iDefense Labs wrote:
...
V. WORKAROUND
Deleting the all sub-keys of the following registry keys will remove the
'news' and 'snews' protocol handlers:
HKEY_CLASSES_ROOT\news\shell
HKEY_CLASSES_ROOT\snews\shell
If you want to do a thorough job of such mitigation as a QD fix, you
may
If you want to do one better make sure to run ccleaner after deleting any
registry key to nuke any registry keys that may have been relying on it. Run
ccleaner 2-3 times and you'll save yourself from a world of hurt.
Geoff
Sent from my BlackBerry wireless handheld.
-Original Message-
Good day everyone,
I might be going for a student exchange program next year, and I'm
wondering where the major ITsec conferences will be held so that if
possible, I will be able to attend one of them. :) Defcon was
recently concluded at Las Vegas, Thierry Zoller has also posted
about
Thierry,
On Tue, 9 Oct 2007 21:14:30 +0200 Thierry Zoller [EMAIL PROTECTED]
wrote:
The Death of Defence in Depth ? - A rather bold question that
is; is this another overhyped bloated Presentation ? Or maybe do
we really have to rethink the way we implement Defence in Depth
on our
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
Good day everyone,
I might be going for a student exchange program next year, and I'm
wondering where the major ITsec conferences will be held so that if
possible,
Hope that list is any help:
* AusCERT2007 -
maybe this is of some use; i don't know
https://www.google.com/calendar/embed?src=pe2ikdbe6b841od6e26ato0asc%40group.calendar.google.comgsessionid=BinzC1HQmHc
On 10/10/07, Bernd Marienfeldt [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
Let´s add three more:
http://xcon.xfocus.org/
http://conf.vnsecurity.net/
http://www.h2hc.org.br/
cya,
Rodrigo (BSDaemon).
--
http://www.kernelhacking.com/rodrigo
Kernel Hacking: If i really know, i can hack
GPG KeyID: 1FCEDEA1
- Mensagem Original
De: Bernd Marienfeldt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SHUT UP VLADIS
On Tue, 09 Oct 2007 23:08:16 -0400 Dude VanWinkle
[EMAIL PROTECTED] wrote:
On 10/9/07, [EMAIL PROTECTED] full-
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You also missed an apostrophe in this post.
On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
YES
On Tue, 09 Oct 2007 23:10:07 -0400 Dude VanWinkle
[EMAIL PROTECTED] wrote:
On 10/9/07, [EMAIL PROTECTED] full-
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-ww.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
So iz yer new
Hello,
This is response from Cisco PSIRT related to this matter.
On Wed, Oct 10, 2007 at 10:55:54AM +0100, Andy Davis wrote:
During the research, three shellcode payloads for IOS exploits were
developed - a reverse shell, a password-protected bind shell and
another bind shell that is achieved
There is also a fourth condition under which these payloads can be
executed - a remotely exploitable IOS vulnerability...
Andy
-Original Message-
From: Damir Rajnovic [mailto:[EMAIL PROTECTED]
Sent: 10 October 2007 11:58
To: full-disclosure@lists.grok.org.uk; Andy Davis
Cc: [EMAIL
The missing link of CanSecWest conference on the Bernd's list is
http://www.cansecwest.com/
Additionally, this HNS link is worth of checking:
http://www.net-security.org/conferences.php
- Juha-Matti
Bernd Marienfeldt [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It doesn't even need to be a remote vulnerability - all three techniques
could be used to perform privilege escalation attacks against local
vulnerabilities within IOS.
Andy
-Original Message-
From: Rodrigo Rubira Branco (BSDaemon)
[mailto:[EMAIL PROTECTED]
Sent: 10 October 2007 10:46
Also if you have any vulnerability (remote) that can lead to code execution,
right?
cya,
Rodrigo (BSDaemon).
--
http://www.kernelhacking.com/rodrigo
Kernel Hacking: If i really know, i can hack
GPG KeyID: 1FCEDEA1
- Mensagem Original
De: Gaus [EMAIL PROTECTED]
Para:
Erik,
Details of a new remote vulnerability that we have discovered in IOS
will be released in a security advisory later today. We have also
developed three shellcode techniques that could be used as the payload
to an IOS exploit and result in remote administrative access to the
router - the
http://www.shmoocon.org/
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Juha-Matti
Laurio
Sent: Wednesday, October 10, 2007 8:04 AM
To: Bernd Marienfeldt; [EMAIL PROTECTED]
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] List of
Hey Andy,
For sure the shellcodes can be used in a local attack, but I want to see you
using a connect back shellcode locally in an IOS system ;) that´s why I said
explicitly remote.
cya,
Rodrigo (BSDaemon).
--
http://www.kernelhacking.com/rodrigo
Kernel Hacking: If i really know, i can hack
Since we're at it:
CCC http://www.ccc.de/congress/
H.O.P.E http://www.hope.net
Layerone http://www.layerone.info
Shmoocon http://www.shmoocon.org
Toorcon http://www.toorcon.org
YSTS http://www.ysts.org
On Oct 10, 2007, at 3:30 AM, Bernd Marienfeldt wrote:
-BEGIN PGP SIGNED MESSAGE-
Hey Luiz,
The Gaus´s (cisco) point is the videos just showed a shellcode being
executed, not a vulnerability being exploited. If you has a vulnerability,
so you can use the shellcode other than in a debugger or physically
attached to the device.
