===
Ubuntu Security Notice USN-270-1 April 13, 2006
kdegraphics, koffice, xpdf, cupsys, poppler, tetex-bin vulnerabilities
CVE-2006-1244
===
A security issue affects the foll
SEC-CONSULT Security Advisory 20060413-0
title: Opera Browser CSS Attribute Integer Wrap /
Buffer Overflow
program: Opera
vulnerable version: <= 8.52
homepage: www.opera.com
found: 2
In my experience, it doesn't even work in an Exchange environment. The
user gets a message that the message should be recalled, but the
original is still there, even if it hasn't been read yet. I've heard
people say that at one time it would auto-delete the message if it
hadn't been read, but I've
heh you mean YOU have no privacy, get over it
On 4/13/06, Micheal Turner <[EMAIL PROTECTED]> wrote:
You have no privacy anymore, get over it.Send instant messages to your online friends
http://uk.messenger.yahoo.com___Full-Disclosure - We believe in it.C
==
Secunia Research 13/04/2006
Adobe Document Server for Reader Extensions Multiple Vulnerabilities
==
Table of Contents
Affected Softwa
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Google Groups is now zipping HTML file attachments to force seperation.
This can be seen here:
http://groups.google.com/group/Content-Disposition/browse_thread/thread/925106682eb32b2b
GMail is still vulnerable.
On 4/11/06, Darren Bounds <[EMAIL PROTECTED]> wrote:
> GMail, Google Groups XSS Vulner
Argeniss Security Advisory
Name: Vulnerability in Microsoft FrontPage Server Extensions Could Allow
Cross-Site Scripting (MS06-17)
Affected Software: Microsoft FrontPage Server Extensions 2002 and Microsoft
SharePoint Team Services
Severity: Medium
Remote exploitable: Yes (User interventi
At a previous company I sysadmined at, I had just finished installing the
rightfax server, with outlook integration (or maybe ccmail I forget), but
anyhow, an email/fax came out to all of our dealers and customers stating
that our new product was slightly delayed due to something. The VP of sa
It is believed human rights hacktivists are set to launch a response
if British hacker Gary McKinnon is sent to Guantanamo Bay.
Symantec are set to raise their ThreatCon level to warn administrators
of the situation as the case comes to a climax next month.
___
/signed
I've seen people getting busted like this on the news. If the crime
crosses state boundaries, is reported, and totals more than 5k, you've
made the FBI's (very long) list of activity to investigate.
-Viz
On 4/12/06, Bruno Wolff III <[EMAIL PROTECTED]> wrote:
> On Wed, Apr 12, 2006 at 16:1
Gary McKinnon To Speak At Infosecurity Europe Hacking Panel
http://groups.google.com/group/n3td3v/browse_thread/thread/883021159aca274f/4b27c9933e4561b7#4b27c9933e4561b7
On 4/13/06, n3td3v <[EMAIL PROTECTED]> wrote:
> It is believed human rights hacktivists are set to launch a response
> if Britis
ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow
http://www.zerodayinitiative.com/advisories/ZDI-06-008.html
April 13, 2006
-- CVE ID:
CVE-2006-0092
-- Affected Vendor:
Novell
-- Affected Products:
Novell GroupWise Messenger 2
-- TippingPoint(TM) IPS Customer Protection:
T
This is what is affectionally known as "political punishment". Somebody
who has nothing do with a terrorist sect, is threatened with "The Bay".
Feel big now do ya George?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of n3td3v
Sent: 13 April 2006 15:39
To:
Dear Bernhard Mueller,
Opera is pretty bad at CSS, try the new fuzzer from HDM :
http://metasploit.com/users/hdm/tools/see-ess-ess-die/cssdie.html
--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
Yes, the whole George W Bush and War On Terror thing has got out of hand now.
On 4/13/06, Edward Pearson <[EMAIL PROTECTED]> wrote:
> This is what is affectionally known as "political punishment". Somebody
> who has nothing do with a terrorist sect, is threatened with "The Bay".
>
> Feel big now d
Hey, guess what I just found out: Microsoft have deliberately sabotaged
their DNS client's hosts table lookup functionality.
Normally you can override DNS lookup by specifying a hostname and IP
directly in the hosts file, which is searched before any query is issued to
your dns server; th
On Apr 13, 2006, at 1:29 , Dave Korn wrote:
Hey, guess what I just found out: Microsoft have deliberately
sabotaged
their DNS client's hosts table lookup functionality.
I thought this was part of avoiding malware attempts to block Windows
Update.
--
brandon s. allbery [linux,sola
Advisory: PAJAX Remote Code Injection and File Inclusion Vulnerability
RedTeam has identified two security flaws in PAJAX.
It is possible to execute arbitrary PHP code from unchecked user
input. Additionally, it is possible to include arbitrary files on the
server ending in ".class.php".
Details
I'd agree with that. What's the explanation for them doing the same thing with
MSN?
