Re: [Full-disclosure] [0day] Simple Machines Forum * <= 1.1.6 Code Execution

> # @descp: In loving memory of the rare bone marrow disease that > killed rgod. > # We can't thank you enough for killing a bug killer. no comment.. :| ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-ch

[Full-disclosure] [SECURITY] [DSA 1662-1] New mysql-dfsg-5.0 packages fix authorization bypass

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1662-1 [EMAIL PROTECTED] http://www.debian.org/security/ Devin Carraway November 06, 2008

Re: [Full-disclosure] Death of a Gay h4x0r!

On Thu, Nov 6, 2008 at 6:30 AM, Anders B Jansson <[EMAIL PROTECTED]> wrote: > Obviously he wanted to played the game, and now he'll the second round of the > game. And now he accidentally the entire fleshlight! ___ Full-Disclosure - We believe in it.

[Full-disclosure] AVG 8.0.173 flaw

@ alessandro telami Most antivirus , nowadays locks there processesAVG 8.0.173 and older doesn't. At the time, i'm writing this lines there are public computers in my local area that can be used to infect. Note: This is usefull for hack tools execution or pay-per-install schemes. Note 2: An autom

Re: [Full-disclosure] Death of a Gay h4x0r!

On Thu, 06 Nov 2008 10:54:36 +0100, Knud Erik Højgaard said: > And now he accidentally the entire fleshlight! This sentence no verb. pgpcmP8AxgroA.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk

Re: [Full-disclosure] Death of a Gay h4x0r!

He isn't so bad have some mercy ;) On 11/6/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > On Thu, 06 Nov 2008 10:54:36 +0100, Knud Erik Højgaard said: > >> And now he accidentally the entire fleshlight! > > This sentence no verb. > -- http://www.goldwatches.com/ http://www.jewelerslounge.c

Re: [Full-disclosure] Death of a Gay h4x0r!

you are showing your age... might be time for an internet exits [EMAIL PROTECTED] wrote: > On Thu, 06 Nov 2008 10:54:36 +0100, Knud Erik Højgaard said: > > >> And now he accidentally the entire fleshlight! >> > > This sentence no verb. > > ---

Re: [Full-disclosure] AVG 8.0.173 flaw

My point is/was that with that kind of privileges on the machine there is no point in killing the AV processes, when you could just format the hard drive or do whatever you like on the machine. > Date: Thu, 6 Nov 2008 13:05:46 +> From: [EMAIL PROTECTED]> To: > full-disclosure@lists.grok.org.

[Full-disclosure] Bluetooth keyloggers?

Hi List, Just wondering if anyone has technical feedback/musings on the emerging bluetooth keyloggers available, such as the following products: 1. http://www.wirelesskeylogger.com/index.php 2. http://www.keyear.com/articles_pages/BTKeyEar2.html 4. Other commercially offered products? 3. Any

Re: [Full-disclosure] Bluetooth keyloggers?

> Just wondering if anyone has technical feedback/musings on the > emerging bluetooth keyloggers available, such as the following > products: > Yeah .. use a USB keyboard ;) > * Remote discovery of these devices (active and passive) via > bluetooth, localhost device discovery, any other means

Re: [Full-disclosure] Bluetooth keyloggers?

Hi, SM> * Remote discovery of these devices (active and passive) via SM> bluetooth, localhost device discovery, any other means, etc. Passive detection is always possible Active (as in scan(query) detection depends on keylogger setup - I would guess no SM> * Countermeasures, any and all, includi

[Full-disclosure] [ MDVSA-2008:226 ] ruby

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:226 http://www.mandriva.com/security/

[Full-disclosure] Once thought safe, WPA Wi-Fi encryption is cracked

To do this, Tews and his co-researcher Martin Beckfound a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu<

[Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

On Thursday, Microsoft announced two security bulletins for Tuesday. The advance notice is intended as a heads up for IT departments before Patch Tuesday, the company's monthly patch day. One bulletin is considered critical, the most serious ranking offered by the software giant, while the other is

