Thats the most sensible thing you've said yet, I only hope you can keep
to your word, time will tell I suppose.
I also think "Some Guy Posting To Full Disclosure" made a responsible
and appropriate post,
well done.
On Wed, 2008-12-10 at 11:23, n3td3v wrote:
> On Tue, Dec 9, 2008 at 9:50 PM, So
===
Ubuntu Security Notice USN-678-2 December 10, 2008
gnutls12, gnutls13, gnutls26 regression
https://launchpad.net/bugs/305264
===
A security issue affects the following Ubunt
On Tue, Dec 9, 2008 at 9:50 PM, Some Guy Posting To Full Disclosure
<[EMAIL PROTECTED]> wrote:
> ok this is what this whole thing looks like to me:
They (Ureleet) try to get my attention, they don't care if I stop or
not, they flame me. If I email them in private, then they forward the
message to
ok this is what this whole thing looks like to me:
To n3td3v:
You often post ideas and express your opinion to this list. The some
(often the more liberal) of us often disagree with you and others mock
you for your adventurousness. Actually sometimes it looks childish,
almost as if you're despera
===
Ubuntu Security Notice USN-689-1 December 10, 2008
vinagre vulnerability
https://launchpad.net/bugs/305623
===
A security issue affects the following Ubuntu releases:
Ubunt
To you or someone who knows anything about banks, fraud, and how they
work and things.
I have a German bank account.
Should I do something!?
On 12/9/08, James Matthews <[EMAIL PROTECTED]> wrote:
> German banks are some of the oldest in the world. This is pretty scary
> however it is also the rea
Contact your bank and ask them how they protect you against fraud. Get
everything in writing. Then to be safe change everything (hoping that these
people don't have continual access to the banks server so they pick up new
accounts) Place a credit watch on your SCHUFA score and hope that the BND
cat
ZDI-08-084: Microsoft Office RTF Consecutive Drawing Object Parsing Heap
Corruption Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-084
December 9, 2008
-- CVE ID:
CVE-2008-4027
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Office Word
Microsoft Outlook
-- Tip
ZDI-08-085: Microsoft Office RTF Drawing Object Heap Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-085
December 9, 2008
-- CVE ID:
CVE-2008-4028
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Office Word
Microsoft Outlook
-- TippingPoint(TM) IPS Cust
ZDI-08-086: Microsoft Office Word Document Table Property Stack Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-086
December 9, 2008
-- CVE ID:
CVE-2008-4837
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Office Word
-- Vulnerability Details:
This vuln
ZDI-08-083: Microsoft Animation ActiveX Control Malformed AVI Parsing Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-083
December 9, 2008
-- CVE ID:
CVE-2008-4255
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Windows XP
-- TippingPoint(TM) IPS
ZDI-08-087: Microsoft Internet Explorer Webdav Request Parsing Heap
Corruption Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-087
December 9, 2008
-- CVE ID:
CVE-2008-4259
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer
-- TippingPoint(TM) IPS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The no one refers to your average joe consumer, not the PCI SSC, I
am well aware that there is no easy solution, however, at the same
time, why worry about something when someone else can worry and pay
for you...
On Tue, 09 Dec 2008 14:53:29 -0500 Luk
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 12.09.08
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 09, 2008
I. BACKGROUND
Microsoft Windows graphics device interface (GDI) enables applications
to use graphics and formatted text on both the video display
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDefense Security Advisory 12.09.08
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 09, 2008
I. BACKGROUND
Internet Explorer is a graphical web browser developed by Microsoft
Corp. that has been included with Microsoft Windows since 1995.
On Tue, 09 Dec 2008 14:41:41 EST, Elazar Broad said:
>My
> rant was a little bit of wishful thinking and a shred of belief in
> the human race...
You're new here, aren't you? :)
pgpVetzEtfcqV.pgp
Description: PGP signature
Elazar Broad wrote:
> Neither, because ultimately no one cares, and that is why the
> financial industry foots the 60 billion identity theft bill. My
> rant was a little bit of wishful thinking and a shred of belief in
> the human race...
>
Having been a student in a computer-security training
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Vinagre show_error() format string vulnerability
1. *Advisory Information*
Title: Vinagre show_error() format string vulnerability
Advisory ID: C
==
Secunia Research 09/12/2008
- Microsoft Excel NAME Record Array Indexing Vulnerability -
==
Table of Contents
Affected Software.
