[Full-disclosure] [ MDKSA-2005:050 ] - Updated unzip packages fix vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:050 http://www.mandriva.com/security/

Re: [Full-disclosure] Quarantine your infected users spreading malware

Even done in the most well-meaning manner this is still computer trespass unless it is permitted by the subscriber agreement for an ISP and done by that ISPs staff. I am all in favor of reducing newbie zombies. the only way I can see to do so is to get the user to consent to the upgrade.

Re: [Full-disclosure] [INetCop Security Advisory] Global Hauri Virobot cookie exploit

At last, Hauri cookie vulnerability was patched. About this vulnerability 3 years ago from now, I thank to KF that discussed for the first time. Also, I thank very to Alex Hernandez. Server patch can be downloaded in following URL. URL: http://www.hauri.net/download/download_linux_patch.php

[Full-disclosure] Google + Amazon fun scam

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 WARNING!: dont login to the link , the sample link within [SCAM][/SCAM] redirects to a real scammer website. If i remember I saw on this list a post wich was warning about faking scam links within google.com domain. I got this scam today:

Re: [Full-disclosure] Google + Amazon fun scam

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You think you're smart adding those two tricks together? no just pubbing some interesting informations, wich for you we can all read are not, maybe some will care, but I doubt your critics are interesting here. bye. Nick FitzGerald wrote: [EMAIL

[Full-disclosure] SAN security checklist

Hello list:I must ensure an Stored Area Network SAN sombody knows where in Internet I can find some information about this,like baselines, securitiy checklis, or something like this?I have found this: http://csrc.nist.gov/pcig/CHECKLISTS/span-san-checklist-v1r1.pdfbut it is not sufficient thanks

[Full-disclosure] directory traversal in DirectContact 0.3b

Donato Ferrante Application: DirectContact http://reyero.info/dc/ Version: 0.3b Bug: directory traversal Date: 27-Feb-2006 Author: Donato Ferrante e-mail: [EMAIL PROTECTED] web:

[Full-disclosure] CarolinaCon-2006 - Call for Speakers/Papers

InfoSec/h4x0ring enthusiasts, CarolinaCon is back for another weekend of varied/informative/ interesting/educational presentations, more project mayhem, more heavy partying, and hopefully not more of almost getting the whole thing booted from the hotel (not once, not twice, but three freaking

[Full-disclosure] Using domain whois information for fun and profit

The whois information for this domain contains a script tag. This means if you are to view the whois information on any HTML based page, the script is executed. Registrant: DOMIBOT (CAREFREETRAVELMN-COM-DOM) Avenida Caroni 5478 Colinas Monte, Caracas Venezuela +1.2085751538

RE: [Full-disclosure] Using domain whois information for fun and profit

Title: Message A google search for HTML based Whois pages turned up: http://networking.ringofsaturn.com/Tools/whois.php If you do a whois on carefreetravelmn.com, you get a popup window. Should internic allow tags to be used in domain registration contact info? I don't see why not, it's

[Full-disclosure] IN CASE YOU MISSED: Gay Security Industry Experts Exposed! 1st Issue! What has JP (John Vranesevich) been up to lately? FIND OUT HERE!

The first issue exposing gay security professionals!! The JP Update! IN CASE YOU MISSED IT! http://lists.grok.org.uk/pipermail/full-disclosure/2006- February/042338.html Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480

Re: [Full-disclosure] Using domain whois information for fun and profit

On Mon, Feb 27, 2006 at 02:41:17PM -0600, Response Team wrote: The whois information for this domain contains a script tag. This means if you are to view the whois information on any HTML based page, the script is executed. Registrant: DOMIBOT (CAREFREETRAVELMN-COM-DOM) Avenida

[Full-disclosure] Fwd: FAQ: How to subscribe and or contribute to cypherpunks

busy cypherpunks == frustrated crackers, imagine a 0day free day one day, ah yes... -- Forwarded message -- From: coderman [EMAIL PROTECTED] Date: Feb 27, 2006 1:03 PM Subject: FAQ: How to subscribe and or contribute to cypherpunks To: [EMAIL PROTECTED], Peer-to-peer development.

