On Mon, May 22, 2006 at 08:05:47AM +1000, Greg wrote:
> Large motel/hotel chain I recently acquired wants to sue previous company
> who did their I.T. work for them as a customer's wifi connected machine
> infected their network and caused loss of booking data thus money.
>
> My question then is -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Virtual Security Research, LLC.
http://www.vsecurity.com/
Security Advisory
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: PDF Form Filling and Fla
On 5/23/06, Brian Eaton <[EMAIL PROTECTED]> wrote:
On 5/23/06, Dude VanWinkle <[EMAIL PROTECTED]> wrote:
> I guess you would hijack their machines with a bug that would edit the
> local cache, refresh the cache, then report to you about the websites
> the victim's machine had visited, and you cou
hi, cool article--- a nice extension of existing return-to-libc
literatrue. something make me wonder if i fully understand u thuogh:
The goal of this text is to show that unlike some folks would like you to
believe the move to x86
architecture really does open up new avenues of exploitation
###
Luigi Auriemma
Application: PunkBuster
http://www.punkbuster.com
Versions: PunkBuster for servers, versions minor than v1.229:
America's Army <
###
Luigi Auriemma
Application: netPanzer
http://www.netpanzer.org
http://netpanzer.berlios.de
Versions: <= 0.8 (rev 952)
Platforms:*nix, *BSD, Windown, Mac and o
Hi,
You might want to have a look at RogueScanner:
http://www.networkchemistry.com/products/roguescanner.php
It is a new open-source project specifically designed to solve the
problem of finding rogue APs by wired side scanning.
RogueScanner works using collaborative classifiction, which means
nevermind with the police you want ot talk to Dateline, or 20/20.
Dateline is really big on the whole "evil internet" thing right now so they
are ripe for this story, if it's true...
the media is the way to go if you really want to turn the "bad guys"
in. You might even earn some cr
Kindest regards
Advisory - Biometric_devices.pdf
Description: Adobe PDF document
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
On 5/23/06, Dude VanWinkle <[EMAIL PROTECTED]> wrote:
I guess you would hijack their machines with a bug that would edit the
local cache, refresh the cache, then report to you about the websites
the victim's machine had visited, and you could request an ssl cert
for those sites.
If you can get
you left.
" Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/";
here
http://groups.google.com/group/n3td3v/browse_thread/thread/7b60d3fbd0eb9a77/7d1f85fbe122fb29#7d1f85fbe122fb29
after this lit
On 5/22/06, Brian Dessent <[EMAIL PROTECTED]> wrote:
[EMAIL PROTECTED] wrote:
>
> On Mon, 22 May 2006 12:02:23 EDT, Dude VanWinkle said:
>
> > DNS foo to the client, how easy is that? Would you have to get the
> > upstream DNS server to cache your bogus entry?
>
> You'd be *amazed* how many are
unfortunately if there is a paper signed by both parties "per acceptance" of
the hotel (it is usually part of the buying/lease contract), and that
includes also the IT stuff, there's nothing to do
a good lawyer could help on this, rather than security experts
and, by the way, if somethin
===
Ubuntu Security Notice USN-285-1 May 23, 2006
awstats vulnerability
CVE-2006-2237
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.04 (Hoary Hedgeh
14 matches
Mail list logo