Thread Valdis . Kletnieks

On Wed, 16 Feb 2011 23:12:00 +0100, Nico Golde said:

 Package: telepathy-gabble
 Vulnerability  : insufficient input validation
 Problem type   : remote

A remote exploit for telepathy.  Wow, that would suck. ;)


pgpPnJSjDV1gS.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Old Timer

Ah, so that's how you don't seem to realise what you call the 'disclosure
community' was largely founded by people you call 'criminal blackhats' - you
were still at school.

How embarassing it must have been for you when you realised the very list
you were spouting that crap on was founded by an (alleged) ex-hacker who did
jail time..

Perhaps you should now have the courage of your (non) convictions and stay
away from full disclosure and bugtraq ? After all, they're tainted for you
now, aren't they

On Thu, Feb 17, 2011 at 1:51 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 On Wed, Feb 16, 2011 at 5:54 PM, Old Timer ot48...@gmail.com wrote:
  andrew:
 
  Cal is a blackhat with criminal convictions, I hope he is forced from
 the
  list by an uprising of whitehats.
 
  I'm a whitehat and its upsetting to see the disclosure community being
 taken
  over by criminals.
 
  Andrew
 
 
  hahahah
 
  Why don't you have a quick glance at the list charter and see who founded
  this list ?  Then go look them up in wikipedia
 
  While yer at it, check out Scott Chasin, who founded bugtraq...
 
  And 8lgm, who were prolific bugtraq posters...
 
  the list goes on and on (and on and on).  How old are you, son ?

 n3td3v - Brief history of the consortium and timeline

 How We Started

 * Founded by entrepreneur and IT Security Consultant, Andrew Wallace.

 * The aged 30-something year old was born in 1981 and started the
 consultancy at the young age of 18.

 * n3td3v - IT Security Consultancy was founded in 1999 and helped the
 entrepreneur launch his career in IT Security.

 * Today, 2011, we are one of the most well known non-profit IT Security
 consortia in the UK.

 Learn more: https://sites.google.com/site/n3td3v/

 Andrew





___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread James Rankin

No-one in the UK or UK security community has heard of Nettie or his
consultancy.

He's just a deluded Jocko pisspot

On 17 February 2011 14:01, Cal Leeming [Simplicity Media Ltd]
cal.leem...@simplicitymedialtd.co.uk wrote:

I refer everyone to:

On Thu, Feb 17, 2011 at 1:51 PM, andrew.wallace
andrew.wall...@rocketmail.com wrote:

On Wed, Feb 16, 2011 at 5:54 PM, Old Timer ot48...@gmail.com wrote:
andrew:

Cal is a blackhat with criminal convictions, I hope he is forced from
the
list by an uprising of whitehats.

I'm a whitehat and its upsetting to see the disclosure community being
taken
over by criminals.

Andrew

hahahah

Why don't you have a quick glance at the list charter and see who
founded
this list ? Then go look them up in wikipedia

While yer at it, check out Scott Chasin, who founded bugtraq...

And 8lgm, who were prolific bugtraq posters...

the list goes on and on (and on and on). How old are you, son ?

n3td3v - Brief history of the consortium and timeline

How We Started

* Founded by entrepreneur and IT Security Consultant, Andrew Wallace.

* The aged 30-something year old was born in 1981 and started the
consultancy at the young age of 18.

* n3td3v - IT Security Consultancy was founded in 1999 and helped the
entrepreneur launch his career in IT Security.

* Today, 2011, we are one of the most well known non-profit IT Security
consortia in the UK.

Learn more: https://sites.google.com/site/n3td3v/

Andrew

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

--
On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question.

*IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is confidential,
privileged or unsuitable for overly sensitive persons with low self-esteem,
no sense of humour or irrational religious beliefs. If you are not the
intended recipient, any dissemination, distribution or copying of this email
is not authorised (either explicitly or implicitly) and constitutes an
irritating social faux pas.

Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal or no
grammatical use and may be ignored. No animals were harmed in the
transmission of this email, although the kelpie next door is living on
borrowed time, let me tell you. Those of you with an overwhelming fear of
the unknown will be gratified to learn that there is no hidden message
revealed by reading this warning backwards, so just ignore that Alert Notice
from Microsoft.

However, by pouring a complete circle of salt around yourself and your
computer you can ensure that no harm befalls you and your pets. If you have
received this email in error, please add some nutmeg and egg whites, whisk
and place in a warm oven for 40 minutes.*
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Andrew, have you even looked at my linkedin profile?

I designed and implemented an embedded router (from scratch) directly for a
local authority in the UK for UTMS (Urban Traffic Management System). I also
gave a private conference (where I was the *only* speaker) of which there
were 40 attendees from large financial institutions, NCS (National Crime
Squad, now known as SOCA) and APACS.

For example, I doubt you have even heard of QnetiQ, let alone had any
involvement with them :S

On Thu, Feb 17, 2011 at 2:50 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 2:20 PM, James Rankin kz2...@googlemail.com
 wrote:
  No-one in the UK or UK security community has heard of Nettie or his
  consultancy.
 
  He's just a deluded Jocko pisspot

 I've been a member for the last 12 years and frequent industry conferences
 regularly, as well as chair roundtable discussions between the sectors. I
 doubt you've ever been involved in any of that, because speaking to me in
 the manner you are, you are unlikely to be invited for cross-industry talks
 with anyone.

 Learn to respect others and get on with people instead of posting abusive
 messages to mailing lists, and you may get invited into talks between the
 government and the private sector.

 Judging by your email though it seems you have a long way to go.

 Andrew


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread PsychoBilly

tss tss
appearence of a thesis
but stuffed with approximations
IE p.15
 and “Unix Terrorist” is likely European. 



[[   Cal Leeming [Simplicity Media Ltd]   ]] @ [[   17/02/2011 15:01   
]]--
 I refer everyone to:
 
 http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw
 http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw
 
 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Has anyone here actually met Andrew (if that's his name) irl?

On Thu, Feb 17, 2011 at 3:01 PM, PsychoBilly zpamh...@gmail.com wrote:

 tss tss
 appearence of a thesis
 but stuffed with approximations
 IE p.15
  and “Unix Terrorist” is likely European. 



 [[   Cal Leeming [Simplicity Media Ltd]   ]] @ [[   17/02/2011 15:01
 ]]--
  I refer everyone to:
 
 
 http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw
  
 http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw
 
 
 

 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Kain, Rebecca (.)

I had sex with him, obviously.  that's how he got my picture to post here
 
-becki
 



From: full-disclosure-boun...@lists.grok.org.uk 
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Cal Leeming 
[Simplicity Media Ltd]
Sent: Thursday, February 17, 2011 10:33 AM
To: PsychoBilly
Cc: fdisclo
Subject: Re: [Full-disclosure]from hbgary: stuxnet, WL attack, Psyop and 
Anonymous trackdown‏


Has anyone here actually met Andrew (if that's his name) irl?


On Thu, Feb 17, 2011 at 3:01 PM, PsychoBilly zpamh...@gmail.com wrote:


tss tss
appearence of a thesis
but stuffed with approximations
IE p.15
 and �Unix Terrorist� is likely European. 



[[ � Cal Leeming [Simplicity Media Ltd] � ]] @ [[ � 17/02/2011 15:01 � 
]]--

 I refer everyone to:

 
http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw
 
http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw




___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread huj huj huj

caldouche that paper is useless
it's tripe in fancy clothes

2011/2/17 Cal Leeming [Simplicity Media Ltd]
cal.leem...@simplicitymedialtd.co.uk

I refer everyone to:

On Thu, Feb 17, 2011 at 1:51 PM, andrew.wallace
andrew.wall...@rocketmail.com wrote:

On Wed, Feb 16, 2011 at 5:54 PM, Old Timer ot48...@gmail.com wrote:
andrew:

Cal is a blackhat with criminal convictions, I hope he is forced from
the
list by an uprising of whitehats.

I'm a whitehat and its upsetting to see the disclosure community being
taken
over by criminals.

Andrew

hahahah

Why don't you have a quick glance at the list charter and see who
founded
this list ? Then go look them up in wikipedia

While yer at it, check out Scott Chasin, who founded bugtraq...

And 8lgm, who were prolific bugtraq posters...

the list goes on and on (and on and on). How old are you, son ?

n3td3v - Brief history of the consortium and timeline

How We Started

* Founded by entrepreneur and IT Security Consultant, Andrew Wallace.

* The aged 30-something year old was born in 1981 and started the
consultancy at the young age of 18.

* n3td3v - IT Security Consultancy was founded in 1999 and helped the
entrepreneur launch his career in IT Security.

* Today, 2011, we are one of the most well known non-profit IT Security
consortia in the UK.

Learn more: https://sites.google.com/site/n3td3v/

Andrew

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Obviously.

On Thu, Feb 17, 2011 at 3:36 PM, Kain, Rebecca (.) bka...@ford.com wrote:

  I had sex with him, obviously.  that's how he got my picture to post here

 -becki


  --
 *From:* full-disclosure-boun...@lists.grok.org.uk [mailto:
 full-disclosure-boun...@lists.grok.org.uk] *On Behalf Of *Cal Leeming
 [Simplicity Media Ltd]
 *Sent:* Thursday, February 17, 2011 10:33 AM
 *To:* PsychoBilly
 *Cc:* fdisclo
 *Subject:* Re: [Full-disclosure]from hbgary: stuxnet, WL attack, Psyop and
 Anonymous trackdown‏

 Has anyone here actually met Andrew (if that's his name) irl?

 On Thu, Feb 17, 2011 at 3:01 PM, PsychoBilly zpamh...@gmail.com wrote:

 tss tss
 appearence of a thesis
 but stuffed with approximations
 IE p.15
  and �Unix Terrorist� is likely European. 



 [[ � Cal Leeming [Simplicity Media Ltd] � ]] @ [[ � 17/02/2011 15:01 �
 ]]--
  I refer everyone to:
 
 
 http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw
  
 http://docs.google.com/viewer?a=vq=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3vhl=engl=ukpid=blsrcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGvsig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw
 
 
 

  ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread James Rankin

I don't want to be invited for cross-dressing talks with you, you delusional
moron

Get back down the pub.

A long way to go? I make good money from my career, matey. (Career. Ever
heard of one?) You on the other hand are firmly wedged in cloud-cuckoo. I
work for the government at the minute, and no-one here has ever heard of
you.

Goodnight.

On 17 February 2011 14:50, andrew.wallace andrew.wall...@rocketmail.comwrote:

 On Thu, Feb 17, 2011 at 2:20 PM, James Rankin kz2...@googlemail.com
 wrote:
  No-one in the UK or UK security community has heard of Nettie or his
  consultancy.
 
  He's just a deluded Jocko pisspot

 I've been a member for the last 12 years and frequent industry conferences
 regularly, as well as chair roundtable discussions between the sectors. I
 doubt you've ever been involved in any of that, because speaking to me in
 the manner you are, you are unlikely to be invited for cross-industry talks
 with anyone.

 Learn to respect others and get on with people instead of posting abusive
 messages to mailing lists, and you may get invited into talks between the
 government and the private sector.

