Re: [Full-disclosure] Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

afaik, no one cares about oracle.

retarded blind scavengers make careers selling fallen, rotten,
previously low hanging fruit.

<3 2 n3td3v

> Tue, 13 Jan 2009 15:52:02 -0800 David Litchfield
 wrote:
>NGSSoftware Insight Security Research Advisory
>
>Name: Trigger abuse of MDSYS.SDO_TOPO_DROP_FTBL
>Systems Affected: Oracle 10g R1 and R2 (10.1.0.5 and 10.2.0.2)
>Severity: High
>Vendor URL: http://www.oracle.com/
>Author: David Litchfield [ dav...@ngssoftware.com ]
>Reported: 23rd July 2008
>Date of Public Advisory: 13th January 2009
>Advisory number: #NISR13012009
>CVE: CVE-2008-3979
>
>Overview
>
>Oracle has just released a fix for a flaw that, when exploited,
>allows a low
>privileged authenticated database user to gain MDSYS privileges.
>This can be
>abused by an attacker to perform actions as the MDSYS user.
>
>Details
>***
>MDSYS.SDO_TOPO_DROP_FTBL is one of the triggers that forms part of

>the
>Oracle Spatial Application. It is vulnerable to SQL injection.
>When a user
>drops a table the trigger fires. The name of the table is embedded

>in a
>dynamic SQL query which is then executed by the trigger. Note that

>the
>Oracle advisory states that the attacker requires the DROP TABLE
>and CREATE
>PROCEDURE privileges. This is not the case and only CREATE SESSION

>
>privileges are required.
>
>Fix Information
>***
>Oracle was alerted to this flaw on the 23rd July 2008. A patch has

>now been
>made available:
>
>http://www.oracle.com/technology/deploy/security/critical-patch-
>updates/cpujan2009.html
>
>NGSSQuirreL for Oracle, an advanced vulnerability assessment
>scanner
>designed specifically for Oracle, can be used to accurately
>determine
>whether your servers are vulnerable to these flaws. More
>information about
>NGSSQuirreL for Oracle can be found here:
>
>http://www.ngssoftware.com/products/database-security/ngs-squirrel-

>oraclephp
>
>About NGSSoftware
>*
>NGSSoftware, an NCC Group Company, develops vulnerability
>assessment and
>compliancy tools for database servers including Oracle, Microsoft
>SQL
>Server, DB2, Sybase and Informix. Headquartered in the United
>Kingdom NGS
>has offices in London, St. Andrews (UK), Brisbane, and Perth
>(Australia) and
>Seattle in the United States; NGS provide services to some of the
>largest
>and most demanding organizations around the globe.
>
>http://www.ngssoftware.com/
>Telephone +44 208 401 0070
>Fax +44 208 401 0076
>
>--
>E-MAIL DISCLAIMER
>
>The information contained in this email and any subsequent
>correspondence is private, is solely for the intended recipient(s)

>and
>may contain confidential or privileged information. For those
>other than
>the intended recipient(s), any disclosure, copying, distribution,
>or any
>other action taken, or omitted to be taken, in reliance on such
>information is prohibited and may be unlawful. If you are not the
>intended recipient and have received this message in error, please
>inform the sender and delete this mail and any attachments.
>
>The views expressed in this email do not necessarily reflect NGS
>policy.
>NGS accepts no liability or responsibility for any onward
>transmission
>or use of emails and attachments having left the NGS domain.
>
>NGS and NGSSoftware are trading names of Next Generation Security
>Software Ltd. Registered office address: Manchester Technology
>Centre,
>Oxford Road, Manchester, M1 7EF with Company Number 04225835 and
>VAT Number 783096402
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAkltMpcACgkQynWwk3/AtyOsbgP+LVLiKWqeGvuu/kFnm7sQXic8l5k1
9RYQ902ygOS4Nt67IkUgFgZBeTsN25d0mkH0hZDHulhTJOPNFGxwLuRVbXBF89JwjCO7
faHEhS73TGVmm3TnUTm1ZGEg1dto36LomtrR/H1YMmMnY41RCoK1ycj8QeEFfOFiuK/v
AKEkLFw=
=Y0II
-END PGP SIGNATURE-

--
Dreaming of a career in Medical Administration? Click here to make your dream 
career a reality.
 
