Thnx a lot for all the replies. The tool that most adapt to my needs was the last one, from Claes Nyberg - It's a really great tool man, thanks a lot. The stogare method is also well organized and get the right bytes in both directions - i was able even to unzip java classes embedded :-)
Apologies if this email is not appropriate for this list.
We have been appointed to facilitate the sale of company which has
developed and maintains a security vulnerability database, thus are
looking for potential buyers for our client.
The company maintains a database of all security
-- HYSA-2006-005 h4cky0u.org Advisory 014--Date - Wed March 08 2006
TITLE:==
WordPress 2.0.1 Remote DoS Exploit
SEVERITY:=
Medium
SOFTWARE:=
Wordpress 2.0.1 and prior
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 987-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
March 7th, 2006
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 988-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
March 8th, 2006
The full disclosure posting about ruby backdoor is fake.
We are looking into the source of this Jason Savora.
Please disreguard his comments.
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter:
1-title:
Revilloc mail server USER command heap overflow
Product:
Revilloc MailServer and Proxy v 1.21 (http://www.revilloC.com)
The mail server is a central point for emails coming in and going out from
home or office
The service will work with any standard email client that supports POP3 and
-= DDSi Security Report =- March 8th, 2006-
Another credentials leak was found in Netcool/NeuSecure Security Information Management platform which leads to remote backend database access with
Are you sure about that amplification process??
Actually if the packet reaches huge sizes it will be fragmented at the
attacker's own place cuz of the network equipment's mtu... or won't be
transmitted at all...
The concept of the smurf attack is in sending large amount of spoofed
packets to the
On Tue, 7 Mar 2006, Daniel Bonekeeper wrote:
83.84.14X.XXX - - [06/Mar/2006:18:18:12 -0500] GET
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arhont Ltd - Information Security
Arhont Advisory by: Konstantin V. Gavrilenko (http://www.arhont.com)
http://www.hackingciscoexposed.com
Arhont ref: arh200601-1
Advisory: Cisco PIX
This is not the first time that we see those kind of attacks, but on
the recent days, I've noticed those requests on my webservers with a
considerable frequency:
83.84.14X.XXX - - [06/Mar/2006:18:18:12 -0500] GET
In the scenario you describe, I cannot see any actual amplification...
I'll give you a senario where you can see.
lets say you have 2 name servers that are local to you.
I setup a domain, example.com. In this domain I create a text record which is
100K in length, I don't know, perhaps I paste
Regarding...
It's been a while since I played on a Windows box, but I believe you
can also create a service which launches
a useful process (e.g.: explorer.exe, cmd.exe) as Local System.
Furthermore, I believe that you can do
this as a Power User too.
Must check a bit that service
Sorry, I don't see this as amplification in your example, because YOUR
dns servers are 100% of the traffic. 1:1 ratio.
Now, if you get the world to cache your text records, and have THEM
flood with source-spoofed UDP (unrelated to the victim's DNS servers),
that'd work, and is actually a
On Wed, 8 Mar 2006, Security Lists wrote:
Sorry, I don't see this as amplification in your example, because YOUR dns
servers are 100% of the traffic. 1:1 ratio.
Once the first request to the nameservers is made, the object should be
cached by the nameservers. Instead of one packet to each
This is a mambo based exploit. There are linux based worm variants
which compromise an site running a vulnerable version of Mambo and then
execute a malicious perl script which in turns attempts to exploit
remote sites.
Harry
Original Message
Subject: [Full-disclosure]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:054
http://www.mandriva.com/security/
It appears that some of the characters in the previous post were not
HTML safe. The original article can be found at: a
href=http://reedarvin.thearvins.com/20060308-01.html;http://reedarvin.thearvins.com/20060308-01.html/a
___
Full-Disclosure - We
19 matches
Mail list logo