[Full-disclosure] d4yj4y

2005-12-19 Thread InfoSecBOFH
Nice trick. X-Forwarded-To: [EMAIL PROTECTED], [EMAIL PROTECTED] X-Forwarded-For: [EMAIL PROTECTED] [EMAIL PROTECTED], [EMAIL PROTECTED] To forward me every SF mailing list post. Do you really think its hard for me to filter it? n00b. ___ Full-Disclo

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread J.A. Terranson
On Mon, 19 Dec 2005, Chris Umphress wrote: > I suppose I could argue on either side of that fence. In my mind, > Abraham was there early, so the Israelites were re-claiming their > land. Interesting viewpoint, though. I have a hard time with placing a reservation on a land parcel for 4000 years

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread J.A. Terranson
Oh. My. Gawd. *This* is the reason that 90% of the planet wants us under the mushroom cloud. I am just struck by your, uh, uh.pedestrian cluelessness... On Mon, 19 Dec 2005, Red Leg wrote: > Date: Mon, 19 Dec 2005 22:57:43 -0500 > From: Red Leg <[EMAIL PROTECTED]> > To: Full Disclosur

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread Chris Umphress
On 12/19/05, J.A. Terranson <[EMAIL PROTECTED]> wrote: > > On Mon, 19 Dec 2005, Chris Umphress wrote: > > > On 12/19/05, J.A. Terranson <[EMAIL PROTECTED]> wrote: > > > > > > America is odd in that is is an active supporter of terrorism (Israel), an > > > > Come again? Israel is a terrorist state?

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread qballus
Ahaha, and the stereotypes just keep on coming... n00b.On 12/20/05, Red Leg <[EMAIL PROTECTED]> wrote: On 12/19/05 3:21 PM, "darren kirby" <[EMAIL PROTECTED]> wrote:> quoth the [EMAIL PROTECTED] :>> J A (Jack Ass) If the NYT went out of business today would you loose all>> reference to what is rea

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread Red Leg
On 12/19/05 3:21 PM, "darren kirby" <[EMAIL PROTECTED]> wrote: > quoth the [EMAIL PROTECTED]: >> J A (Jack Ass) If the NYT went out of business today would you loose all >> reference to what is real? Read the Post Dude. >> >> With silver spoon growing up under mommies wing in Battery Park Plaza,

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread rek2
Maybe because Israel Invaded their country...!!??? and they dont have and army to defend themself other than suicide bombers? and Israel is backup up by? the USA. Chris Umphress wrote: On 12/19/05, J.A. Terranson <[EMAIL PROTECTED]> wrote: America is odd in that is is an active supporter

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread J.A. Terranson
On Mon, 19 Dec 2005, Chris Umphress wrote: > On 12/19/05, J.A. Terranson <[EMAIL PROTECTED]> wrote: > > > > America is odd in that is is an active supporter of terrorism (Israel), an > > Come again? Israel is a terrorist state? How in the world did you get > your mind bent enough that this even s

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread Chris Umphress
On 12/19/05, J.A. Terranson <[EMAIL PROTECTED]> wrote: > > America is odd in that is is an active supporter of terrorism (Israel), an Come again? Israel is a terrorist state? How in the world did you get your mind bent enough that this even seems right? What are you on? Israel has some intere

[Full-disclosure] RE: Authenticated EIGRP DoS / Information leak

2005-12-19 Thread Paul Oxman \(poxman\)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Response == This is Cisco PSIRTs' response to the statements made from Arhont Ltd. Information Security in their messages: * Unauthenticated EIGRP DoS. * Authenticated EIGRP DoS / Information leak. posted on the 20

[Full-disclosure] Re: Unauthenticated EIGRP DoS

2005-12-19 Thread Paul Oxman \(poxman\)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Response == This is Cisco PSIRTs' response to the statements made from Arhont Ltd. Information Security in their messages: * Unauthenticated EIGRP DoS. * Authenticated EIGRP DoS / Information leak. posted on the 20