http://tagline.hushmail.com/fc/PnY6qxukq5RffaxISSWG6OsKAmNS1Ot26fn4GDJCCtUikCP599Qla/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Simple request

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

the fuck have you done juan?  your more worthless than ureleet

<3 2 n3td3v

On Tue, 13 Jan 2009 05:24:29 -0800 Juha-Matti Laurio  wrote:
>FYI:
>Since 1st Jan there are 527 messages posted to FD.
>
>The overall amount of Dec' 08 was 637 messages and we haven't
>passed the mid-January yet.
>
>Some numbers of 2008:
>Oct '08: 531
>Mar '08: 600
>Jan '08: 615
>
>Hey how many of the recent messages use bandwidth, disk space,
>your time etc. without disclosing anything...
>
>Juha-Matti
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAkltL+0ACgkQynWwk3/AtyO+bQQAlIDLO+QrbEkaDuPIItw5h3FAwMbr
tCEkp9zvqaIN+qbxE0X17wR/skwhkb/fr8yQwPOjlA7NynUXh/08UJ6AjtwgZXHC9xib
die0B55bUQy6hl6Y6t+4xTRdxKhulilVYZMqgAakQ4pCOSQNu0dfYAoHQaiYT6Wwe3PG
LaqimvI=
=QVQi
-END PGP SIGNATURE-

--
Click to begin your health care training online.  Request info today.
 
http://tagline.hushmail.com/fc/PnY6qxukq4rukiZOMFLrudw7rHD8typKRtrOK1cbGVmvO3cAsN4RC/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] mr wallace must be stopped and i know how

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

i'll trade you my nude photos if you can demonstrate any
contribution you have made to the computer security community

On Tue, 13 Jan 2009 01:17:03 -0500 Jubei Trippataka
 wrote:
>Anyone that can cop that much abuse and prosper has to be
>extremely
>sadomasochistic. The delusion that a blogger such as Mr Wallace
>somehow
>contributes to the security community is hilarious at first and
>when the
>comical side clears you have that pathetic little failed abortion
>asking why
>he's the target of abuse. To be honest, I'd rather have my
>children babysat
>by Josef Fritzel than take security advice from this schizo.
>
>--
>ciao
>
>JT
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklsYm8ACgkQynWwk3/AtyMnEAP/fvQZCdLaomFt9q4cyJR+FggOcr9b
PcpszDsqaKS05KmgR16KjDDIRN9T2tTOhfqhN3Am1SOv0V9KISTkvuODcNMcIpIuu9Jg
PIUb62p80egiaBHmNdfrZfFuRPp7fKzzWQyOqpHD+Yq3q7kF2B02qqvt1TLUnUg1ikfZ
xNkJAWU=
=I6gd
-END PGP SIGNATURE-

--
Need cash? Click here to get a payday loan.
 
http://tagline.hushmail.com/fc/PnY6qxtVaLJablbbAMh69AaxiQDIXGAemVvk2VFZs21sUl2eTyHw8/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] mr wallace must be stopped and i know how

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

disagree, i wish you weren't us.

On Mon, 12 Jan 2009 21:23:20 -0500 Biz Marqee
 wrote:
>lol you wish cunt
>
>On Tue, Jan 12, 2009 at :05 PM,  wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Biz Marqee is one of my aliases.
>>
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAklr+/EACgkQynWwk3/AtyP5ZwP+KKUI7ECfVu7rNrLRqaj7ALBeB//H
3zLBpJo+4+LvpA30je3LepQO5pwIwb1UWCQG1ndQ0HhPycHLMPMJkbVKIZ2EX1VGgWZT
2QH856kYFUlAHvvrjVuEcsnOI5ktjZsoc8tpD9nmqQ1DD17xqKuU5MR10XK6ZF19KNim
v9h8u+U=
=57gC
-END PGP SIGNATURE-

--
Click for free info on criminal justice degrees, $150K/ year potential.
 
http://tagline.hushmail.com/fc/PnY6qxtpLJe4LbpbcJYwJTmYCWJt1hmfqkvt9b1DLMTpuaEtCw11u/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] mr wallace must be stopped and i know how

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I got your back.

