This is probably patented and implemented already but nonetheless its
a new idea for me, so I mention it...
While mass-produced malware remains an issue for a most users, an
significant threat is also posed by malware customised for a specific
victim (so called 'targetted malware'). This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
HA! Nice one.
pdp (architect) wrote:
http://www.gnucitizen.org/blog/what-happens-to-your-computer-if-you-mispell-googlecom
it is worth seeing this
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla
Your lovely writeup hasn't made the list yet, I assume that it's just
taking its time and this isn't to be attributed to an inability to
send an email competently.
For those who haven't found it, have a read at their top-quality response here:
http://rixstep.com/2/20070121,00.shtml
What's
http://seclists.org/fulldisclosure/2007/Jan/0303.html
Re: 'Rixstep still aren't as leet as they thought they were'
Oh it's been fixed all right. Mr Anonymous with the Bent didn't stay
around long enough to find out.
What's interesting of course is that Mr Anonymous 'backdated' the
advisory to
Hi,
On Mon, 22 Jan 2007 07:37:29 +0200
Roni Bachar [EMAIL PROTECTED] wrote:
The vulnerability can be exploited by doing the following stages:
Sending a post request as followed:
POST https://serverip/sre/params.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent:
No matter if you publish; we already did and we get more hits than you.
http://rixstep.com/2/20070121,00.shtml
Still, right is right and you should publish to set the record straight.
Regards,
John
___
Full-Disclosure - We believe in it.
Charter:
Dear lsi,
This approach is already implemented, at least partially, to limit
functionality of unknown applications. It can be found in multiple
personal firewalls or things like http://www.securesize.com/GeSWall/
There is a better approach - every good application should be signed
On 1/19/07, V Vendetta [EMAIL PROTECTED] wrote:
Voilà! In view, a humble vaudevillian veteran, cast vicariously as both
victim and villain by the vicissitudes of Fate. This visage, no mere veneer
of vanity, is a vestige of the vox populi, now vacant, vanished. However,
this valorous visitation
-=[ADVISORY---]=-
bitweaver 1.3.1
Author: CorryL[EMAIL PROTECTED]
-=[---]=-
-=[+]
Hi
What you are referring to is a 'white-list' of applications, e.g. you
have an application that runs at a low level and only allows a list of
approved or allowed applications to run. These do not necessarily
need to scan you system as they can work at run-time - each time an
application of any
On Sun, 21 Jan 2007 12:07:18 GMT, Marcin Owsiany said:
I also think that CPUs can detect internally when an overflow happens -
is there a way to use that feature in C somehow, in a portable way?
(Somehow I feel that the answer is that not all CPUs do that, so - no.)
The fact that some CPUs
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
On Mon, Jan 22, 2007 at 02:50:21PM -0500, [EMAIL PROTECTED] wrote:
It's generally considered performance-crippling
to add inline code that does a test condition/branch pair after *every
single*
opcode that might cause an overflow - so the C paradigm is to leave them out
and have the
lsi wrote:
This is probably patented and implemented already but nonetheless its
a new idea for me, so I mention it...
snip simple description of executable white-listing
Fred Cohen invented this anti-malware approach in discussing the
mitigation of computer viruses in his seminal (Ph.D.
http://rixstep.com/2/20070121,00.shtml
Oh it's been fixed all right - Mr Anonymous with the Bent didn't stay
around long enough to find out.
What's interesting of course is that Mr Anonymous 'backdated' the
advisory to make the company look bad. This is not 'full disclosure' -
this is the
On Mon, 22 Jan 2007 20:42:35 GMT, Marcin Owsiany said:
Actually, I'm old enough to have programmed on 8-bit machines, but we're
getting off-topic here :-)
That makes you a newbie. The 16-bit PDP-11, and the 12-bit PDP-8, and all
the rest of those weird-size machines from DEC (18, 36 bit) and a
Actually some of the older machines (pdp11 in particular) with their
signed and unsigned conditional branches forced you to think about
overflow, and if your programs happened to run in memory above 32K bytes
(16K words) things were too apt to just crash if you got that stuff wrong.
I recall
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:024
http://www.mandriva.com/security/
[
[--
[
[Message: 1
[Date: Mon, 22 Jan 2007 12:42:43 -
[From: lsi [EMAIL PROTECTED]
[Subject: [Full-disclosure] detecting targetted malware
[To: Full-disclosure@lists.grok.org.uk
[Message-ID: [EMAIL PROTECTED]
[Content-Type:
[--
[
[Message: 15
[Date: Tue, 23 Jan 2007 10:50:08 +1300
[From: Nick FitzGerald [EMAIL PROTECTED]
[Subject: Re: [Full-disclosure] detecting targetted malware
[To: Full-disclosure@lists.grok.org.uk
[Message-ID: [EMAIL PROTECTED]
[Content-Type: text/plain;
Hello,
during a course project studying security and privacy related to
Bluetooth, we discovered a simple but effective DoS attack using OBEX push.
Using ussp-push [1], it is possible to send out files very quickly. By
continuously trying to push a file, the target is flooded with prompts
whether
A few days ago, an experiment on hijacking blogs through CSRF attacks
was published on GNUCITIZEN. In this particular case, the chosen
blogging platform for the experiment was Blogger. Now, a few days
later, I can confirm that Google has tokenized the requests that made
it possible to hijack a
Hi All,
For some work i wanted to replay the traffic which i captured using
the ethereal.i searched the net but i have not found any good tool for
windows(there are many for *nix) so i decided to code my own.so here
it is PReplay - a traffic replay tool. i hope it will be helpful to
you all.
from
25 matches
Mail list logo