-- Forwarded message --
From: Jason Miller <[EMAIL PROTECTED]>
Date: Jan 2, 2007 1:37 AM
Subject: Re: [Full-disclosure] Botnets: a retrospective to 2006, and where
we are headed in 2007
To: Gadi Evron <[EMAIL PROTECTED]>
personally i dont think its going to change at all, but with
str0ke ,
looks like i reinvented the wheel :-)) . i didn't make any research. a
friend of mine installed the latest version of this software and voila...
str0ke wrote:
> Javor,
>
> It seems rgod found this vulnerability back in April of 2006.
>
> http://www.milw0rm.com/exploits/1663
>
> <>
>
> Yeah, probably - but just for the fun of it I'm curious what happened
> (unless it's some dumb user error).
Well I've been running NT flavors of windows since 1994 but I'm not beyond
dumb user errors. So what sort of dumb user error (besides telling the
machine NO you may not have full intern
I have no idea if the below is expected behavior or not, but for
business / education etc usage you can set up a server that deals with
license management and activation - thus only that and not all
internal machines needs to be able to 'phone home'. The internal
machines just need to be able to
>>This was I believe part of a recently published way to circumvent the
licensing process where a VMWare image of a hacked licensing server was
used.
I'm sure it's irrelevant to the thread, but here's that story:
http://www.microsoft-watch.com/content/vista/another_vista_activation_cr
ack_appears.
>but for
> business / education etc usage you can set up a server that deals with
> license management and activation - thus only that and not all
> internal machines needs to be able to 'phone home'. The internal
> machines just need to be able to talk to the license management server
> (sorry ca
Vista apparently needs to call the mother ship quite frequently or it will
go back into reduced operation mode.
You can get around it by putting in a KMS server which calls home for you
once every 6 months, or you can download an image of an already activated
KMS vmware image, and with a few sett
The January Chicago 2600 Meeting is near! The meeting will be this
friday at the Neighborhood Boys and Girls Club and will feature much
of the same usual fun that all of you have grown to expect!
[Presentation Information]
- 9.00pm - Web Apps. for public terminal use (Maniac)
- 10:00pm - ATM Hacki
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:001
http://www.mandriva.com/security/
___
Thanks in advance,
Tal Argoni,CEH
www.zion-security.com
Dear [EMAIL PROTECTED],
could you please supply a lot more details in the advisories that
you post? They usually just say buffer overflow in DumbServer in
crappyfunction(), and in case it's true and they are exploitable,
it's very nice of you to discover them and tell everyone about
them, but
InfoSec professionals, h4x0rs, script kidz, posers, and government spies:
"CarolinaCon" is back again! Yes, for about the price of your average
movie admission with popcorn and a drink, YOU are invited to join us for
yet another intimate and informative weekend of technology education.
What is th
rPath Security Advisory: 2006-0234-2
Published: 2006-12-22
Updated:
2007-01-02 Added thunderbird to advisory
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
firefox=/[EMAIL PROTECTED]:devel//1/1.5.0.
It is possible to access google`s blacklisted url database ( phishing url
database )
http://sb.google.com/safebrowsing/update?version=goog-black-url:1:1
http://sb.google.com/safebrowsing/update?version=goog-black-url:1:7998
http://sb.google.com/safebrowsing/update?version=goog-white-domain:1:19,g
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:002
http://www.mandriva.com/security/
___
I just played around a bit with those lists and as it seems,
Google did a splendid job, even capturing some people's login data.
Like here:
http://sb.google.com/safebrowsing/update?version=goog-black-url:1:7753
Regards,
J.M.
Professional Lurker
>[By] "Rajesh Sethumadhavan" <[EMAIL PROTECTED]>
How exactly does such data get captured? Somebody placed a link
somewhere with the url having the user/password in it ? What would be
the point of that? And if not, where did that come from? I peeked at
http://www.google.com/tools/firefox/safebrowsing/faq.html to learn more
but it only has obvio
You may still be scratching your head from yesterday... don't forget
about today and tomorrow:
http://projects.info-pull.com/moab/MOAB-02-01-2007.html
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charte
Synopsis: Apache 1.3.37 htpasswd buffer overflow vulnerability
Version: 1.3.37 (latest 1.3.xx)
Product
===
Apache htpasswd utility
Issue
=
A buffer overflow vilnerability has been found, it is dangerous only on
environment where the binary is suid root.
Details
===
Incorrect validat
Hey Full Disclosure readers,
Here are some announcements from Black Hat to keep you busy in the new year!
- The Call for Papers and conference registration is now open for the Black Hat
DC Training and Briefings.
- The Call for Papers and conference registration for Black Hat Europe in open.
- Re
===
Ubuntu Security Notice USN-398-1 January 02, 2007
firefox vulnerabilities
CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501,
CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6506,
CVE-2006-6507
===
Ubuntu Security Notice USN-399-1 January 03, 2007
w3m vulnerabilities
http://sf.net/tracker/?func=detail&aid=1612792&group_id=39518&atid=425439
===
A security issue affect
Kees Cook spake thusly on 01/02/2007 07:41 PM:
> ===
> Ubuntu Security Notice USN-398-1 January 02, 2007
> firefox vulnerabilities
> CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501,
> CVE-2006-6502, CVE-2006-6503, CVE-200
Hi List,
"How exactly does such data get captured? Somebody placed a link
somewhere with the url having the user/password in it?"
A bit of digging turns up the Google Gadget that these little MySpace
gems are coming from (http://www.google.com/ig/directory?url=http://
web.ebuell.com/myspace.
i see only two possible ways for google to get this kind of data.
google toolbar
or it buys/gets this information from some isp/companies/anybody with a big
enough pipe ..
On 1/2/07, php0t <[EMAIL PROTECTED]> wrote:
>
>
> How exactly does such data get captured? Somebody placed a link
> so
25 matches
Mail list logo