[Full-disclosure] LiveJournal CSS/JS injection vulnerability

2005-12-19 Thread Andrew Farmer
SUMMARY -- The popular Livejournal[1] social networking software contained an error which allowed for the inclusion of Javascript in user-supplied content. [1] http://www.livejournal.org/, http://www.livejournal.com/ BACKGROUND

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread J.A. Terranson
On Tue, 20 Dec 2005 [EMAIL PROTECTED] wrote: > Arrgh. I'm filtering all further responses before I have an aneurism. N00b, > you're emails are a waste of electrons. http://video.google.com/videoplay?docid=-7353861623306470827&q=surveillance&time=146 -- Yours, J.A. Terranson [EMAIL PROTEC

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread n3td3v
I'll go as far to say, I HOPE THE SUICIDE BOMBERS WIN IN IRAQ, because it will teach countires never to launch a PRE EMPTIVE strike against another country again, for the sake of REGIME CHANGE. If we don't learn from IRAQ and attack more countires, then the world is truely DOOMED On 12/20/05, [EMA

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread qballus
Arrgh. I'm filtering all further responses before I have an aneurism. N00b, you're emails are a waste of electrons.On 12/20/05, n3td3v < [EMAIL PROTECTED]> wrote:If Bush wasn't president:There would be no suicide bombers in Iraq There would be no cyber terrorism threatThere would be no Iran/North K

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread n3td3v
If Bush wasn't president: There would be no suicide bombers in Iraq There would be no cyber terrorism threat There would be no Iran/North KR against U.S policy All of the above has been created during Bush's time in office... he'll be adding to the list before he's out. On 12/19/05, Dude VanWi

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread J.A. Terranson
Amen - sing it brother! America is odd in that is is an active supporter of terrorism (Israel), an active participant in terrorism (Iraq, iran, Cuba, Afghanistan, etc.),, and an exporter of terrorism (by proxy in ~6 Euro countries), yet we fully don't understand why everyone dances for joy when w

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread qballus
If the US spent 1/10th of the time and money on preventing something like drink driving, it'd be saving tens of thousands of more lives, net. Put it into proprtion. Terrorism is not an issue, but it's foreign policy is.On 12/20/05, TJ < [EMAIL PROTECTED]> wrote: Yes, there is always more than one s

[Full-disclosure] Thomas ENCHELMEIER ist außer Haus / Thomas ENCHE LMEIER is out of office

2005-12-19 Thread Thomas ENCHELMEIER
Ich werde ab 19.12.2005 nicht im Büro sein. Ich kehre zurück am 08.01.2006. Ich befinde mich vom 19.12.2005 bis einschließlich 05.01.2006 im Urlaub. Bitte wenden Sie sich in dieser Zeit unter [EMAIL PROTECTED] an Herrn Michael Dindorf. * I'm on holiday from 12-19-2005 till 01-05-2006. Durin

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread rek2
Im sorry I don't usually take sides here but this is all CNN/FOX news bull shit. lets keep the Americanish for the right win american TV. we all know that the USA is a big hype and only some of its citizents belive it. I never saw an inocent american die in any WAR... TJ wrote: Yes, there

RE: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush ... my last post in this thread

2005-12-19 Thread TJ
Yes, there is always more than one side to every story. And, yes - everyone has a right to *peaceable* nuclear power. *Peaceable* being the key word there ... as for saying "Good for the goose, good for the gander" - NO; when people are killing innocents they deserve to not have the chance to c

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread GroundZero Security
LOL! - Original Message - From: "KF (lists)" <[EMAIL PROTECTED]> To: Sent: Monday, December 19, 2005 10:42 PM Subject: Re: [Full-disclosure] Unzip *ALL* verisons ;)) > Im thinking this is a pretty old school bug... this is damn old code I > believe. I know its something I found while

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread c0ntex
On 19/12/05, KF (lists) <[EMAIL PROTECTED]> wrote: > Um... the point was that 3 years ago when I found this (or something > similar)... the attached exploit worked just fine. I could give a rats > ass less what you or anyone else does with it today. The bug was pretty > much pointless to begin with

