Eliah Kagan wrote:
To say that every time a company makes a mistake that hurts their
users is as bad as Sony installing rootkits on people's computers
nickels and dimes the issue of personal privacy and corporate spying
and makes it more difficult to fight true corporate maliciousness.
On the ot
Where do you see the SOX requirement for this?
On 11/29/05, Aditya Deshmukh
<[EMAIL PROTECTED]> wrote:
> How do I create a totally anon mailbox as required by the sox ?
>
> How are you doing this in your site ?
>
>
>
>
>
> D
Kurt Grutzmacher wrote:
> Just stop keeping our secrets laying around in the "open." That's all we
> ask.
In my opinion this is not a very effective thing to rally against. The
operating system already presents a means to protect against one process
snooping on the other, as has already been poi
How do I create a totally anon mailbox as required by the sox ?
How are you doing this in your site ?
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
_
Nasko Oskov wrote:
If you want to protect the credentials in memory from dumps that go to
Microsoft, why not use CryptProtectMemory() instead of home-grown
obfuscation? This function encrypts the memory with a key that changes
over reboots, so even if you send a dump to MS, they wouldn't know ho
eBay/PayPal policy is to have phishes reported to either [EMAIL PROTECTED]
or [EMAIL PROTECTED].
Spoof sites once confirmed are reported to relevant authority in
addition to being incorporated into eBay toolbar which provides
phishing protection.
mike
Todd Towles wrote:
I suggested both
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
As we're getting childish, and yes this is feeding the troll, but
when it comes to n3tdr3g, it's so much fun watching how irritated he
gets ;-)
On 25 Nov 2005, at 16:24, n3td3v wrote:
You're misinformed advice
And you need to learn to spe
On 11/29/05, xyberpix <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Seriously This is just amusing!
>
> xyberpix
>
>
> Begin forwarded message:
>
> > From: "4Daily.com Hotline" <[EMAIL PROTECTED]>
> > Date: 29 November 2005 22:54:01 GMT
> > To: [EMAIL PROTECTE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Seriously This is just amusing!
xyberpix
Begin forwarded message:
From: "4Daily.com Hotline" <[EMAIL PROTECTED]>
Date: 29 November 2005 22:54:01 GMT
To: [EMAIL PROTECTED]
Subject: [NCF-87985]: Re: [Full-disclosure] Hacking Boot camps!
==
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Wow!!
Now I feel really dated!
That was good fun to play with though ;-)
xyberpix
On 23 Nov 2005, at 05:57, wilder_jeff Wilder wrote:
Speaking of script kiddie stuff... bbs's and the like...
anyone remember VCL?.. virus creation labratory?
-J
On 11/25/05, n3td3v <[EMAIL PROTECTED]> wrote:
Youre playing with fire. Fire that cannot be put out with words butonly inflame the situation of which you are misinformed.Your opinion is noted, yet you dont have a right to gag my opinionjust because you don't agree with it.
I have more right to be o
On Tue, Nov 29, 2005 at 01:11:47PM -0500, Nasko Oskov wrote:
>
> If you want to protect the credentials in memory from dumps that go to
> Microsoft, why not use CryptProtectMemory() instead of home-grown
> obfuscation? This function encrypts the memory with a key that changes
> over reboots, so e
yeah, but 4daily.com isn't part of the list.
4daily.com is some annoying POS advertiser that signed up to the list.
basically, add 4daily.com to your spam list and never see it again.
Kyle
Stephen Johnson wrote:
These get sent if you send an email to the list from an address that is not
list
Nasko Oskov wrote:
> If you want to protect the credentials in memory from dumps that go to
> Microsoft, why not use CryptProtectMemory() instead of home-grown
> obfuscation? This function encrypts the memory with a key that changes
> over reboots, so even if you send a dump to MS, they wouldn't k
On Tue, Nov 29, 2005 at 11:57:00AM +0100, Jaroslaw Sajko wrote:
> pagvac wrote:
> > Jaroslaw,
> >
> > thanks for your post. You're right, the same issue occurs in *many*
> > applications. However, any vendor that is serious about security will
> > at least attempt to obfuscate the credentials in m
As it says on http://www.dyadsecurity.com/s_advisory.html:
PUBLISHED ADVISORIES.
Webmin
Date Found: September 23, 2005.
Public Release: November 29, 2005.
Application:webmin miniserv.pl, all known versions
Details:Webmin 0001 Advisory
UPCOMING ADVISORIES.
Perl
Description:
On Tuesday 29 November 2005 04:07, [EMAIL PROTECTED] wrote:
> [snip ] so so if remote code execution is successful, it would
> lead to a full remote root compromise in a standard configuration.
> DESCRIPTION. The username parameter of the login form is logged via
> the perl `syslog' facility in
I suggested both
[EMAIL PROTECTED]
and
[EMAIL PROTECTED]
In this case, 210.202.161.99, is in Taiwan - [EMAIL PROTECTED] or
[EMAIL PROTECTED]
-Todd
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Morning Wood
> Sent: Tuesday, November 29,
> Wtf?
>
> I wasn't aware I needed a ticket created ... is everyone else getting
these?
yes, I "think" it is tied to an autoresponse email account here on the list
( and very stupid IMHO )
___
Full-Disclosure - We believe in it.