[Full-disclosure] [ MDKSA-2006:049 ] - Updated squirrelmail packages fix vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2006:049 http://www.mandriva.com/security/

[Full-disclosure] Fwd: hamachi p2p vpn nat-friendly protocol details

last forward for now. (my apologies to the annoyed) so what say ye, full-disclosure? the cypherpunk mission more relevant than ever yet the birthplace remains a barely animated near-corpse... -- Forwarded message -- From: coderman [EMAIL PROTECTED] Date: Feb 27, 2006 11:56 AM

[Full-disclosure] Gay Security Industry Experts Exposed! 2nd Issue! What has James Lohman (DigiEbola) been up to lately? FIND OUT HERE!

Hello FD Readers! With the impressive feedback from issue #1, we were pushed to get out issue #2. Thanks for all of the great e-mail. By the way, if any of the good people here can back up our James Lohman issue with stories of their own, we encourage you to post them here. ti/infi/infidel

Re: [Full-disclosure] Using domain whois information for fun and profit

--clip-- A google search for HTML based Whois pages turned up: http://networking.ringofsaturn.com/Tools/whois.php If you do a whois on carefreetravelmn.com, you get a popup window. Should internic allow tags to be used in domain registration contact info? -traid BTW: This trend is nothing

Re: [Full-disclosure] Using domain whois information for fun and profit

You do realize that Windows, the OS that runs most of the computers on Earth, does not have a native whois tool. Anyway...As someone else pointed out, this has already been reported but apparently I missed it. The evil side of script in Whois info:It still is an interesting way to get traffic to

Re: [Full-disclosure] Fwd: FAQ: How to subscribe and or contribute to cypherpunks

On 2/27/06, coderman [EMAIL PROTECTED] wrote: ::Question:: How do I observe/participate in cypherpunks list discussions? Err, would [EMAIL PROTECTED] be an OK place request subscription? The http://www.cypherpunks.to/list/ site? had that listed, but I could be in the wrong place..

[Full-disclosure] Re: Fwd: FAQ: How to subscribe and or contribute to cypherpunks

Dude VanWinkle [EMAIL PROTECTED] wrote: Err, would [EMAIL PROTECTED] be an OK place request subscription? The http://www.cypherpunks.to/list/ site? had that listed, but I could be in the wrong place.. LNE no longer exists; the jfet.org node has the same policies and uses basically the same

[Full-disclosure] [FLSA-2006:157366] Updated PostgreSQL packages fix security issues

- Fedora Legacy Update Advisory Synopsis: Updated PostgreSQL packages fix security issues Advisory ID: FLSA:157366 Issue date:2006-02-27 Product: Red Hat Linux, Fedora Core

[Full-disclosure] [FLSA-2006:175818] Updated udev packages fix a security issue

- Fedora Legacy Update Advisory Synopsis: Updated udev packages fix a security issue Advisory ID: FLSA:175818 Issue date:2006-02-27 Product: Fedora Core Keywords: Bugfix

[Full-disclosure] [FLSA-2006:177326] Updated mod_auth_pgsql package fixes security issue

- Fedora Legacy Update Advisory Synopsis: Updated mod_auth_pgsql package fixes security issue Advisory ID: FLSA:177326 Issue date:2006-02-27 Product: Fedora Core Keywords:

[Full-disclosure] [FLSA-2006:177694] Updated auth_ldap package fixes security issue

- Fedora Legacy Update Advisory Synopsis: Updated auth_ldap package fixes security issue Advisory ID: FLSA:177694 Issue date:2006-02-27 Product: Red Hat Linux Keywords:

[Full-disclosure] [FLSA-2006:181014] Updated gnutls packages fix a security issue

- Fedora Legacy Update Advisory Synopsis: Updated gnutls packages fix a security issue Advisory ID: FLSA:181014 Issue date:2006-02-27 Product: Fedora Core Keywords: Bugfix