On Tue, November 25, 2008 1:44 am, Memisyazici, Aras wrote:
> OK... Maybe I'm going a bit extreme, but WTH?! Am I the only one who is
> interpreting this, this way? Really? When has releasing a solution to a
> problem 7 years later ever been acceptable?
May not be acceptable, but it is standard p
On Tue, 25 Nov 2008 03:07:49 EST, "Randal T. Rioux" said:
> On Tue, November 25, 2008 1:44 am, Memisyazici, Aras wrote:
>
> > OK... Maybe I'm going a bit extreme, but WTH?! Am I the only one who is
> > interpreting this, this way? Really? When has releasing a solution to a
> > problem 7 years late
Good day.
Mon, Nov 24, 2008 at 03:17:05PM +0700, svrt wrote:
> In Oct 2008, SVRT-Bkis has detected a serious buffer overflow vulnerability
> in ffdshow which affects all available internet browsers.
^^^
Really? And links, elinks, lynx, dillo
I think in that effect they didn't feel they had to put the resources in to
fix it because it wasn't worth the money.
On Tue, Nov 25, 2008 at 11:11 AM, <[EMAIL PROTECTED]> wrote:
> On Tue, 25 Nov 2008 03:07:49 EST, "Randal T. Rioux" said:
> > On Tue, November 25, 2008 1:44 am, Memisyazici, Aras w
On Tue, 25 Nov 2008 14:48:34 +0200, James Matthews said:
> I think in that effect they didn't feel they had to put the resources in to
> fix it because it wasn't worth the money.
No shit, Sherlock. Microsoft is a *corporation*. As such, they need to
make trade-offs and decisions based on the bot
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear Valdis,
Need we remind you that you do not speak for the mustache, and that
the mustache speaks for you? Also do not forget that the mustache
divorced itself from you due to your poor hygiene and ringworms you
caused it to live with. No one on
M$ should just bite the incompatibility bullet and turn NTLM off - that's been
an option for users, theoretically speaking, since about the time Windows
Kerberos support became mature, and practically speaking, nobody seems to be
turning NTLM off here in the real world.
Err... Have ya' ever a
On Tue, Nov 25, 2008 at 10:51 AM, Memisyazici, Aras <[EMAIL PROTECTED]> wrote:
>
> M$ should just bite the incompatibility bullet and turn NTLM off - that's
> been an option for users, theoretically speaking, since about the time
> Windows Kerberos support became mature, and practically speakin
Hey all,
I've just posted a new tool and paper for Oracle forensics. The tool,
orablock, allows a forensic investigator to dump data from a "cold" Oracle
data file - i.e. there's no need to load up the data file in the database
which would cause the data file to be modified, so using orablock pr
--On Monday, November 24, 2008 23:52:21 -0600 [EMAIL PROTECTED] wrote:
>
> Urleet: I do believe that Gadi's work with the Israeli CIRT is both common
> knowledge and not under NDA. Or at least the fact that he worked there isn't
> under NDA - I'm sure lots of specific incidents are still covered.
--On Tuesday, November 25, 2008 06:48:34 -0600 James Matthews
<[EMAIL PROTECTED]> wrote:
>
> I think in that effect they didn't feel they had to put the resources in to
> fix it because it wasn't worth the money.
>
That's a pretty ridiculous statement considering that they *did* put the
resourc
On Tue, Nov 25, 2008 at 5:44 PM, Paul Schmehl <[EMAIL PROTECTED]> wrote:
> --On Monday, November 24, 2008 23:52:21 -0600 [EMAIL PROTECTED] wrote:
>>
>> Urleet: I do believe that Gadi's work with the Israeli CIRT is both common
>> knowledge and not under NDA. Or at least the fact that he worked the
On Tue, Nov 25, 2008 at 5:52 AM, <[EMAIL PROTECTED]> wrote:
> On Mon, 24 Nov 2008 21:56:42 GMT, n3td3v said:
>> On Mon, Nov 24, 2008 at 9:41 PM, Ureleet <[EMAIL PROTECTED]> wrote:
>> > On Sun, Nov 23, 2008 at 5:46 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>> >> What *does* he do then? Please enlighten
Mike C
On Mon, Nov 24, 2008 at 9:40 PM, Ureleet <[EMAIL PROTECTED]> wrote:
> name 1?