Re: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush

2005-12-19 Thread Byron Sonne
And - about permitting Iran to develop nuclear power "because the US is a bully" ... WTF? More than one side to the story, homes... everyone has the right to peacable nuclear power. Even if they did develop nukes, it's in their right. If the USA, Russia + satellite states, France, UK, India,

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread KF (lists)
Um... the point was that 3 years ago when I found this (or something similar)... the attached exploit worked just fine. I could give a rats ass less what you or anyone else does with it today. The bug was pretty much pointless to begin with anyway. All these folks are talking about not being a

RE: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush

2005-12-19 Thread J.A. Terranson
On Mon, 19 Dec 2005, TJ wrote: > So, because war was not declared it doesn't exist? Not at all. It clearly exists - we've certainly killed and maimed enough civilians to prove it. > No; we are at war - not because of what our President has done / is doing, > but because we were attacked (again

[Full-disclosure] Re: Making unidirectional VLAN and PVLAN jumping bidirectional

2005-12-19 Thread Clayton Kossmeyer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Response == This is Cisco PSIRT's response to the statements made by Arhont Ltd. in their message: Making unidirectional VLAN and PVLAN jumping bidirectional, posted on 2005-Dec-19. An archived version of the report can be found here

RE: [Full-disclosure] An uncontrolled ***OFFTOPIC*** thread ... America's future under George Bush

2005-12-19 Thread TJ
So, because war was not declared it doesn't exist? No; we are at war - not because of what our President has done / is doing, but because we were attacked (again) and are *finally* responding. And - about permitting Iran to develop nuclear power "because the US is a bully" ... WTF? You are talk

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread c0ntex
On 19/12/05, KF (lists) <[EMAIL PROTECTED]> wrote: > Im thinking this is a pretty old school bug... this is damn old code I > believe. I know its something I found while working at Snosoft but I > have no clue whe DVDMAN's code is pointless. Use the source, luke, and stop watching movies..

[Full-disclosure] MDKSA-2005:233 - Updated apache2 packages fix vulnerability in worker MPM

2005-12-19 Thread Mandriva Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:233 http://www.mandriva.com/security/

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread J.A. Terranson
On Mon, 19 Dec 2005 [EMAIL PROTECTED] wrote: > J A (Jack Ass) If the NYT went out of business today would you loose all > reference to what is real? Read the Post Dude. The NY Pest? You mean the rag that has National News on page 7, and Entertainment on the front page (next to ALIENS LANDING FR

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread KF (lists)
Im thinking this is a pretty old school bug... this is damn old code I believe. I know its something I found while working at Snosoft but I have no clue when. /* By DVDMAN ([EMAIL PROTECTED])[EMAIL PROTECTED] http://www.snosoft.com http://WWW.L33TSECURITY.COM L33T SECURITY Keep It Private base

Re: [Full-disclosure] [Clips] A small editorial aboutrecentevents.(fwd)

2005-12-19 Thread bkfsec
Jamie C. Pole wrote: And by the way, I believe that President Bush should have militarized New Orleans when the mayor ignored the signs that the hurricane was going to strike his city. The mandatory evacuation should have been enforced by the military, and quite a few less people would ha

Re: [Full-disclosure] [Clips] A small editorial about recentevents.(fwd)

2005-12-19 Thread bkfsec
Rodrigo Barbosa wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Dec 18, 2005 at 11:32:00PM -0600, Jamie C. Pole wrote: Perhaps you can explain why Louisiana state officials blocked 2 Red Cross convoys carrying relief supplies from entering New Orleans? Okey, sorry. Engl

[Full-disclosure] Remote Buffer Overflow in Mailenable Enterprise 1.1

2005-12-19 Thread muts
See-Security Research and Development. [-] Product Information MailEnable's mail server software provides a powerful, scalable hosted messaging platform for Microsoft Windows. MailEnable offers stability, unsurpassed flexibility and an extensive feature set which allows you to provide cost-effect

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.sfuture under George Bush.

