-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 999-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 14th, 2006
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 998-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 14th, 2006
> It is possible to make [dave] aitel suck cocks for little to no
> money.
I attempt replicate vulnerability but condition not vulnerable due
to outer protection of infosec suck up.
Condition can be replicate with [fw] Gobbles
Will test other Immunitysec Gay Slut.
Concerned about your pri
DMA[2006-0313a] - 'Apple OSX Mail.app RFC1740 Real Name Buffer Overflow'
Author: Kevin Finisterre
Vendor: http://www.apple.com/macosx/
Product: 'Mac OSX 10.4.5 with Security Update 2006-001'
References:
http://www.digitalmunition.com/DMA[2006-0313a].txt
http://rfc.net/rfc1740.html
http://cve.mit
--On den 8 mars 2006 14.58.20 -0500 gboyce <[EMAIL PROTECTED]> wrote:
> On Wed, 8 Mar 2006, Security Lists wrote:
>
>> Sorry, I don't see this as amplification in your example, because YOUR
>> dns servers are 100% of the traffic. 1:1 ratio.
>
> Once the first request to the nameservers is ma
FWIW, we've seen the exact activity you outline below in the wild. In
this case, it was associated with spam.
-Original Message-
From: Geo. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 08, 2006 1:27 PM
To: bugtraq@securityfocus.com
Cc: full-disclosure@lists.grok.org.uk
Subject: RE:
On Mon, 2006-03-13 at 15:37 -0500, Simon Smith wrote:
> What is the solution to this problem? Is there a solution that does
> not require a different auth type?
For firewalls? Out-of-band management. In-band management is a big, bold
invitation.
Cheers
Steffen.
Drupal security advisory DRUPAL-SA-2006-004
Advisory ID:DRUPAL-SA-2006-004
Project:Drupal core
Date:
Drupal security advisory DRUPAL-SA-2006-003
Advisory ID:DRUPAL-SA-2006-003
Project:Drupal core
Date:
Drupal security advisory DRUPAL-SA-2006-002
Advisory ID:DRUPAL-SA-2006-002
Project:Drupal core
Date:
Drupal security advisory DRUPAL-SA-2006-001
Advisory ID:DRUPAL-SA-2006-001
Project:Drupal core
Date:
BTW, this kind of ip address would not always work. i try to use
http://2887060730/ to access an internal web server
http://172.21.12.250, but failed.
It said 400 bad request.
I use Windows XP IE 6, web server is Apache on Windows 2003, does
anyone know why?
2006/3/11, Jianqiang Xin <[EMAIL PROT
Yes, this is only a way of expressing an IP address.
Try the following C code, you would find out the answer.
#include
#include
#include
#include
int main()
{
printf("%lu\n", htonl(inet_addr("83.211.166.179")));
return 0;
}
it prints out 1406379699.
2006/3/11, Brian Dessent <[EMAIL
Does this console have to face the Internet?
Why not put the management console in a protected environment with a VPN
doing the authentication to the subnet that would allow you to manage
it? You should be able to protect the web interface and still allow the
managed devices to report to it.
Hi Lyal,
> I find a central issue that often reoccurs when discussing secure protocols
> is the definition of where the secure protocol starts and stops - the user,
> the application, or some underlying OS/functional library or network device?
Based on the context in which the discussion started,
I find a central issue that often reoccurs when discussing secure protocols
is the definition of where the secure protocol starts and stops - the user,
the application, or some underlying OS/functional library or network device?
There are usually huge chasms between the business, legal and
technic
On Monday 13 March 2006 15:17, Lyal Collins wrote:
> Yup, that's right: All PKI authentication is only as good as the
> passwords protecting private keys where such passwords exist, and the
> complementary endpoint security controls.
I thought you might be meaning something like that. I would s
Yup, that's right: All PKI authentication is only as good as the passwords
protecting private keys where such passwords exist, and the complementary
endpoint security controls.
The server is 'authenticated' by the site admin installing a cert and
entering a password. After that the machine is a d
> You said this is a firewall box. Most "appliances" I've seen use
> self-signed SSL certs which don't validate anyway -- so you're ALREADY
> used to clicking "ok" on the warning. Therein lies the danger I suppose.
Exactly. This is probably why Simon is confused. However, if he
verifies the fi
> Although something else may have been intended by using the phrase
> "password-authenticated key agreement", lets not forget that's all PKI is -
> key agreement based on verifying a password.
> At the server end, the site admins password is verified e.g. for SSL servers
> At the client, if you're
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:055
http://www.mandriva.com/security/
___
On Mon, 13 Mar 2006, Jeremy Bishop wrote:
> I suggest "password-authenticated key agreement" as a starting point for
> research outside the traditional public-key methods. (Although, as far
> as I can tell, it would require the "password" to be accessible to the
> server so that the session ca
except for that SSH uses RSA, which uses a public and private key. If the password is encrypted during the transfer to the site, and can only get decrypted there, then it can't possibly be sniffed with some computer inbetween, can it?
On 3/13/06, Tim <[EMAIL PROTECTED]> wrote:
> Well isn't the whol
> except for that SSH uses RSA, which uses a public and private key. If the
> password is encrypted during the transfer to the site, and can only get
> decrypted there, then it can't possibly be sniffed with some computer
> inbetween, can it?