Anyway, it´s time to ask where is the
Dear Felix,
While I love your comment and really welcome constructive criticism,
I actually think you should keep the focus on the Fox News style
question marks. Nowhere is being said that this is the end of
Defence in Depth (as a paradigm), we ask the question.
Then again you seem to be judging
Hi FX,
Those were Thierry's words, *not* mine. I want to make this clear so
that there are no misunderstandings.
The fact is that you is 100% correct, our talk will be about 'Defeating
Defenses', specially focusing on border/perimeter and intranet defenses.
We won't talk about defeating any
Cisco and IRM agree that the videos do not demonstrate or represent a
vulnerability in Cisco IOS. Specifically, the code to manipulate
Cisco IOS could be inserted only under the following conditions:
- Usage of the debugger functionality present in IOS
- Having physical access to the device
--
IRM Security Advisory 024
Cisco IOS LPD Remote Stack Overflow
Vulnerability Type / Importance: Remote Code Execution / High
Problem Discovered: 30 July 2007
Vendor Contacted: 30 July 2007
Advisory Published: 10 October 2007
Very nice illustrations. But some things really confused me :-P
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Information:
Cisco has released an update to resolve this issue; this can be
downloaded from:
http://www.cisco.com/warp/public/707/cisco-sr-20071010-lpd.shtml
Workaround:
Cisco has provided the following workaround to mitigate this
vulnerability:
http://www.cisco.com/warp/public/707
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory:
Cisco Wireless Control System Conversion Utility Adds Default Password
Advisory ID: cisco-sa-20071010-wcs
http://www.cisco.com/warp/public/707/cisco-sa-20071010-wcs.shtml
Revision 1.0
For Public Release 2007 October 10
Cool
On 10/10/07, Cyneox [EMAIL PROTECTED] wrote:
Very nice illustrations. But some things really confused me :-P
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by
http://www.gnucitizen.org/blog/remote-desktop-command-fixation-attacks
Security in depth does not exist! No matter what you do, dedicated
attackers will always be able to penetrate your network. Seriously!
Information security is mostly about risk assessment and crisis
management.
When it comes
http://www.gnucitizen.org/blog/0day-hacking-secured-citrix-from-outside
In the true spirit of GNUCITIZEN half(partial)-disclosure initiative,
we announce that it is possible to gain user access level on
integrated remote CITRIX servers. The bug/feature does not relay on
any client/server
Hello,
Cisco greatly appreciates the opportunity to work with researchers on
security vulnerabilities, and welcome the opportunity to review and
assist in product reports. We have posted a vendor security response at:
http://www.cisco.com/warp/public/707/cisco-sr-20071010-lpd.shtml
The text
Tom C. Serson is a clearly Canadian vlogger with ADD and a slight
case of pedophila; who seems to have unrealistic expectations of
YouTube.com, LiveVideo and the power of Anonymous.
Serson is a classic example of unwarranted self-importance.
Picture Dr. Jack, from Lost, except younger, and sprung
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SHUT UP VLADIS
On Wed, 10 Oct 2007 11:47:23 -0400 pdp (architect)
[EMAIL PROTECTED] wrote:
http://www.gnucitizen.org/blog/0day-hacking-secured-citrix-from-
outside
In the true spirit of GNUCITIZEN half(partial)-disclosure
initiative,
we announce
On 10/10/07, pdp (architect) [EMAIL PROTECTED] wrote:
http://www.gnucitizen.org/blog/0day-hacking-secured-citrix-from-outside
All an attacker needs to do to exploit the weakness is to lure
a victim
no way!!! really?!
--
Marcio Barbado, Jr.
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SHUT UP VLADIS IF ANYONE CARED THEY WOULD JUST FREQUENT YOUR BLOG
GET OFF THIS LIST THIS IS FOR SERIOUS SECURITY MATTERS ONLY
On Wed, 10 Oct 2007 07:14:32 -0400 pdp (architect)
[EMAIL PROTECTED] wrote:
Kaspersky Web Scanner ActiveX Format String Vulnerability
iDefense Security Advisory 10.10.07
http://labs.idefense.com/intelligence/vulnerabilities/
Oct 10, 2007
I. BACKGROUND
Kaspersky Lab Online Virus Scanner is a free online virus scanner
service, enabling a user to scan their system for
Dear [EMAIL PROTECTED],
Vulnerabilities reported by different Russian speaking authors to
http://securityvulns.ru
1. Elekt(Antichat.ru) reports protection bypass vulnerability in PHP 4
and 5.
disable_functions feature can be bypassed by using functions alias. A
list of aliases
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SHUT UP VLADIS
On Wed, 10 Oct 2007 14:19:25 -0400 3APA3A [EMAIL PROTECTED]
wrote:
Dear [EMAIL PROTECTED],
Vulnerabilities reported by different Russian speaking
authors to
http://securityvulns.ru
1. Elekt(Antichat.ru) reports protection
Guys,
please spread across all your mac users friends.