2005-12-19 Thread Valdis . Kletnieks
On Mon, 19 Dec 2005 15:47:48 EST, Larry Seltzer said: > You might not think so, but legally it's a settled matter. Well.. almost... except this administration has a problem with filing the paperwork. > how well Japanese Americans were treated in WWII. When the president is > acting in pursuit of

Re: [Full-disclosure] [Clips] A small editorial about recent events. (fwd)

2005-12-19 Thread bkfsec
Jamie C. Pole wrote: I'm sorry, but I was also FAR too close to one of the 09/11 attacks. While I agree that giving up (supposedly) certain civil liberties is most decidedly not a good thing, we need to remember one key point - the same liberal whiners that are complaining about the moni

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread senator . crabgrass
I stand corrected, maybe it is a police action, like Vietnam, oh with the exception of its not Vietnam, and yes congress is just full of weaselhood, but they are well paid for their spineless in-action.   --vote for me   -- Original message -- From: [EMAIL PROTECTED] --- B

Re: [Full-disclosure] [Clips] A small editorial about recent events.(fwd)

2005-12-19 Thread Simon Richter
Hello, Jamie C. Pole wrote: Given the history of terrorist activity in Germany, I'm really surprised that you feel the way you do - your government is benefitting from the intelligence that is being gathered as well. Thankfully, Ms. Merkel seems to understand that. Which is why I'm glad

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread Valdis . Kletnieks
On Mon, 19 Dec 2005 19:50:22 GMT, [EMAIL PROTECTED] said: > WE ARE AT WAR Douche BAG. "Article I, section 8: Powers of Congress The Congress shall have Power To ... To declare War, grant Letters of Marque and Reprisal," Said declaration of war happened when, exactly? (And note -

Re: [Full-disclosure] Exploit code repository

2005-12-19 Thread Michael Holstein
PacketStorm (www.packetstormsecurity.nl) usually has most exploit code and advisories in their archives -- although that site is not connected to F-D. ~Mike. wilder_jeff Wilder wrote: Does anyone know of a location where the exploit code for the issues we address on this list can be found?.

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread darren kirby
quoth the [EMAIL PROTECTED]: > J A (Jack Ass) If the NYT went out of business today would you loose all > reference to what is real? Read the Post Dude. > > With silver spoon growing up under mommies wing in Battery Park Plaza, I > guess Starret City in the Bronx was too polluted, so you privileged

[Full-disclosure] Exploit code repository

2005-12-19 Thread wilder_jeff Wilder
Does anyone know of a location where the exploit code for the issues we address on this list can be found?... Much of the time I see the e-mails roll through wiht just a high level discription of the information. I have the new and old copies of Metaspoit installed and running ... but would li

Re: [Full-disclosure] about that new MySpace XSS worm

2005-12-19 Thread Xavier
Debasis, > >> 2) The XSS worm is propagating via malicious .swf Flash files, > >> using ActionScript and Cross-Domain data loading. > > I failed to understand, how it manage to _self-propagate_ via .swf file?? > Can you elaborate here??? > > If your answer is XSS, then it implies it is not self pr

RE: [Full-disclosure] about that new MySpace XSS worm

2005-12-19 Thread Debasis Mohanty
>> In other words, the "worm" creates a link to the malicious flash file in your MySpace profile. >> Whenever someone views your profile with a vulnerable version of Flash they become infected and the "worm" grows.   Exactly !! This is what seems to be the reason behind the worm propagatio

Re: [Full-disclosure] about that new MySpace XSS worm

2005-12-19 Thread Kevin Pawloski
A worm propagating through MySpace using a malicious flash file has been going on for awhile now. There was one back in the end of October where viewing a malicious Flash file changed your default picture to our main man Ali G. A few days later, Symantec issued a security bulletin for vulnerabili

Re: More info ? Re: [Full-disclosure] [SECURITY] [DSA 923-1] New dropbear packages fix arbitrary code execution

2005-12-19 Thread Florian Weimer
* Rodrigo Barbosa: > On Mon, Dec 19, 2005 at 06:54:40AM +0100, Martin Schulze wrote: >> A buffer overflow has been discovered in dropbear, a lightweight SSH2 >> server and client, that may allow authenticated users to execute >> arbitrary code as the server user (usually root). > > Does anyone can

