Are you n3td3v?? Why all the [EMAIL PROTECTED]@?? he could sue you.Date: Mon, 07 Aug 2006 10:49:20 -0700
From: kaiser scapegoat [EMAIL PROTECTED]
Hi, all -AOL released data for 500,000 out in the wild for 500,000:http://tinyurl.com/ky6ekSince it has been widely mirrored, AOL will next find a
On 08/08/06, Mad World [EMAIL PROTECTED] wrote:
Why do you need it ?You already discovered xss, the rest of job is just matter of technique.I think majority of xss submitters here could do it by various means.M$ is lost in its own complexity of how to do simple things.
If you could ever give me
Hello,for what it's worth..
http://forums.microsoft.com/MSDN/Search/Search.aspx?words=mslocalechoice=9SiteID=1searchscope='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3EForumID=45Greets,Thomas
___
Full-Disclosure - We believe in it.
Charter:
HAI GAIS!http://mysearch.myway.com/jsp/GGmain.jsp?searchfor=%3Cimg%20src%3D%22http%3A//0xdeadface.co.uk/richard.jpg%22/%3E
Hugs Kisses dyn0/codeslag
___
Full-Disclosure - We believe in it.
Charter:
Good morning !
You can doubt, it's your right to do so.
Wanna bet ?
Just open your eyes and your nose will show you that you are actually braking
silly structure of page in more than one place ..
I's relatively easy using the same exact place of code you tried to make it.
I have working example,
On 8/7/06, Nikolay Kubarelov [EMAIL PROTECTED] wrote:
On Friday 04 August 2006 16:06, pdp (architect) wrote:
IMHO, if you want to do stuff on lower level, you need to think of
something else. JavaScript, Flash and Java Applets are technologies
that are designed to run on the WEB. This is why,
Man you suck, codes or stfu.I know the code is broken in more than 1 place, i tried registering event handlers, exiting jscript etc. etc. time to move onpoint is xss is everywhere, trust noone etc. etc.
To make my point clear... last of the [EMAIL PROTECTED]GET
For such a words you could eat your hat if I would like to go in public.
It's a last time i am teaching script kiddies for something beond their
understanding.
I would like that you have at least small area in your brains that restricts
your tong.
If you wouldn't be script kiddie you would take
TSRT-06-07: eIQnetworks Enterprise Security Analyzer Monitoring Agent
Buffer Overflow Vulnerabilities
http://www.tippingpoint.com/security/advisories/TSRT-06-07.html
August 8, 2006
-- CVE ID:
CVE-2006-3838
-- Affected Vendor:
eIQnetworks
-- Affected Products:
Enterprise Security
ZDI-06-026: Microsoft Internet Explorer Multiple CSS Imports Memory
Corruption Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-06-026.html
August 8, 2006
-- CVE ID:
CVE-2006-3451
-- Affected Vendor:
Microsoft
-- Affected Products:
Internet Explorer 6 All
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [ERRATA UPDATE]GLSA 200608-08:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
TSRT-06-08: Microsoft Internet Help COM Object Memory Corruption
Vulnerability
http://www.tippingpoint.com/security/advisories/TSRT-06-08.html
August 8, 2006
-- CVE ID:
CVE-2006-3357
-- Affected Vendor:
Microsoft
-- Affected Products:
Microsoft Windows Server 2003 SP1 and SP2
TSRT-06-09: Microsoft DirectAnimation COM Object Memory Corruption
Vulnerability
http://www.tippingpoint.com/security/advisories/TSRT-06-09.html
August 8, 2006
-- CVE ID:
CVE-2006-3638
-- Affected Vendor:
Microsoft
-- Affected Products:
Internet Explorer 6 All Versions
Internet
TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer
Overflow Vulnerability
http://www.tippingpoint.com/security/advisories/TSRT-06-10.html
August 8, 2006
-- CVE ID:
CVE-2006-3086
-- Affected Vendor:
Microsoft
-- Affected Products:
Microsoft Windows Server 2003 SP1 and
MSNBC has been reporting that the Lieberman campaign site was hacked. There
have been numerous theories on this since it was reported yesterday. Thought
you all might be interested in the attempt at technical analysis taking
place on Daily Kos:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
::
:: [ISR]
:: Infobyte Security Research
:: www.infobyte.com.ar
:: 08.08.2006
::
.:: SUMMARY
Novell Groupwise WebAccess Cross-Site Scripting
Version: Novell GroupWise WebAccess 7, 6.5
It is suspected that all previous versions of Groupwise
Microsoft PowerPoint Malformed Record Memory Corruption Vulnerability
By Sowhat of Nevis Labs
2006.08.08
http://www.nevisnetworks.com
http://secway.org/advisory/AD20060808.txt
Vendor
Microsoft Inc.
Microsoft PowerPoint 2000
Microsoft PowerPoint 2002
Microsoft Office PowerPoint 2003
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Some questioning of the Kos version here:
http://www.brendanloy.com/2006/08/apparent-dos-attack-takes-out-lieberman-website.html
On Tue, 2006-08-08 at 15:21, kaiser scapegoat wrote:
MSNBC has been reporting that the Lieberman campaign site was hacked. There
have been numerous theories on
Hmmm - Lieberman forgot to pay his bills was the story yesterday - when
the default page said to call the billing department.
Much discussion ensued from the accusation yesterday, and Lieberman was
surely aware of all the questions when he called a press conference this
morning to blame the
Ha!
I had a pretty good laugh at that attempt. While not as bad as
tubes full of internets, Kos should stick to punditry.
On 8/8/06, kaiser scapegoat [EMAIL PROTECTED] wrote:
MSNBC has been reporting that the Lieberman campaign site was hacked. There
have been numerous theories on this since
New monthly updates from Microsoft don't include patch to Msjet40.dll
vulnerability affecting Access and some other products.
There is patch to critical 0-day vulnerability in PowerPoint aka Mso.dll
vulnerability (CVE-2006-3590):
http://www.microsoft.com/technet/security/bulletin/ms06-048.mspx
Painfully obvious, yet I did pwn about every megacorp on the block :pOn 08/08/06, Mad World [EMAIL PROTECTED]
wrote:For such a words you could eat your hat if I would like to go in public.
It's a last time i am teaching script kiddies for something beond their understanding.I would like that you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:138
http://www.mandriva.com/security/
SmartSiteCMS v1.0 authentication bypass
STATUS: I contacted the vendor more than 2 months ago and still no response.
TECHNICAL INFO
One of the worst cms I've ever seen regarding security, no input sanitation
at all. Bypassing
[Full-Disclosure] Mailing List Charter
John Cartwright [EMAIL PROTECTED]
- Introduction Purpose -
This document serves as a charter for the [Full-Disclosure] mailing
list hosted at lists.grok.org.uk.
The list was created on 9th July 2002 by Len Rose, and is primarily
concerned with
26 matches
Mail list logo