On April 13, 2006, at 1:49, brandon s. allbery wrote:
On Apr 13, 2006, at 1:29 , Dave Korn wrote:
> Hey, guess what I just found out: Microsoft have deliberately
> sabotaged
> their DNS client's hosts tabl
On Thu, 13 Apr 2006 17:50:36 BST, n3td3v said:
> Yes, the whole George W Bush and War On Terror thing has got out of hand now.
GW and company are terrified of any threats to their total control of the
planet.
Anything that terrifies them counts as terrorism, s
pgptFwU1CGCos.pgp
Descrip
On Thu, 13 Apr 2006 11:14:14 EDT, Neil Davis said:
> /signed
> I've seen people getting busted like this on the news. If the crime
> crosses state boundaries, is reported, and totals more than 5k, you've
> made the FBI's (very long) list of activity to investigate.
There's a court case that establ
I don't even get the same IP address for that. I have 64.4.52.189 .
I tried to change it in the host files with the same results. Next I will block that IP in my firewall and see what happens.
Ducki3
On 4/13/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
hi,...makes me wonder what happens
On 4/13/06, Brandon S. Allbery KF8NH <[EMAIL PROTECTED]> wrote:
>
> On Apr 13, 2006, at 1:29 , Dave Korn wrote:
>
> > Hey, guess what I just found out: Microsoft have deliberately
> > sabotaged
> > their DNS client's hosts table lookup functionality.
>
> I thought this was part of avoiding malwa
Brandon S. Allbery KF8NH wrote:
> On Apr 13, 2006, at 1:29 , Dave Korn wrote:
>
>> Hey, guess what I just found out: Microsoft have deliberately
>> sabotaged
>> their DNS client's hosts table lookup functionality.
>
> I thought this was part of avoiding malware attempts to block Windows
> Update
hi,
...makes me wonder what happens if/when they need to change the
IP address of go.microsoft.com
many many people have already been burnt by the hardcoding of
addresses/IPs into their applications.
a
___
Full-Disclosure - We believe in it.
Charter:
On Thursday, April 13, 2006 2:09 PM, [EMAIL PROTECTED] wrote:
>
>Date: Thu, 13 Apr 2006 15:09:19 -0400
>From: [EMAIL PROTECTED]
>To: n3td3v <[EMAIL PROTECTED]>
>Subject: Re: [Full-disclosure] Gary McKinnon
>
>On Thu, 13 Apr 2006 17:50:36 BST, n3td3v said:
>> Yes, the whole George W Bush and War O
heh anyone that thinks they have privacy doesn't get it.
That's almost as pathetic as saying your system is unbreakable.
Neither privacy or unbreakable systems will ever exist.
If man made it, man can break it, period. Any other mindset will lead
to trouble. This includes whatever lockbox you per
_
Bilgisayariniz Messenger ile oturma odaniz olsun! Hem sohbet edin hem
eglenin! http://messenger.msn.com/?mkt=tr&DI=3147&XAPID=2533
___
Full-Disclosure - We believe in it.
Charter: htt
hi
[EMAIL PROTECTED] wrote:
hi,
...makes me wonder what happens if/when they need to change the
IP address of go.microsoft.com
many many people have already been burnt by the hardcoding of
addresses/IPs into their applications.
thats the point. its not the ip which is hardcoded. its the
fqdn
On Thu, Apr 13, 2006 at 06:29:15PM +0100, Dave Korn wrote:
>
> Hey, guess what I just found out: Microsoft have deliberately sabotaged
> their DNS client's hosts table lookup functionality.
> (...) I'd try to block (Windows Media Player) it in my hosts file.
> Microsoft DNS client special-
>>and all the people that got embarassed due to incorrect use of "reply-all"
Leave it there... They'll learn. :)
And of course, you don't stop services to run Exmerge. It uses MAPI and the
store has to be running.
An event sink that \dev\nulls all recalls would be better. :)
-Original M
On 4/13/06, Michael Holstein <[EMAIL PROTECTED]> wrote:
> > In my experience, it doesn't even work in an Exchange environment. The
> > user gets a message that the message should be recalled, but the
> > original is still there, even if it hasn't been read yet. I've heard
> > people say that at one
It doesn't. It's a client-side function.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian Eaton
Sent: Thursday, April 13, 2006 7:34 PM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Recall: Oracle read-only user
caninsert/upd
On 4/12/06, Mike Owen <[EMAIL PROTECTED]> wrote:
In my experience, it doesn't even work in an Exchange environment. Theuser gets a message that the message should be recalled, but the
original is still there, even if it hasn't been read yet. I've heardpeople say that at one time it would auto-delet
On Thu, 13 Apr 2006, Brandon S. Allbery KF8NH wrote:
> On Apr 13, 2006, at 1:29 , Dave Korn wrote:
>
> > Hey, guess what I just found out: Microsoft have deliberately
> > sabotaged their DNS client's hosts table lookup functionality.
>
> I thought this was part of avoiding malware attempts to
John Doe wrote:
> I don't even get the same IP address for that. I have 64.4.52.189 .
> I tried to change it in the host files with the same results. Next I will
> block that IP in my firewall and see what happens.
Think load-balancing, dynaminc content distribution hosting, etc.
A...
So, t
37 matches
Mail list logo