==
Secunia Research 09/12/2008
- Microsoft Word RTF Polyline/Polygon Integer Overflow -
==
Table of Contents
Affected Software..
rPath Security Advisory: 2008-0332-1
Published: 2008-12-09
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2
Rating: Major
Exposure Level Classification:
Local User Non-deterministic Privilege Escalation
Upda
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Neither, because ultimately no one cares, and that is why the
financial industry foots the 60 billion identity theft bill. My
rant was a little bit of wishful thinking and a shred of belief in
the human race...
On Tue, 09 Dec 2008 13:51:57 -0500 [EMAI
On Mon, Dec 8, 2008 at 11:14 PM, Ivan . <[EMAIL PROTECTED]> wrote:
> http://www.businessweek.com/bwdaily/dnflash/content/dec2008/db2008127_817606.htm
>
They say the enemy is the intelligence services of other nations, but
if they want to be taken seriously, they need to start releasing proof
to th
On Mon, Dec 8, 2008 at 2:56 PM, Bernhard Brehm <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] said:
>>
>> You want *real* loads of fun? Go read up on message/partial ;)
>>
> The situation is quite similiar to the reason, why MTAs like sendmail
> are no real target for such attacks: No server shoul
On Tue, 09 Dec 2008 13:26:15 EST, Elazar Broad said:
> I never said we need to do something, passive awareness *can* go a
> long way...
Right. The danger is that you want to give the people a *reason* to
care.
"If you're not careful, your account could be emptied and you'll be very
surprised at
hello internet.
The .aware ezine (delta edition) calls for your papers.
Klick: http://www.awarenetwork.org/etc/
Or read the attached CFP. Thanks for your attention.
cheers,
the .aware crew THE .AWARE-ELECTROLICIOUS-ZINE CALL FOR PAPERS
DELTA EDITION
The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I never said we need to do something, passive awareness *can* go a
long way...
On Tue, 09 Dec 2008 13:12:25 -0500 [EMAIL PROTECTED] wrote:
>On Tue, 09 Dec 2008 12:20:36 EST, Elazar Broad said:
>> Changing the public opinion and mindset might go a long
On Tue, 09 Dec 2008 12:20:36 EST, Elazar Broad said:
> Changing the public opinion and mindset might go a long way
> especially if its something like "your credit card could be funding
> the next 911", that's just a though though.
Do you *really* want to go there?
We *already* have enough proble
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I think most of us realize that even with the hard work of many
good people in and out of the security industry this country's
cyber security amounts to some swiss cheese, and there is plenty of
blame to go around. Let's face it though, no one thinks t
thats all he does is deflect, weve established that he never gives a
real answer.
On Tue, Dec 9, 2008 at 12:25 PM, Elazar Broad <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Brilliant use of deflection, keep it up, you might end up as some
> loser serial rapist o
ditto.
On Tue, Dec 9, 2008 at 12:03 PM, waveroad waveroad <[EMAIL PROTECTED]> wrote:
> You're the fucking idiot.
> GET OUT OF HERE
>
>
> 2008/12/9, n3td3v <[EMAIL PROTECTED]>:
>>
>> On Tue, Dec 9, 2008 at 3:08 PM, Paul Schmehl <[EMAIL PROTECTED]>
>> wrote:
>> > --On Tuesday, December 09, 2008 00:2
uve said that before fucknut.
On Tue, Dec 9, 2008 at 11:55 AM, n3td3v <[EMAIL PROTECTED]> wrote:
> On Tue, Dec 9, 2008 at 3:08 PM, Paul Schmehl <[EMAIL PROTECTED]> wrote:
>> --On Tuesday, December 09, 2008 00:25:18 -0600 [EMAIL PROTECTED] wrote:
>>
>>>
>>> On Tue, 09 Dec 2008 04:03:57 GMT, n3td3v
On Tue, Dec 9, 2008 at 10:03 AM, Bipin Gautam <[EMAIL PROTECTED]> wrote:
>>On 12/9/08, Ureleet <[EMAIL PROTECTED]> wrote:
>> ok, so we need 2 chalk up bipin as being a n3td3v athletic supporter as wel.
