[Full-disclosure] 1234567890 today
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi.. according to http://en.wikipedia.org/wiki/Unixtime unixtime will have today the 'magic' number 1234567890 gratulations --- and who know where the party is? :) /soylent btw: sry 4 non-sec-posting... i know the list has enough to carry with that --- but... i know there are many geeks out there who wanna make a screenshot of that ;) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFJla0IY86qEhC92cgRAtnnAKCqqexnryOG6fOE2BSyXTI+kPeBPQCfcGjY oNziULQOPJJL+TS07UjSXN0= =omrj -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] help: I need to crack my box
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, i think you should reinstall that box! when someone gets root on it, it is more likely he/she installed also some sort of rootkit. For the case he/she has done something illegal, you should also make a image of the hole disk before re-install. /soylent -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFIhhv1Y86qEhC92cgRAqOCAJ456J1PIZz36RRz4Wd3pSjUh2PUEgCfRTxW BtXU9CISaQqvhQ5oZl4+d+w= =+F/U -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Kmail = 1.9.1 (latest) DOS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 nnp schrieb: Have you verified this on any other ubuntu systems besides your own? Confirmed on 6 other systems, also one kubuntu (with kde) is affected. all have nvidia, but also some with nvidia are not affected.. strange.. /soylent -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFK3ByY86qEhC92cgRAhDBAKCARhfI/baRKHqfxQkhHsxim71e0ACfZyAr aiBLc3mn5Qd/AHqqTKdxV6w= =PmXv -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Kmail = 1.9.1 (latest) DOS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SecuriTeam Expert schrieb: What drivers do you use for X ? (my guess nvidia). yes, nvidia ;) not only ff or gedit crash the x-server, also opening it with epiphany (0.5.1-1ubuntu1) does the job ;) ok, i tested a bit more around: i open the link on a fresh installed full patched ubuntu 6.06, 32 and 64 bit version..(also nvidia-graphic) same effect: - -32bit- Linux amd3800-64 2.6.15-27-amd64-generic X: 7.0.0-0ubuntu45 gnome: 1:2.12.2.3 nvidia-kernel-common: 20051028+1 - -64bit- Linux amd3800 2.6.15-27-k7 gnome, x, .. : same as above firefox - crash gedit - crash epiphany - crash interesting part: when the x server previously runs on tty7, it runs after crash at tty8 and vice versa. at the crashed tty is displayed the following (64bit): *** glibc detected *** free(): invalid next size (normal): 0x01094d50 *** glibc detected *** double free or corruption (!prev) 0x010661e0 *** same messages on the 32bit-system (with shorter memory-addresses) tested it also on a debian-sarge-system (kde+gnome) and pleased someone with gentoo (fluxbox) to test it: no effect maybe ubuntu-specific? hope this helps, /soylent -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFKqQPY86qEhC92cgRAvIOAJ44GQKNQbfIEdLoWZtw654U6JAacwCeOpb5 gUv/8WCUEJ+ZShG6gdY/psk= =KT1N -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Kmail = 1.9.1 (latest) DOS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi :) crashed not only kmail, but complete x-server (gnome) (does restart) ;) lates firefox even with java-script block.. - xserver-crash even gedit seems affected - xserver crash after ~1 min 100%cpu mmh.. no idee, but interesting ;) cheers soylent 2.6.15-27-686 gnome: 2.12.2.3 X: 7.0.0 nnp schrieb: Found this while fuzzing for a different type of vuln. For the life of me I cant do anything useful with this bug so here it is. I dont have the time to narrow down what causes the crash, if anyone manages to get code execution from it, be a dear and let me know ;) I am using KDE 3.5.2 and kmail 1.9.1. This bug requires HTML to be enabled (Settings - Configure Kmail - Security - and tick Prefer HTML to Plain Text.). (email that causes crash) http://silenthack.co.uk/nnp/exploits/kmail/crashMail When the mail is viewed it should crash immediately and give you a stack trace similar to (no debugging symbols found) Using host libthread_db library /lib/tls/i686/cmov/libthread_db.so.1. [KCrash handler] #6 0xe410 in __kernel_vsyscall () #7 0xb787b9a1 in raise () from /lib/tls/i686/cmov/libc.so.6 #8 0xb787d2b9 in abort () from /lib/tls/i686/cmov/libc.so.6 #9 0xb7757cf9 in kdbgstream::flush () from /usr/lib/libkdecore.so.4 #10 0xb7bf7cda in endl () from /usr/lib/libkmailprivate.so #11 0xb5be724e in KIO::Scheduler::_scheduleJob () from /usr/lib/libkio.so.4 #12 0xb6cdaa17 in khtml_jpeg_source_mgr::khtml_jpeg_source_mgr () from /usr/lib/libkhtml.so.4 #13 0xb6cdad1a in khtml_jpeg_source_mgr::khtml_jpeg_source_mgr () from /usr/lib/libkhtml.so.4 #14 0xb7117eb9 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3 #15 0xb7118954 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3 #16 0xb74ad39e in QTimer::timeout () from /usr/lib/libqt-mt.so.3 #17 0xb713ceb1 in QTimer::event () from /usr/lib/libqt-mt.so.3 #18 0xb70ade56 in QApplication::internalNotify () from /usr/lib/libqt-mt.so.3 #19 0xb70ae052 in QApplication::notify () from /usr/lib/libqt-mt.so.3 #20 0xb77abd7d in KApplication::notify () from /usr/lib/libkdecore.so.4 #21 0xb703f157 in QApplication::sendEvent () from /usr/lib/libqt-mt.so.3 #22 0xb709f843 in QEventLoop::activateTimers () from /usr/lib/libqt-mt.so.3 #23 0xb7052f67 in QEventLoop::processEvents () from /usr/lib/libqt-mt.so.3 #24 0xb70c6947 in QEventLoop::enterLoop () from /usr/lib/libqt-mt.so.3 #25 0xb70c686a in QEventLoop::exec () from /usr/lib/libqt-mt.so.3 #26 0xb70ac965 in QApplication::exec () from /usr/lib/libqt-mt.so.3 #27 0x0804a04b in ?? () #28 0xbfe80938 in ?? () #29 0xbfe80b24 in ?? () #30 0x in ?? () -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD4DBQFFKOqgY86qEhC92cgRAgJRAJwLMhE0KYv9xc25xmPcmS1XW9yokgCXabPV IiPg90pOqEzFLJebOleS6g== =RDyh -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] MSN Messanger Virus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://virusscan.jotti.org/ - - GenPack:Trojan.Downloader.Banload.ID (and some other names, 3 detections total) *another one for the collection ;)* cheers soylent Dave King schrieb: A friend of mine contacted me because his MSN Messenger started trying to send files to everyone on his contact list. I signed on and it send me this message: Mira las fotos http://hometown.aol.com.au/miralafoto/imagens001.exe I've run a couple of virus scanners on this file with none of them being able to figure out what it is. Anyone have any clues? Also, I'm having a tough time finding how I can email AOL to tell them to take this file down. Dave King ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDnxVyY86qEhC92cgRAjJhAKCXw0JKg3C8oen06Bl3RyqTYERYZACfVsSF aWYL+AH8iavBcR+ulOTTQvI= =aPih -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Disk Cleaning Tools
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I prefer Darik's Boot and Nuke get it here: http://dban.sourceforge.net/ cheers, soylent Bob the Builder schrieb: Hi, I am looking at software for securely erasing information on disks. Other than stuff like Eraser and Cleanup what other tools have people found useful/reliable. Cheers, Bob ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDFbUXY86qEhC92cgRAnHWAJ4jWvwH9Wb87j4Safo0dX8jspBKNACdHfGz hfFNM7zj8oU3RuybCB8oQ/E= =PW5b -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: www.whois.sc (Florian Weimer)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, maybe this could help you: http://dnsstuff.com/info/revdns.htm the site is generally very nice :) greetz, soylent -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFCsFn1Y86qEhC92cgRAs7tAKCt82uvfsIumvSSXXKWUCAavxywLQCfda1v OXBiAGV9j7bJJwmUKQbVohU= =zJcg -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Mozilla 1.7.8 filehandle-error/win32
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, i just played a little bit around and got this here... browser: mozilla 1.7.8, maybe others too os: win32/xp_sp2_fp, maybe others too exploitable: if stupid users directly open the file cause there is no filename given, YES ;) type: bug/malformed html nothing more to say cause no time 8) cheers, soylent -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCljKuY86qEhC92cgRAk9QAJ973cEkEAtlxm8B4BqUQOe1zGLfmgCeOxdz A7RcPEGAYx7ieSyLvYH+Rb0= =vofD -END PGP SIGNATURE- inline: funny_error.JPG funny_error.htm.gz Description: GNU Zip compressed data ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/