http://dividead.wordpress.com/tag/heap-overflow/
oh wow, amazing, someone has already posted but, anyhow, the things
explained, here...and yes, if it overflows then ofc it can lead to
possible root
fucuall fd
/XD
On 10 December 2011 10:47, HI-TECH .
wrote:
> -- Weitergeleitete Nac
There is, an exploit for this.. if you look around... it also,
works...and, u do have the src... i will pastebin it, just to makesure
no one cries :s
#include
#include
#include
#include
#define TZ_MAGIC"TZif"
#define PUT_32BIT_MSB(cp, value)\
d
-- Weitergeleitete Nachricht --
Von: HI-TECH .
Datum: 10. Dezember 2011 00:44
Betreff: Re: [Full-disclosure] VSFTPD Remote Heap Overrun (low severity)
An: Ramon de C Valle
Hi Ramon,
Frankly I didn't look into the possibility to exploit this vulnerability,
so i do not know if it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/12/2011 20:31, Marsh Ray wrote:
> On 12/08/2011 12:37 AM, Michal Zalewski wrote:
>>
>> For time being, if you make security decisions based on onmouseover
>> tooltips, link text, or anything along these lines, and do not examine
>> the address ba
On Fri, 09 Dec 2011 14:31:15 CST, Marsh Ray said:
> They may be in the minority, but there *are* users out there who know
> how to look at the address bar. The security researcher knows this
> because he is one of them. I call this group the "competent and
> contentious users".
Did you mean "cont
> They may be in the minority, but there *are* users out there who know how to
> look at the address bar. The security researcher knows this because he is
> one of them. I call this group the "competent and contentious users".
Sure. And that group is sort of safe when faced with open redirectors,
On 12/9/2011 1:39 PM, phocean wrote:
> Oh boy! I can't believe someone can be insane to the point of writing
> like that.
> Netdev, do you expect that people are going to spend more than 2 secs
> reading it?
>
> What's wrong with *so many* people on this list?
>
> Thanks god there is sieve :
>
> el
On 12/08/2011 12:37 AM, Michal Zalewski wrote:
>
> For time being, if you make security decisions based on onmouseover
> tooltips, link text, or anything along these lines, and do not examine
> the address bar of the site you are ultimately interacting with, there
> is very little any particular we
> May be I am just ignorant but, just explain how an ARP packet from one
> VLAN enters another?
>
Very carefully.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - htt
Oh boy! I can't believe someone can be insane to the point of writing
like that.
Netdev, do you expect that people are going to spend more than 2 secs
reading it?
What's wrong with *so many* people on this list?
Thanks god there is sieve :
elsif anyof(
...
header :contain
> Message: 10
> Date: Fri, 9 Dec 2011 21:27:14 +1100
> From: xD 0x41
> Subject: Re: [Full-disclosure] Minimum Syslog Level Needed for Court
>Trial
> To: tc
> Cc: full-disclosure@lists.grok.org.uk
> Message-ID:
>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Oh wow anothwer fu
Okay.. I'd be happy to help you, but could you rephrase the question?
>So, whos going to offer REAL DAMN ONLINE SEC HELP HERE , SIMPLE
On Fri, Dec 9, 2011 at 5:27 AM, xD 0x41 wrote:
> Oh wow anothwer fucking genius!
>
> Upir actually know him, why arent you a nice guy who thimks theyre top
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CA20111208-01: Security Notice for CA SiteMinder
Issued: December 08, 2011
CA Technologies Support is alerting customers to a potential risk in
CA SiteMinder. A vulnerability exists that can allow a malicious user
to execute a reflected cross site
[Full-Disclosure] Mailing List Charter
John Cartwright
- Introduction & Purpose -
This document serves as a charter for the [Full-Disclosure] mailing
list hosted at lists.grok.org.uk.
The list was created on 9th July 2002 by Len Rose, and is primarily
concerned with security issues and the
This tutorial just rehashes ancient techniques in a general way in spotty
english.The insecurity of ARP among other issues listed are problems on any
layer 2 network and have little to do with VLAN. ARP flooding to make a
switch go into hub mode hasn't been an issue in decent switches for quite a
f
On Thu, Dec 8, 2011 at 8:49 PM, Adam Behnke wrote:
> Ever wanted to learn how to hack a VLAN? Here is a tutorial for all of you:
>
>
> ** **
>
> http://resources.infosecinstitute.com/vlan-hacking/
>
> ** **
>
>1. ARP Attack
>2. MAC Flooding Attack
>3. DHCP attack
>4. Sp
>
>
> WHEN IM WRONG, THEN SLAP ME, UNTIL THEN STFU.
>
>
I wish we would be there already!
--
Ferenc Kovács
@Tyr43l - http://tyrael.hu
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and spons
Oh wow anothwer fucking genius!
Upir actually know him, why arent you a nice guy who thimks theyre top
shit..but again, as alwys, offering VERY little helpf for *gordon* are
you...dickhead thats what makes me angry about thsi list..look at
whats been done, to the no.1 pentestin app EVERY1 of u
I bet Gordon was glad to get that email.
On Fri, Dec 9, 2011 at 5:13 PM, xD 0x41 wrote:
> As i told Fy0d0r
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://s
As i told Fy0d0r , in a case where, the actual breaching of a
contract occurs, this == compensation for having ie: name trashed hard
coz, who knows howmany new to nmap users are using it, and, "wish i
had not installed it but...ohwell, ill just have to reinstall.."
And, thats it most ppl s
20 matches
Mail list logo