 Judging by your email though it seems you have a long way to go.

 Andrew




-- 
On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question.

*IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is confidential,
privileged or unsuitable for overly sensitive persons with low self-esteem,
no sense of humour or irrational religious beliefs. If you are not the
intended recipient, any dissemination, distribution or copying of this email
is not authorised (either explicitly or implicitly) and constitutes an
irritating social faux pas.

Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal or no
grammatical use and may be ignored. No animals were harmed in the
transmission of this email, although the kelpie next door is living on
borrowed time, let me tell you. Those of you with an overwhelming fear of
the unknown will be gratified to learn that there is no hidden message
revealed by reading this warning backwards, so just ignore that Alert Notice
from Microsoft.

However, by pouring a complete circle of salt around yourself and your
computer you can ensure that no harm befalls you and your pets. If you have
received this email in error, please add some nutmeg and egg whites, whisk
and place in a warm oven for 40 minutes.*
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Eyeballing Weev

My affectionate nickname for you was and currently still is Blowjob Becki

On 02/17/2011 10:36 AM, Kain, Rebecca (.) wrote:
 I had sex with him, obviously. that's how he got my picture to post here
 -becki

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread James Rankin

Do you know what the Atlas project is?

On 17 February 2011 16:26, andrew.wallace andrew.wall...@rocketmail.comwrote:

 On Thu, Feb 17, 2011 at 4:11 PM, James Rankin kz2...@googlemail.com
 wrote:
  I don't want to be invited for cross-dressing talks with you, you
 delusional
  moron
 
  Get back down the pub.
 
  A long way to go? I make good money from my career, matey. (Career. Ever
  heard of one?) You on the other hand are firmly wedged in cloud-cuckoo. I
  work for the government at the minute, and no-one here has ever heard of
  you.
 
  Goodnight.

 Perhaps you work for a local government authority, however you aren't
 involved with any central government organisation in Cheltenham or London.

 The way you talk to people, you are unlikely to be involved in anything
 meaningful within the government, perhaps a local authority though.

 Andrew




-- 
On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question.

*IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is confidential,
privileged or unsuitable for overly sensitive persons with low self-esteem,
no sense of humour or irrational religious beliefs. If you are not the
intended recipient, any dissemination, distribution or copying of this email
is not authorised (either explicitly or implicitly) and constitutes an
irritating social faux pas.

Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal or no
grammatical use and may be ignored. No animals were harmed in the
transmission of this email, although the kelpie next door is living on
borrowed time, let me tell you. Those of you with an overwhelming fear of
the unknown will be gratified to learn that there is no hidden message
revealed by reading this warning backwards, so just ignore that Alert Notice
from Microsoft.

However, by pouring a complete circle of salt around yourself and your
computer you can ensure that no harm befalls you and your pets. If you have
received this email in error, please add some nutmeg and egg whites, whisk
and place in a warm oven for 40 minutes.*
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

I bet you never even used the term local authority until I posted it just
then lol.

As for 'central government organisation' in Cheltenham, you are most
likely referring to GCHQ and/or the new department that was branched off
from it to deal with cyber crime. If this is the case, then you are going to
be taught a very serious lesson from one of the risk assessment officers.
Even hinting that you have involvements with GCHQ outside of you duties
(unless you are an MP making a public statement), is grounds to have your
employment/contract suspended and/or terminated.

Seriously mate, I know the score when it comes to this area, and I don't
even for a second the bullshit you are peddling.

On Thu, Feb 17, 2011 at 4:26 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 4:11 PM, James Rankin kz2...@googlemail.com
 wrote:
  I don't want to be invited for cross-dressing talks with you, you
 delusional
  moron
 
  Get back down the pub.
 
  A long way to go? I make good money from my career, matey. (Career. Ever
  heard of one?) You on the other hand are firmly wedged in cloud-cuckoo. I
  work for the government at the minute, and no-one here has ever heard of
  you.
 
  Goodnight.

 Perhaps you work for a local government authority, however you aren't
 involved with any central government organisation in Cheltenham or London.

 The way you talk to people, you are unlikely to be involved in anything
 meaningful within the government, perhaps a local authority though.

 Andrew


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow

2011-02-17 Thread Georgi Guninski

On Tue, Feb 15, 2011 at 03:00:09AM +1100, Pwned MSRC wrote:
 
 #MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow
 #Release date: 2011-02-14
 #Anonymous Comment: Apologies if this puts a downer on the MSRC valentines
 day sausage fest

coincidences like this make my days, lol :)

good luck.

-- 
joro

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

No, it was you that made suggestions that you potentially did work for the
government.

I cba to argue with your trolling any more dude, go suck a cock :)

On Thu, Feb 17, 2011 at 4:47 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 4:31 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  I bet you never even used the term local authority until I posted it
 just
  then lol.
  As for 'central government organisation' in Cheltenham, you are most
  likely referring to GCHQ and/or the new department that was branched off
  from it to deal with cyber crime. If this is the case, then you are going
 to
  be taught a very serious lesson from one of the risk assessment officers.
  Even hinting that you have involvements with GCHQ outside of you duties
  (unless you are an MP making a public statement), is grounds to have your
  employment/contract suspended and/or terminated.
  Seriously mate, I know the score when it comes to this area, and I don't
  even for a second the bullshit you are peddling.

 I don't have involvement with them, it was James Rankin who was claiming
 to work for the government. However, he hasn't heard of me and I haven't
 heard of him. So its likely he is the one feeding both of us with fairy tale
 stories about his position in government.

 Andrew


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

I disagree. Unless you are the bitch who hands out the tea and biscuits.

On Thu, Feb 17, 2011 at 4:55 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 4:49 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  No, it was you that made suggestions that you potentially did work for
 the
  government.

 Absolutely not, I said I'm the founder of a consortium who meet to have
 roundtable discussions between the public and private sector.

 It's in black and white on our web site.

 Andrew




___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Vulnerability in reCAPTCHA for Drupal

2011-02-17 Thread MustLive

Hello list!

I want to warn you about Insufficient Anti-automation vulnerability in
reCAPTCHA for Drupal.

In project MoBiC in 2007 I already wrote about bypassing of reCaptcha for
Drupal (http://websecurity.com.ua/1505/). This is new method of bypassing
reCaptcha for Drupal.

-
Affected products:
-

Vulnerable are all versions of reCAPTCHA plugin for Captcha module versions
before 6.x-2.3 and 7.x-1.0.

--
Details:
--

Insufficient Anti-automation (WASC-21):

In different forms in Drupal the vulnerable captcha-plugin reCAPTCHA is
using. Drupal's Captcha module is vulnerable itself, so besides reCAPTCHA
other captcha-plugins also can be vulnerable (at that this exploit is a
little different from exploit for default Captcha module for Drupal).

For bypassing of captcha it's needed to use correct value of captcha_sid, at
that it's possible to not answer at captcha (captcha_response) or set any
answer. This method of captcha bypass is described in my project Month of
Bugs in Captchas (http://websecurity.com.ua/1498/). Attack is possible while
this captcha_sid value is active.

Vulnerabilities exist on pages with forms: http://site/contact,
http://site/user/1/contact, http://site/user/password and
http://site/user/register. Other forms where reCAPTCHA is using also will be
vulnerable.

Exploit:

http://websecurity.com.ua/uploads/2011/Drupal%20reCAPTCHA%20bypass.html


Timeline:


2010.12.11 - announced at my site.
2010.12.14 - informed reCAPTCHA developers.
2010.12.14 - informed Google (reCAPTCHA owner).
2011.02.16 - disclosed at my site.

I mentioned about this vulnerability at my site
(http://websecurity.com.ua/4752/).

Best wishes  regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Rankin, James R

That is so rich coming from you. I am not even gonna bother digging up your old 
posts.

Typed frustratingly slowly on my BlackBerry® wireless device

-Original Message-
From: andrew.wallace andrew.wall...@rocketmail.com
Date: Thu, 17 Feb 2011 09:28:42 
To: Cal Leeming \[Simplicity Media Ltd\]cal.leem...@simplicitymedialtd.co.uk
Reply-To: andrew.wallace andrew.wall...@rocketmail.com
Cc: \\\kz2...@googlemail.com\\\kz2...@googlemail.com; 
\\\ot48...@gmail.com\\\ot48...@gmail.com; 
\\\full-disclosure@lists.grok.org.uk\\\full-disclosure@lists.grok.org.uk;
 \\\datski...@gmail.com\\\datski...@gmail.com; 
\\\bka...@ford.com\\\bka...@ford.com; Paul 
Schmehlpschmehl_li...@tx.rr.com
Subject: Re: [Full-disclosure] from hbgary: stuxnet, W
 L attack, Psyop and Anonymous trackdown‏

On Thu, Feb 17, 2011 at 4:27 PM, Paul Schmehl pschmehl_li...@tx.rr.com wrote:
 Does anyone on this list really give a crap that you guys like publicly
 pulling your puds?

 At some point in life, most people grow up.

On Thu, Feb 17, 2011 at 4:57 PM, Cal Leeming [Simplicity Media Ltd] 
cal.leem...@simplicitymedialtd.co.uk wrote:

 I disagree. Unless you are the bitch who hands out the tea and biscuits.

Like Paul said, you have a lot of growing up to do, that's why people want you 
off the list.

Andrew

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

I hope you turn up at my next conference, so I can slap the fuck out of you
in front of everyone.

Little bitch like you would probably go running to the police as well.

On Thu, Feb 17, 2011 at 5:28 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 4:27 PM, Paul Schmehl pschmehl_li...@tx.rr.com
 wrote:
  Does anyone on this list really give a crap that you guys like publicly
  pulling your puds?
 
  At some point in life, most people grow up.

 On Thu, Feb 17, 2011 at 4:57 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  I disagree. Unless you are the bitch who hands out the tea and biscuits.

 Like Paul said, you have a lot of growing up to do, that's why people want
 you off the list.

 Andrew


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Benji

Probably a bad idea to threaten violence, just sayin'

Also what conferences would these be? hak5 learn-to-pwn?

On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity Media Ltd] 
cal.leem...@simplicitymedialtd.co.uk wrote:

 I hope you turn up at my next conference, so I can slap the fuck out of you
 in front of everyone.

 Little bitch like you would probably go running to the police as well.


 On Thu, Feb 17, 2011 at 5:28 PM, andrew.wallace 
 andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 4:27 PM, Paul Schmehl pschmehl_li...@tx.rr.com
 wrote:
  Does anyone on this list really give a crap that you guys like publicly
  pulling your puds?
 
  At some point in life, most people grow up.

 On Thu, Feb 17, 2011 at 4:57 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  I disagree. Unless you are the bitch who hands out the tea and biscuits.

 Like Paul said, you have a lot of growing up to do, that's why people want
 you off the list.

 Andrew



 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

I don't give a fuck tbh, I really don't.

On Thu, Feb 17, 2011 at 5:38 PM, Benji m...@b3nji.com wrote:

 Probably a bad idea to threaten violence, just sayin'

 Also what conferences would these be? hak5 learn-to-pwn?

 On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:

 I hope you turn up at my next conference, so I can slap the fuck out of
 you in front of everyone.

