[Full-disclosure] [ GLSA 200609-13 ] gzip: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200609-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

Re: [Full-disclosure] Yet another 0day for IE

Hi all, If anyone finds a site where the 0day still lives, please let me know. All the URLs I've found are off the air. I did find a websense update not listed here: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=632 There's another websense blog says the code has been posted

Re: [Full-disclosure] FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet user/pass and debug access

Sorry, I meant to say the ATM machine *hack* reported on Wired magazine. Damn it, I need to get used to proofreading what I type before posting! :-) On 9/23/06, pagvac [EMAIL PROTECTED] wrote: On 9/22/06, Paul Schmehl [EMAIL PROTECTED] wrote: --On Thursday, September 21, 2006 17:14:40 -0700

[Full-disclosure] IM Sniffer release

Hi, i m releasing a small utility which can capture and decode yahoo,aim and rediff text chat. Hopefully it might help you in someway. Please get it here:- http://www.secgeeks.infys.net/node/209#attachments Thanks, _CF -- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :)

[Full-disclosure] Echo Mirage: A Generic Win32 Network Communications Proxy

http://www.bindshell.net/echomirage Echo Mirage is a generic network proxy. It uses DLL injection and function hooking to redirect network related function calls so that data transmitted and received by local applications can be observed and modified. Think of it as Odysseus (or Burp, if you

Re: [Full-disclosure] FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet user/pass and debug access

Hi, Paul Schmehl wrote: The engineers who designed this should be summarily fired. The terminal stupidity of it is mind boggling! Nick FitzGerald [EMAIL PROTECTED] wrote: I think _beyond_ mind-boggling. Your spirited comments are fun to read, but I personally don't find these types of

Re: [Full-disclosure] [Full-Disclosure] Re: [VulnWatch] Sun passwd(1) Command Vulnerability

On Sat, 23 Sep 2006 16:05:14 BST, [EMAIL PROTECTED] said: how can i disable the anti virus of the victims' yahoo mail id?? if i send a mail attachment with a virus, the anti virus detects it and stops the attachment from downloading.. how can i deactivate the security I'll probably end up

[Full-disclosure] MSN (or should that be msn) goofs again

Hi all, Read this from the Kaspersky Analysts' Diary: http://www.viruslist.com/en/weblog?weblogid=199354341 Weep, laugh, /., etc as is your wont... Given the obvious fix to folk capable of making such a mistake in the first place, one might almost expect that, once it's fixed, pIF or Pif

[Full-disclosure] (no subject)

Local File Include in toendaCMS. Vulnerable File : media.php googleDork: Powered by toendaCMS PoC: http://site.com/media.php?album=1005bbkey=../../../../../../../../../../../../../etc/passwd or http://site.com/ media.php?album=../../../../../../../../../../../../..key=/etc/passwd

[Full-disclosure] Local File Inclusion : Kietu

[::] Produit : Kietu[::] Langage : PHP[::] Description : Kietu? est un script écrit en PHP, qui requiert une base de donnée mySQL, et qui vous permet de générer et consulter les statistiques d'accès à votre site web. [::] Site web officiel : http://www.Kietu.net/[::] Page vulnérable : hit.php[::]

[Full-disclosure] Cisco 7905 VoIP phone crashing from dsniff arpspoof?

In the readme in the ohrwurm tarball from Matthius Wenzel's site: http://mazzoo.de/blog/2006/08/25#ohrwurm snip SUCCESS ~~~ As of August 2006 ohrwurm broke the following applications/transports: - linphonec 1.10 / iLBC (stops sending RTP, no crash) - linphonec 1.10 / iLBC (re-negotiates