> You have a passion to abuse least someone all the time ? So you were
> like this to all you EX
no disagreement here.
On Tue, Dec 9, 2008 at 9:12 AM, James Matthews <[EMAIL PROTECTED]> wrote:
> And money is used to bail out banks and other massive company's!
>
> On Tue, Dec 9, 2008 at 4:01 PM, Ureleet <[EMAIL PROTECTED]> wrote:
>>
>> time is money.
>>
>> On Mon, Dec 8, 2008 at 11:28 PM, Rafa
Luke Scharf wrote:
Rafal @ IsHackingYou.com wrote:
Hold the phone...$5k-$7k to fix an infected device!? Really?
HOLY CRAP... either that's a completely made-up "FUD" figure, or the
government contractors are making *way* too much money off my taxes.
If you count lost productivity for
Rafal @ IsHackingYou.com wrote:
Hold the phone...$5k-$7k to fix an infected device!? Really? HOLY
CRAP... either that's a completely made-up "FUD" figure, or the government
contractors are making *way* too much money off my taxes.
If you count lost productivity for both the IT staff w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brilliant use of deflection, keep it up, you might end up as some
loser serial rapist on Law and Order, oh wait, they want actor's,
not the real thing...
On Tue, 09 Dec 2008 11:55:08 -0500 n3td3v <[EMAIL PROTECTED]>
wrote:
>On Tue, Dec 9, 2008 at 3:08
You're the fucking idiot.
GET OUT OF HERE
2008/12/9, n3td3v <[EMAIL PROTECTED]>:
>
> On Tue, Dec 9, 2008 at 3:08 PM, Paul Schmehl <[EMAIL PROTECTED]>
> wrote:
> > --On Tuesday, December 09, 2008 00:25:18 -0600 [EMAIL PROTECTED]:
> >
> >>
> >> On Tue, 09 Dec 2008 04:03:57 GMT, n3td3v said:
> >>> W
On Tue, Dec 9, 2008 at 3:08 PM, Paul Schmehl <[EMAIL PROTECTED]> wrote:
> --On Tuesday, December 09, 2008 00:25:18 -0600 [EMAIL PROTECTED] wrote:
>
>>
>> On Tue, 09 Dec 2008 04:03:57 GMT, n3td3v said:
>>> We need to stop this back and forth fighting its making infosec look
>>> bad, this isn't what
--On Tuesday, December 09, 2008 00:25:18 -0600 [EMAIL PROTECTED] wrote:
>
> On Tue, 09 Dec 2008 04:03:57 GMT, n3td3v said:
>> We need to stop this back and forth fighting its making infosec look
>> bad, this isn't what infosec should be about.
>
> It's making one very small insignificant corner of
>On 12/9/08, Ureleet <[EMAIL PROTECTED]> wrote:
> ok, so we need 2 chalk up bipin as being a n3td3v athletic supporter as wel.
>
yeah!
You have a passion to abuse least someone all the time ? So you were
like this to all you EX-girlfriend in real life as well?
If you treat n3td3v like a cat wit
http://www.offensivecomputing.net
On Tue, Dec 9, 2008 at 12:53 AM, Xia Shing Zee <[EMAIL PROTECTED]> wrote:
> Does anybody happen to have a sample of this piece of malware? It's
> roughly 10kb in size and I'd like to take a look at it, however AV's
> seem to keep corrupting it in their bid to sav
SEC Consult Security Advisory < 20081209-0 >
=
title: Microsoft SQL Server 2000 sp_replwritetovarbin
limited memory overwrite vulnerability
p
Does anybody happen to have a sample of this piece of malware? It's
roughly 10kb in size and I'd like to take a look at it, however AV's
seem to keep corrupting it in their bid to save the end-user.
Thanks...
___
Full-Disclosure - We believe in it.
Char
[EMAIL PROTECTED] said:
>
> You want *real* loads of fun? Go read up on message/partial ;)
>
You're right. The RFCs do read like fun. I did some testing on DoS
attacks with message/partial before I found the other problems. However,
most applications refuse to reassemble messages.
The situation
On Sat, Nov 15, 2008 at 11:36:26AM -0500, Micheal Cottingham wrote:
> I found and reported this back in 2005/2006. Microsoft told me that it
> had been reported previously and that it would be fixed in the next
> release, which I'm guessing they meant 2007. I do not know if they
> have fixed it in
And money is used to bail out banks and other massive company's!