We require to reach 1500 USD to provide financing to make the porting of
Truecrypt (www.truecrypt.org) to Mac OS X.
Please donate some dollars here and spread this fantastic opensource
security community grow opportunity:
Unsubscribe this user!
For every email sent to FD you get this message back.
-naif
---BeginMessage---
Hello [EMAIL PROTECTED],
We're writing to let you know that the group that you tried to contact
(Secure-Computing) doesn't exist. There are a few possible reasons why this
happened:
* You
Asterisk Project Security Advisory - AST-2007-022
++
| Product | Asterisk |
ZDI-07-056: IBM DB2 DB2JDS Multiple Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-07-056.html
October 10, 2007
-- CVE ID:
CVE-2007-5324
-- Affected Vendor:
IBM
-- Affected Products:
DB2 Universal Database 8.1
DB2 Universal Database 8.2
-- TippingPoint(TM) IPS Customer
ZDI-07-055: Microsoft Windows DCERPC Authentication Denial of Service
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-055.html
October 10, 2007
-- CVE ID:
CVE-2007-2228
-- Affected Vendor:
Microsoft
-- Affected Products:
Windows 2000 SP4
Windows XP SP2
Windows 2003
TPTI-07-18: EMC RepliStor Server Heap Overflow Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-07-18
October 10, 2007
-- CVE ID:
CVE-2007-5323
-- Affected Vendor:
EMC
-- Affected Products:
Replistor 6.1.3
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have
It is common these days for email messages to contain a disclosure notice,
which may include statements such as:
- You must read the notice
- The views expressed in the accompanying email are not necessarily
those of the company
- The email and any attachments should be
They don't carry any legal weight at all because they're after the content of
the message and forcibly trying to order a 3rd party into some sort of legally
binding agreement after the fact (reading the contents of the message) would
never hold up in a court. An EULA would have a far better
Hi Thierry,
wandering off-topic, but this is FD, where There Is No Topic...:
What currently is being done in the industry is to ADD more layers of
defence to protect against one failing, this is being done by adding
one parsing engine after the other. Again nobody said Defence in Depth
is
So a calendar year goes by between notification and a fix being rolled
out and 3com is proud of this wonderful service they've offered to the
customers of the tipping point product?
Moreover is this considered timely resolution and responsible disclosure?
If I were a customer of either tipping
Kelly Robinson wrote:
It is common these days for email messages to contain a disclosure notice,
which may include statements such as:
- You must read the notice
- The views expressed in the accompanying email are not necessarily
those of the company
- The email and any
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1379-2[EMAIL PROTECTED]
http://www.debian.org/security/ Noah Meyerhans
October 10, 2007
-
Security in depth is alive and well, thank you. In fact, it is security
in depth that allows administrators to prevent this type of attack (if
we can actually make the stretch to call it that).
However, for the record, this is not an attack. You might as well
just email the target and ask for
At 2007-10-11 08:52 +1000, Kelly Robinson [EMAIL PROTECTED] wrote:
It is common these days for email messages to contain a disclosure notice,
which may include statements such as:
You forgot the most absurd: the content of this message [sent often,
on purpose, to publicly visible and archived
[EMAIL PROTECTED] to Kelly Robinson:
They don't carry any legal weight at all because they're after the
content of the message and forcibly trying to order a 3rd party into
some sort of legally binding agreement after the fact (reading the
contents of the message) would never hold up in a
Someone's getting smarter now. Still doesn't hold weight though. If you're
not able to make some sort of system that prevents accidental disclosure of the
information then you're still relying on coercion to force a legal state to
exist.
Geoff
Sent from my BlackBerry wireless handheld.
Yahoo have have points of contact in their own yahoo chat community for
years for the underground to contact yahoo security team off the record
about vulnerabilities and intelligence about hackers, so all i was saying it
would be nice if that was more wide spread with other vendors, and the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies – CoreLabs Advisory
http://www.coresecurity.com/corelabs
Stack-based buffer overflow vulnerability in OpenBSD’s DHCP server
*Advisory Information*
Title: Stack-based buffer overflow vulnerability in
US-centric response:
If there is no law, there can be no liability unless a contract exists.
For a contract to exist, consideration (usually money) has been exchanged.
If you simply receive an email by mistake, no consideration has been exchanged.
Consider this angle: If a company adds such a
Thank you so much for the input everyone, its really appreciated.
I have read so much about Disclaimers being a sense of false security and
how they dont hold any legal binding per se. However, given other rumours
about how emails can be used in court for the sake of evidence (Looking for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:194
http://www.mandriva.com/security/
On 10/10/07, Ray P [EMAIL PROTECTED] wrote:
Would the _intended_ recipient have a case against the sender for
contractual failure to protect confidential information (or whatever) if the
_un_intended recipient posts it somewhere or otherwise discloses its
contents?
I'm surprised we don't
59 matches
Mail list logo
