Re: [Full-disclosure] Vulnerabilities in *McAfee.com

On Thu, Mar 31, 2011 at 3:30 PM, wrote: > ... > Ask Randall Schwartz how that worked out for him. "intent" doesn't > enter into it as much as a defendant may like. intel has a long history of strong arming legal strong-arming against those who provoke the beast's wrath. it doesn't help that ORS

Re: [Full-disclosure] Vulnerabilities in *McAfee.com

I should clarify my use of "intent" in previous replies - The "intent" part of the process would be from the judges point of view even in the absence of "concrete" evidence. As you know, actual court cases are not what we see on TV, and the judge has far more power than one may think. Even

Re: [Full-disclosure] Vulnerabilities in *McAfee.com

On Wed, 30 Mar 2011 20:33:56 BST, Cal Leeming said: > Like with most laws, the key point is "intent". If your intention was > clearly not malicious, then you are safe. Ask Randall Schwartz how that worked out for him. "intent" doesn't enter into it as much as a defendant may like. http://www.law.

Re: [Full-disclosure] INSECT Pro 2.5 Release - Web scanner tool

On 03/29/2011 10:12 PM, runlvl wrote: > Insecurity Research is happy to announce the release of version 2.5, > get it now while is still hot ! > > Insect Pro 2.5 is a penetration security auditing and testing software > solution designed to allow organizations of all sizes mitigate, > monitor and

[Full-disclosure] [ MDVSA-2011:057 ] apache

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2011:057 http://www.mandriva.com/security/ _

Re: [Full-disclosure] Vulnerabilities in *McAfee.com

On Thu, 31 Mar 2011 15:18:08 BST, Jacqui Caren-home said: > A lot of businesses do not consider "constructive criticism" as positive and > will sometimes do everything in thier power to "PR" you to death - its > often seen as cheaper than fixing the problem. In fact, it often *is* cheaper than act

Re: [Full-disclosure] Vulnerabilities in *McAfee.com

On 31/03/2011 13:13, BlackHawk wrote: > to close with a semi-serious joke: put all this together and you will > know why black market selling of exploit is increasing his size: at > least someone will appreciate your work and eventually recompensate > you for it.. Everyone makes mistakes. Being un

[Full-disclosure] [USN-1100-1] OpenLDAP vulnerabilities

=== Ubuntu Security Notice USN-1100-1March 31, 2011 openldap, openldap2.3 vulnerabilities CVE-2011-1024, CVE-2011-1025, CVE-2011-1081 === A security issue affects the followi

Re: [Full-disclosure] I got hacked

http://www.n-it.ro/thread-345.html On 3/31/11, ja...@jabea.net wrote: > If it's not a spam, > > Block port 80 on your router till you hire a good network admin ?.. > > >> http://www.n-it.ro/ >> >> >> >> >> >> " ", >> >> " [TBO] Security... (The best of Security Team) ", >> >> " ", >> >> " _

Re: [Full-disclosure] I got hacked

If it's not a spam, Block port 80 on your router till you hire a good network admin ?.. > http://www.n-it.ro/ > > > > > > " ", > > " [TBO] Security... (The best of Security Team) ", > > " ", > > " ___", > > " ", > > " by tbo_pablo & Marian ", > > " ", > >

Re: [Full-disclosure] I got hacked

On 03/30/2011 04:52 PM, Rémon Schopmeijer wrote: http://www.n-it.ro/ " ", " [TBO] Security... (The best of Security Team) ", " ", " ___", " ", " by tbo_pablo & Marian ", " ", " ", " ", " wWw.Tbo-S.com " They hacked three

Re: [Full-disclosure] I got hacked

Says Mr Cal "7 Emails in a row" Lemming From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Cal Leeming Sent: 31 March 2011 12:40 To: Rémon Schopmeijer Cc: full-disclosure@lists.grok.org.uk Subject: Re: [

[Full-disclosure] Vulnerabilities in MaxSite Anti Spam Image for WordPress

Hello list! I want to warn you about Insufficient Anti-automation vulnerability in MaxSite Anti Spam Image plugin for WordPress. This is modified version of original plugin Anti Spam Image, about vulnerability in which I wrote in 2007 in my project Month of Bugs in Captchas. This captcha is vulne

Re: [Full-disclosure] Vulnerabilities in *McAfee.com

Nothing new under the sun.. i have done some security testing on _open source_ webapps, and most of the time if you allert the publisher of your founding ( most of the time remote code executions, not "boring" XSS ) the answer is tipically "F*** off, we do not need your help / you are lying / you a

Re: [Full-disclosure] I got hacked

Tell you to fix your shit. On Thu, Mar 31, 2011 at 1:52 AM, Rémon Schopmeijer wrote: > http://www.n-it.ro/ > > > > > > " ", > > " [TBO] Security... (The best of Security Team) ", > > " ", > > " ___", > > " ", > > " by tbo_pablo & Marian ", > > " ", > > " "

Re: [Full-disclosure] I got hacked

Spam? On Wed, Mar 30, 2011 at 3:52 PM, Rémon Schopmeijer wrote: > http://www.n-it.ro/ > > > > > > " ", > > " [TBO] Security... (The best of Security Team) ", > > " ", > > " ___", > > " ", > > " by tbo_pablo & Marian ", > > " ", > > " ", > > " ", > > " wWw.

