I think he's thinking that we're following google's example and using pigeons
not monkeys.
Geoff
Sent from my BlackBerry wireless handheld.
-Original Message-
From: "Harry Muchow" <[EMAIL PROTECTED]>
Date: Tue, 9 Oct 2007 11:38:36
To:"sushil Agarwal" <[EMAIL PROTECTED]>
Cc:full-disclo
[EMAIL PROTECTED] a écrit :
> You want to 'unsubscribe'. You now have two choices:
No, actually radical one: throw your computer through da window
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Ho
For cases like that I usually recommend that the person sells all their worldly
posessions and takes up life as a Tibetan monk.
Geoff
Sent from my BlackBerry wireless handheld.
-Original Message-
From: S/U/N <[EMAIL PROTECTED]>
Date: Tue, 09 Oct 2007 09:23:41
To:full-disclosure@lists.
I think the best would be stop using email ;)
pocj
takizo.com/blog
On Oct 9, 2007, at 3:23 PM, S/U/N wrote:
> [EMAIL PROTECTED] a écrit :
>> You want to 'unsubscribe'. You now have two choices:
> No, actually radical one: throw your computer through da window
>
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yes and back to old school with fire since!
ferdinand
Am 09.10.2007 um 09:31 schrieb Paul Ooi Cong Jen:
> I think the best would be stop using email ;)
>
>
> pocj
> takizo.com/blog
>
> On Oct 9, 2007, at 3:23 PM, S/U/N wrote:
>
>> [EMAIL PROTECTED]
rPath Security Advisory: 2007-0210-1
Published: 2007-10-08
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Indirect Root Deterministic Unauthorized Access
Updated Versions:
xen=/[EMAIL PROTECTED]:devel//1/3.0.3_0-1.6-1
rPath Issue Tracking System:
https://issues.r
rPath Security Advisory: 2007-0212-1
Published: 2007-10-08
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Local Root Deterministic Privilege Escalation
Updated Versions:
util-linux=/[EMAIL PROTECTED]:devel//1/2.12r-1.5-1
rPath Issue Tracking System:
https://issues
Juergen Schmidt wrote:
> the URI handling problem on Windows XP systems with IE 7 installed hits
> a lot of applications, not only Firefox (and mIRC) -- namely Skype,
> Acrobat Reader, Miranda, Netscape.
Testing shows that the mailto: thingy in Acrobat also works on Windows
2003 Server, SP2.
--
"well-defined procedure"
go here: https://lists.grok.org.uk/mailman/listinfo/full-disclosure
and unsubscribe. no need to flood the list with pointless BS.
f
On 10/9/07, Ferdinand Klinzer <[EMAIL PROTECTED]> wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Yes and back to old schoo
SIP, the IETF endorsed VoIP signaling protocol, is currently used to
establish and manage VoIP calls. Many security issues have been addressed
until know about the security of VoIP due to the large numbers of attacks
coming from the traditional IP networks, but none have addressed the
securing
We have been waiting this link very-easy-to-find to the list since Monday. The
office day is over in many countries outside of USA already and people post OT
stuff to the list...
Like Fabrizio said, just go and unsubscribe.
- Juha-Matti
Fabrizio <[EMAIL PROTECTED]> wrote:
> "well-defined proce
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mad technical!
On Sun, 07 Oct 2007 19:55:24 -0400 Dude VanWinkle
<[EMAIL PROTECTED]> wrote:
>On 10/7/07, [EMAIL PROTECTED] [EMAIL PROTECTED]> wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Dude, your hacker name sucks, Van Winkle.
>
ANSA is the greatest italian press agency. It has offices and employees all
around the world.
ANSA provides news to all main italian news aggregators and information web
sites.
ANSA is "trusted".
ANSA editorial web portal is vulnerable, it lacks the basic security
principles.
Everyone with a small
On Tue, 09 Oct 2007 10:26:17 +0530, sushil Agarwal said:
> UNSUBSCRIBE
Read RFC2369, then ponder the headers of any message from the list,
and wait for enlightenment.
pgpwF6qcw9ZgR.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Dear Pappa Bär,
3> What URL is is defined by RFC 1738, what mailto: is is defined by RFC
3> 2368. String in question is definetly _not_ URL because of %xx and ".
Thank you for clarifying, though I must tell you I never claimed
this was a URL. Did I ? So why are you trying to tell me it's not
===
Ubuntu Security Notice USN-527-1 October 05, 2007
xen-3.0 vulnerability
CVE-2007-4993
===
A security issue affects the following Ubuntu releases:
Ubuntu 7.04
This adviso
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SHUT UP VLADIS
On Tue, 09 Oct 2007 12:14:08 -0400 [EMAIL PROTECTED] wrote:
>On Tue, 09 Oct 2007 10:26:17 +0530, sushil Agarwal said:
>> UNSUBSCRIBE
>
>Read RFC2369, then ponder the headers of any message from the
>list,
>and wait for enlightenment.
--
###
Luigi Auriemma
Application: World in Conflict
http://www.worldinconflict.com
Versions: <= 1.000
Platforms:Windows
Bug: access to NULL pointer
Exploitation: remote,
Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow
iDefense Security Advisory 10.09.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 09, 2007
I. BACKGROUND
Microsoft Windows Mail and Outlook Express are the default mail and news
clients for Windows operating syst
Invitation to Hack.lu [1] - A small but nice Conference in the
Heart of Europe.