RE: [Full-disclosure] Security Contact (2)

2005-12-19 Thread Telafici, Joe
Hi Thierry, - [EMAIL PROTECTED] is the appropriate address to report vulnerabilities in McAfee products. - [EMAIL PROTECTED] to report false positives or submit samples of possible malware - [EMAIL PROTECTED] for vendors to appeal/request more info on Potentially Unwanted Program detections HTH

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread senator . crabgrass
J A (Jack Ass) If the NYT went out of business today would you loose all reference to what is real? Read the Post Dude.   With silver spoon growing up under mommies wing in Battery Park Plaza, I guess Starret City in the Bronx was too polluted, so you privileged bastards chose another land fill t

RE: [Full-disclosure] about that new MySpace XSS worm

2005-12-19 Thread Debasis Mohanty
Hi, I read your blog. Find my comments inline - - Original Message - From: "Xavier" <[EMAIL PROTECTED]> To: Sent: Sunday, December 18, 2005 8:19 AM Subject: [Full-disclosure] about that new MySpace XSS worm >> 1) There is a XSS vulnerability in MySpace.com, in the form of an >> unsanit

Re: [Full-disclosure] famouse n3td3v quotes!

2005-12-19 Thread Jeff Rosowski
That remindes me, I have this stashed away from the ol BBS days: I can take no more of this cruelty so I stand up from my table in the food court of the local mall I press my right hand to to where my heart lies beneath my black-clothed mortal flesh, raise my left to the sky in sort of a futile

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread deepquest
Darwin 8.3.0 Darwin Kernel Version 8.3.0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x0002d000 Thread 0 Crashed: 0 libSystem.B.dylib 0x90002e80 strcpy + 96 1 unzip 0x000145cc 0x1000 + 79308 2 unzip 0xe7fc 0x1000 + 5

[Full-disclosure] Security Contact (2)

2005-12-19 Thread Thierry Zoller
Dear list , [Sorry to abuse it to get in touch with some vendors..] If anybody of the following vendors is reading this list, please get in touch with me : MCAfee PS : (Yes I tried most avenues, except phone and fax) -- http://secdev.zoller.lu Thierry Zoller __

[Full-disclosure] Making unidirectional VLAN and PVLAN jumping bidirectional

2005-12-19 Thread Andrew A. Vladimirov
Arhont Ltd.- Information Security Arhont Advisory by: Arhont Ltd Advisory: Making unidirectional VLAN and PVLAN jumping bidirectional Class: design bug Vulnerable protocols: 802.1q, various PVLAN implementations Model Specific: Th

[Full-disclosure] Authenticated EIGRP DoS / Information leak

2005-12-19 Thread Andrew A. Vladimirov
Arhont Ltd.- Information Security Arhont Advisory by: Arhont Ltd Advisory: Authenticated EIGRP DoS / Information leak Class: design bug Version: EIGRP version 1.2 Model Specific:Other versions might have the same

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread Rodrigo Barbosa
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Dec 19, 2005 at 05:27:15PM +0100, Joachim Schipper wrote: > On Mon, Dec 19, 2005 at 12:06:07PM +, c0ntex wrote: > > Just to add to the pot, this little bug has been there a long time, > > mmm, around 2+ yrs. Any apps calling unzip? Any unzi

[Full-disclosure] Unauthenticated EIGRP DoS

2005-12-19 Thread Andrew A. Vladimirov
Arhont Ltd.- Information Security Arhont Advisory by:Arhont Ltd Advisory: Unauthenticated EIGRP DoS Class:design bug Version:EIGRP version 1.2 Model Specific: Other versions might have the same bug DETAILS: We have used our custom EIGRP packet gener

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread Joachim Schipper
On Mon, Dec 19, 2005 at 04:44:02PM +, c0ntex wrote: > On 19/12/05, Joachim Schipper <[EMAIL PROTECTED]> wrote > > > I cannot reproduce this, either with "A" x 5000 or "A" x 2. I tested > > unzip-5.52 on Linux/i386-2.6 and OpenBSD/i386-3.8, and saw no error. > > > > Joachim