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

maybe we should have a discussion on what a drug addled cock lover you are? On Fri, Nov 7, 2008 at 10:48 AM, n3td3v <[EMAIL PROTECTED]> wrote: > On Thursday, Microsoft announced two security bulletins for Tuesday. > The advance notice is intended as a heads up for IT departments before > Patch Tu

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

Shut the fuck up We're tired to hear your shit dude. Why don't you just keep on squatting your fucking mailing list with your friends ? You have no friends here, and you're not welcome, get the fuck out of here. ___ Full-Disclosure - We believe in it. Ch

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

blackhats like you will always hate on me, so i just ignore the negative responses i get. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

That's a good try, you play the oppressed card, Calimero sayed it: life is so injust. To bad that's not the real reason. You're polluating this mailing list since a couple of years, there's even a profiling Pdf dedicated to you (amnesic reminder: www.hackerfactor.com/papers/who_is_n3td3v.pdf) now

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

Do you even understand why people dont like you? It is because you have all these crackpot ideas but no experience to back it up. All your ideas only make sense from a theoretical standpoint, but in practicality most will fail. Do you understand that or are you much of an ignorant person to even r

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

n3td3v wrote: > blackhats like you will always hate on me, so i just ignore the > negative responses i get. Whitehats hate you equally because you just create spam and don't post anything of actual value. You have your mailing list. Why can't you just stay there until you have anything of value

[Full-disclosure] [USN-662-2] Ubuntu kernel modules vulnerability

=== Ubuntu Security Notice USN-662-2 November 06, 2008 linux-ubuntu-modules-2.6.22/24 vulnerability CVE-2008-4395 === A security issue affects the following Ubuntu releases: Ub

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

i've been monitoring the scene since 1999 so what do you mean no experience? i make that about 10 years experience if my math is correct. On Fri, Nov 7, 2008 at 12:48 AM, Biz Marqee <[EMAIL PROTECTED]> wrote: > Do you even understand why people dont like you? It is because you have all > these cra

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

You can be ""monitoring"" the scene since 20 years if you want to, it's not for that your point will be valuable. And actually it is not, also this is about logic. See you're wrong again. Get the fuck out of here. 2008/11/6, n3td3v <[EMAIL PROTECTED]>: > > i've been monitoring the scene s

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

Dear n3td3v, I sincerely regret to inform you that if all you have done for the past 10 years is "monitor the scene" (i.e. trolling/spamming mailing lists and chatrooms with elementary ramblings) then you have no leg to stand on when somebody questions your experience. In fact, it is quite pitifu

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

so you don't think its logical that these 5 day heads up could be helping the bad guys out? right. i think the world's biggest hackers could do a lot of research in 5 days. but then again n3td3v isn't logical so i must be wrong. damn those drugs eh? i just asked what the realistic possibility was f

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

thats 9 years u fucking moron. that could NOT have been funnier. most of us on this list have been WORKING in this industry for longer than that. u just sit and rant. take everyones advice, including mine. fucking leave. we dont care about u. microsoft is smarter than u, we are all smarter th

Re: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?

no. _u_ are angry. no 1 else. no 1 else gives a shit. On Mon, Nov 3, 2008 at 2:24 PM, n3td3v <[EMAIL PROTECTED]> wrote: > who cares what it means, people are angry, there better be a > government task / strike force being setup for when these offers come > infront of everyone. we can't be compl

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

I have watched movies for 10 years, does this make me an experienced director? No, because watching isn't doing and as such it is not experience. Now please address the issue of your illegal drug use, which demonstrates complete disregard for your governments laws. On Fri, Nov 7, 2008 at 12:06 P

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

first off, u arent going to get any1 2 change anything. so, lets get that out of the way right there. second of all, in order for u 2 prove ur point, id like 4 u to go to some research of how many exploits have come out during the 5 day period between vague-ass disclosure and patch publish. then

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

i'm sorry that you don't agree with my heads up theory, i stand by what i said however. i'm sure microsoft don't read full-disclosure anyway, so you're right i'm not going to change anything. by the way, i've noticed you haven't stopped stalking me yet, im a bit concerned about your health. cheers.

