On Tue, 2005-09-13 at 23:24 +0200, [EMAIL PROTECTED] wrote:
Internet Explorer ignores NUL characters
-- i.e. ascii characters with the value 0x00 -- most
security software does not.
Interesting. Did you test this with Outlook as well?
Cheers
Steffen.
signature.asc
Description: This is a
Title:
FileZilla (client) public credentials vulnerabilityRisk:
MediumVersions
affected:=2.2.15Credits:pagvac (Adrian Pastor)Date
found:10th September, 2005Homepage:www.ikwt.comwww.adrianpv.comE-mail:m123303
[ - a t - ] richmond.ac.uk
Background--FileZilla client is an open source
Dear Steffen Kluge,
This is old news reported long time ago by ben moeckel (ben.moeckel at
online.de), see http://www.security.nnov.ru/advisories/content.asp
9. Bypassing filters with special characters
There are some characters client application may ignore silently. For
Example, for HTML
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 815-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
September 16th, 2005
Hi,
For those who are interrested, new version (0.1c) of TAPiON (polymorphic
decryptor generator) is now available. The package can be downloaded at:
http://pb.specialised.info/all/tapion/
- the list of changes in 0.1c version is also stored at this url.
best regards,
Piotr Bania
--
#
ncompress insecure temporary file creation
Vendor: ftp://ftp.leo.org/pub/comp/os/unix/linux/sunsite/utils/compress/
Advisory: http://www.zataz.net/adviso/ncompress-09052005.txt
Vendor informed: yes
Exploit available: yes
Impact : low
Hello Mister D1g1t4lLeech,
You are not able to find by yourself security holes ;)
So you leech other people research.
Go back to you kazaa leech.
Secunia you continu to don't respect vendor release date ;)
Bye
___
Full-Disclosure - We believe in
This is a bug in lsadump2 - there's a type mismatch in one of the
functions, although I forget which one. Something is a pointer which
shouldn't be, or vice versa. Once you fix that, it'll be good to go.
Are you sure about that ?
After investigating deeper, I found several problems in LSADUMP2
Aditya Deshmukh zei:
What alternatives are there to pgpnet ?
Have a look at OpenVPN.
M4
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
If it's on your site, then it's released.. security sites publish
advisories as soon as they are online.
put an index or just put your advisories there when you wanna release
them if you don't want to annoy us and to be annoyed by leechers
i didn't find any reference about the D1g1t4lLeech
List: full-disclosure
Subject:Re: [Full-disclosure] NUL Character Evasion
From: fd () ew ! nsci ! us
Date: 2005-09-15 19:57:30
On Thu, 15 Sep 2005, Williams, James K wrote:
List: full-disclosure
Subject:[Full-disclosure] NUL Character Evasion
From:
What alternatives are there to pgpnet ?
Have a look at OpenVPN.
Thanks Martijn, but isn`t that a SSL vpn ? And from what I
have read about PGPnet I need a IPSEC VPN that uses
PGP keys to do the auth.
I know for ipsec VPNs I could use the winxp's builtin
But that would require moving all
PASTOR ADRIAN wrote:
Title:FileZilla (client) public credentials vulnerability
Risk:Medium
Versions affected: =2.2.15
Credits: pagvac (Adrian Pastor)
Date found: 10th September, 2005
Homepage: www.ikwt.com www.adrianpv.com
E-mail: m123303 [ - a t - ] richmond.ac.uk
[...]
TAC Vista is based on open technologies, TAC VistaR is one of the most
advanced software solutions for building automation.
TAC Vista efficiently and economically controls, checks and analyzes all
building operations, allowing system operators to control and monitor entire
systems on site or
Hello all!
My systems relevant info:
Windows XP SP2 fully patched
Mcafee VirusScan 7.1 Engine 4.4 Definition 4581
Using XP SP2s Internet Explorer, in Google, i used the following search
query:
mcafee driver packet received from the i/o subsystem patch 11
When the results return from google
Get in line:
http://www.eeye.com/html/research/upcoming/20050915.html
More:
http://www.eeye.com/html/research/upcoming/index.html
- ferg
-- 'FoR ReaLz' E. Balansay [EMAIL PROTECTED] wrote:
Hello all!
My systems relevant info:
Windows XP SP2 fully patched
Mcafee VirusScan 7.1 Engine 4.4
It's been a while, but I have decided that because
a lot of valuable information is hosted on greyhatsecurity.org, that it is
within everyone's best interest to share the material.
Some things that have changed:
- The layout. The navigation system looks a lot
cooler now (IMHO) and is easier
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Aditya!
On Fri, 16 Sep 2005, Aditya Deshmukh wrote:
What alternatives are there to pgpnet ?
Have a look at OpenVPN.
Thanks Martijn, but isn`t that a SSL vpn ? And from what I
have read about PGPnet I need a IPSEC VPN that uses
PGP keys
What Trojan does McAfee report?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of 'FoR
ReaLz' E. Balansay
Sent: Friday, September 16, 2005 2:40 PM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Search Results w/Trojan?
Hello all!
My
Hello!
I noticed the same message as well =), we're not using the ebay toolbar.
I have just verified these results from a Win2k3 fully patched machine
with no additional applications installed, except for McAfee 7.1.
Would someone else like to search google for those terms and verify as
This is an accurate detection. Google returns results that contain a
hyperlink that contains the exploit.
I've verified both the detection and exploit.
Craig
==
Using XP SP2s Internet Explorer, in Google, i used the following search
query:
mcafee driver packet received from the i/o
On Fri, 16 Sep 2005, 'FoR ReaLz' E. Balansay wrote:
On Fri, 16 Sep 2005, Madison, Marc wrote:
What Trojan does McAfee report?
Exploit-URLSpoof.gen
See the %00? That is probably wat mcafee calls a Exploit-URLSpoof.gen. I
would hardly call it a trojan ... still, it is interesting to see
With all the discussions surrounding the PHP-Nuke CMS wrapping phpBB2 as
its forums, I've released an application called Analyzer (version 2.0)
available from Download.com.
It checks the following versions and reports if newer versions exist:
mysql
php
apache
phpnuke
phpbb
It also checks
23 matches
Mail list logo