 Little bitch like you would probably go running to the police as well.


 On Thu, Feb 17, 2011 at 5:28 PM, andrew.wallace 
 andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 4:27 PM, Paul Schmehl pschmehl_li...@tx.rr.com
 wrote:
  Does anyone on this list really give a crap that you guys like publicly
  pulling your puds?
 
  At some point in life, most people grow up.

 On Thu, Feb 17, 2011 at 4:57 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  I disagree. Unless you are the bitch who hands out the tea and
 biscuits.

 Like Paul said, you have a lot of growing up to do, that's why people
 want you off the list.

 Andrew



 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread phocean

Can you please stop insulting and using {agressive, immature, sexual...}
oriented words.
Too much is too much. Relax, take a deep breath outside and let's go
back to the real stuff.
Thanks.

Le jeudi 17 février 2011 à 17:38 +, Cal Leeming [Simplicity Media
Ltd] a écrit :
 I don't give a fuck tbh, I really don't.
 
 On Thu, Feb 17, 2011 at 5:38 PM, Benji m...@b3nji.com wrote:
 Probably a bad idea to threaten violence, just sayin'
 
 
 Also what conferences would these be? hak5 learn-to-pwn?
 
 
 On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity Media
 Ltd] cal.leem...@simplicitymedialtd.co.uk wrote:
 
 
 I hope you turn up at my next conference, so I can
 slap the fuck out of you in front of everyone.
 
 
 Little bitch like you would probably go running to the
 police as well.
 
 
 On Thu, Feb 17, 2011 at 5:28 PM, andrew.wallace
 andrew.wall...@rocketmail.com wrote:
 On Thu, Feb 17, 2011 at 4:27 PM, Paul Schmehl
 pschmehl_li...@tx.rr.com wrote:
  Does anyone on this list really give a crap
 that you guys like publicly
  pulling your puds?
 
  At some point in life, most people grow up.
 
 
 On Thu, Feb 17, 2011 at 4:57 PM, Cal Leeming
 [Simplicity Media Ltd]
 cal.leem...@simplicitymedialtd.co.uk wrote:
 
  I disagree. Unless you are the bitch who
 hands out the tea and biscuits.
 
 
 Like Paul said, you have a lot of growing up
 to do, that's why people want you off the
 list.
 
 Andrew
 
 
 
 
 
 
 
 ___
 Full-Disclosure - We believe in it.
 Charter:
 http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/
 
 
 
 
 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [USN-1066-1] Django vulnerabilities

2011-02-17 Thread Jamie Strandboge

===
Ubuntu Security Notice USN-1066-1 February 17, 2011
python-django vulnerabilities
CVE-2011-0696, CVE-2011-0697
===

A security issue affects the following Ubuntu releases:

Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  python-django   1.1.1-1ubuntu1.2

Ubuntu 10.04 LTS:
  python-django   1.1.1-2ubuntu1.3

Ubuntu 10.10:
  python-django   1.2.3-1ubuntu0.2.10.10.2

ATTENTION: This update introduces a small backwards-imcompatible change
to perform full CSRF validation on all requests. Prior to this update,
AJAX requests were excepted from CSRF protections. For more details, please
see http://docs.djangoproject.com/en/1.2/releases/1.2.5/.

In general, a standard system update will make all the necessary changes.

Details follow:

It was discovered that Django did not properly validate HTTP requests that
contain an X-Requested-With header. An attacker could exploit this
vulnerability to perform cross-site request forgery (CSRF) attacks.
(CVE-2011-0696)

It was discovered that Django did not properly sanitize its input when
performing file uploads, resulting in cross-site scripting (XSS)
vulnerabilities. With cross-site scripting vulnerabilities, if a user were
tricked into viewing server output during a crafted server request, a
remote attacker could exploit this to modify the contents, or steal
confidential data, within the same domain. (CVE-2011-0697)


Updated packages for Ubuntu 9.10:

  Source archives:


http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.1.1-1ubuntu1.2.diff.gz
  Size/MD5:23178 9ee3275d17444e0fe9f29b558a50d656

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.1.1-1ubuntu1.2.dsc
  Size/MD5: 2215 9665d3d7efb78757cc7debdd8de52dee

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.1.1.orig.tar.gz
  Size/MD5:  5614106 d7839c192e115f9c4dd8777de24dc21c

  Architecture independent packages:


http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django-doc_1.1.1-1ubuntu1.2_all.deb
  Size/MD5:  1538754 55ff7dfcdb230ee959fab143168fee3d

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.1.1-1ubuntu1.2_all.deb
  Size/MD5:  3905196 27510c2c2b922666858a4e9153edf0bb

Updated packages for Ubuntu 10.04 LTS:

  Source archives:


http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.1.1-2ubuntu1.3.diff.gz
  Size/MD5:46514 cdf31c55963b3a900c532a56ad14ba54

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.1.1-2ubuntu1.3.dsc
  Size/MD5: 2215 4de71582b629ed7c3fe5c3334e1d98aa

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.1.1.orig.tar.gz
  Size/MD5:  5614106 d7839c192e115f9c4dd8777de24dc21c

  Architecture independent packages:


http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django-doc_1.1.1-2ubuntu1.3_all.deb
  Size/MD5:  1538984 ed92fc05b0b71d3adc04b67424198a90

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.1.1-2ubuntu1.3_all.deb
  Size/MD5:  3882040 13e2019e1fa464992f8c68bbc52f4e36

Updated packages for Ubuntu 10.10:

  Source archives:


http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.2.3-1ubuntu0.2.10.10.2.debian.tar.gz
  Size/MD5:27750 df339fbad6cc5389fc4979ea9ef89455

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.2.3-1ubuntu0.2.10.10.2.dsc
  Size/MD5: 2276 6dba452984483a7442de365e451f1fde

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.2.3.orig.tar.gz
  Size/MD5:  6306760 10bfb5831bcb4d3b1e6298d0e41d6603

  Architecture independent packages:


http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django-doc_1.2.3-1ubuntu0.2.10.10.2_all.deb
  Size/MD5:  1895718 bb292031a0bf07b951aea19bf8648e84

http://security.ubuntu.com/ubuntu/pool/main/p/python-django/python-django_1.2.3-1ubuntu0.2.10.10.2_all.deb
  Size/MD5:  4176780 44a6a1e51fc90fd3054ef09a3a2294c8





signature.asc
Description: This is a digitally signed message part
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Considering for the last 18 months my work has been primarily in adult
content, and I have to deal with sexual/immature/aggressive bullshit on a
daily basis, I think this was a reasonable response. lol.

Sometimes, people really do just deserve a slap. Tho, I doubt Andew will
ever surface irl :S

On Thu, Feb 17, 2011 at 5:43 PM, phocean 0...@phocean.net wrote:

 Can you please stop insulting and using {agressive, immature, sexual...}
 oriented words.
 Too much is too much. Relax, take a deep breath outside and let's go
 back to the real stuff.
 Thanks.

 Le jeudi 17 février 2011 à 17:38 +, Cal Leeming [Simplicity Media
 Ltd] a écrit :
  I don't give a fuck tbh, I really don't.
 
  On Thu, Feb 17, 2011 at 5:38 PM, Benji m...@b3nji.com wrote:
  Probably a bad idea to threaten violence, just sayin'
 
 
  Also what conferences would these be? hak5 learn-to-pwn?
 
 
  On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity Media
  Ltd] cal.leem...@simplicitymedialtd.co.uk wrote:
 
 
  I hope you turn up at my next conference, so I can
  slap the fuck out of you in front of everyone.
 
 
  Little bitch like you would probably go running to the
  police as well.
 
 
  On Thu, Feb 17, 2011 at 5:28 PM, andrew.wallace
  andrew.wall...@rocketmail.com wrote:
  On Thu, Feb 17, 2011 at 4:27 PM, Paul Schmehl
  pschmehl_li...@tx.rr.com wrote:
   Does anyone on this list really give a crap
  that you guys like publicly
   pulling your puds?
  
   At some point in life, most people grow up.
 
 
  On Thu, Feb 17, 2011 at 4:57 PM, Cal Leeming
  [Simplicity Media Ltd]
  cal.leem...@simplicitymedialtd.co.uk wrote:
 
   I disagree. Unless you are the bitch who
  hands out the tea and biscuits.
 
 
  Like Paul said, you have a lot of growing up
  to do, that's why people want you off the
  list.
 
  Andrew
 
 
 
 
 
 
 
  ___
  Full-Disclosure - We believe in it.
  Charter:
  http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/
 
 
 
 
  ___
  Full-Disclosure - We believe in it.
  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread phocean

If so, I sincerely feel sorry for you :(
This shit can really destroy your life if you are not careful and loose
sight of important things of life. Good luck !

Le jeudi 17 février 2011 à 17:47 +, Cal Leeming [Simplicity Media
Ltd] a écrit :
 Considering for the last 18 months my work has been primarily in adult
 content, and I have to deal with sexual/immature/aggressive bullshit
 on a daily basis, I think this was a reasonable response. lol. 
 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vulnerability in reCAPTCHA for Drupal

2011-02-17 Thread Eyeballing Weev

It's either he floods f-d with his vulnerabilities or he has to go out 
in the real world to farm dirt for export to the West.

On 02/17/2011 12:54 PM, Zach C. wrote:
 fucking *two days*? Is that even enough time for the vendor to acknowledge?


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vulnerability in reCAPTCHA for Drupal

2011-02-17 Thread Zach C.

fucking *two days*? Is that even enough time for the vendor to acknowledge?
On Feb 17, 2011 9:20 AM, MustLive mustl...@websecurity.com.ua wrote:
 Hello list!

 I want to warn you about Insufficient Anti-automation vulnerability in
 reCAPTCHA for Drupal.

 In project MoBiC in 2007 I already wrote about bypassing of reCaptcha for
 Drupal (http://websecurity.com.ua/1505/). This is new method of bypassing
 reCaptcha for Drupal.

 -
 Affected products:
 -

 Vulnerable are all versions of reCAPTCHA plugin for Captcha module
versions
 before 6.x-2.3 and 7.x-1.0.

 --
 Details:
 --

 Insufficient Anti-automation (WASC-21):

 In different forms in Drupal the vulnerable captcha-plugin reCAPTCHA is
 using. Drupal's Captcha module is vulnerable itself, so besides reCAPTCHA
 other captcha-plugins also can be vulnerable (at that this exploit is a
 little different from exploit for default Captcha module for Drupal).

 For bypassing of captcha it's needed to use correct value of captcha_sid,
at
 that it's possible to not answer at captcha (captcha_response) or set any
 answer. This method of captcha bypass is described in my project Month of
 Bugs in Captchas (http://websecurity.com.ua/1498/). Attack is possible
while
 this captcha_sid value is active.

 Vulnerabilities exist on pages with forms: http://site/contact,
 http://site/user/1/contact, http://site/user/password and
 http://site/user/register. Other forms where reCAPTCHA is using also will
be
 vulnerable.

