[Full-disclosure] [SECURITY] [DSA 1159-2] New Mozilla Thunderbird packages fix several problems

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1159-2[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze September 8th, 2006

[Full-disclosure] Re: Debian perl old, perlmagick uninstallable

Sheepish retraction: was all my fault. The Debian perl maintainer got in contact with me: >> ... [5.8.4-8sarge5 has] been included in a point >> release of stable (3.1r3). ... If you have >> deb http:///debian sarge main >> deb http://security.debian.org/ sarge/updates main >> ... and my

[Full-disclosure] New Azwalaro project, is a French Open Source Nids project

Hi, Im happy to announce starting the new project: Azwalaro Nids Open Source project This project is under developpement (pre alpha version) because not find on another nids open source product easy to exte nd, and work with very good ethereal/wireshark dissector library ! It's time to work with

RE: [Full-disclosure] Active Directory accounts

I'm sorry for the people who let you "pull off" data from their AD. If you don't know how or when lastlogon is touched, you have no business doing what you are doing. Deji From: Steven Rakick Sent: Thu 9/7/2006 1:36 PM To: full-disclosure@lists.grok.org.uk Subj

[Full-disclosure] Debian perl old, perlmagick uninstallable

[Wrote to the Debian perl and perlmagick maintainers a couple of days ago, but no response. Maybe unrelated, but also no response to the ftpd bug http://bugs.debian.org/384454 in a couple of weeks; and of course Debian default permissions are broken as per policy after a couple of years, http://bug

[Full-disclosure] Black Hat Briefings Japan Speakers Selected!

Hello Full Disclosure readers, The Black Hat Briefings Japan '06 speakers have been selected. We received many presentations this year and we have chosen a broad sampling of topics facing security professionals today, with an emphasis on issues facing Asian Pacific region . The

[Full-disclosure] [USN-343-1] bind9 vulnerabilities

=== Ubuntu Security Notice USN-343-1 September 07, 2006 bind9 vulnerabilities CVE-2006-4095, CVE-2006-4096 === A security issue affects the following Ubuntu releases: Ubuntu 5.

Re: [Full-disclosure] Orkut URL Redirection Vulnerability

add another country ..:)-   In Turkish, Orkut means "the holy meeting place." and yes, Googles Orkut was built by a Turkish Google engineer – Orkut Buyukkokten  On 9/7/06, cardoso <[EMAIL PROTECTED]> wrote: Well, so now TWO countries care about orkut stuff, Brazil and Finland ;)I think its creator,

Re: [Full-disclosure] Linux kernel source archive vulnerable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 kernel-2.6.17-gentoo-r7 seems OK. $ find /usr/src/linux-2.6.17-gentoo-r7/ -perm -666 ! -type l | wc -l 0 $ Hadmut Danisch wrote: > On Fri, Sep 08, 2006 at 12:52:22AM +0530, Raj Mathur wrote: >> I wouldn't know if something has changed drastically bet

[Full-disclosure] [SECURITY] [DSA 1171-1] New ethereal packages fix execution of arbitrary code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1171-1[EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff September 7th, 2006

[Full-disclosure] ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow

ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-028.html September 7, 2006 -- CVE ID: CVE-2006-4379 -- Affected Vendor: Ipswitch -- Affected Products: ICS/IMail Server 2006 -- TippingPoint(TM) IPS Customer Protection: Tipp

[Full-disclosure] Active Directory accounts

Hello, I have a question regarding some data I pulled off a customers AD. We recently ran AD scan to identify several user accoutn violation types using AD Inspector (www.obtuse.net/software/adinspector). Basically the search contained filters for users who dont have password expirations enabled a

[Full-disclosure] [ MDKSA-2006:162 ] - Updated php packages fix vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2006:162 http://www.mandriva.com/security/ ___

[Full-disclosure] Hustle -- alwil Anti-Virus Kernel -- Remote & Local Vulnerability

As of 07-September-2006, Hustle Labs has released an advisory detailing a vulnerability in alwil's anti-virus kernel. This vulnerability occurs when processing specially crafted LHA files, and can be triggered through multiple attack vectors. For more information please visit http://www.hustlela

[Full-disclosure] [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200609-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - -

Re: [Full-disclosure] Linux kernel source archive vulnerable

On Fri, Sep 08, 2006 at 12:52:22AM +0530, Raj Mathur wrote: > > I wouldn't know if something has changed drastically between 2.6.16 > and 2.6.17.11, but: > > [EMAIL PROTECTED]:~$ find /usr/src/linux-2.6.16/ -perm -666 ! -type l > [EMAIL PROTECTED]:~$ > > Not a single world-writable file or direc