As you may or may not know, we always prepare something special
for Hack.lu, last year BTcrack, this year we'd like to announce
our (n.runs AG) Presentation @ this years Hack. lu, entitled:
---
-- Forwarded message --
From: n3td3v <[EMAIL PROTECTED]>
Date: Oct 9, 2007 10:09 PM
Subject: Re: yahoo news offline for at least 3 hours
To: Yahoo Security Contact <[EMAIL PROTECTED]>, "[EMAIL PROTECTED]" <
[EMAIL PROTECTED]>, Henri Torgemane <[EMAIL PROTECTED]>
On 10/9/07, n3td3v
Dear KJK,
KH> I repeat. Nowhere is said that ShellExecute (the default "run stuff"
KH> function) takes URLs.
Nowehere is determined that it does NOT take URLS.
You forget a consideration, an Important one in my opinion.
This is not straight forward ShellExecute(), it's a
shellexecute call to a Ha
Dear guys,
We are looking for funding for the porting, in full opensource, of
Truecrypt encrypted volume software to Mac OS X operating system.
http://www.osxcrypt.org
Now read the story.
On 10/9/07, Steven Adair <[EMAIL PROTECTED]> wrote:
>
> I think you guys are both mixing up CERT (cert.org) and US-CERT
> (us-cert.gov) -- both of which have very different functions. As
> mentioned though, you probably wouldn't want to call either if your
> Internet goes down.
>
> Steven
>
> They
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200710-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200710-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://support.microsoft.com/kb/224816 <= Use ShellExecute to launch
the default Web browser
I agree that we need sanity checking on the applications accepting the
input, but the fact remains that ShellExecute is doing dangerous
things based on bad in
LOLOLOLOL MACOSX KERNEL IS AS INSECURE AS LINUX WITH
SUCKIT,GRSEC,ADORE, ETC. INSTALLED. IF YOU WANT REAL CRYPTO AND
SECURITY USE NSA LINUX OR WINDOWS.
J
On Tue, 09 Oct 2007 17:20:00 -0400 Fabio Pietrosanti
<[EMAIL PROTECTED]> wrote:
>Dear guys,
>
>
[vuln.sg] Vulnerability Research Advisory
Adobe PageMaker Long Font-Name Buffer Overflow Vulnerability
by Tan Chew Keong
Release Date: 2007-10-09
Summary
---
A vulnerability has been found in Adobe PageMaker for Windows. When
exploited, the vulnerability allows execution of arbitrary code wh
Sorry, I didnt mean to go over your head. I will dumb it down for you next time.
-JP
On 10/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Mad technical!
>
> On Sun, 07 Oct 2007 19:55:24 -0400 Dude VanWinkle
> <[EMAIL PROTECTED]> wrote:
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
What do you mean?
On Tue, 09 Oct 2007 21:18:58 -0400 Dude VanWinkle
<[EMAIL PROTECTED]> wrote:
>Sorry, I didnt mean to go over your head. I will dumb it down for
>you next time.
>
>-JP
>
>On 10/9/07, [EMAIL PROTECTED] [EMAIL PROTECTED]> wrote:
>>
Since this issue is a great big rats nest, I promise a third-party patch
for it by tomorrow. Deal?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com
On 10/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>Note: This signature can be verified at https://www.hushtools.com/verify
>Charset: UTF8
Version: Hush 2.5
> What do you mean?
well I was just wondering if I could verify you are a s00per l
On Tue, 2007-10-09 at 22:12 +0100, worried security wrote:
> Same headlines i've seen for hours with dead links are:
>
> of 10:07 p.m.
That happens a least once every few months. It's a distributed caching
issue. No worries, someone gets around to fixing it within a day or
two.
-Jim P.
I didn't read that book you sent in response to an offhanded remark,
but I am impressed you learned about paragraphs!
Now, lets focus on capital letters.
-JP
On 10/9/07, worried security <[EMAIL PROTECTED]> wrote:
> On 10/9/07, Steven Adair <[EMAIL PROTECTED]> wrote:
> > I think you guys are bot
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Huh?
On Tue, 09 Oct 2007 21:33:46 -0400 Dude VanWinkle
<[EMAIL PROTECTED]> wrote:
>On 10/9/07, [EMAIL PROTECTED] [EMAIL PROTECTED]> wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>>Note: This signature can be verified at
>https://www.hu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You missed an apostrophe here:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-
October/066452.html
On Tue, 09 Oct 2007 22:06:47 -0400 Dude VanWinkle
<[EMAIL PROTECTED]> wrote:
>I didn't read that book you sent in response to an offhanded
>r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You also missed an apostrophe in this post.
On Tue, 09 Oct 2007 22:06:47 -0400 Dude VanWinkle
<[EMAIL PROTECTED]> wrote:
>I didn't read that book you sent in response to an offhanded
>remark,
>but I am impressed you learned about paragraphs!
>
>Now, l
On 10/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> You also missed an apostrophe in this post.
>
> On Tue, 09 Oct 2007 22:06:47 -0400 Dude VanWinkle
> <[EMAIL PROTECTED]> wrote:
> to worried security <[EMAIL PROTECTED]>
Man, netdev, you a
On 10/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-ww.hushtools.com/verify
> Charset: UTF8
> Version: Hush 2.5
So iz yer new [EMAIL PROTECTED] handl3 UTF8 or Hush 2.5?
-JP
___
Full-Disclosure - We believe in i
Sometimes I really do have to wonder about people. Obviously it wasn't a
message that came from me since the blackberry.net in my email might be a good
clue that I'm using a blackberry to do my emails (in case the T-Mobile
tagline/nagline was an obvious enough hint as is). Now I wonder which b
On 09 Oct 07, at 20:04, [EMAIL PROTECTED] wrote:
> Sometimes I really do have to wonder about people. Obviously it
> wasn't a message that came from me since the blackberry.net in my
> email might be a good clue that I'm using a blackberry to do my
> emails (in case the T-Mobile tagline/nagl
42 matches
Mail list logo