 Exploit:

 http://websecurity.com.ua/uploads/2011/Drupal%20reCAPTCHA%20bypass.html

 
 Timeline:
 

 2010.12.11 - announced at my site.
 2010.12.14 - informed reCAPTCHA developers.
 2010.12.14 - informed Google (reCAPTCHA owner).
 2011.02.16 - disclosed at my site.

 I mentioned about this vulnerability at my site
 (http://websecurity.com.ua/4752/).

 Best wishes  regards,
 MustLive
 Administrator of Websecurity web site
 http://websecurity.com.ua


 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Ah, now this is a different subject entirely! It suits some, but not
others.

Personally, I think there's nothing better (porn wise) than seeing the sad
look on a dumb broads face after she realized what she's just done. Or even
better, the constant sad look on her face when she's doing the scene, and
you know she's only doing it for the money, and that it's her first time,
and probably her last. Mind you, working on facialabuse.com has pretty much
desensitized me to *everything* (check out the Tecey video, classic
example!). Maybe check out the front page video for
http://bit.ly/1KTVJv(xxxlubetube), I gotta admit that did kinda make
me go eww.

And another thing, no matter how bad a recession is, there will *always* be
a market for sex and porn. No matter if someone loses their job, their home,
their wife and kids etc, their hand and the internet will be a steady friend
for them. It helps save marriages because it gives the individual a means of
escape and fantasy, without resorting to cheating.



On Thu, Feb 17, 2011 at 5:56 PM, phocean 0...@phocean.net wrote:

 If so, I sincerely feel sorry for you :(
 This shit can really destroy your life if you are not careful and loose
 sight of important things of life. Good luck !

 Le jeudi 17 février 2011 à 17:47 +, Cal Leeming [Simplicity Media
 Ltd] a écrit :
  Considering for the last 18 months my work has been primarily in adult
  content, and I have to deal with sexual/immature/aggressive bullshit
  on a daily basis, I think this was a reasonable response. lol.
 


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Thor (Hammer of God)

Suddenly, I see a whole new market for the domain name you and I were going to 
get :)  I need to check on that…
t

From: full-disclosure-boun...@lists.grok.org.uk 
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Cal Leeming 
[Simplicity Media Ltd]
Sent: Thursday, February 17, 2011 10:06 AM
To: phocean
Cc: full-disclosure@lists.grok.org.uk; andrew.wallace
Subject: [Full-disclosure] (this thread is now about porn).‏

Ah, now this is a different subject entirely! It suits some, but not others.

Personally, I think there's nothing better (porn wise) than seeing the sad look 
on a dumb broads face after she realized what she's just done. Or even better, 
the constant sad look on her face when she's doing the scene, and you know 
she's only doing it for the money, and that it's her first time, and probably 
her last. Mind you, working on facialabuse.comhttp://facialabuse.com has 
pretty much desensitized me to *everything* (check out the Tecey video, classic 
example!). Maybe check out the front page video for http://bit.ly/1KTVJv 
(xxxlubetube), I gotta admit that did kinda make me go eww.

And another thing, no matter how bad a recession is, there will *always* be a 
market for sex and porn. No matter if someone loses their job, their home, 
their wife and kids etc, their hand and the internet will be a steady friend 
for them. It helps save marriages because it gives the individual a means of 
escape and fantasy, without resorting to cheating.

On Thu, Feb 17, 2011 at 5:56 PM, phocean 
0...@phocean.netmailto:0...@phocean.net wrote:
If so, I sincerely feel sorry for you :(
This shit can really destroy your life if you are not careful and loose
sight of important things of life. Good luck !

Le jeudi 17 février 2011 à 17:47 +, Cal Leeming [Simplicity Media
Ltd] a écrit :
 Considering for the last 18 months my work has been primarily in adult
 content, and I have to deal with sexual/immature/aggressive bullshit
 on a daily basis, I think this was a reasonable response. lol.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

i.just.watched.a.dumb.broad.get.owned.at.facialabuse.com

Maybe if I ask the client reallly nicely, he'll let me add that A record
:D

2011/2/17 Thor (Hammer of God) t...@hammerofgod.com

  Suddenly, I see a whole new market for the domain name you and I were
 going to get J  I need to check on that…

 t



 *From:* full-disclosure-boun...@lists.grok.org.uk [mailto:
 full-disclosure-boun...@lists.grok.org.uk] *On Behalf Of *Cal Leeming
 [Simplicity Media Ltd]
 *Sent:* Thursday, February 17, 2011 10:06 AM
 *To:* phocean
 *Cc:* full-disclosure@lists.grok.org.uk; andrew.wallace
 *Subject:* [Full-disclosure] (this thread is now about porn).‏



 Ah, now this is a different subject entirely! It suits some, but not
 others.



 Personally, I think there's nothing better (porn wise) than seeing the sad
 look on a dumb broads face after she realized what she's just done. Or even
 better, the constant sad look on her face when she's doing the scene, and
 you know she's only doing it for the money, and that it's her first time,
 and probably her last. Mind you, working on facialabuse.com has pretty
 much desensitized me to *everything* (check out the Tecey video, classic
 example!). Maybe check out the front page video for 
 http://bit.ly/1KTVJv(xxxlubetube), I gotta admit that did kinda make me go 
 eww.



 And another thing, no matter how bad a recession is, there will *always* be
 a market for sex and porn. No matter if someone loses their job, their home,
 their wife and kids etc, their hand and the internet will be a steady friend
 for them. It helps save marriages because it gives the individual a means of
 escape and fantasy, without resorting to cheating.







 On Thu, Feb 17, 2011 at 5:56 PM, phocean 0...@phocean.net wrote:

 If so, I sincerely feel sorry for you :(
 This shit can really destroy your life if you are not careful and loose
 sight of important things of life. Good luck !

 Le jeudi 17 février 2011 à 17:47 +, Cal Leeming [Simplicity Media
 Ltd] a écrit :

  Considering for the last 18 months my work has been primarily in adult
  content, and I have to deal with sexual/immature/aggressive bullshit
  on a daily basis, I think this was a reasonable response. lol.
 



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

2011-02-17 Thread Benji

What conferences though?

On Thu, Feb 17, 2011 at 5:38 PM, Cal Leeming [Simplicity Media Ltd] 
cal.leem...@simplicitymedialtd.co.uk wrote:

 I don't give a fuck tbh, I really don't.


 On Thu, Feb 17, 2011 at 5:38 PM, Benji m...@b3nji.com wrote:

 Probably a bad idea to threaten violence, just sayin'

 Also what conferences would these be? hak5 learn-to-pwn?

 On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:

 I hope you turn up at my next conference, so I can slap the fuck out of
 you in front of everyone.

 Little bitch like you would probably go running to the police as well.


 On Thu, Feb 17, 2011 at 5:28 PM, andrew.wallace 
 andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 4:27 PM, Paul Schmehl pschmehl_li...@tx.rr.com
 wrote:
  Does anyone on this list really give a crap that you guys like
 publicly
  pulling your puds?
 
  At some point in life, most people grow up.

 On Thu, Feb 17, 2011 at 4:57 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  I disagree. Unless you are the bitch who hands out the tea and
 biscuits.

 Like Paul said, you have a lot of growing up to do, that's why people
 want you off the list.

 Andrew



 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/




___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Prominent figure? LMFAO. As for threat of violence, go suck my nice juicy
hairy ball sack :)



 On Thu, Feb 17, 2011 at 6:19 PM, andrew.wallace 
 andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 6:05 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  Ah, now this is a different subject entirely! It suits some, but not
  others.

 Are you trying to distract the many police forces throughout the UK who
 are subscribed to the list that you made a threat of violence towards a
 prominent figure in the security community?

 On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  I hope you turn up at my next conference, so I can slap the fuck out of
 you
  in front of everyone.
  Little bitch like you would probably go running to the police as well.

 Obviously, criminals are reported to the police. The problem here is, this
 list is already populated with police forces throughout the UK.

 They may even ask me to attend the next conference you appear at, and then
 cuff you as soon as you lay a hand on me.

 Cal Leeming, the so-called reformed criminal ends up back in court and
 infront of the media glare.

 Andrew




___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vulnerability in reCAPTCHA for Drupal

2011-02-17 Thread Zach C.

Well, just playing devil's advocate here, mind you, I think much of the
irritation from MustLive's postings comes from the following three reasons:

1.) MustLive is primarily a web-application specialist (for the sake of
argument)
2.) The vulnerabilities he finds are of a class of vulnerabilities that are
most common in his field. (Consider: someone searching for vulnerabilities
in internet services directly and doing the binary analysis will primarily
be finding buffer or stack overflows, right? In web security, XSS and SQL
injection (as well as others I'm undoubtedly forgetting -- I am *NOT*
counting not using a CAPTCHA here, see next item) are the most common
vulnerabilities, given the lack of binary code to overwrite)
3.) Every so often he posts a vulnerability of questionable risk in the form
of anti-automation which is essentially a fancy way of saying ha ha they
don't use CAPTCHA. I don't consider that a vulnerability so much as an
opening for annoyance; I suppose your mileage may vary.

My guess is that there's a thought that web apps are far easier to crack at
than binaries, so vulnerabilities are easier to find, therefore don't waste
time finding something that's useless. That may be, in some cases, but
sometimes a vulnerability in the web app destroys the entire chain, so to
speak.

Thoughts?

-Zach

(P.S. Still just playing devil's advocate; sometimes they get to annoy the
crap out of me too.)



On Thu, Feb 17, 2011 at 9:57 AM, Eyeballing Weev
eyeballing.w...@gmail.comwrote:

 It's either he floods f-d with his vulnerabilities or he has to go out
 in the real world to farm dirt for export to the West.

 On 02/17/2011 12:54 PM, Zach C. wrote:
  fucking *two days*? Is that even enough time for the vendor to
 acknowledge?
 

 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Seems this has now gone very very very far off topic.

Here's two more great links:

(non porn but amusing) http://bit.ly/e7duHa
(great episode (tecey) from facialabuse) http://bit.ly/fTXhF6
(another great episode from facialabuse) http://bit.ly/fgrMb7

Embrace it /b/rothers :D

On Thu, Feb 17, 2011 at 6:05 PM, Cal Leeming [Simplicity Media Ltd] 
cal.leem...@simplicitymedialtd.co.uk wrote:

 Ah, now this is a different subject entirely! It suits some, but not
 others.

 Personally, I think there's nothing better (porn wise) than seeing the sad
 look on a dumb broads face after she realized what she's just done. Or even
 better, the constant sad look on her face when she's doing the scene, and
 you know she's only doing it for the money, and that it's her first time,
 and probably her last. Mind you, working on facialabuse.com has pretty
 much desensitized me to *everything* (check out the Tecey video, classic
 example!). Maybe check out the front page video for 
 http://bit.ly/1KTVJv(xxxlubetube), I gotta admit that did kinda make me go 
 eww.

 And another thing, no matter how bad a recession is, there will *always* be
 a market for sex and porn. No matter if someone loses their job, their home,
 their wife and kids etc, their hand and the internet will be a steady friend
 for them. It helps save marriages because it gives the individual a means of
 escape and fantasy, without resorting to cheating.