Re: [Full-disclosure] Linux kernel source archive vulnerable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > "Hadmut" == Hadmut Danisch <[EMAIL PROTECTED]> writes: Hadmut> [snip] Hadmut> When unpacking such an archive, tar also sets the uid, Hadmut> gid, and file permissions given in the tar Hadmut> archive. Unfortunately, plenty of fi

[Full-disclosure] Linux kernel source archive vulnerable

Hi, there's a severe vulnerability in the Linux kernel source code archives: The Linux kernel is distributed as tar archives in the form of linux-2.6.17.11.tar.bz2 from kernel.org. It is usually unpacked, configured and compiled under /usr/src. Since installing a new kernel requires root privile

[Full-disclosure] RSA SecurID SID800 Token vulnerable by design

Hi, I recently tested an RSA SecurID SID800 Token http://www.rsasecurity.com/products/securid/datasheets/SID800_DS_0205.pdf The token is bundled with some windows software designed to make user's life easier. Interestingly, this software provides a function which directly copies the current toke

Re: [Full-disclosure] Orkut URL Redirection Vulnerability

Sorry guys, but this particular URL, www.orkut.com , makes usFinns smile... "Orkut" means in our language "orgasms".I just had to share this with you, please forgive me, it's almost friday night ;-)Regards, OlliOn 9/7/06, Julio Cesar Fort <[EMAIL PROTECTED]> wrote: > I have found url redirection v

Re: [Full-disclosure] Orkut URL Redirection Vulnerability

Well, so now TWO countries care about orkut stuff, Brazil and Finland ;) I think its creator, Orkut Büyükkökten, had a hell of a childhood, with such name. On Thu, 7 Sep 2006 20:53:53 +0300 "Olli Haukkovaara" <[EMAIL PROTECTED]> wrote: > Sorry guys, but this particular URL, www.orkut.com , mak

[Full-disclosure] r57shell "hidden" feature

HelloDoing some forensics I found that R57shell(version 1.31) a widely used php shell by RST/GHC, has some "hidden features", it will log any usage to some russian stats counters. If those counters log the ip, and the script is not protected by a password, they cand 0wn everything you 0wned. Starti

Re: [Full-disclosure] Orkut URL Redirection Vulnerability

> I have found url redirection vulnerability on www.orkut.com. Man, I don't want to disappoint you but this redirection vulnerability is pretty old and has been being used in Brazil for sometime. This vulnerability was noticed in the begining of the year, maybe, when orkut had changed its authenti

[Full-disclosure] release uhooker v1.2

uhooker v1.2 out. What's new?: http://oss.coresecurity.com/uhooker/release/1.2/WHATSNEW_1.2.txt gzip'd tarball: http://oss.coresecurity.com/uhooker/release/1.2/uhooker_v1.2.tgz zip file: http://oss.coresecurity.com/uhooker/release/1.2/uhooker_v1.2.zip documentation: http://oss.coresecurity.com/uho

[Full-disclosure] [USN-342-1] PHP vulnerabilities

=== Ubuntu Security Notice USN-342-1 September 07, 2006 php4, php5 vulnerabilities CVE-2006-4020, CVE-2006-4481, CVE-2006-4482, CVE-2006-4484 === A security issue affects the fo

Re: [Full-disclosure] Orkut URL Redirection Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Did you notify orkut? keyshor wrote: > Hi All, > > I have found url redirection vulnerability on www.orkut.com > . > > If a user clicks on a malicious link he/she will redirect to an > attackers website. The attacker can capture

[Full-disclosure] SECURITY.NNOV: Panda Platinum Internet Security privilege escalation / bayesian filter control security vulnerabilities

Noise: We have more and more application to secure our networks. Does it means network becomes more and more secure? No, there is a limit. Because _any_ application has vulnerabilities. For in much security is much grief: and he that increaseth code increaseth bugs [1]. Title:

[Full-disclosure] Orkut URL Redirection Vulnerability

Hi All,I have found url redirection vulnerability on www.orkut.com.If a user clicks on a malicious link he/she will redirect to an attackers website. The attacker can capture the valid username,password and then redirect a user to original orkut website. Proof Of Concept:Original Link:https://www.o

[Full-disclosure] RE: Cisco IOS GRE issue

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, This is a Cisco response to an advisory published by FX of Phenoelit posted as of September 06, 2006 at http://www.securityfocus.com/archive/1/445322/30/0/threaded, and entitled "Cisco Systems IOS GRE decapsulation fault". An official res