Charter: http://lists.gro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco Security Agent Vulnerable to Privilege
Escalation
=
Advisory ID: cisco-sa-20051129-csa
http://www.cisco.com/warp/public/707/cisco-sa-20051129
These get sent if you send an email to the list from an address that is not
listed as a subscriber.. The moderator reads the email and determines if
it can be posted anyway.
http://www.ouradoptionblog.com
Join our journey of adoption
http://www.thelonecoder.com
[EMAIL PROTECTED]
continuing th
>Someone with more time than me please report the following scam:
>http://210.202.161.99/us/Account_verification/webscr-cmd=_login/
for sites outside the usa, it is futile to contact ebay about every site.
the best thing is to contact the offending server / hosting / isp
__
Date
November 29, 2005
Vulnerability
The Panda Antivirus Library provides file format support for virus analysis.
During decompression of ZOO files Panda is vulnerable to a heap overflow
allowing attackers complete control of the system(s) being protected. This
vulnerability can be exploited re
On 11/29/05, Dave Korn <[EMAIL PROTECTED]> wrote:
> pagvac wrote in
> news:[EMAIL PROTECTED]
>
> > Google Talk stores all user credentials (username and password) in
> > clear-text in the process memory. Such vulnerability was found on
> > August 25, 2005 (two days after the release of Google Talk)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 911-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 29th, 2005
pagvac wrote in
news:[EMAIL PROTECTED]
> Google Talk stores all user credentials (username and password) in
> clear-text in the process memory. Such vulnerability was found on
> August 25, 2005 (two days after the release of Google Talk) and has
> already been patched by Google.
> It was noticed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Same here. Maybe another one rushing into the holidays and forwarding
his mail where it doesnt belong.
Michael Holstein wrote:
> Wtf?
>
> I wasn't aware I needed a ticket created ... is everyone else getting
> these?
>
> ~Mike.
> Original M
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Nov 29, 2005 at 09:44:12AM -0500, Michael Holstein wrote:
> Wtf?
>
> I wasn't aware I needed a ticket created ... is everyone else getting these?
I am and it is quite, quite annoying.
[]s
- --
Rodrigo Barbosa <[EMAIL PROTECTED]>
"Quid quid
Everyone is getting them, I believe. I told John about it on Friday and
he said he would look into it.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Michael Holstein
> Sent: Tuesday, November 29, 2005 8:44 AM
> To: full-disclosure
> Subject: [
Wtf?
I wasn't aware I needed a ticket created ... is everyone else getting these?
~Mike.
Original Message
Subject: [OTO-54919]: Re: [Full-disclosure] Paypal phishing attempt
Date: Tue, 29 Nov 05 09:41:01 -0500
From: 4Daily.com Hotline <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Someone with more time than me please report the following scam:
http://210.202.161.99/us/Account_verification/webscr-cmd=_login/
What .. cc'ing to <[EMAIL PROTECTED]> is too hard?
~Mike.
___
Full-Disclosure - We believe in it.
Charter: http://lists.
Someone with more time than me please report the following scam:
http://210.202.161.99/us/Account_verification/webscr-cmd=_login/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
What about top post? Who won?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of null
Sent: Monday, November 28, 2005 11:28 PM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Securitytrap reloaded.
Hello fu
pagvac wrote:
> Jaroslaw,
>
> thanks for your post. You're right, the same issue occurs in *many*
> applications. However, any vendor that is serious about security will
> at least attempt to obfuscate the credentials in memory (IMHO).
Thanks for your post too. I think you're right that obfuscati
pagvac wrote:
> Jaroslaw,
>
> thanks for your post. You're right, the same issue occurs in *many*
> applications. However, any vendor that is serious about security should
> at least attempt to obfuscate the credentials in the process memory (IMHO).
It's not that the vendor refuses to take securi
On Tue, 29 Nov 2005 11:22:31 +0100
Joachim Schipper <[EMAIL PROTECTED]> wrote:
> On Tue, Nov 29, 2005 at 02:07:10AM -0800, [EMAIL PROTECTED] wrote:
> > SUMMARY. The webmin `miniserv.pl' web server component is vulnerable to
> > a new class of exploitable (remote code) perl format string
> > vulne
Jaroslaw,
thanks for your post. You're right, the same issue occurs in *many*
applications. However, any vendor that is serious about security should
at least attempt to obfuscate the credentials in the process memory (IMHO).
I just published the advisory to let the public know that Google "fixed
Personally I only tested the "patched" version by searching for the
ASCII (decimal) representation of my own password.
In other words, I searched for "mypassword" with a hex editor, rather
than its hexadecimal representation "6d7970617373776f7264"
If what you're saying is that all Google did is c
On Tue, Nov 29, 2005 at 01:52:45AM +0100, Michel Zobel wrote:
> Hello,
>
> someone guided me to http://www.honeynet.org/index.html and i found it a
> nice project. At least i still learned something myself :) Does anyone
> know similar sites with analysis from rootkit infected systems?
> Preferabl
SUMMARY. The webmin `miniserv.pl' web server component is vulnerable to
a new class of exploitable (remote code) perl format string
vulnerabilities. During the login process it is possible to trigger this
vulnerability via a crafted username parameter containing format string
data. In the observed
Hi,
If i am right Google Talk Beta Messenger cleartext credentials in process memory still exist on the current version.
googles answer for this issue:
plain char -> hex char
6ackpace
On 11/29/05, Jaroslaw Sajko <[EMAIL PROTECTED]> wrote:
pagvac wrote:> Title: Google Talk Beta Messenger clear
pagvac wrote:
> Title: Google Talk Beta Messenger cleartext credentials in process memory
>
>
> Description
>
> Google Talk stores all user credentials (username and password) in
> clear-text in the process memory. Such vulnerability was found on
> August 25, 2005 (two days after the release of
42 matches
Mail list logo