-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Update Advisory
___
Package name: mozilla
Advisory ID:
Andrew Simmons wrote:
As has been pointed out elsewhere - IPv6 is enabled by default on many
(all?) Cisco devices.
No, it is not. You have to explicitly configure IPv6 addresses on
some interface, to enable IPv6 on IPv6-enabled IOS images.
If You don't see anything in `show ipv6 interface' out
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 772-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 3rd, 2005
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of GeeEm
> Sent: Tuesday, August 02, 2005 5:53 PM
> To: full-disclosure@lists.grok.org.uk
> Subject: [Full-disclosure] Hosting Provider Refuses to Share
> Server Logs -How to Proceed?
>
This is certainly a
Johannes Schneider to Peter B. Harvey:
> > This virus at the time of my posting this is only detedted by
> > Kasperski and I cannot find any detail on the virus. Came in the
> > email as given below.
> >
> > URL for the virus http://www.alias-search.com/images/msits.exe
> > Also found was the fol
Peter B. Harvey wrote:
> An update the Virus is a HAXDOOR variant which is a backdoor.
> Symantec and Trend also now detect it.
And most other "major" AV engines -- about an hour before you posted, I
got this result from 22 virus scanners with different engines:
Win32:Haxdoor-AE [Trj]
BDS
CA BrightStor ARCserve Backup Agent for MS SQL Server Buffer Overflow
iDEFENSE Security Advisory 08.02.05
www.idefense.com/application/poi/display?id=287&type=vulnerabilities
August 2, 2005
I. BACKGROUND
BrightStor ARCserve Backup for Windows delivers backup and restore
protection for all Window
On Mon, 1 Aug 2005, John Kinsella wrote:
> Hate having to explain a joke, but...
>
perhaps it wasn't tainted eith enough irony or cynasim and sarcasim?
Thanks,
Ron DuFresne
--
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all
An update the Virus is a HAXDOOR variant which is a backdoor.
Symantec and Trend also now detect it.
The virus is spread by an iframe or link in an email asking to go to
a compromised website. The latest site seen is:
http://crbmarketing.com
>Probobly since in rthe new Phrack it says Phrack will start again
with
>a new staff in 2006/2007 and this guy is mailing from a gmail addy
>so
Or, maybe it could be because it was done by Phrack High Council
not Phrack(.org).
Concerned about your privacy? Follow this link to get
secure FR
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter B. Harvey (Information Security) wrote:
>
> Hi all,
>
> This virus at the time of my posting this is only detedted by
> Kasperski and I cannot find any detail on the virus. Came in the
> email as given below.
>
> URL for the virus http://www.a
Has anyone heard of Proof-of-Concept material out of DEFCON on the CISCO fiasco?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Hey everyone,
The Phrack Staff is proud to announce the FINAL Phrack #63 release.
Enjoy the magazine on the Phrack Internet address :
.:: http://www.phrack.org ::.
PHRACK #63
__^__
Title: Computer Associates BrightStor ARCserve/Enterprise Backup
Agents buffer overflow vulnerability
CA Vulnerability ID: 33239
Discovery Date: 2005-04-25
Disclosure Date: 2005-08-02
Discovered By: iDEFENSE
Impact: A remote attacker can execute arbitrary code with SYSTEM
privileges.
Summa
Frank Knobbe wrote:
On Fri, 2005-07-29 at 14:49 -1000, Jason Coombs wrote:
infowarrior.org is now hosting a fine replica of the cease and desist
letter that was received earlier today:
http://www.infowarrior.org/users/rforno/lynn-cisco.pdf
I wonder if he will get a Cease And Desist
Micheal Espinola Jr wrote:
persuasion by possible threat of action/retaliation is still
persuasion.
Yeah yeah yeah... and a sword is just a knife.
Technically, you're correct -- coercion is a form of persuasion.
