-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
worried security wrote:
> On Mon, Mar 3, 2008 at 2:31 PM, worried security
> <[EMAIL PROTECTED]> wrote:
>> [02:40] do you think cyber terrorism is real or its just the
>> government softening ppl up for a couple of false flags for a reason
>> to bomb
Mar 03 23:00:49then non-us hackers will stop posting
to mailing lsits
you will stop posting php include exploit ?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Se
From: [EMAIL PROTECTED]
Site: http://www.vashnukad.com
Application: Linux Kiss Server v1.2
Type: Format strings
Priority: Medium
Patch available: No
The Linux Kiss Server contains a format strings vulnerability that, if run
in foreground mode, can be leveraged for access. The vulnerability is
demo
On Tue, 04 Mar 2008 19:00:33 EST, Larry Seltzer said:
> So does the same capability exist on Macs?
What, don't you remember? :)
Google for the phrase "Owned by an iPod"...
pgppkWLA8zBDg.pgp
Description: PGP signature
___
Full-Disclosure - We believe
Actually, it's full system compromise -- if the machine is joined to a
domain, then any domain account credentials known to that machine are
compromised as well.
And yes, the same capability exists not only on Macs but on any computer
that implements the Firewire specification. (details at
http:/
Actually, it's full system compromise -- if the machine is joined to a
domain, then any domain account credentials known to that machine are
compromised as well.
And yes, the same capability exists not only on Macs but on any computer
that implements the Firewire specification. (details at
http:/
On Mon, Mar 3, 2008 at 2:31 PM, worried security
<[EMAIL PROTECTED]> wrote:
> [02:40] do you think cyber terrorism is real or its just the
> government softening ppl up for a couple of false flags for a reason
> to bomb iran?
> [02:49] the u.s are still deciding where to build the cyber
> command
The key to the vulnerability: "To use the tool, hackers must connect a
Linux-based computer to a Firewire port on the target machine. The
machine is then tricked into allowing the attacking computer to have
read and write access to its memory. "
I assume this makes it a local login, not a domain l
An in-depth overview of a currently active malware IFRAME campaign,
that's targeting ZDNet Asia and TorrentReactor's search engine
optimization practices of generating, and locally caching the search
queries pages, thereby positioning the now cached popular keywords
with the IFRAME between the firs
I guess the release of this tool makes physical access pen-tests a little
bit easier huh? Will have to try this out some time.
Steven
> http://www.smh.com.au/news/security/hack-into-a-windows-pc--no-password-needed/2008/03/04/1204402423638.html
>
> ___
2008/3/4, Ivan . <[EMAIL PROTECTED]>:
> http://www.smh.com.au/news/security/hack-into-a-windows-pc--no-password-needed/2008/03/04/1204402423638.html
>
Here is a (totally unofficial) mirror of Metlstorm's files in case you
can't reach his overloaded website :-\
http://www.hotsecuritynews.com/fearw
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://www.smh.com.au/news/security/hack-into-a-windows-pc--no-password-needed/2008/03/04/1204402423638.html
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
###
Luigi Auriemma
Application: Versant Object Database
http://www.versant.com/en_US/products/objectdatabase
Versions: <= 7.0.1.3
Platforms:Windows, Solaris, HP-UX, AIX, Linux
[Forwarded from DailyDave]
Tom Clancy just writes about how cool the Catholic religion is. His
latest novel is all about someone trying to talk about format strings
and buffer overflows, you can call them "fish." I've read Dawson's
Creek novels that were better written. Now, telling the public the
[19:15] lsi2lsi: hiya! ... so i was nearly vished today ...
[19:16] lsi2lsi: mobile rings - hello, we're calling from Lloyds TSB,
if you are not [name], you must press 2
[19:16] lsi2lsi: if you ARE [name], please press 1
[19:17] lsi2lsi: ..etc.. i went to bank - they'd never heard of such
a thing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs
Multiple vulnerabilities in Google's Android SDK
*Advisory Information*
Title: Multiple vulnerabilities in Google's Android SDK
Advisory ID: CORE-2
cDc's goolag tool is pretty cool but here is an online alternative for
those of you who are interested: http://www.gnucitizen.org/ghdb/
pdp
--
http://www.gnucitizen.org
http://www.gnucitizen.com
GNUCITIZEN
___
Full-Disclosure - We believe in it.
Cha
Well, such statement is simply derived from my personal experience of
doing application-layer UDP scanning. Never ran a proper benchmark to
compare speed results to be honest.
On Tue, Mar 4, 2008 at 8:53 AM, Sebastian Krahmer <[EMAIL PROTECTED]> wrote:
> On Tue, Mar 04, 2008 at 12:02:25AM +, A
On Tue, Mar 04, 2008 at 12:02:25AM +, Adrian P wrote:
> * Exploring the UNKNOWN: Scanning the Internet via SNMP! *
> http://www.gnucitizen.org/blog/exploring-the-unknown-scanning-the-internet-via-snmp/
>
> Hacking is not only about coming up with interesting solutions to
> problems, but also
21 matches
Mail list logo