RE: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread Bob Dehnhardt
Title: RE: [Full-disclosure] Unzip *ALL* verisons ;)) [bobd@ ~]$ unzip -v|head -1 UnZip 5.51 of 22 May 2004, by Info-ZIP.  Maintained by C. Spieler.  Send [bobd@ ~]$ uname -a Linux 2.6.14-1.1644_FC4 #1 Sun Nov 27 03:25:11 EST 2005 i686 i686 i386 GNU/Linux [bobd@ ~]$ unzip `perl -e 'print "A

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread c0ntex
On 19/12/05, Joachim Schipper <[EMAIL PROTECTED]> wrote > I cannot reproduce this, either with "A" x 5000 or "A" x 2. I tested > unzip-5.52 on Linux/i386-2.6 and OpenBSD/i386-3.8, and saw no error. > > Joachim [c0ntex@ ~]$ unzip -v | head -1 UnZip 5.32 of 3 November 1997, by

Re: [Full-disclosure] Please read. I feel this is important.

2005-12-19 Thread Valdis . Kletnieks
On Mon, 19 Dec 2005 12:23:52 GMT, Edward Pearson said: > This is not why this list was created. To have one e-mail on topic and > the rest I can only class as spam. On such a respected list, that I have > been a keen subscriber to for years. > Even before computing became a big part of my life, b

Re: [Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread Joachim Schipper
On Mon, Dec 19, 2005 at 12:06:07PM +, c0ntex wrote: > Just to add to the pot, this little bug has been there a long time, > mmm, around 2+ yrs. Any apps calling unzip? Any unzip archives with > rather large files? > > ;) > > [EMAIL PROTECTED] tmp]$ gdb -q unzip > (no debugging symbols found).

[Full-disclosure] Cerberus Helpdesk vulnerabilities

2005-12-19 Thread A. Ramos
Title: Cerberus Helpdesk multiple vulnerabilities. Severity: Medium Affected: cerberus-gui (2.649), support-center (2.649<->3.2.0pr2) Problem type: remote Author: Alejandro Ramos Description: --- Cerberus Helpdesk is a We

More info ? Re: [Full-disclosure] [SECURITY] [DSA 923-1] New dropbear packages fix arbitrary code execution

2005-12-19 Thread Rodrigo Barbosa
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Dec 19, 2005 at 06:54:40AM +0100, Martin Schulze wrote: > A buffer overflow has been discovered in dropbear, a lightweight SSH2 > server and client, that may allow authenticated users to execute > arbitrary code as the server user (usually root

Re: [Full-disclosure] [Clips] A small editorial about recent events.(fwd)

2005-12-19 Thread Disco Jonny
helo jamie, Sorry mate, you are no veteran, you have bought into the shit you government feeds you. people *have* rights they dont *earn* them cuntie well done you. just think you could have died for nothing - you put your whole existence on the line based on lies and rhetoric. have a prize - t

RE: [Full-disclosure] Please read. I feel this is important.

2005-12-19 Thread Edward Pearson
I hate to do exactly what I asked you guys not to However for me this sums it all up. This is an e-mail I received this morning from somebody (no names mentioned) on the list [direct quote] Sorry man I just wanted some traffic besides netdev, so long as he doesnt post, I will keep mailings restr

RE: [Full-disclosure] [Clips] A small editorial about recent events.(fwd)

2005-12-19 Thread Scott Schappert
People seem to forget that your place of birth is not your choice. Should you choose to rant about earning to scorn others for having a different philosophy about freedom and death, that is cool, but remember the scaffolding you fought for includes (our?) constitutional amendments. People do not

Re: [Full-disclosure] [Clips] A small editorial about recent events. (fwd)

2005-12-19 Thread Perry E. Metzger
"Jamie C. Pole" <[EMAIL PROTECTED]> writes: > I'm sorry, but I was also FAR too close to one of the 09/11 attacks. > While I agree that giving up (supposedly) certain civil liberties is > most decidedly not a good thing, we need to remember one key point - > the same liberal whiners that are compl

Re: [Full-disclosure] [Clips] A small editorial about recent events. (fwd)

2005-12-19 Thread Benjamin Franz
On Sun, 18 Dec 2005, Jamie C. Pole wrote: Well, for one thing, I am a veteran, and have EARNED these rights that you liberal whiners take for granted. When you believe in something enough to die for it, come back and talk to me. I'm a veteran as well. 6 years in the US Navy: 1987 through 1

Re: [Full-disclosure] Please read. I feel this is important.