<3

On Mon, 12 Jan 2009 19:34:58 -0500 "andrew.wallace"
 wrote:
>On Tue, Jan 13, 2009 at 12:17 AM, Biz Marqee
> wrote:
>> OK - so in the interest of attempting to rid this list of the
>person we all
>> hate.
>>
>> I implore each of you who reply to his fishing expeditions (yes
>I am
>> guilty!) to consider this as an alternate way to express your
>hate for him.
>
>People with hatred should be encouraged to post on full-disclosure
>since this list is about bad guys and threats, please continue
>your
>hate.
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklr6QoACgkQynWwk3/AtyOv9gP+Kax7UMkte39jS4WOQG7LoczoTbHI
JM67rYAtF+ibMEWWr6172uFYFPVZsjD1TELp255mQr6PJeVlBu3VFQk/y0U3eaTrj2JS
S78O/5D+wLuQW0pjeMNETGWy8PAkZkqFiTuUl+OlzJWMOjJZxNQ9y4PbRAegMPIbBseX
0K59dyw=
=NA9J
-END PGP SIGNATURE-

--
Find the right teaching school to meet your educational needs. Click to learn 
more. 
 
http://tagline.hushmail.com/fc/PnY6qxuBBem9g1MoJuvY8uSdljNiw9fP3inIxJcFLq1SvEgH7RGnG/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] mr wallace must be stopped and i know how

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Biz Marqee is one of my aliases.

On Mon, 12 Jan 2009 19:17:41 -0500 Biz Marqee
 wrote:
>OK - so in the interest of attempting to rid this list of the
>person we all
>hate I will now cease posting any replies to the n3t d3viate.
>Since I am now
>pretty sure he is a just mentally unstable person only seeking
>attention for
>his childlike behavior, I will deal with him in the same fashion
>as a child
>- ignoring him completely. I have tried to reason with him in
>private, as
>well outright public abuse. Nothing works because he does not
>process
>rational thought.
>
>I implore each of you who reply to his fishing expeditions (yes I
>am
>guilty!) to consider this as an alternate way to express your hate
>for him.
>He WILL eventually go away if not a single person replies to him.
>
>Please, in the interest of this list which was once GREAT, don't
>feed andrew
>wallace's fragmented ego. Just dont hit that reply button. It will
>only work
>if everyone does it, but will fail if one person does not. If
>people do it,
>it will happen. Not over night but it will.
>
>Anyway I will no longer be baited by this maniac, so I bid you
>farewell FD!
>I hope the list can partially recover from the irreparable damage
>caused by
>this one person, and I hope everyone follows suit and lets this
>guy drown in
>his own thoughts.
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklr6O0ACgkQynWwk3/AtyM56AQAgx9pumsbTc656LJ9nlOSVAbZeGWI
KdLIejtJrssghT/v2QdGbuQXk3jXaOnY4Re24nasI21aJ1sGwjNaIbvku1zvndJKeVka
s/RNd8Nmr8/ZVBLtOsv2c8q7IyuLbM5ofct5P7v8ikvUbFrM+ZHW03wkP28ck+XuFshq
plshsZo=
=bR6j
-END PGP SIGNATURE-

--
Click for free info on discount teaching degrees programs.
 
http://tagline.hushmail.com/fc/PnY6qxuBBejIRDAIvNP6ADv78Smnhi5949yFp4mQUHRB1QD0iqHjy/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] It's time for me to go now

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hehe, that would make me go boo-hoo :

<3 u n3td3v xoxoxox

On Sun, 11 Jan 2009 20:45:29 -0500 n3td3v 
wrote:
>I don't know how to hack and I don't have any technical abilities
>I
>must go now before MI5 take me away in a van and dump my body in
>the
>sea.
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqutIACgkQynWwk3/AtyMBnAP+MeivH65yjpSKW3zIBMTis7umKqMy
7N7T3jrXEcuhlMuUkhSUhpjlBTp+UDbL6IpkrhGdcJnQbCSsmhGCd9QknkKBDAsXGj5D
Oiv/nMvdn1AVw0pCULcUEZPuZWV1GxElo3js2BQw6mC0pJEpTxG2d2HheTkA081hoPLH
eC+FKj8=
=N3/3
-END PGP SIGNATURE-

--
Easy-to-use, advanced features, flexible phone systems.  Click here for more 
info.
 
http://tagline.hushmail.com/fc/PnY6qxu9tWNPQUUSTOVZjr344qNzrEK758Tmz9pHNgsi2M9rtV45i/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] n3td3v profile...

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Mr. Krawetz's PhD is in computer science, not psychology.  And he
is a fucktard.

