A good question, Dan, thank you.
Stuart Carter
IT Dept.
0131 311 5281
Mobile: 0709 204 5442
This message is confidential. If it is not for you, please inform us
immediately and then delete it. The author (not the author's employer) is
responsible for any opinions in the message.
Dan
hi ,dear friends:
I have tested succeed on solaris 8
Executable file(can't read) can be coredumped .
Bug I don't know whether it is still exist or not.
[EMAIL PROTECTED] solaris]$ uname -a
SunOS Solaris8 5.8 Generic_108528-29 sun4u sparc SUNW,Ultra-5_10
COREDUMP enable
example
[EMAIL
Jeroen wrote:
I can reproduce the things mentioned for user/pass-combinations sized 64
bits. For larger combinations ( 64 bits --- 2 or more 64 bits DES blocks)
I can't figure out yet how things work. Have some of you guys 'n girls
already played around with this description? And are you
Quoting Andreas Marx [EMAIL PROTECTED]:
Of course, we know that the problem related to MS05-039 is not
primary an AV problem, but something for (Personal) Firewalls,
IDS/IPS systems and a better patch management. :-)
This is sometimes hard to sit through. It is an access control
Now i need a beer ;)
On 8/25/05, Simon Marechal [EMAIL PROTECTED] wrote:
Jeroen wrote:
I can reproduce the things mentioned for user/pass-combinations sized 64
bits. For larger combinations ( 64 bits --- 2 or more 64 bits DES blocks)
I can't figure out yet how things work. Have some of you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 784-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 25th, 2005
Advisory: New banking security system iTAN not as secure as claimed
The new iTAN security feature for online banking promoted by german
banks does not protect against phishing attacks and trojans as claimed.
Details
===
Product: iTAN Online-Banking Security System
Vulnerability Type: Design
Someone kill this thread! I haven't seen anything disclosed in even
~1~ of these emails.
On 8/25/05, Paul Melson [EMAIL PROTECTED] wrote:
-Original Message-
Subject: RE: [Full-disclosure] talk.google.com
Why do you have to use gmail when it is very easy to setup a mail server
On
You can remove a registry key easily without the need of a 3rd party app.
To delete a registry key with a .reg file, put a hyphen (-) in front
of the RegistryPath in the .reg file.
http://support.microsoft.com/default.aspx?scid=kb;en-us;310516sd=tech
On 8/25/05, mike king [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
For Immediate Disclosure
== Summary ==
Security Alert: NOVL-2005-10098073
Title: GroupWise Password Caching
Date: 16-August-2005
Revision: Original
Product Name:
...and i know about his remote activeX killbit bypass that he has 'under
his belt' as he claims (yes i know how to start an object other then in
object tags ) .
Wow.. And that makes you a l33t h4x07.
Please spare us your great wisdom and stop polluting this list with your
great h4x07ing
A hostile user with administrative access to the machine where a user
is logged in may dump memory and find username/password pairs of
logged in users.
WTF!!. An hostile user with Administrative access to your box could
also delete your box or dump all your naked photos and publish it.
be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I tested existing exploits for PnP bug on my W2k SP4 machine (Spanish)
and they didn't work (services process is crashing but I got no
shell). So I did a quick review with Olly and I realized that
umpnpmgr.dll is being loaded at a different base
Hope I'll not be moderated out of existence.
Stuart,
My ISP has to comply with European data protection laws...
Who trust any government? IT/hackers community should be consistent
in paranoid behaviour.
Dan Margolis [EMAIL PROTECTED] 25/08/2005 03:41:55
...Google Watch nonsense...Why isn't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 785-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 25th, 2005
One interesting point is how beta this software really is. Load it up
into ida and you can see references to their .cpp src as well as their
'cricket' directories. Looks like there's quite a bit more
functionality built in that is just disabled right now, would be kind of
a fun little chore to
Andre Protas wrote:
Also, they are doing some client-side bounds checking on their message
sizes. But, if you connect to talk.google.com from a different client
(gaim for instance), you can send quite a bit larger of a buffer. Hehe,
but then gaim was also cutting me off too the larger I
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200508-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Open Source Tools
-
iDEFENSE Labs is officially releasing three tools designed to automate
the discovery of file format vulnerabilities. FileFuzz, SPIKEfile and
notSPIKEfile were originally released at Black Hat 2005 and have now
been released as open source tools and are
The Server does not accept plain. Actually, some clients were unable to
connect to the jabber server b/c of that. Gajim was one.
Anyone get a perl/python jabber client connecting to talk.google.com
properly?
Signed,
Andre Derek Protas
Security Researcher
eEye Digital Security
aprotas eeye
for the MS holes such this, yeah this is always like this because all
windows are differents, and about the langages if I remember the french
offets are like the deutsch, nl, etc , when you have a lot of free time you
can find out some OS langages using the same offsets.
You are welcome to unsubscribe ... His post is about security , yours is a
nice shit , so stfu and bye.
KEY: 0xA7C69C5F
PRINT: 694C 3495 BCC4 2F8B D794 6BD4 AF8B 457B A7C6 9C5F
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Update Advisory
___
Package name: bluez-utils
Advisory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Update Advisory
___
Package name: pcre
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Update Advisory
___
Package name: php
Advisory ID:
I don't understand the big fuss over google talk.
I think the fuss has to do with the 'Privacy' paragraph in the terms of service:
You agree that Google may access or disclose your personal
information, including the content of your communications and
Personal information collected by Google may
Hi Roman,
I assure you that the address is also different for the French language.
With the similar review with ollydbg, the base address for me is
0x7674. I've attached the resulting exploit and Metasploit's module
for french's system.
Regards,
--
Fabrice MOURRON - Consultant en
Hello!
Every vendor of anti-virus software has a different naming convention and even
the same virus or worm could have a completely different name in a product of
another company.
To reduce the current number of problems, we have created a cross-reference
list of all virus names, based on
From what I have read it seems that Google can only collect personal
information after asking you, as they say in this sentence: When we
require personally identifying information, we will inform you about the
types of information we collect and how we use it.
I suggest you read Google's Privacy
If you also read another part of the policy[1] it states that: " We
conclude that we are required by law or have a good faith belief that
access, preservation or disclosure of such information is reasonably
necessary to protect the rights, property or safety of Google, its
users or the
On 8/24/05, winsoc [EMAIL PROTECTED] wrote:
I seriously cannot believe that someone would be so mundane in
thinking that people would reply to this.
I have heard of several cases of people giving up hundreds of
thousands of dollars and even flying to Nigeria to personally meet the
'prince'.
Think that's bad?
http://www.boingboing.net/2005/08/25/la_record_producer_k.html
- ferg
-- Technica Forensis [EMAIL PROTECTED] wrote:
On 8/24/05, winsoc [EMAIL PROTECTED] wrote:
I seriously cannot believe that someone would be so mundane in
thinking that people would reply to this.
I have
On Aug 25, 2005, at 8:57 PM, Technica Forensis wrote:
I don't understand the big fuss over google talk.
I think the fuss has to do with the 'Privacy' paragraph in the
terms of service:
You agree that Google may access or disclose your personal
information, including the content of your
On 8/25/05, Fergie (Paul Ferguson) [EMAIL PROTECTED] wrote:
Think that's bad?
http://www.boingboing.net/2005/08/25/la_record_producer_k.html
Things like this make me feel even warmer and fuzzier about making a
habit of stringing the 419'ers along with entirely ficticious
financial
34 matches
Mail list logo