2005-12-19 Thread mrceconnor
I made a mistake in the way I first sent this reply. I meant for it to go to the list "which it did on my right way of posting to it" this is an e-mail of support. I'm known for my use of words and the lack of some being able understanding how I feel. I'm just a plain straight to the point dude.

Re: [Full-disclosure] Please read. I feel this is important.

2005-12-19 Thread mrceconnor
I know that you ask for us to not post a reply to this. And please excuse me for doing so! But, to me this is one of the few mails that I have received from this list in over a month that was. Please excuse my use of words here. WORTH A SHIT ! I'm a security junkie. I'm not as smart as most of you

RE: [Full-disclosure] [Clips] A small editorial about recent events.(fwd)

2005-12-19 Thread BsCaBl
What in the bloody blue hell does all this have to do with a comuter security group? > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of [EMAIL PROTECTED] > Sent: Sunday, December 18, 2005 10:30 PM > To: [EMAIL PROTECTED] > Cc: Full-Disclosure@list

[Full-disclosure] RE: RLA ("Remote LanD Attack")

2005-12-19 Thread alessandroa
Hi Roger I have a doubt, if the router of my internet provider has ACL's to deny spoofed attacks, probably this attack won't work. Is it correct? Regard's Alessandro Araújo Artagnan

Re: [Full-disclosure] [Clips] A small editorialaboutrecentevents.(fwd)

2005-12-19 Thread Dude VanWinkle
On 12/19/05, InfoSecBOFH <[EMAIL PROTECTED]> wrote: > You kniow guys... all I havef to say is... > > fuck politics... we all have common ground so lets not go into the > political debate bullshit. Now you know how I feel with your troll feeding BS, -JP "turnabout is fair play" -Your Wife ___

RE: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s futureunder George Bush.

2005-12-19 Thread Dennis Henderson
. Total crap.. If you believe any of this, you probably day-trade your 401k... Move on people... Nothing to see here... > -Original Message- > From: J.A. Terranson [mailto:[EMAIL PROTECTED] > Sent: Monday, December 19, 2005 2:26 AM > To: Full-Disclosure > Subject: [Full-disclosure] .

Re: [Full-disclosure] 2x 0day Microsoft Windows Excel

2005-12-19 Thread [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have said so this is only null pointer bugs but the way I trigger the bug might be modded for a remote code execution who know , I'm not a guru and maybe did an error triggering the flaw who knows :) but I bet many are already reasearching on this he

Re: [Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread Dude VanWinkle
On 12/19/05, J.A. Terranson <[EMAIL PROTECTED]> wrote: > > While we're debunking George... Hey man, save this for netdev's next thread that is the _only_ good excuse for filling ppl's inboxes with political rhetoric jeez of all ppl, I am saying this ;-) -JP

Re: [Full-disclosure] [Clips] A small editorial about recent events. (fwd)

2005-12-19 Thread Dude VanWinkle
On 12/18/05, Jamie C. Pole <[EMAIL PROTECTED]> wrote: > As far as the rest of your point, I actually agree with you. I see > no reason why the government needs to know which books you are > reading, and I don't believe the government should know how long you > are talking to your "psychic-phone-se

[Full-disclosure] Re: RLA ("Remote LanD Attack")

2005-12-19 Thread Synister Syntax
For a bit of clarification, Roger was someone responding to the post. I Synister Syntax (Justin), was the one who reported/found the exploit. You are correct if your router is configured with such an ACL, you would be protected. The problem, again, is Consumer grade devices have no such ACL

[Full-disclosure] Re: Unzip *ALL* verisons ;))

2005-12-19 Thread c0ntex
No, it is not an advisory, just adding to rediculous posts on elog and excel - anyone can post dumb bugs that have no code or valid use. -- regards c0ntex ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.