 On Thu, Feb 17, 2011 at 5:56 PM, phocean 0...@phocean.net wrote:

 If so, I sincerely feel sorry for you :(
 This shit can really destroy your life if you are not careful and loose
 sight of important things of life. Good luck !

 Le jeudi 17 février 2011 à 17:47 +, Cal Leeming [Simplicity Media
 Ltd] a écrit :
  Considering for the last 18 months my work has been primarily in adult
  content, and I have to deal with sexual/immature/aggressive bullshit
  on a daily basis, I think this was a reasonable response. lol.
 



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

HOLY SHIT.

Most awesome idea ever.

Every time Andrew posts, I'll respond with more epic porn clips, each more
shocking than the last. For every cloud has a silver lining? :D

On Thu, Feb 17, 2011 at 6:19 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 6:05 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  Ah, now this is a different subject entirely! It suits some, but not
  others.

 Are you trying to distract the many police forces throughout the UK who are
 subscribed to the list that you made a threat of violence towards a
 prominent figure in the security community?

 On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  I hope you turn up at my next conference, so I can slap the fuck out of
 you
  in front of everyone.
  Little bitch like you would probably go running to the police as well.

 Obviously, criminals are reported to the police. The problem here is, this
 list is already populated with police forces throughout the UK.

 They may even ask me to attend the next conference you appear at, and then
 cuff you as soon as you lay a hand on me.

 Cal Leeming, the so-called reformed criminal ends up back in court and
 infront of the media glare.

 Andrew



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [USN-1067-1] Telepathy Gabble vulnerability

2011-02-17 Thread Jamie Strandboge

===
Ubuntu Security Notice USN-1067-1 February 17, 2011
telepathy-gabble vulnerability
https://launchpad.net/bugs/720201
===

A security issue affects the following Ubuntu releases:

Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  telepathy-gabble0.8.7-1ubuntu1.1

Ubuntu 10.04 LTS:
  telepathy-gabble0.8.12-0ubuntu1.1

Ubuntu 10.10:
  telepathy-gabble0.10.0-1ubuntu0.1

After a standard system update you need to restart your session to make all
the necessary changes.

Details follow:

It was discovered that Gabble did not verify the from field of google
jingleinfo updates. This could allow a remote attacker to perform man
in the middle attacks (MITM) on streamed media.


Updated packages for Ubuntu 9.10:

  Source archives:


http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7-1ubuntu1.1.diff.gz
  Size/MD5:13990 351f08742f5f0ef7f90e8a750578e4e6

http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7-1ubuntu1.1.dsc
  Size/MD5: 2553 6eac46deafcf04a43accfc7fb1a07b3a

http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7.orig.tar.gz
  Size/MD5:  1480819 1ab5505b5410f79438a886097db7c16e

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):


http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble-dbg_0.8.7-1ubuntu1.1_amd64.deb
  Size/MD5:   649224 9a4782cfa2df697de06fa11eb9151e87

http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7-1ubuntu1.1_amd64.deb
  Size/MD5:   365310 3c03bc122de9118996c8c6d70f6609f7

  i386 architecture (x86 compatible Intel/AMD):


http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble-dbg_0.8.7-1ubuntu1.1_i386.deb
  Size/MD5:   628852 55d4d2714a44cf52a54b525528dbea1d

http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7-1ubuntu1.1_i386.deb
  Size/MD5:   337922 bfec94d872420b6fac30c01477497a09

  armel architecture (ARM Architecture):


http://ports.ubuntu.com/pool/main/t/telepathy-gabble/telepathy-gabble-dbg_0.8.7-1ubuntu1.1_armel.deb
  Size/MD5:   628220 a615df74072df46b513da927f31ee019

http://ports.ubuntu.com/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7-1ubuntu1.1_armel.deb
  Size/MD5:   346390 7e527b84cc82934ef364827625c0677e

  lpia architecture (Low Power Intel Architecture):


http://ports.ubuntu.com/pool/main/t/telepathy-gabble/telepathy-gabble-dbg_0.8.7-1ubuntu1.1_lpia.deb
  Size/MD5:   643428 482b5341331957a169a1bf41366c840f

http://ports.ubuntu.com/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7-1ubuntu1.1_lpia.deb
  Size/MD5:   328280 c04413760c8c1d0d5c522e0b80218166

  powerpc architecture (Apple Macintosh G3/G4/G5):


http://ports.ubuntu.com/pool/main/t/telepathy-gabble/telepathy-gabble-dbg_0.8.7-1ubuntu1.1_powerpc.deb
  Size/MD5:   655522 47807b94c25c2e3c294b178c05cdf847

http://ports.ubuntu.com/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7-1ubuntu1.1_powerpc.deb
  Size/MD5:   345494 45e6da12c8d0e66946550515d701bfd5

  sparc architecture (Sun SPARC/UltraSPARC):


http://ports.ubuntu.com/pool/main/t/telepathy-gabble/telepathy-gabble-dbg_0.8.7-1ubuntu1.1_sparc.deb
  Size/MD5:   583200 96d0f25f7d139fab0ea9efcaff56d2e2

http://ports.ubuntu.com/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.7-1ubuntu1.1_sparc.deb
  Size/MD5:   331466 514a0c9dce3af6e618330fa221b00c4f

Updated packages for Ubuntu 10.04 LTS:

  Source archives:


http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.12-0ubuntu1.1.diff.gz
  Size/MD5:10969 bced372df48c20f3c8f19a61c5511057

http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.12-0ubuntu1.1.dsc
  Size/MD5: 2580 7b16f1de82f1577bf264330c17d164a2

http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.12.orig.tar.gz
  Size/MD5:  1520808 c344165154fe1642bd176e9a38e9ecce

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):


http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble-dbg_0.8.12-0ubuntu1.1_amd64.deb
  Size/MD5:   658714 7456b882950cd45d3cfd9c438aec4a31

http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble_0.8.12-0ubuntu1.1_amd64.deb
  Size/MD5:   374550 7cc95dfcbdd3dedce37fc42559cf9bc6

  i386 architecture (x86 compatible Intel/AMD):


http://security.ubuntu.com/ubuntu/pool/main/t/telepathy-gabble/telepathy-gabble-dbg_0.8.12-0ubuntu1.1_i386.deb

[Full-disclosure] Vulnerability is in response

2011-02-17 Thread Григорий Братислава

Hello full-disclosure!!

I is like to warn you about rhetoric and annoyance nuisance. Is once
upon a time MustLive has maybe is one exploit to is make me say черт
возьми! howisever MustLive is how you say? pička in Crotia.

Is I top post for annoy:

1) MustLive is lonely pička with is one to many copy of cracked
Accunetix is run in background to report to full disclosure (hi is
look at me, I find vuln no one is care about!!)

2) Is vuln he find are old news to many who choose is not to release
lame advisory (is especially those future advisory of his)

3) Is every so often I is want to kick him in teeth and say is shut
up puto sucio

Your guess is wrong. MustLive is point and click-kiddiot (TM;) who is
never discovery real vulnerability and is not even know what is EAX
(is hint not to be confused with is LAX airport)

4) Is stop feeding troll

On Thu, Feb 17, 2011 at 1:29 PM, Zach C. fxc...@gmail.com wrote:
 Well, just playing devil's advocate here, mind you, I think much of the
 irritation from MustLive's postings comes from the following three reasons:

 1.) MustLive is primarily a web-application specialist (for the sake of
 argument)
 2.) The vulnerabilities he finds are of a class of vulnerabilities that are
 most common in his field. (Consider: someone searching for vulnerabilities
 in internet services directly and doing the binary analysis will primarily
 be finding buffer or stack overflows, right? In web security, XSS and SQL
 injection (as well as others I'm undoubtedly forgetting -- I am *NOT*
 counting not using a CAPTCHA here, see next item) are the most common
 vulnerabilities, given the lack of binary code to overwrite)
 3.) Every so often he posts a vulnerability of questionable risk in the form
 of anti-automation which is essentially a fancy way of saying ha ha they
 don't use CAPTCHA. I don't consider that a vulnerability so much as an
 opening for annoyance; I suppose your mileage may vary.

 My guess is that there's a thought that web apps are far easier to crack at
 than binaries, so vulnerabilities are easier to find, therefore don't waste
 time finding something that's useless. That may be, in some cases, but
 sometimes a vulnerability in the web app destroys the entire chain, so to
 speak.

 Thoughts?

 -Zach

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability

2011-02-17 Thread ZDI Disclosures

ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability

http://www.zerodayinitiative.com/advisories/ZDI-11-089

February 17, 2011

-- CVE ID:
CVE-2010-4323 

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
Novell

-- Affected Products:
Novell Zenworks

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 2132. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Novell Zenworks Configuration Manager. 
Authentication is not required to exploit this vulnerability. 

The flaw exists within the novell-tftp.exe component which listens by
default on UDP port 69. When handling a request the process blindly
copies user supplied data into a fixed-length buffer on the heap. A
remote attacker can exploit this vulnerability to execute arbitrary code
under the context of the ZenWorks user.

-- Vendor Response:
Novell has issued an update to correct this vulnerability. More
details can be found at:

http://www.novell.com/support/php/search.do?cmd=displayKCamp;docType=kcamp;externalId=7007896amp;sliceId=2amp;docTypeID=DT_TID_1_1amp;dialogID=205671351amp;stateId=0%200%20205669596

-- Disclosure Timeline:
2010-08-23 - Vulnerability reported to vendor
2011-02-17 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Francis Provencher for Protek Researchh Lab#39;s
* AbdulAziz Hariri of ThirdEyeTesters
* SilentSignal

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/

Follow the ZDI on Twitter:

http://twitter.com/thezdi

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

True to my word, here is the first (hopefully of many) every cloud has a
silver lining posts. (everytime Andrew posts more faggotry, I will treat
you all to decent porn!)

I present to you, Gagging Report videos (user submitted!)

http://bit.ly/fneO2U

Enjoy!

On Thu, Feb 17, 2011 at 8:09 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 Just do yourself a favour, leave the disclosure community for good like
 you've been requested so many times to do.

 Myself and any law enforcement folks reading the list won't bother pursuing
 your threats of violence further if you stop now.

 It's your choice, the ball is completely in your court in which direction
 you wish to go in life from now onwards.

 You can stop posting now and get on with the rest of your career, or you
 can continue on this same path.

 This list isn't a joke around like you seem to treat it, we are serious
 people with serious concerns.

 Andrew

 On Thu, Feb 17, 2011 at 6:24 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  Prominent figure? LMFAO.

 
  On Thu, Feb 17, 2011 at 6:19 PM, andrew.wallace
  andrew.wall...@rocketmail.com wrote:
 
  On Thu, Feb 17, 2011 at 6:05 PM, Cal Leeming [Simplicity Media Ltd]
  cal.leem...@simplicitymedialtd.co.uk wrote:
   Ah, now this is a different subject entirely! It suits some, but not
   others.
 
  Are you trying to distract the many police forces throughout the UK who
  are subscribed to the list that you made a threat of violence towards a
  prominent figure in the security community?
 
