[Full-disclosure] Re: MS Word Unchecked Boundary ConditionVulnerability - POC

naveed [EMAIL PROTECTED] wrote in message void dummy(unsigned char* ptr,int sz) { for(int i=0;isz;i++) fwrite(ptr[i],1,1,fptr); } :) Bit odd way of doing things! cheers, DaveK -- Can't think of a witty .sigline today

[Full-disclosure] CFP: DA Workshop - ISOI

This is a call for papers for a DA Workshop (ISOTF/TISF DA). Its name is: Internet Security Operations and Intelligence Workshop or ISOI for short. DA stands for Drone Armies (botnets), which is the main subject of this workshop. I apologize for those who get this message multiple times.

Re: [Full-disclosure] CFP: DA Workshop - ISOI

On Sat, 8 Jul 2006, Gadi Evron wrote: snip Attendance: --- The workshop is organized by the DA and MWP communities with the much appreciated help of Cisco Systems, Inc., and is closed to members of the following communities: DA, MWP (and sister communities such as routesec), OARC,

Re: [Full-disclosure] i've found an exploit, but i want to make it do something before i report it

On 7/7/06, ima cow [EMAIL PROTECTED] wrote: i understand that this is full disclosure, but before i actually spill the beans on the exact nature of the exploit i've found, i'd like to make it actually do something.for now, know that it affects a popular plugin for a popular messaging program.

Re: [Full-disclosure] Re: MS Word Unchecked Boundary ConditionVulnerability - POC

:) :) a copy paste of a routine could easily be converted to fwrite(ptr,1,sizeof(p1),fptr) or so but the things work in either way. On 7/8/06, Dave No, not that one Korn [EMAIL PROTECTED] wrote: naveed [EMAIL PROTECTED] wrote in message void dummy(unsigned char* ptr,int sz) { for(int

Re: [Full-disclosure] CFP: DA Workshop - ISOI

On Sat, 8 Jul 2006, J.A. Terranson wrote: On Sat, 8 Jul 2006, Gadi Evron wrote: And, for the second time, in the second forum (but with no answer as yet), I ask Why is this closed to these communities?. These are the very communities most closely involved with the very topics being

[Full-disclosure] i've found an exploit, but i want to make it do something before i report it

n3td3v wrote:Its a Yahoo Mezzenger vulnerability, we sold to him about three months ago.It must be the most whored vulnerability in the script kid circuit, none ofthem can work out what to do with it.i'm not sure if your message was meant to draw out information, or just a straight-out lie to make

Re: [Full-disclosure] CFP: DA Workshop - ISOI

On 7/8/06, Gadi Evron [EMAIL PROTECTED] wrote: On Sat, 8 Jul 2006, J.A. Terranson wrote: On Sat, 8 Jul 2006, Gadi Evron wrote: And, for the second time, in the second forum (but with no answer as yet), I ask Why is this closed to these communities?. These are the very communities most

Re: [Full-disclosure] i've found an exploit, but i want to make it do something before i report it

Here are some pretty generic things.. Bind shell, connect back shell. have it download a file an execute it. Those are just a few ideas...On 7/7/06, ima cow [EMAIL PROTECTED] wrote: i understand that this is full disclosure, but before i actually spill the beans on the exact nature of the exploit

Re: [Full-disclosure] i've found an exploit, but i want to make it do something before i report it

On 7/8/06, ima cow [EMAIL PROTECTED] wrote: n3td3v wrote: Its a Yahoo Mezzenger vulnerability, we sold to him about three months ago. It must be the most whored vulnerability in the script kid circuit, none of them can work out what to do with it. i'm not sure if your message was meant to