>
> On Mon, Nov 24, 2008 at 10:01 AM, n3td3v <[EMAIL PROTECTED]> wrote:
>> On Mon, Nov 24, 2008 at 7:50 AM, Mike C <[EMAIL PROTECTED]> wrote:
>>> For what it's worth, i think the n3td3v groups feed is a bad idea
>
On Tue, Nov 25, 2008 at 11:15:43AM -0500, Charles Morris wrote:
> In reality, every machine I've ever built here at ODU (production
> included) has had NTLM turned off.
>
> No complaints yet.
May I ask how you were able to force the clients to no longer perform
NTLM authentication? Or servers for
I love FD! Where we get a full disclosure on the latest flame war :)
On Tue, Nov 25, 2008 at 11:10 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> Mike C
>
> On Mon, Nov 24, 2008 at 9:40 PM, Ureleet <[EMAIL PROTECTED]> wrote:
> > name 1?
> >
> > On Mon, Nov 24, 2008 at 10:01 AM, n3td3v <[EMAIL PROTECTED]
He can't handle that i've got 4 and a half thousand members and hes
got jackshit. :)
On Tue, Nov 25, 2008 at 9:13 PM, James Matthews <[EMAIL PROTECTED]> wrote:
> I love FD! Where we get a full disclosure on the latest flame war :)
>
> On Tue, Nov 25, 2008 at 11:10 PM, n3td3v <[EMAIL PROTECTED]> wr
Only at the end, When there is a 0-day in the wild they will devote allot of
man power in order to patch it. However in this case i don't understand why
they decided to fix it now however it wasn't worth it to put a bunch of guys
on it.
On Tue, Nov 25, 2008 at 8:20 PM, Paul Schmehl <[EMAIL PROTECT
= noXSS.org Security Advisory ==
Advisory: WordPress XSS vulnerability in RSS Feed Generator
Author: Jeremias Reith <[EMAIL PROTECTED]>
Published: 2008/11/25
Affected: WordPress < 2.6.5
Summary
===
WordPress prior to v2.6.5 fails to sanitize the Host header variable
correctly when
On Tue, Nov 25, 2008 at 1:03 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> On Tue, Nov 25, 2008 at 5:44 PM, Paul Schmehl <[EMAIL PROTECTED]> wrote:
>> --On Monday, November 24, 2008 23:52:21 -0600 [EMAIL PROTECTED] wrote:
>>>
>>> Urleet: I do believe that Gadi's work with the Israeli CIRT is both common
oh, and who is this mike c person? most likely a fucktard.
definitely no researcher that any of us have heard of. go to hell.
On Tue, Nov 25, 2008 at 4:10 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> Mike C
>
> On Mon, Nov 24, 2008 at 9:40 PM, Ureleet <[EMAIL PROTECTED]> wrote:
>> name 1?
>>
>> On Mo
On Tue, Nov 25, 2008 at 1:56 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> On Tue, Nov 25, 2008 at 5:52 AM, <[EMAIL PROTECTED]> wrote:
>> On Mon, 24 Nov 2008 21:56:42 GMT, n3td3v said:
>>> On Mon, Nov 24, 2008 at 9:41 PM, Ureleet <[EMAIL PROTECTED]> wrote:
>>> > On Sun, Nov 23, 2008 at 5:46 PM, n3td3v <
i could care less either way. thats what u just dont get andrew. you
just dont get that none of us care about any1 of ur 4 and a half
thousand meembers!
heck i used 2 b 1 of ur members just so i could watch what stupid shit
ud say next! no 1 on there is a follower, they are just listeners.
clea
i am just glad that more than just 1 are starting 2 c that he is a
complete fucktard.