  On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity Media Ltd]
  cal.leem...@simplicitymedialtd.co.uk wrote:
   I hope you turn up at my next conference, so I can slap the fuck out
 of
   you
   in front of everyone.
   Little bitch like you would probably go running to the police as
 well.
 
  Obviously, criminals are reported to the police. The problem here is,
  this list is already populated with police forces throughout the UK.
 
  They may even ask me to attend the next conference you appear at, and
  then cuff you as soon as you lay a hand on me.
 
  Cal Leeming, the so-called reformed criminal ends up back in court and
  infront of the media glare.
 
  Andrew


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

LOL, Andrew at this rate this is gonna turn into full-*dick*losure!

Here you go /b/rothers:

http://bit.ly/g4DUr5

Red head, 19f, not the prettiest painting, but a damn good show.

On Thu, Feb 17, 2011 at 8:30 PM, andrew.wallace 
andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 8:13 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  True to my word, here is the first (hopefully of many) every cloud has a
  silver lining posts. (everytime Andrew posts more faggotry, I will treat
  you all to decent porn!)
  I present to you, Gagging Report videos (user submitted!)
  http://bit.ly/fneO2U
  Enjoy!
 

 You're just going to end up being arrested for not only making a threat of
 violence, but also spamming the list with unsolicited porn.

 I was throwing you a life line but you chose to throw it back in our faces.

 Andrew


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vulnerability in reCAPTCHA for Drupal

2011-02-17 Thread Michele Orru



  
  
If you thing that some statements from MustLive like the following:

"
Full path disclosure (WASC-13):

At POST request to the page with form with using of Cyrillic char in
parameter op, the error message is showing, which consists the full path on
the system.

Vulnerabilities exist at pages: http://site/user/, http://site/user/1/edit,
http://site/user/password, http://site/user/register, http://site/contact,
http://site/user/1/contact. Other pages which have forms also can be
vulnerable.

Exploit:

http://websecurity.com.ua/uploads/2011/Drupal%20Full%20path%20disclosure.html

As noted Drupal developers, these vulnerabilities appear due to turned on
debugging option in administrator panel. So for preventing of these and
other FPD at the site it's needed to turn off this option.

"
are not hilarious, then you're a really noob.
I mean, every Drupal user knows that the default path to register a
new user is user/register,
or that the default admin account is reachable at user/1, or that
the contact form is at the contact URI.

These are not vulnerabilities, and this is one of the many reasons
why almost no-one in FD
read his "advisories" and flag his address as spam :)

antisnatchor

  

  
  

  

Zach C.
  February 17, 2011 7:29 PM
  

  
  
Well, just playing devil's advocate here, mind you, I think much
of the irritation from MustLive's postings comes from the
following three reasons:

1.) MustLive is primarily a web-application specialist (for the
sake of argument)
2.) The vulnerabilities he finds are of a class of
vulnerabilities that are most common in his field. (Consider:
someone searching for vulnerabilities in internet services
directly and doing the binary analysis will primarily be finding
buffer or stack overflows, right? In web security, XSS and SQL
injection (as well as others I'm undoubtedly forgetting -- I am
*NOT* counting "not using a CAPTCHA" here, see next item) are
the most common vulnerabilities, given the lack of binary code
to overwrite)
3.) Every so often he posts a vulnerability of questionable risk
in the form of "anti-automation" which is essentially a fancy
way of saying "ha ha they don't use CAPTCHA." I don't consider
that a vulnerability so much as an opening for annoyance; I
suppose your mileage may vary. 

My guess is that there's a thought that web apps are far easier
to crack at than binaries, so vulnerabilities are easier to
find, therefore don't waste time finding something that's
"useless." That may be, in some cases, but sometimes a
vulnerability in the web app destroys the entire chain, so to
speak. 

Thoughts?

-Zach

(P.S. Still just playing devil's advocate; sometimes they get to
annoy the crap out of me too.)




___
  Full-Disclosure - We believe in it.
  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/

  
  

  

Eyeballing Weev
  February 17, 2011 6:57 PM
  

  
  
It's either he floods f-d with his "vulnerabilities" or he
  has to go out 
  in the real world to farm dirt for export to the West.


  ___
  Full-Disclosure - We believe in it.
  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/


  
  

  

Zach C.
  February 17, 2011 6:54 PM
  

  
  
fucking *two days*? Is that even enough time for the vendor
  to acknowledge?
___
  Full-Disclosure - We believe in it.
  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/

  
  

  

MustLive
  February 17, 2011 6:18 PM
  

  
  
Hello list!
  
  I want to warn you about Insufficient Anti-automation
  vulnerability in
  reCAPTCHA for Drupal.
  
  In project MoBiC in 2007 I already wrote about bypassing of
  reCaptcha for
  Drupal (http://websecurity.com.ua/1505/). This is new method
  of bypassing

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Thor (Hammer of God)

Nice.  Now you are attempting to distribute “Pornpop.A” spyware to us?  Arse!
t

From: full-disclosure-boun...@lists.grok.org.uk 
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Cal Leeming 
[Simplicity Media Ltd]
Sent: Thursday, February 17, 2011 12:36 PM
To: andrew.wallace
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] (this thread is now about porn).‏

LOL, Andrew at this rate this is gonna turn into full-dicklosure!

Here you go /b/rothers:

http://bit.ly/g4DUr5

Red head, 19f, not the prettiest painting, but a damn good show.
On Thu, Feb 17, 2011 at 8:30 PM, andrew.wallace 
andrew.wall...@rocketmail.commailto:andrew.wall...@rocketmail.com wrote:
On Thu, Feb 17, 2011 at 8:13 PM, Cal Leeming [Simplicity Media Ltd] 
cal.leem...@simplicitymedialtd.co.ukmailto:cal.leem...@simplicitymedialtd.co.uk
 wrote:
 True to my word, here is the first (hopefully of many) every cloud has a
 silver lining posts. (everytime Andrew posts more faggotry, I will treat
 you all to decent porn!)
 I present to you, Gagging Report videos (user submitted!)
 http://bit.ly/fneO2U
 Enjoy!

You're just going to end up being arrested for not only making a threat of 
violence, but also spamming the list with unsolicited porn.

I was throwing you a life line but you chose to throw it back in our faces.

Andrew

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Ah, yeah motherless aren't very careful with who they allow to advertise on
the site. A decent IDS (Avira on Windows is pretty good) usually stops most
of the nasty drive by kits that end up in there.

2011/2/17 Thor (Hammer of God) t...@hammerofgod.com

  Nice.  Now you are attempting to distribute “Pornpop.A” spyware to us?
 Arse!

 t



 *From:* full-disclosure-boun...@lists.grok.org.uk [mailto:
 full-disclosure-boun...@lists.grok.org.uk] *On Behalf Of *Cal Leeming
 [Simplicity Media Ltd]
 *Sent:* Thursday, February 17, 2011 12:36 PM
 *To:* andrew.wallace

 *Cc:* full-disclosure@lists.grok.org.uk
 *Subject:* Re: [Full-disclosure] (this thread is now about porn).‏



 LOL, Andrew at this rate this is gonna turn into full-*dick*losure!



 Here you go /b/rothers:



 http://bit.ly/g4DUr5



 Red head, 19f, not the prettiest painting, but a damn good show.

 On Thu, Feb 17, 2011 at 8:30 PM, andrew.wallace 
 andrew.wall...@rocketmail.com wrote:

 On Thu, Feb 17, 2011 at 8:13 PM, Cal Leeming [Simplicity Media Ltd] 
 cal.leem...@simplicitymedialtd.co.uk wrote:
  True to my word, here is the first (hopefully of many) every cloud has a
  silver lining posts. (everytime Andrew posts more faggotry, I will treat
  you all to decent porn!)
  I present to you, Gagging Report videos (user submitted!)
  http://bit.ly/fneO2U
  Enjoy!
 

 You're just going to end up being arrested for not only making a threat of
 violence, but also spamming the list with unsolicited porn.

 I was throwing you a life line but you chose to throw it back in our faces.

 Andrew





___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vulnerability in reCAPTCHA for Drupal

2011-02-17 Thread Valdis . Kletnieks

On Thu, 17 Feb 2011 21:39:49 +0100, Michele Orru said:

 I mean, every Drupal user knows that the default path to register a new 
 user is user/register,
 or that the default admin account is reachable at user/1, or that the 
 contact form is at the contact URI.

Yes, but that's the *URL PATH*.  What's the full path *on the filesystem*?
Is it /opt/drupal/user/register?  Or did they stick it in /usr/local/drupal?
Or somewhere else?  This actually matters if you're trying to do
a tree traversal exploit like ../../../path/to/drupal/install/ - or if
you *thought* you had configured your system so it wouldn't leak full
pathnames so skiddies couldn't abuse tree traversal exploits.


pgpagQyFZkMJ6.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread phocean

I never thought I would agree with Andrew some day, but that's done.
Don't you understand that you are killing FD or is it what you want?
We are not here for porn! You may be sick and think like anyone is like
you, but believe me, there are people who don't want of it and live very
well without. So respect others and stop this madness.
By the way, who asked for moderation recently ?

Le jeudi 17 février 2011 à 20:13 +, Cal Leeming [Simplicity Media
Ltd] a écrit :
 True to my word, here is the first (hopefully of many) every cloud
 has a silver lining posts. (everytime Andrew posts more faggotry, I
 will treat you all to decent porn!)
 
 
 I present to you, Gagging Report videos (user submitted!)
 
 
 http://bit.ly/fneO2U
 
 
 Enjoy!
 
 On Thu, Feb 17, 2011 at 8:09 PM, andrew.wallace
 andrew.wall...@rocketmail.com wrote:
 Just do yourself a favour, leave the disclosure community for
 good like you've been requested so many times to do.
 
 Myself and any law enforcement folks reading the list won't
 bother pursuing your threats of violence further if you stop
 now.
 
 It's your choice, the ball is completely in your court in
 which direction you wish to go in life from now onwards.
 
 You can stop posting now and get on with the rest of your
 career, or you can continue on this same path.
 
 This list isn't a joke around like you seem to treat it, we
 are serious people with serious concerns.
 
 Andrew
 
 On Thu, Feb 17, 2011 at 6:24 PM, Cal Leeming [Simplicity Media
 Ltd] cal.leem...@simplicitymedialtd.co.uk wrote:
  Prominent figure? LMFAO.
 
 
  On Thu, Feb 17, 2011 at 6:19 PM, andrew.wallace
  andrew.wall...@rocketmail.com wrote:
 
  On Thu, Feb 17, 2011 at 6:05 PM, Cal Leeming [Simplicity
 Media Ltd]
  cal.leem...@simplicitymedialtd.co.uk wrote:
   Ah, now this is a different subject entirely! It suits
 some, but not
   others.
 
  Are you trying to distract the many police forces
 throughout the UK who
  are subscribed to the list that you made a threat of
 violence towards a
  prominent figure in the security community?
 
  On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity
 Media Ltd]
  cal.leem...@simplicitymedialtd.co.uk wrote:
   I hope you turn up at my next conference, so I can slap
 the fuck out of
   you
   in front of everyone.
   Little bitch like you would probably go running to the
 police as well.
 