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

Acting like the child that he is, n3td3v continues to ignore questions posed to him. How can he be such an avid debater over the legality of things like metasploit, 0day auctions and similarly themed bullshit threads when he completely disregards drug laws? How do you intend to lobby people to list

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

you seem like an hd moore/metasploit fan boy pissed off that i don't respect him or like his metasploit software. n3td3v doesn't respect people like the sheep do, i think for myself, have opinions about other white hats that may not be in support of them. get used to it bozo. On Fri, Nov 7, 2008 a

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

I could care less about metasploit, all it does is help the kiddies.. but that doesnt mean it should be illegal. Software is knowledge and knowledge should be free, but that is not the issue here. The issue is that you are a bullshitting drug abuser who's child like demeanor wont allow him to even

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

why should i respond to your off-topic personal jabs? all it would do is start a flame war and im not into that. im performing self control and restraint by not responding to your personal jabs, nobody on the list wants a flame war based on personal jabs, so im not going to feed it. im reading ever

[Full-disclosure] VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - VMware Security Advisory Advisory ID: VMSA-2008-0018 Synopsis: VMware Hosted products and patches for ESX and ESXi resolve

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

Nobody on the list wants YOU so I don't see how you can justify what people want to see as your argument for not retaliating. Ill fuck you 'til you love me, faggot. On Fri, Nov 7, 2008 at 4:31 PM, n3td3v <[EMAIL PROTECTED]> wrote: > why should i respond to your off-topic personal jabs? all it w

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

haha, you agree with n3td3v on something! you're making a start at least young padawan. keep up the good work. On Fri, Nov 7, 2008 at 5:09 AM, Biz Marqee <[EMAIL PROTECTED]> wrote: > I could care less about metasploit, all it does is help the kiddies. _

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

Probably because there's noone on his mailing list despite his claim of 5000 subscribers. Seriously n3td3v, I'd love to hear you answer as to why you continue to troll the FD list with blatant nonsense while you have this amazing list of 5000 some odd subscribers who all want to hear what you have

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

2008/11/6 n3td3v <[EMAIL PROTECTED]>: > i'm not sure this is a good idea as it gives a heads up to hackers. > you may think its not long but its actually 5 days for a hacker to > figure out potentially a vulnerability in said area. maybe we should > have a discussion about the pros and cons of the

Re: [Full-disclosure] Two bulletins from Microsoft on Patch Tuesday

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What scene... On Thu, 06 Nov 2008 20:06:47 -0500 n3td3v <[EMAIL PROTECTED]> wrote: >i've been monitoring the scene since 1999 so what do you mean no >experience? i make that about 10 years experience if my math is >correct. > >On Fri, Nov 7, 2008 at 1

[Full-disclosure] [PLSA 2008-67] libcdaudio: Buffer Overflow

Pardus Linux Security Advisory 2008-67[EMAIL PROTECTED] Date: 2008-11-07 Severity: 2 Type: Remote -

[Full-disclosure] PLSA 2008-63] imlib2: Multiple Vulnerabilities

Pardus Linux Security Advisory 2008-63[EMAIL PROTECTED] Date: 2008-11-07 Severity: 3 Type: Remote -

[Full-disclosure] [PLSA 2008-66] Blender: Arbitrary Code Execution

Pardus Linux Security Advisory 2008-66[EMAIL PROTECTED] Date: 2008-11-07 Severity: 2 Type: Local --

[Full-disclosure] [PLSA 2008-64] Dovecot: Multiple Vulnerabilities

Pardus Linux Security Advisory 2008-64[EMAIL PROTECTED] Date: 2008-11-07 Severity: 2 Type: Remote Summary === The invalid