On Sun, 11 Jan 2009 20:59:15 -0500 - o z -  wrote:
>Andrew is a special kind of crazya friend of mine and former
>colleague who I highly respect (practicing Psych.,
>who profiles individuals for a real doggone intel agency...alas,
>not
>MI-Jive) labeled Andrew as a probable
>schizophrenic with grandiose idealizations.
>
>These types of people usually can't hold a job.  The most active
>period of delusions occur from 17-33, some
>think the drop-off may be due to decreased levels of testosterone
>as
>they age.  Intelligence agency intrigue & innuendo is a classic
>manifestation, along with imaginary friends, martyr
>glamorizations,
>alternate personalities and repeated exclamations that they will
>curtail their
>behaviors, only to come back, roaringly, foisting themselves upon
>a
>group/friend circle with a different guise or mission.
>Some have said it resembles alcoholic behavior in the promises "to
>
>quit..."
>
>They constantly need an audience, since 'friends' are temporal at
>best...they churn through relationships like shit
>flowing through a goose...as people become estranged/exasperated
>with
>the constant epiphany's, revelations and
>God-like interpretations.
>
>Stranger yet is that people like this can be wonderfully charming
>in
>real-lifefunny for awhile, but as they age, they
>start losing boyish charms that previously were
>forgiven...promulgating even more outlandish behavior as grow
>older.
>Sound familiar?  We have a baseline here, folks.  Also notice he
>hasn't written anything technical -- it's mostly
>outlandish hypothesis with pointers to..not infosec...but Andrew.
>
>They usually refuse medications to control themselves, because it
>dulls the essence of what they're trying to portray:
>someone mysterious, withholding critical information, being the
>sole-
>source of knowledge that might somehow change
>the world.
>
>IMHO, I would venture to say Andrew has attempted suicide -- his
>type
>is usually unsuccessful, indeed, it's not a suicide
>attempt but an attention-seeking event.
>
>He's bat-shit-fucking-crazy-nuts, but sane enough to fool someone
>unfamiliar with his MO.  That's what is so aggravating about this
>particular form of mental illness...once again, as long as there's
>a
>receptive audience, the monkey will feel the compulsion to
>perform.  It's akin to sexual gratification for him to see he's
>the
>subject of people's ire...don't forget that.
>
>This type of person will emotionally soul-suck everyone he comes
>in
>contact with, and make up dramas if only to suck more
>people in, because really, it's all about the adulation of n3td3v/
>Andrew/, nothing else.
>
>Solutions:  There's a few, but I wouldn't want to be responsible
>for
>the end result; once again, n3td3v is a human たまごっち
>(Tamagotchi) and should be treated accordingly.
>
>
>
>
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqup0ACgkQynWwk3/AtyOP1AP/dvJRaGN9T/tigswbou1jogvlgNYB
4gUXobeCqSCUrBDotoCEz5AyhTIOFZNY5LE40ELbJ+qrGUp6+ahzCHhxqMy70AJ8p4DW
q6i6jo+56GCxU+v+QMNNDA9IQThPELviUXaqPUjMiJbKl6pcI41ScD6rch1HK+OPCnL0
DGUJJJE=
=JicB
-END PGP SIGNATURE-

--
Paying too much for your business phone system?  Click here to compare systems 
from top companies.
 
http://tagline.hushmail.com/fc/PnY6qxu9tWFsIKEJwRt0c9ClaTJlVzTQvzuRVAhKXhWclFEQKSWgw/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

You tell me.

On Sun, 11 Jan 2009 19:30:17 -0500 Pete Licoln
 wrote:
>What's the point with MI5 n3td3v ?
>
>Regards Pete
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAklqm4cACgkQynWwk3/AtyOg/gP+KWIstvs71K7K+cvK/9bo/tRsYBC9
iCu8diF/TpkXYvnEPXoV+IRH06bJxqhGkkuvE4zBhj0HtTlKMO5MmYPuY2j9GiBWIM3M
vfYvbxBaZS8pZGJuoU8nbCYag8pXzf1FaEeNZhTT2J8Lhpy4JD12Duxnq2nnEtJL+Oz/
UCQxaPk=
=fsii
-END PGP SIGNATURE-

--
Click for free info on online masters degrees and make up to $150K/ year
 
http://tagline.hushmail.com/fc/PnY6qxtpjZXJLh7RrSDxAfzH8U8VbYeKiNKjN2pvOBEY7XUQCex7a/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

i smell conspiracy!!!