Well that may be true, but we weren't talking about SSH
ZDI-06-003: Ipswitch Collaboration Suite Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-06-003.html
March 13, 2006
-- CVE ID:
CVE-2005-3526
-- Affected Vendor:
Ipswitch
-- Affected Products:
Ipswitch Collaboration Suite 2006.02 and below
-- TippingPoint(TM) IPS Cus
Although something else may have been intended by using the phrase
"password-authenticated key agreement", lets not forget that's all PKI is -
key agreement based on verifying a password.
At the server end, the site admins password is verified e.g. for SSL servers
At the client, if you're lucky, th
Does anyone else feel that using HTTP BASIC AUTH for a firewall is a
bad idea even if it is SSL'd. All basic auth does is creates a hash
string for username:password using base64. That can easily be reversed
and the real username and password extracted. Sure it's SSL but can't a
crafty attacker ju
Ok,
That or the auth mechanism does need to be changed.
Jeremy Bishop wrote:
> On Monday 13 March 2006 12:37, you wrote:
>
>> List,
>> SSL is not a fix for the problem, SSL is just a way of evading
>> the issue or hiding the hole. I can bypass SSL with a man in the
>> middle attack (whi
List,
SSL is not a fix for the problem, SSL is just a way of evading the
issue or hiding the hole. I can bypass SSL with a man in the middle
attack (which I've already done several times). Once I bypass SSL I am
able to capture the http headers and extract the auth string. The auth
string is vu
Tim wrote:
Of course, if your users just click OK every time they see a
certificate warning box, then SSL is completely pointless.
Therein lies the answer. Swift and/or Lazy admins deserve what they get
for not paying attention to warning dialogs. It's a pain to view/verify
certificates (ahe
On Monday 13 March 2006 11:56, Matthijs van Otterdijk wrote:
> except for that SSH uses RSA, which uses a public and private key. If
> the password is encrypted during the transfer to the site, and can
> only get decrypted there, then it can't possibly be sniffed with some
> computer inbetween, can
On Monday 13 March 2006 12:37, you wrote:
> List,
> SSL is not a fix for the problem, SSL is just a way of evading
> the issue or hiding the hole. I can bypass SSL with a man in the
> middle attack (which I've already done several times). Once I bypass
I'm assuming that this is using unsigned
> Does anyone else feel that using HTTP BASIC AUTH for a firewall is a
> bad idea even if it is SSL'd. All basic auth does is creates a hash
> string for username:password using base64. That can easily be reversed
> and the real username and password extracted. Sure it's SSL but can't a
> craft
> Well isn't the whole idea of SSH that the connection is encrypted? so it
> doesn't matter trough how many compromised networks it goes, since it gets
> encrypted at the sending computer and decrypted at the receiving one.
Wow, this reasoning is getting better all the time.
How about this: I'l
Well isn't the whole idea of SSH that the connection is encrypted? so it doesn't matter trough how many compromised networks it goes, since it gets encrypted at the sending computer and decrypted at the receiving one.
On 3/13/06, Simon Smith <[EMAIL PROTECTED]> wrote:
List,Does anyone else feel
List,
Does anyone else feel that using HTTP BASIC AUTH for a firewall is a
bad idea even if it is SSL'd. All basic auth does is creates a hash
string for username:password using base64. That can easily be reversed
and the real username and password extracted. Sure it's SSL but can't a
crafty at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 997-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 13th, 2006
www.quotecolo.com
Fill it out and someone will contact you within 15 minutes if they
need more information.
I've gotten about ~8 quotes from the Boston area with this.
Personal reccomendations:
www.colospace.com (Mostly Internap bandwidth, I have a contact with
someone in Sales)
www.servercity.
Currently I only want pricing, I don't care about the details. I'll
compare the full details later.
Micheal Espinola Jr wrote:
> There are a few. How close/far to Boston to you need/want? What type
> of redundancy/security are you looking for?
>
> On 3/13/06, Simon Smith <[EMAIL PROTECTED]> wrot
Full details of this and past events here:
http://www.dc4420.org/modules/newbb/viewtopic.php?topic_id=8&forum=4&post_id=18#forumpost18
Hope to see some of you there...
cheers,
MM
--
"In DEFCON, we have no names..." errr... well, we do... but silly ones...
__
Anyone know of any good collocation places in the Boston area?
--
Regards,
simon
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
==
Secunia Research 13/03/2006
- Dwarf HTTP Server Source Disclosure and Cross-Site Scripting -
==
Table of Contents
Affected Softwar
==
Secunia Research 13/03/2006
- unalz Filename Handling Directory Traversal Vulnerability -
==
Table of Contents
Affected Software
Why do we give these guys so much of our time?
Michael Mohr wrote:
> The messages all had a Received header with www.c0replay.net in it. In
> addition, they all had the same types of subject lines. So it was an easy
> task to filter by the header and quickly scan the subject lines while
> mas
===
Ubuntu Security Notice USN-264-1 March 13, 2006
gnupg vulnerability
CVE-2006-0049
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 993-2 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 13th, 2006
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 996-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 13th, 2006
Hi,
It should be noted that ProtoVer Sample IMAP testsuite has been released
with 3 unpublished bugs.
Now it looks like that Kerio MailServer preauth bug has been fixed.
Kerio MailServer 6.1.3 changelog:
"""
Version 6.1.3 Patch 1 - March 9, 2006
- Fixed possible crash when handling special craf
On 3/12/06, SO SECURITY RESEARCH INSTITUTE <[EMAIL PROTECTED]> wrote:
>
> If you can provide the evidence to support your claim that the information
> published by the blogger was already in the public non-corporate circuit
> prior to the blog entry being made, do get in touch.
You got me thinking
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 995-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
March 13th, 2006
50 matches
Mail list logo