[Full-disclosure] Please read. I feel this is important.

2005-12-19 Thread Edward Pearson
People, Please read all of this and take note. It'll take two minutes of your time. When I opened my e-mail this morning, and jumped to the FD folder, what is saw was the straw that broke the camels back. Of the 300(ish) e-mails I got today, Almost all were titled, "A small editorialaboutrecentev

[Full-disclosure] Unzip *ALL* verisons ;))

2005-12-19 Thread c0ntex
Just to add to the pot, this little bug has been there a long time, mmm, around 2+ yrs. Any apps calling unzip? Any unzip archives with rather large files? ;) [EMAIL PROTECTED] tmp]$ gdb -q unzip (no debugging symbols found)...Using host libthread_db library "/lib/tls/libthread_db.so.1". (gdb) r

[Full-disclosure] Re: [Clips] A small editorial about recent events. (fwd)

2005-12-19 Thread isaac.albeniz
David Barroso wrote: Hey Jamie, perhaps it is true that you have lived in 24 countries, but saying that Spain is worse than US, or simply compare Spain to Singapore or Russia in terms of "democracy" denotes a total lack of information about anything that is outside the US. On dom, 2005-12-18 at

Re: [Full-disclosure] [Clips] A small editorial about recent events. (fwd)

2005-12-19 Thread Jamie C. Pole
I don't see how that can be the case - 90% of the time, I am in these foreign countries at the request of their government. I am in an excellent position to make such comparisons. I like Spain (and Russia, and Singapore) very much, but at the same time, shouldn't a Spaniard be concerned

[Full-disclosure] 2x 0day Microsoft Windows Excel

2005-12-19 Thread [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Let's go on the fast publishing :) I wont bother to message microsoft about this because they wont patch it for sure according that they can't patch fully exploitable bugs in a decent time, they do not patch IE dos (http://heapoverflow.com/IEcrash.htm)

[Full-disclosure] elogd 2.6.0 overflow

2005-12-19 Thread GroundZero Security
Hello, i thought after all this noise some security related material would be nice and i just found a bug in elogd on a customer system. by sending a special crafted request, the daemon will crash. i didnt test yet if code execution is possible since i just audit the running daemon on the custome

Re: [Full-disclosure] [Clips] A small editorial about recent events. (fwd)

2005-12-19 Thread David Barroso
Hey Jamie, perhaps it is true that you have lived in 24 countries, but saying that Spain is worse than US, or simply compare Spain to Singapore or Russia in terms of "democracy" denotes a total lack of information about anything that is outside the US. On dom, 2005-12-18 at 22:55 -0600, Jamie C. P

Re: [Full-disclosure] BANTOWN PRESENTS: Give me 0day or give me death

2005-12-19 Thread InfoSecBOFH
cause I love biting... that is what dogs do On 12/18/05, Aditya Deshmukh <[EMAIL PROTECTED]> wrote: > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf > > Of InfoSecBOFH > > Sent: Sunday, December 18, 2005 11:39 AM > > To: full-disclosure@lists.g

[Full-disclosure] .An uncontrolled fiscal crisis.. America.s future under George Bush.

2005-12-19 Thread J.A. Terranson
While we're debunking George... http://www.dissidentvoice.org/Apr05/Whitney0411.htm The Economic Tsunami: Sooner Than You Think by Mike Whitney www.dissidentvoice.org April 11, 2005 Send this page to a friend! (click here) .If the world's central bankers accumulate fewer dollars, the re

Re: [Full-disclosure] [Clips] A small editorialaboutrecentevents.(fwd)

2005-12-19 Thread InfoSecBOFH
You kniow guys... all I havef to say is... fuck politics... we all have common ground so lets not go into the political debate bullshit. fuck nuff said. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.