*kisses*

On Sun, 11 Jan 2009 19:20:36 -0500 n3td3v 
wrote:
>On Mon, Jan 12, 2009 at 12:16 AM,  
>wrote:
>> On Sun, 11 Jan 2009 23:32:09 GMT, n3td3v said:
>>> Their PGP keys have expired =)
>>
>>> Expires: 2009-10-01
>>
>> Wake me up in October.
>
>To me that says January 10th 2009
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqjh0ACgkQynWwk3/AtyM3bAQAlIvPsJ+JA6iv8jTTLeHQ11hQWr6y
O+9Wq83zTo0JzWg9bwtvycxhB3BBaCTQbIssrl68RKLBMpU5HiOBqltC7hSGeU+EXVxA
1Kkc7z21cKMffHoKFP0x45pg7xymJ0eTRnfUNDcXlYr04BrR6cG5p1PK2SWX4vIEvD/2
NUtKMpo=
=w+8K
-END PGP SIGNATURE-

--
Earn your college degree at your own pace, 100% online!
 
http://tagline.hushmail.com/fc/PnY6qxtpfWs2gqP1ysqgeSNTRIqVKDzic1DLteulcikr3Y3h9zmFy/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

naive to think mi5 is gender biased:)))

On Sun, 11 Jan 2009 18:36:56 -0500 Pete Licoln
 wrote:
>sexyazngrl69 is a n3td3v alias, no doubt about it.
>
>Regards Pete
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqjccACgkQynWwk3/AtyMqRwQAiOCfp9PC1o0g7CP8X8gr1psnpijR
NVIHQqkbjl1L4uAa55qBUElskX7n5DTzLflFIoT1u9zfCV9KTz8kPpdPZjMnXBpXzFmA
N7+lDieYQvJn+0PZVhH7zkzJX3aXcgmcNoIRoVSjazJlHKK76lNXrhQ2vqAPeSCA01NR
wtKWVj4=
=WSQG
-END PGP SIGNATURE-

--
Stuck in a dead end job?? Click to start living your dreams by earning an 
online degree.
 
http://tagline.hushmail.com/fc/PnY6qxtpfWguKXIbuKy0wc53HbV7MyFTUOqm2btdhhgyTGOJRdfcM/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

nice hack babe:))