On Tue, Dec 9, 2008 at 4:01 PM, Ureleet <[EMAIL PROTECTED]> wrote:
> time is money.
>
> On Mon, Dec 8, 2008 at 11:28 PM, Rafal @ IsHackingYou.com
> <[EMAIL PROTECTED]> wrote:
> > Ivan, all,
> >
> >Hold the phone...$5k-$7k to fix
German banks are some of the oldest in the world. This is pretty scary
however it is also the reality of germanys new laws... I hope they find it
soon and protect the people that need to be protected
http://it.slashdot.org/it/08/12/09/0125201.shtml
--
http://www.astorandblack.com/
___
time is money.
On Mon, Dec 8, 2008 at 11:28 PM, Rafal @ IsHackingYou.com
<[EMAIL PROTECTED]> wrote:
> Ivan, all,
>
>Hold the phone...$5k-$7k to fix an infected device!? Really? HOLY
> CRAP... either that's a completely made-up "FUD" figure, or the government
> contractors are making *way* to
yup. well done.
On Tue, Dec 9, 2008 at 3:08 AM, Knud Erik Højgaard <[EMAIL PROTECTED]> wrote:
> On Mon, Dec 8, 2008 at 2:36 PM, Ureleet <[EMAIL PROTECTED]> wrote:
>> summarized: u shoot ur mouth off with nothing 2 back it up. step
>> back, learn some shit, stop trying to lead, and follow for awh
we are not a group. get it through ur fucking head u twit. we just
all hate you. seriously. wed like u 2 go. and rot somewhere.
seriously. just because u r a group in and of yourself, (o, and the
4000 ppl that are keeping tabs on u), doesnt mean we r.
we really hate u. thats all there is 2
ok, so we need 2 chalk up bipin as being a n3td3v athletic supporter as wel.
On Tue, Dec 9, 2008 at 12:55 AM, Bipin Gautam <[EMAIL PROTECTED]> wrote:
> On 12/9/08, n3td3v <[EMAIL PROTECTED]> wrote:
>> On Tue, Dec 9, 2008 at 4:53 AM, j-f sentier <[EMAIL PROTECTED]> wrote:
>>> You started that shit
yup.
On Tue, Dec 9, 2008 at 12:22 AM, n3td3v <[EMAIL PROTECTED]> wrote:
> On Tue, Dec 9, 2008 at 4:53 AM, j-f sentier <[EMAIL PROTECTED]> wrote:
>> You started that shit at least 3 years ago.
>> Now as the wind blow in another way, you play the mature game ?
>> let us laugh, you dont know shit and
no, this is about u. not infosec. get it through ur head. u r NOT
infosec. u r a troll, and the best of them. fuck off.
On Mon, Dec 8, 2008 at 11:03 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> We need to stop this back and forth fighting its making infosec look
> bad, this isn't what infosec shoul
how much income does that n3td3v group bring in? oh yeah. 0. its
not a job. its a hobby.
On Mon, Dec 8, 2008 at 8:58 PM, j-f sentier <[EMAIL PROTECTED]> wrote:
> Wow this sounds serious, what's the next step punk ?
> IT tech in a daycare ?
> n3td3v reversing play-doh
>
>
> -- Forwarded
note 2 n3tdunk --
u have 2 have a job 2 get on w/ 1. u dont have 1. goodbye.
On Mon, Dec 8, 2008 at 7:57 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> You'll get bored eventually and leave us all alone to get on with our jobs.
>
> On Mon, Dec 8, 2008 at 10:56 PM, Ureleet <[EMAIL PROTECTED]> wrote:
>>
SEC Consult Security Advisory < 20081209-0 >
=
title: Microsoft SQL Server 2000 sp_replwritetovarbin
limited memory overwrite vulnerability
p
On Mon, Dec 8, 2008 at 2:36 PM, Ureleet <[EMAIL PROTECTED]> wrote:
> summarized: u shoot ur mouth off with nothing 2 back it up. step
> back, learn some shit, stop trying to lead, and follow for awhile,
> cause u aint a leader.
pot, kettle, black. So far all I have seen from you is n3td3v flaming
58 matches
Mail list logo