  Obviously, criminals are reported to the police. The
 problem here is,
  this list is already populated with police forces
 throughout the UK.
 
  They may even ask me to attend the next conference you
 appear at, and
  then cuff you as soon as you lay a hand on me.
 
  Cal Leeming, the so-called reformed criminal ends up back
 in court and
  infront of the media glare.
 
  Andrew
 
 
 
 
 
 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Valdis . Kletnieks

On Thu, 17 Feb 2011 22:44:37 +0100, phocean said:
 I never thought I would agree with Andrew some day, but that's done.
 Don't you understand that you are killing FD or is it what you want?

You *do* realize we have very little proof that the entity posting
as Cal isn't a sock puppet of Andrew's creation, to further his vendetta
against full disclosure because it helps the cyber-terrorists?  It's the
sort of thing that one of England's top cyber-security experts would do,
isn't it? :)


pgpqv72EhP8Ec.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Andrew Kirch

On 2/17/2011 5:04 PM, valdis.kletni...@vt.edu wrote:
 It's the
 sort of thing that one of England's top cyber-security experts would do,
 isn't it? :)
ex meaning former and spert meaning a sudden short burst?  Aptly
describes Mr Wallace.

Andrew

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn) .‏

2011-02-17 Thread Rankin, James R

I am an alter ego of netty's that he has invented to argue with in case the 
voices in his head stop talking about national security

Typed frustratingly slowly on my BlackBerry® wireless device

-Original Message-
From: valdis.kletni...@vt.edu
Sender: full-disclosure-boun...@lists.grok.org.uk
Date: Thu, 17 Feb 2011 17:04:25 
To: phocean0...@phocean.net
Cc: full-disclosure@lists.grok.org.ukfull-disclosure@lists.grok.org.uk; 
andrew.wallaceandrew.wall...@rocketmail.com
Subject: Re: [Full-disclosure]
(this thread is now about porn) .

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread William Warren

On 2/17/2011 4:44 PM, phocean wrote:
 I never thought I would agree with Andrew some day, but that's done.
 Don't you understand that you are killing FD or is it what you want?
 We are not here for porn! You may be sick and think like anyone is like
 you, but believe me, there are people who don't want of it and live very
 well without. So respect others and stop this madness.
 By the way, who asked for moderation recently ?

 Le jeudi 17 février 2011 à 20:13 +, Cal Leeming [Simplicity Media
 Ltd] a écrit :
 True to my word, here is the first (hopefully of many) every cloud
 has a silver lining posts. (everytime Andrew posts more faggotry, I
 will treat you all to decent porn!)


 I present to you, Gagging Report videos (user submitted!)


 http://bit.ly/fneO2U


 Enjoy!

 On Thu, Feb 17, 2011 at 8:09 PM, andrew.wallace
 andrew.wall...@rocketmail.com  wrote:
  Just do yourself a favour, leave the disclosure community for
  good like you've been requested so many times to do.

  Myself and any law enforcement folks reading the list won't
  bother pursuing your threats of violence further if you stop
  now.

  It's your choice, the ball is completely in your court in
  which direction you wish to go in life from now onwards.

  You can stop posting now and get on with the rest of your
  career, or you can continue on this same path.

  This list isn't a joke around like you seem to treat it, we
  are serious people with serious concerns.

  Andrew

  On Thu, Feb 17, 2011 at 6:24 PM, Cal Leeming [Simplicity Media
  Ltd]cal.leem...@simplicitymedialtd.co.uk  wrote:
Prominent figure? LMFAO.

  
On Thu, Feb 17, 2011 at 6:19 PM, andrew.wallace
andrew.wall...@rocketmail.com  wrote:
  
On Thu, Feb 17, 2011 at 6:05 PM, Cal Leeming [Simplicity
  Media Ltd]
cal.leem...@simplicitymedialtd.co.uk  wrote:
  Ah, now this is a different subject entirely! It suits
  some, but not
  others.
  
Are you trying to distract the many police forces
  throughout the UK who
are subscribed to the list that you made a threat of
  violence towards a
prominent figure in the security community?
  
On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity
  Media Ltd]
cal.leem...@simplicitymedialtd.co.uk  wrote:
  I hope you turn up at my next conference, so I can slap
  the fuck out of
  you
  in front of everyone.
  Little bitch like you would probably go running to the
  police as well.
  
Obviously, criminals are reported to the police. The
  problem here is,
this list is already populated with police forces
  throughout the UK.
  
They may even ask me to attend the next conference you
  appear at, and
then cuff you as soon as you lay a hand on me.
  
Cal Leeming, the so-called reformed criminal ends up back
  in court and
infront of the media glare.
  
Andrew





 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/

 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/
There's always a killfile..:)

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [ MDVSA-2011:029 ] kernel

2011-02-17 Thread security

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 ___

 Mandriva Linux Security Advisory MDVSA-2011:029
 http://www.mandriva.com/security/
 ___

 Package : kernel
 Date: February 17, 2011
 Affected: Enterprise Server 5.0
 ___

 Problem Description:

 A vulnerability was discovered and corrected in the Linux 2.6 kernel:
 The X.25 implementation does not properly parse facilities, which
 allows remote attackers to cause a denial of service (heap memory
 corruption and panic) or possibly have
 unspecified other impact via malformed data, a different vulnerability
 than CVE-2010-4164. (CVE-2010-3873)
 
 The bcm_connect function Broadcast Manager in the Controller Area
 Network (CAN) implementation in the Linux creates a publicly accessible
 file with a filename containing a kernel memory address, which allows
 local users to obtain potentially sensitive information about kernel
 memory use by listing this filename. (CVE-2010-4565)
 
 The install_special_mapping function in mm/mmap.c does not make an
 expected security_file_mmap function call, which allows local users
 to bypass intended mmap_min_addr restrictions and possibly conduct
 NULL pointer dereference attacks via a crafted assembly-language
 application. (CVE-2010-4346)
 
 The sk_run_filter function does not check whether a certain memory
 location has been initialized before executing a BPF_S_LD_MEM
 or BPF_S_LDX_MEM instruction, which allows local users to obtain
 potentially sensitive information from kernel stack memory via a
 crafted socket filter. (CVE-2010-4158)
 
 Heap-based buffer overflow in the bcm_connect function the Broadcast
 Manager in the Controller Area Network (CAN)on 64-bit platforms might
 allow local users to cause a denial of service (memory corruption)
 via a connect operation. (CVE-2010-3874)
 
 The blk_rq_map_user_iov function in block/blk-map.c allows local
 users to cause a denial of service (panic) via a zero-length I/O
 request in a device ioctl to a SCSI device. (CVE-2010-4163)
 
 Multiple integer underflows in the x25_parse_facilities function in
 allow remote attackers to cause a denial of service (system crash)
 via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3)
 X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data. (CVE-2010-4164)
 
 Race condition in the do_setlk function allows local users to cause a
 denial of service (crash) via vectors resulting in an interrupted RPC
 call that leads to a stray FL_POSIX lock, related to improper handling
 of a race between fcntl and close in the EINTR case. (CVE-2009-4307)
 
 Multiple integer overflows in fs/bio.c allow local users to cause
 a denial of service (system crash) via a crafted device ioctl to a
 SCSI device. (CVE-2010-4162)
 
 Integer overflow in the ext4_ext_get_blocks function in
 fs/ext4/extents.c allows local users to cause a denial of service
 (BUG and system crash) via a write operation on the last block of a
 large file, followed by a sync operation. (CVE-2010-3015)
 
 The do_exit function in kernel/exit.c does not properly handle a
 KERNEL_DS get_fs value, which allows local users to bypass intended
 access_ok restrictions, overwrite arbitrary kernel memory locations,
 and gain privileges by leveraging a (1) BUG, (2) NULL pointer
 dereference, or (3) page fault, as demonstrated by vectors involving
 the clear_child_tid feature and the splice system call. (CVE-2010-4258)
 
 The ax25_getname function in net/ax25/af_ax25.c does not initialize
 a certain structure, which allows local users to obtain potentially
 sensitive information from kernel stack memory by reading a copy of
 this structure. (CVE-2010-3875)
 
 Integer overflow in the do_io_submit function in fs/aio.c allows local
 users to cause a denial of service or possibly have unspecified other
 impact via crafted use of the io_submit system call. (CVE-2010-3067)
 
 Race condition in the __exit_signal function in kernel/exit.c
 allows local users to cause a denial of service via vectors
 related to multithreaded exec, the use of a thread group leader in
 kernel/posix-cpu-timers.c, and the selection of a new thread group
 leader in the de_thread function in fs/exec.c. (CVE-2010-4248)
 
 Integer signedness error in the pkt_find_dev_from_minor function
 in drivers/block/pktcdvd.c allows local users to obtain sensitive
 information from kernel memory or cause a denial of service (invalid
 pointer dereference and system crash) via a crafted index value in
 a PKT_CTRL_CMD_STATUS ioctl call. (CVE-2010-3437)
 
 The get_name function in net/tipc/socket.c does not initialize a
 certain structure, which allows local users to obtain potentially
 sensitive information from kernel stack memory by reading a copy of
 this structure. (CVE-2010-3877)
 
 Stack-based buffer overflow

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Rankin, James R

Sue me. Dickhead. My contribution here is over. Don't forget about the train.

Bye,

Typed frustratingly slowly on my BlackBerry® wireless device

-Original Message-
From: andrew.wallace andrew.wall...@rocketmail.com
Date: Thu, 17 Feb 2011 14:49:46 
To: valdis.kletni...@vt.eduvaldis.kletni...@vt.edu; 
kz2...@googlemail.comkz2...@googlemail.com
Reply-To: andrew.wallace andrew.wall...@rocketmail.com
Cc: full-disclosure@lists.grok.org.ukfull-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] (this thread is now abo
 ut porn).‏

On Thu, Feb 17, 2011 at 10:04 PM,  valdis.kletni...@vt.edu wrote:
 You *do* realize we have very little proof that the entity posting
 as Cal isn't a sock puppet of Andrew's creation, to further his vendetta
 against full disclosure because it helps the cyber-terrorists?  It's the
 sort of thing that one of England's top cyber-security experts would do,
 isn't it? :)

On Thu, Feb 17, 2011 at 10:10 PM, Rankin, James R kz2...@googlemail.com wrote:
 I am an alter ego of netty's that he has invented to argue with in case the 
 voices in his head stop talking about national security

The right to free expression can be restricted if this is necessary to protect 
the reputation of others. The law of defamation allows persons who consider 
that their reputation has been or may be harmed by statements made by others to 
sue for damages or to prevent the making of those statments. 
http://www.yourrights.org.uk/yourrights/right-of-free-expression/defamation/index.html

You're treading on very thin ice.

Andrew

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

You do realize that those bit.ly links I posted have had over 200 clicks on
each one, right? (Go check it for yourself if you don't believe me)

Looks to me like the majority of people on this forum would rather see porn,
than listen to Andrew's shit.