On Sun, 11 Jan 2009 18:32:09 -0500 n3td3v 
wrote:
>Their PGP keys have expired =)
>
>Sending email to US-CERT
>
>When sending sensitive information to US-CERT via email, we
>encourage
>you to encrypt your messages. US-CERT uses multiple public keys
>based
>upon their purpose. If the purpose of your communication is a
>cyber
>security incident report, vulnerability report, or any other
>technical
>question related to cyber security, please use the following key:
>
>User ID: US-CERT Security Operations Center 
>Key ID: B832BE70
>Key Type: RSA
>Expires: 2009-10-01
>Key size: 2048
>Fingerprint: 195E 7A9E CCD9 9504 3CA7 E26E 13D4 4840 B832 BE70
>
>Information about other keys can be found on Contacting US-CERT.
>
>&
>
>Receiving publications in email from US-CERT
>
>US-CERT signs the email distribution of all US-CERT publications,
>including Cyber Security Alerts, Technical Cyber Security Alerts,
>Cyber Security Bulletins and Cyber Security Tips with the
>following
>key:
>
>User ID: US-CERT Publications Key 
>Key ID: 0x3E1F88AB
>Key Type: RSA
>Expires: 2009-10-01
>Key Size: 2048
>Fingerprint: E0BF 6D0E 88C1 1FFC F93F 571B 7207 9633 3E1F 88AB
>
>http://www.us-cert.gov/pgp/email.html
>
>On Sun, Jan 11, 2009 at 10:29 PM, Chris Wallis 
>wrote:
>> Just got this from US Cert. With what's going on with this list.
>I fought
>> I might share with you all...
>>
>> With some of the crap on this list lately I really do hope it is
>spambots...
>>
>> ~Chris Wallis
>>
>>
>> __
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> US-CERT Current Activity
>>
>> Malicious Code Circulating via Israel/Hamas Conflict Spam
>Messages
>>
>> Original release date: January 9, 2009 at 9:25 am Last revised:
>January 9,
>> 2009 at 9:25 am
>>
>>
>> US-CERT is aware of public reports of malicious code circulating
>via spam
>> email messages related to the Israel/Hamas conflict in Gaza.
>> These messages may contain factual information about the
>conflict and
>> appear to come from CNN. Additionally, the messages indicate
>that
>> additional news coverage of the conflict can be viewed by
>following a link
>> provided in the email body. If users click on this link, they
>are
>> redirected to a bogus CNN website that appears to contain a
>video.
>> Users who attempt to view this video will be prompted to update
>to a new
>> version of Adobe Flash Player in order to view the video. This
>update is
>> not a legitimate Adobe Flash Player update; it is malicious
>code. If users
>> download this executable file, malicious code may be installed
>on their
>> systems.
>>
>> US-CERT encourages users and administrators to take the
>following
>> preventative measures to help mitigate the security risks:
>>  * Install antivirus software, and keep the virus signatures up
>to
>>date.
>>  * Do not follow unsolicited links and do not open unsolicited
>email
>>messages.
>>  * Use caution when visiting untrusted websites.
>>  * Use caution when downloading and installing applications.
>>  * Obtain software applications and updates directly from the
>>vendor's website.
>>  * Refer to the Recognizing and Avoiding Email Scams (pdf)
>document
>>for more information on avoiding email scams.
>>  * Refer to the Avoiding Social Engineering and Phishing Attacks
>>document for more information on social engineering attacks.
>>
>> Relevant Url(s):
>> 
>>
>> 
>>
>> 
>> This entry is available at
>> http://www.us-
>cert.gov/current/index.html#malware_circulating_via_email_messages
>>
>> -BEGIN PGP SIGNATURE-
>> Version: GnuPG v1.4.5 (GNU/Linux)
>>
>> iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s
>> Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh
>> 2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu
>> x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y
>> 2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1
>> fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ==
>> =PU6L
>> -END PGP SIGNATURE-
>>
>>
>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAklqhrMACgkQynWwk3/AtyOmJgQAjZsbVABLYAgiJ6E3KbL8egRC16LZ
LYWMz+Qq488tDFyuFqx42aKKX9Kq+Bq6OmiDpiEPfh/Kbv94Sz7NNhJitOUj59qmaW8l
+Q7MZH3n8HLwWHuSNNg49Z+dbsa6bCoXg1UAFHsfzBgoxhpw409y3UOi8tiBZKGZh077
i7zstEQ=
=41Lu
-EN

Re: [Full-disclosure] WTF people?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

pics?

On Sun, 11 Jan 2009 17:48:53 -0500 waveroad waveroad
 wrote:
>N3td3v other alias spotted.
>
>
>
>2009/1/11 
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> i find the surname mcafee to be a turn-on here on the security
>> mailing list, mister good hacker:)))
>>
>> a/s/l?
>>
>>
>> On Sun, 11 Jan 2009 16:49:20 -0500 Will McAfee > commun...@thegoodhacker.com> wrote:
>> >I have lurked for some time, and really, this list has become
>> >pathetic
>> >due to it's hiijacking by two or three trolls with nothing
>better
>> >to
>> >do than destroy the relevant signal to noise ratio.  This list
>is
>> >not
>> >about MI5, the NSA, or Mossad unless there is something
>practical
>> >to
>> >be learned from them.  I do not care about the information war
>> >between
>> >Russia and Georgia unless it is about the systems used.  Think
>of
>> >this
>> >list as like a trade correspondence journal, not a public
>> >tackboard.
>> >
>> >Sent from my iPhone
>> >
>> >___
>> >Full-Disclosure - We believe in it.
>> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >Hosted and sponsored by Secunia - http://secunia.com/
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Version: Hush 3.0
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>>
>>
>wpwEAQMCAAYFAklqcbUACgkQynWwk3/AtyOa+wP/YQJlJsabFMRjU8FEs6V+t4eEwkW
>0
>>
>QHX6NsZkryCvIgNWKjPjCTq25n/sS8JKr9oKFJybeyhgY9ADMJ94rLspQU6pQetJnfk
>o
>>
>rkmOnzyUOPzXdmBDJH/34qe3K55k8v7f7OeWLu3xosxWP8iWJwQWR2gXF11hELGJKbJ
>/
>> 9Zzisvg=
>> =cJJ3
>> -END PGP SIGNATURE-
>>
>> --
>> Click for free info on online doctorate degrees and make up to
>$250k/ year.
>>
>>
>http://tagline.hushmail.com/fc/PnY6qxudoSZgDEE0yj7ARzIKdHrLoCs88Zzh
>zE4rU3tdHkjzM8yso/
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqek0ACgkQynWwk3/AtyPcEgP8ClWXNKSO2PiPEUGhalNNnQD3LORX
LxkxnMgYlCPb06v4unM1RSC4ohJZdX7T+bRrvNQdO9b0RsP34pkdCbCZavLMsxaZChbJ
/ApjICH6vsajaRdu0ZEH5HjnfAwnYcVpAFKamfnP7h8Zyzgp9ZfHZv4ZEOYL9oHxh2NN
CdQCXww=
=Hgbn
-END PGP SIGNATURE-