Re: [Full-disclosure] I got hacked

Rémon Schopmeijer wrote: > http://www.n-it.ro/ > They hacked three of my websites. > What can you guys do for me? Snip from anthraxmedia.com: "You need someone to maintain your servers? Or is it that you need a webdeveloper and you don't want to spend too much money? Or do you have security pr

Re: [Full-disclosure] SSL Capable NetCat and more

duhhh ever heard of a tool called 'sryptcat ala cc'... god what a joke of a post.,... find your tools, dont remake the wheel, and usually, that gets remade badkly! use cryptcat if you are going to be whacking... bloody hell! grow some brain and stop propping a shitty app wich has been DONE! ---

Re: [Full-disclosure] SSL Capable NetCat and more

err typo on the first line 'cryptcat' is tool i mean... an offcut of netcat...yes,it supports encrypted /invisible connections... or so i believe On 31 March 2011 14:53, -= Glowing Doom =- wrote: > duhhh ever heard of a tool called 'sryptcat ala cc'... god what a joke of a > post.,... > fin

Re: [Full-disclosure] INSECT Pro 2.5 Release - Web scanner tool

If you could stop ripping everyone's tool that could be a good start. What's inside your tool ? -Metasploit -Sub7 -Skipfish -Other ripped stuff How about you develop something original for once ? I admit you guys have some top-notch youtube skillz, but isn't your tool about pentesting ? On Thu

[Full-disclosure] I got hacked

http://www.n-it.ro/ " ", " [TBO] Security... (The best of Security Team) ", " ", " ___", " ", " by tbo_pablo & Marian ", " ", " ", " ", " wWw.Tbo-S.com " They hacked three of my websites. What can you guys do for me? Anthra

Re: [Full-disclosure] Vulnerabilities in *McAfee.com

On Wed, Mar 30, 2011 at 8:29 PM, Ryan Sears wrote: > > How about the scenario in which one statically audit's some javascript > sitting on a site, to notice it does something in an unsafe manner, and can > be used in a XSS attack without actually making it happen?. There was no > actual 'attackin

Re: [Full-disclosure] Vulnerabilities in *McAfee.com

An interesting notion. I have to say their mailing list comment didn't exactly shine with professionalism, but there again, nor do mine. So I dunno :p On Wed, Mar 30, 2011 at 9:10 PM, andrew.wallace < andrew.wall...@rocketmail.com> wrote: > Guys, > > Is it because these are Burmese hackers as to

Re: [Full-disclosure] INSECT Pro 2.5 Release - Web scanner tool

+1 for licensing. On Wed, Mar 30, 2011 at 8:42 PM, wrote: > Quoting Cal Leeming : > > What this really comes down to... Is the product *worth* donating to? If >> it >> is, then donate. If it isn't, then don't. I can't personally comment >> either >> way as I haven't tried it. >> >> > I agree wi

Re: [Full-disclosure] INSECT Pro 2.5 Release - Web scanner tool

What this really comes down to... Is the product *worth* donating to? If it is, then donate. If it isn't, then don't. I can't personally comment either way as I haven't tried it. On Wed, Mar 30, 2011 at 7:42 PM, wrote: > Quoting runlvl : > > > Steve, thanks to the community support we are able t

Re: [Full-disclosure] INSECT Pro 2.5 Release - Web scanner tool

GROUP HUG! On Wed, Mar 30, 2011 at 4:02 PM, Benji wrote: > Neither, I was curious as to what he'd say, and I was pleasantly > surprised (offered to send me a copy). > > Calm down kid. > > On 3/30/11, n...@myproxylists.com wrote: > >> "The amount of the donation is not fixed." > >> > >> > >> Can

Re: [Full-disclosure] Vulnerabilities in *McAfee.com

Ohh now I get it. I thought they had just copy and pasted someone else. My response is now: LOLOLOLOL. On Wed, Mar 30, 2011 at 4:22 PM, Thor (Hammer of God) wrote: > Let's see here... As an "ethical hacker group," you don't like being > criticized by someone as engaging in illegal activities, so