On Thu, Feb 17, 2011 at 9:44 PM, phocean 0...@phocean.net wrote:

 I never thought I would agree with Andrew some day, but that's done.
 Don't you understand that you are killing FD or is it what you want?
 We are not here for porn! You may be sick and think like anyone is like
 you, but believe me, there are people who don't want of it and live very
 well without. So respect others and stop this madness.
 By the way, who asked for moderation recently ?

 Le jeudi 17 février 2011 à 20:13 +, Cal Leeming [Simplicity Media
 Ltd] a écrit :
  True to my word, here is the first (hopefully of many) every cloud
  has a silver lining posts. (everytime Andrew posts more faggotry, I
  will treat you all to decent porn!)
 
 
  I present to you, Gagging Report videos (user submitted!)
 
 
  http://bit.ly/fneO2U
 
 
  Enjoy!
 
  On Thu, Feb 17, 2011 at 8:09 PM, andrew.wallace
  andrew.wall...@rocketmail.com wrote:
  Just do yourself a favour, leave the disclosure community for
  good like you've been requested so many times to do.
 
  Myself and any law enforcement folks reading the list won't
  bother pursuing your threats of violence further if you stop
  now.
 
  It's your choice, the ball is completely in your court in
  which direction you wish to go in life from now onwards.
 
  You can stop posting now and get on with the rest of your
  career, or you can continue on this same path.
 
  This list isn't a joke around like you seem to treat it, we
  are serious people with serious concerns.
 
  Andrew
 
  On Thu, Feb 17, 2011 at 6:24 PM, Cal Leeming [Simplicity Media
  Ltd] cal.leem...@simplicitymedialtd.co.uk wrote:
   Prominent figure? LMFAO.
 
  
   On Thu, Feb 17, 2011 at 6:19 PM, andrew.wallace
   andrew.wall...@rocketmail.com wrote:
  
   On Thu, Feb 17, 2011 at 6:05 PM, Cal Leeming [Simplicity
  Media Ltd]
   cal.leem...@simplicitymedialtd.co.uk wrote:
Ah, now this is a different subject entirely! It suits
  some, but not
others.
  
   Are you trying to distract the many police forces
  throughout the UK who
   are subscribed to the list that you made a threat of
  violence towards a
   prominent figure in the security community?
  
   On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming [Simplicity
  Media Ltd]
   cal.leem...@simplicitymedialtd.co.uk wrote:
I hope you turn up at my next conference, so I can slap
  the fuck out of
you
in front of everyone.
Little bitch like you would probably go running to the
  police as well.
  
   Obviously, criminals are reported to the police. The
  problem here is,
   this list is already populated with police forces
  throughout the UK.
  
   They may even ask me to attend the next conference you
  appear at, and
   then cuff you as soon as you lay a hand on me.
  
   Cal Leeming, the so-called reformed criminal ends up back
  in court and
   infront of the media glare.
  
   Andrew
 
 
 
 
 
  ___
  Full-Disclosure - We believe in it.
  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
  Hosted and sponsored by Secunia - http://secunia.com/



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Cal Leeming [Simplicity Media Ltd]

Uh, go and do a whois on the office gw and the IP space it's attached to,
and you'll quickly see that this is actually me talking lol.

 f...@courtney.simplicitymedialtd.co.uk [/mnt/encstore/lxc]  host
staff.simplicitymedialtd.co.uk
staff.simplicitymedialtd.co.uk has address 94.76.199.238

 f...@courtney.simplicitymedialtd.co.uk [/mnt/encstore/lxc]  whois
94.76.199.238
% This is the RIPE Database query service.
% The objects are in RPSL format.
inetnum:94.76.199.238 - 94.76.199.238
netname:SimplictyMedia-5133
descr:  Simplicty Media Ltd
remarks: ##
remarks:Please report abuse incidents to
ab...@simplicitymedialtd.co.uk.
remarks:Messages sent to other contact addresses may not be acted
upon.
remarks: ##
person: Cal Leeming
address:Abbey House
address:Manor Road
address:Coventry
address:CV1 2FW
phone:  +44 07534 971120
mnt-by: as29550-mnt
remarks:===
remarks:For abuse related queries, please email
remarks:ab...@simplicitymedialtd.co.uk
remarks:===


On Thu, Feb 17, 2011 at 10:04 PM, valdis.kletni...@vt.edu wrote:

 On Thu, 17 Feb 2011 22:44:37 +0100, phocean said:
  I never thought I would agree with Andrew some day, but that's done.
  Don't you understand that you are killing FD or is it what you want?

 You *do* realize we have very little proof that the entity posting
 as Cal isn't a sock puppet of Andrew's creation, to further his vendetta
 against full disclosure because it helps the cyber-terrorists?  It's the
 sort of thing that one of England's top cyber-security experts would do,
 isn't it? :)

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread Valdis . Kletnieks

On Thu, 17 Feb 2011 14:49:46 PST, andrew.wallace said:
 On Thu, Feb 17, 2011 at 10:10 PM, Rankin, James R kz2...@googlemail.com 
 wrote:
  I am an alter ego of netty's that he has invented to argue with in case the 
  voices in his head stop talking about national security

 The right to free expression can be restricted if this is necessary to protect
 the reputation of others. The law of defamation allows persons who consider
 that their reputation has been or may be harmed by statements made by others 
 to
 sue for damages or to prevent the making of those statments.
 http://www.yourrights.org.uk/yourrights/right-of-free-expression/defamation/index.html

 You're treading on very thin ice.

Fortunately for Andrew, the offense of barratry was apparently abolished
in Great Britain in 1967.  It may however still survive as a cause for a tort.



pgphsLFrRHjTc.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [VIDEO] Insect Pro 2.0 - Exploit tool for remote control

2011-02-17 Thread runlvl

Isecurity Research is happy to announce the release of version 2.0,
get it now while it is still hot !

Insect Pro 2.0 is a penetration security auditing and testing software
solution designed to allow organizations of all sizes mitigate,
monitor and manage the latest security threats vulnerabilities.

We’re always working to improve Insect Pro and now the users obtain
all the metasploit funcionalities plus all the Insect Pro modules
merge all in a unique application.

We invite you to take a visual tour where you can find screenshots and
videos, visit us at http://www.insecurityresearch.com

We are really thanksful with the community, thanks for all your support
that keep us coding!

There is no fixed price to get it, you can obtain the full version
with updates from $20 !

Get it now from: http://www.insecurityresearch.com

Juan Sacco

This video shows how to exploit Android using Insect Pro 2.0 gaining root
privileges using adb setuid exhaustion attack.

Typically has the name “rageagainstthecage” and the code refers to it has
“CVE-2010-EASY” in one comment, but whatever you call it, it’s a pretty
smooth way of getting adbd (android’s debugging bridge daemon) to run as
root. We just make it easy for you :-)

Video: http://www.youtube.com/watch?v=wDJ1x_abjG8

Hope you enjoy!

Juan Sacco

-- 
_
Insecurity Research - Security auditing and testing software
Web: http://www.insecurityresearch.com
Insect Pro 2.0 was released stay tunned
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [VIDEO] Insect Pro 2.0 - Exploit tool for remote control

2011-02-17 Thread root

On 02/17/2011 10:07 PM, runlvl wrote:
 Typically has the name “rageagainstthecage” and the code refers to it ha

Thanks for including that bit. It makes it very easy to locate the
source of the exploit:
http://intrepidusgroup.com/insight/2010/09/android-root-source-code-looking-at-the-c-skills/

I suppose is your way to do citations but maybe you can do it more
directly next time.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (this thread is now about porn).‏

2011-02-17 Thread phocean

Then it is their problem but I did not click on any and I am sure (and I
hope) I am not alone.
But I don't even want to debate about it.

The question is that simple: is FD about security or about porn?

There are enough porn sites everywhere for people who want porn so I
don't think it is necessary to offend some people here with it (even if
we were minority).

Le jeudi 17 février 2011 à 22:59 +, Cal Leeming [Simplicity Media
Ltd] a écrit :
 You do realize that those bit.ly links I posted have had over 200
 clicks on each one, right? (Go check it for yourself if you don't
 believe me)
 
 
 Looks to me like the majority of people on this forum would rather see
 porn, than listen to Andrew's shit.
 
 On Thu, Feb 17, 2011 at 9:44 PM, phocean 0...@phocean.net wrote:
 I never thought I would agree with Andrew some day, but that's
 done.
 Don't you understand that you are killing FD or is it what you
 want?
 We are not here for porn! You may be sick and think like
 anyone is like
 you, but believe me, there are people who don't want of it and
 live very
 well without. So respect others and stop this madness.
 By the way, who asked for moderation recently ?
 
 Le jeudi 17 février 2011 à 20:13 +, Cal Leeming
 [Simplicity Media
 Ltd] a écrit :
 
  True to my word, here is the first (hopefully of many)
 every cloud
  has a silver lining posts. (everytime Andrew posts more
 faggotry, I
  will treat you all to decent porn!)
 
 
  I present to you, Gagging Report videos (user submitted!)
 
 
  http://bit.ly/fneO2U
 
 
  Enjoy!
 
  On Thu, Feb 17, 2011 at 8:09 PM, andrew.wallace
  andrew.wall...@rocketmail.com wrote:
  Just do yourself a favour, leave the disclosure
 community for
  good like you've been requested so many times to do.
 
  Myself and any law enforcement folks reading the
 list won't
  bother pursuing your threats of violence further if
 you stop
  now.
 
  It's your choice, the ball is completely in your
 court in
  which direction you wish to go in life from now
 onwards.
 
  You can stop posting now and get on with the rest of
 your
  career, or you can continue on this same path.
 
  This list isn't a joke around like you seem to treat
 it, we
  are serious people with serious concerns.
 
  Andrew
 
  On Thu, Feb 17, 2011 at 6:24 PM, Cal Leeming
 [Simplicity Media
  Ltd] cal.leem...@simplicitymedialtd.co.uk wrote:
   Prominent figure? LMFAO.
 
  
   On Thu, Feb 17, 2011 at 6:19 PM, andrew.wallace
   andrew.wall...@rocketmail.com wrote:
  
   On Thu, Feb 17, 2011 at 6:05 PM, Cal Leeming
 [Simplicity
  Media Ltd]
   cal.leem...@simplicitymedialtd.co.uk wrote:
Ah, now this is a different subject entirely!
 It suits
  some, but not
others.
  
   Are you trying to distract the many police
 forces
  throughout the UK who
   are subscribed to the list that you made a
 threat of
  violence towards a
   prominent figure in the security community?
  
   On Thu, Feb 17, 2011 at 5:35 PM, Cal Leeming
 [Simplicity
  Media Ltd]
   cal.leem...@simplicitymedialtd.co.uk wrote:
I hope you turn up at my next conference, so I
 can slap
  the fuck out of
you
in front of everyone.
Little bitch like you would probably go
 running to the
  police as well.
  
   Obviously, criminals are reported to the police.
 The
  problem here is,
   this list is already populated with police
 forces
  throughout the UK.
  
   They may even ask me to attend the next
 conference you
  appear at, and
   then cuff you as soon as you lay a hand on me.
  
   Cal Leeming, the so-called reformed criminal
 ends up back
  in court and
   infront of the media glare.
  
   Andrew

67 matches

Mail list logo