--
Click for free info on business schools, $150K/ year potential.
 
http://tagline.hushmail.com/fc/PnY6qxsZgJoEzGwoSheR0lZiwV2oU7O92zSQHsC8LzPC3isaZnbmg/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WTF people?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

i find the surname mcafee to be a turn-on here on the security
mailing list, mister good hacker:)))

a/s/l?


On Sun, 11 Jan 2009 16:49:20 -0500 Will McAfee  wrote:
>I have lurked for some time, and really, this list has become
>pathetic
>due to it's hiijacking by two or three trolls with nothing better
>to
>do than destroy the relevant signal to noise ratio.  This list is
>not
>about MI5, the NSA, or Mossad unless there is something practical
>to
>be learned from them.  I do not care about the information war
>between
>Russia and Georgia unless it is about the systems used.  Think of
>this
>list as like a trade correspondence journal, not a public
>tackboard.
>
>Sent from my iPhone
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqcbUACgkQynWwk3/AtyOa+wP/YQJlJsabFMRjU8FEs6V+t4eEwkW0
QHX6NsZkryCvIgNWKjPjCTq25n/sS8JKr9oKFJybeyhgY9ADMJ94rLspQU6pQetJnfko
rkmOnzyUOPzXdmBDJH/34qe3K55k8v7f7OeWLu3xosxWP8iWJwQWR2gXF11hELGJKbJ/
9Zzisvg=
=cJJ3
-END PGP SIGNATURE-

--
Click for free info on online doctorate degrees and make up to $250k/ year.
 
http://tagline.hushmail.com/fc/PnY6qxudoSZgDEE0yj7ARzIKdHrLoCs88ZzhzE4rU3tdHkjzM8yso/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hehe are you trolling me?  *giggle*

On Sun, 11 Jan 2009 15:08:38 -0500 j-f sentier
 wrote:
>> sexyazngrl69 is definitely someone that loves not hates n3td3v.
>http://www.xanga.com/guestbook.aspx?user=seXyazNgRl69
>
>i can understand that ;)
>
>2009/1/11 
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> that has never been an acceptable definition for everyone.
>>
>> *hugs*
>>
>> On Sun, 11 Jan 2009 15:04:33 -0500 j-f sentier
>>  wrote:
>> >>>So you have to ask yourself this simple question :
>> >>>Why everyone hates you ?
>> >
>> >>sexyazngrl69 is definitely someone that loves not hates
>n3td3v.
>> >>you're understanding of "everyone" is off.
>> >
>> >In this case, everyone means a majority.
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>> Version: Hush 3.0
>>
>>
>wpwEAQMCAAYFAklqUUYACgkQynWwk3/AtyN1mgP/UPRf6jpjBkmTNxLIMFr6VFVb/ef
>O
>>
>tBzCOen6wcZGHvcBaYY9KkjcY35PxDXC4BxVf+x/imXhHlbDG58upi7jVlCekbQ1aV7
>x
>>
>R1wiRBk4vYgrpVmh1H/VEggFg/hG6vEy74hFs0RyTZJUnRBJ9gqux8skyukR+cJZqDB
>k
>> olmE90U=
>> =dXNa
>> -END PGP SIGNATURE-
>>
>> --
>> Click for free info on online doctorate degrees and make up to
>$250k/ year.
>>
>>
>http://tagline.hushmail.com/fc/PnY6qxudoSFWWlqpoHjO4HGwW4SZPe5sKkbc
>HbM4hGzaGY7qf0aoh/
>>
>>
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqUrAACgkQynWwk3/AtyOeywP9F/HCBknctD6YxEdyHT7ULvXZsd+2
beta4bocCMLXnRu62t4B/yL77Qy06odmpSMLhGAcMqfrCdgiUAzzXzO1ueyJRNrF0O4x
hET0qazDV32htaucXJlq1GtfC/bNqX9rxjr99Hx4fN1VwYjU713sW+xkh8rIzMWHDN7G
0CiJodU=
=02lt
-END PGP SIGNATURE-