However, coercion is not all forms of persuasion, and that is the
distinctio
Airscanner Mobile Security Advisory: Remote Password Compromise of
Microsoft Active Sync 3.7.1
Product:
Microsoft Active Sync 3.7.1
Platform:
Tested on Windows XP Professional SP-2 and Windows Mobile Pocket PC 2003
Requirements:
Windows XP Professional with Active Sync 3.7.1
Credits:
Seth Fog
Well, that's not the point here since he doesn't administrate the boxes
in question. Remember the orginal poster was talking about his domain
being hosted on a shared server. He wants to find out whether the
hosting provider was responsible for having a security hole and why they
believe to have i
Michael Holstein wrote:
You bet! .. as it pertains to anything past their demarc at their
properties, they're entirely free to log and review every packet that
comes/goes.
That means they can legally review your IM chats, go back and read
your email from a month ago, whatever ...
The leg
Dear Bugtraq,
This vulnerability was reported by Natalia Melnikova
(Hataha at yandex.ru)
Vulnerability: Microsoft ActiveSync information leak and spoofing
URL:http://www.security.nnov.ru/Fnews64.html
Vendor: Microsoft
Software: Active Sync 3.8
Author: Natalia M
Michael Holstein wrote:
>> I've never dealt with an intrusion before, but I am the tech for the
> That's all you need to say.
>
> The server logs probably won't tell you exactly what happened, and it
> doesn't matter anyway. ANYTIME you have a hack, regardless of how
> trivial, you rebuild from sc
I've never dealt with an intrusion before, but I am the tech for the
That's all you need to say.
The server logs probably won't tell you exactly what happened, and it
doesn't matter anyway. ANYTIME you have a hack, regardless of how
trivial, you rebuild from scratch.
Why? Because you'll nev
Sam Evans wrote:
Just curious -- if the April patch fixed the vulnerability discussed, then
that would mean (according to Cisco) that the vulnerability affected IPV6
and not IPV4, correct?
As has been pointed out elsewhere - IPv6 is enabled by default on many
(all?) Cisco devices. The tar
Wiretap Act doesn't apply to stored electronic communications.
Nor does it apply to those in realtime on privately owned networks (most
of the Internet is privately-owned).
He who owns the network, owns the data which traverses it.
I believe this is the citation in question (1st District cou
> Kohl's owns the Internet?
Kohl's reserves the right to read my email I send my mom just because
it's on the Internet?
You bet! .. as it pertains to anything past their demarc at their
properties, they're entirely free to log and review every packet that
comes/goes.
That means they can le
Hi guys,
I'm trying to debug ProRat server to discover if I
can execute arbitraty code but as i could see there is no way to attach the
process while is running even if with some tools like Process Magic i can see
the process and his PID.
Any idea to unhide the process?
Thanks in advanc
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200508-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Hi Everyone,
I have some questions about the procedures to follow in the aftermath of
a phishing attack on a website. The situation is complicated by the
fact the site that the intrusion occurred on is hosted by a website
hosting company, and we are their customers.
Early last week, an entity r
Probobly since in rthe new Phrack it says Phrack will start again with
a new staff in 2006/2007 and this guy is mailing from a gmail addy
so
On 8/1/05, Dinis Cruz <[EMAIL PROTECTED]> wrote:
> Surely this is a hoax?
>
> Dinis Cruz
> .Net Security Consultant
>
> Phrack Staff wrote:
> [-]
It is just that https "I am Feeling Lucky" is mapped to PayPal while http
keyword is mapped to Microsoft. Wonder how does Google decide though?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of McKinley,
Jackson
Sent: Tuesday, August 02, 2005 4:29 PM
To: [EM
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Welcome to googles "im feeling lucky" option.
When you enter that into the address bar keywords takes the https
section of it and sticks it into google. See below.
http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&;
q=https
W
Bug Traq <[EMAIL PROTECTED]> wrote on 08/01/2005 11:26:27 AM:
> Paste this URL in a firefox browser address bar and see what happens.
> http://https/;//gmail.google.com
>
> Anyone know why?
Firefox default is to enable Internet Keywords - see
http://www.mozilla.org/docs/end-user/internet-keywords
32 matches
Mail list logo