On Tue, Nov 25, 2008 at 4:13 PM, James Matthews <[EMAIL PROTECTED]> wrote:
> I love FD! Where we get a full disclosure on the latest flame war :)
>
> On Tue, Nov 25, 2008 at 11:10 PM, n3td3v <[EMAIL PROTECTED]> w
===
Ubuntu Security Notice USN-678-1 November 26, 2008
gnutls12, gnutls13, gnutls26 vulnerability
CVE-2008-4989
===
A security issue affects the following Ubuntu releases:
Ubun
===
Ubuntu Security Notice USN-668-1 November 26, 2008
mozilla-thunderbird, thunderbird vulnerabilities
CVE-2008-5012, CVE-2008-5014, CVE-2008-5016, CVE-2008-5017,
CVE-2008-5018, CVE-2008-5021, CVE-2008-5022, CVE-2008-5024
===
On Wed, Nov 26, 2008 at 12:21 AM, Ureleet <[EMAIL PROTECTED]> wrote:
> On Tue, Nov 25, 2008 at 1:56 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>> On Tue, Nov 25, 2008 at 5:52 AM, <[EMAIL PROTECTED]> wrote:
>>> On Mon, 24 Nov 2008 21:56:42 GMT, n3td3v said:
On Mon, Nov 24, 2008 at 9:41 PM, Ureleet
Hi,
To Nguyen Nam : You can see details in
http://sourceforge.net/forum/forum.php?forum_id=597807
Besides, K-lite Codec Pack that contains the fixed version of ffdshow have
been released today (11-26-2008).
Thanks,
SVRT-Bkis
Ba
On Tue, Nov 25, 2008 at 8:57 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> On Wed, Nov 26, 2008 at 12:21 AM, Ureleet <[EMAIL PROTECTED]> wrote:
>> On Tue, Nov 25, 2008 at 1:56 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>>> On Tue, Nov 25, 2008 at 5:52 AM, <[EMAIL PROTECTED]> wrote:
On Mon, 24 Nov 2008 2
On Wed, Nov 26, 2008 at 3:26 AM, Ureleet <[EMAIL PROTECTED]> wrote:
> On Tue, Nov 25, 2008 at 8:57 PM, n3td3v <[EMAIL PROTECTED]> wrote:
>> On Wed, Nov 26, 2008 at 12:21 AM, Ureleet <[EMAIL PROTECTED]> wrote:
>>> On Tue, Nov 25, 2008 at 1:56 PM, n3td3v <[EMAIL PROTECTED]> wrote:
On Tue, Nov 25
On Wed, 26 Nov 2008 03:33:36 GMT, n3td3v said:
> On Wed, Nov 26, 2008 at 3:26 AM, Ureleet <[EMAIL PROTECTED]> wrote:
> > o, so u r just some guy who reposts articles without regard 2 license
> > of article and posts them illegally on ur site? O i c.
> >
>
> The same as Funsec.
Tom Knight and the
On Wed, Nov 26, 2008 at 4:03 AM, <[EMAIL PROTECTED]> wrote:
> On Wed, 26 Nov 2008 03:33:36 GMT, n3td3v said:
>> On Wed, Nov 26, 2008 at 3:26 AM, Ureleet <[EMAIL PROTECTED]> wrote:
>> > o, so u r just some guy who reposts articles without regard 2 license
>> > of article and posts them illegally on
O pls stop the madness.
Sent from my Verizon Wireless BlackBerry
-Original Message-
From: n3td3v <[EMAIL PROTECTED]>
Date: Wed, 26 Nov 2008 03:33:36
To: Ureleet<[EMAIL PROTECTED]>;
Subject: Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery
vulnerability released
On Wed, 26 Nov 2008 04:08:26 GMT, you said:
> > http://www.catb.org/jargon/html/koans.html#id3141171
> Have you got permission to copy&paste that Valdis? Ureleet might jump
> down your neck.
Sayeth Eric Raymond himself: http://www.catb.org/jargon/html/online-preface.html
"This document (the Jar
Hey, kid -
If you've got any better ideas about how to fix NTLM, the industry is ready
& waiting to hear them.
The fact is, NTLM is an old & busted protocol that happens to be used *
everywhere*, and there's no way to fix it without breaking compatibility
with, oh, just the entire installed base.
35 matches
Mail list logo