--
Click for free info on online doctorate degrees and make up to $250k/ year.
 
http://tagline.hushmail.com/fc/PnY6qxudoR56fpkWS1cmihX1LC5fQ0wT2FECRDgTl5N00yXKJd21C/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

that has never been an acceptable definition for everyone.

*hugs*

On Sun, 11 Jan 2009 15:04:33 -0500 j-f sentier
 wrote:
>>>So you have to ask yourself this simple question :
>>>Why everyone hates you ?
>
>>sexyazngrl69 is definitely someone that loves not hates n3td3v.
>>you're understanding of "everyone" is off.
>
>In this case, everyone means a majority.
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAklqUUYACgkQynWwk3/AtyN1mgP/UPRf6jpjBkmTNxLIMFr6VFVb/efO
tBzCOen6wcZGHvcBaYY9KkjcY35PxDXC4BxVf+x/imXhHlbDG58upi7jVlCekbQ1aV7x
R1wiRBk4vYgrpVmh1H/VEggFg/hG6vEy74hFs0RyTZJUnRBJ9gqux8skyukR+cJZqDBk
olmE90U=
=dXNa
-END PGP SIGNATURE-

--
Click for free info on online doctorate degrees and make up to $250k/ year.
 
http://tagline.hushmail.com/fc/PnY6qxudoSFZYvmd7IcNarXqt0AILwABDeRPy1cZnbfHQQ45aagn2/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Why are you against n3td3v?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hey sweetie,

On Sun, 11 Jan 2009 13:23:12 -0500 j-f sentier
 wrote:
>So you have to ask yourself this simple question :
>Why everyone hates you ?

sexyazngrl69 is definitely someone that loves not hates n3td3v.
you're understanding of "everyone" is off.

>Why you ?

no you why you?
>>

*blushes*

-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqTfMACgkQynWwk3/AtyPCmwP/SFRVlvoil+vHNkoP3oYj2tOYD/2S
iS3aU9kwNCDZQIq9vwVpUeZDSVBSFpa2yvhPOELi48qx7m3eU8Yg8H6rbazWAHLA92QV
SdQDJuGHaMerWfs5cxumxBm3X9IcaXCemLPnnp1b9afiHcAdM5kkGgl7NXEzCpsEpsTQ
61BM2IA=
=SImy
-END PGP SIGNATURE-

--
Click here to increase your salary by earning an online degree.
 
http://tagline.hushmail.com/fc/PnY6qxtpfWeTirBzHdcSxcHBfXFZEKHtrbgjG9oDkYbTFRadDSqRS/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full Disclosure of What ?

[sexyazngrl69]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hiya:

On Sat, 10 Jan 2009 21:24:40 -0500 Gomer Stackseg
 wrote:
>G'day to the FD list:

g'day to you too<3

>I find the interplay between netdev and ureleet to be a defining
>element of inanity, misanthropy and sheer waste of bandwidth.  Who
>cares about the pissing between what appears to be two colossal
>noise
>generating clowns ?

/me *giggles* and loves n3td3v

:))
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAklqHGQACgkQynWwk3/AtyOh8wP/cORU7iy80FZ6T85VogkFnowrwLAT
O3ucTMYxVDbU0LMU+jHTJyeMkQI/GBpVA2Hk43eUkk0pQ4ebiNsSFcv6Vx0yVmqltgNd
qUsOtLRV9OGC1gtglDrmiKmwSdwOxZO0Y/H5ry1Ps2ZLR3dAfhpZlXXe48Q7bpKNtjwh
KDjQP6k=
=XHKI
-END PGP SIGNATURE-

--
Click for free info on online masters degrees and make up to $150K/ year
 
http://tagline.hushmail.com/fc/PnY6qxtpjYl3OpqOwoCiWdrStDDVtxz04lCOZn3MYTFsovqw5Nxck/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/