http://news.bbc.co.uk/1/hi/world/asia_pacific/10254072.stm
Yeh, me too, you fucking penis.
cheers,
DaveK
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Eric Rescorla wrote on 08 August 2008 16:06:
At Fri, 8 Aug 2008 11:50:59 +0100,
Ben Laurie wrote:
However, since the CRLs will almost certainly not be checked, this
means the site will still be vulnerable to attack for the lifetime of
the certificate (and perhaps beyond, depending on user
Eric Rescorla wrote on 08 August 2008 17:58:
At Fri, 8 Aug 2008 17:31:15 +0100,
Dave Korn wrote:
Eric Rescorla wrote on 08 August 2008 16:06:
At Fri, 8 Aug 2008 11:50:59 +0100,
Ben Laurie wrote:
However, since the CRLs will almost certainly not be checked, this
means the site
On 21 September 2007 18:37, Kristian Erik Hermansen wrote:
Some interesting discussion came up on some security lists this week
and it got me to thinking. Yes, hacking software is lame. Cool, so
you found some vulnerabilities in some widely distributed application,
service, or OS and it is
On 10 January 2007 05:06, Piotr Bania wrote:
Orginal url: http://www.piotrbania.com/all/adv/adobe-acrobat-adv.txt
I do like the custom 403's your site serves up when I try ascending that one
directory component at a time! :-D
cheers,
DaveK
--
Can't think of a witty .sigline
Hey, guess what I just found out: Microsoft have deliberately sabotaged
their DNS client's hosts table lookup functionality.
Normally you can override DNS lookup by specifying a hostname and IP
directly in the hosts file, which is searched before any query is issued to
your dns server;
Brandon S. Allbery KF8NH wrote:
On Apr 13, 2006, at 1:29 , Dave Korn wrote:
Hey, guess what I just found out: Microsoft have deliberately
sabotaged
their DNS client's hosts table lookup functionality.
I thought this was part of avoiding malware attempts to block Windows
Update
Nick FitzGerald wrote:
Dave Korn to Jasper Bryant-Greene:
Nope, misattributed.
No it wouldn't. IP address spoofing is easy over UDP but
incredibly difficult over TCP.
That's the only bit I did say.
cheers,
DaveK
--
Can't think of a witty .sigline today
Nick FitzGerald wrote:
Admittedly I don't poke bogus credentials into every phishing site I
see,
I *always* try logging in with the bogus credentials zz' OR 1==1 --
;-)
cheers,
DaveK
--
Can't think of a witty .sigline today
Jasper Bryant-Greene wrote:
Marcos Agüero wrote:
Jasper Bryant-Greene escribió:
Seriously though, it wouldn't be that hard to forward the POST on
to the real bank website, would it?
I think so, but would be very easy to detect. Logs would show lots of
diferent user logging in from the same
Jerome Athias wrote:
ExplorerXP : Directory Traversal and Cross Site Scripting
Software : ExplorerXP
Some mention of the manufacturer or a link to the mfr's website would have
helped here.
Two vulnerabilities have been discovered in ExploreXP, which can be
exploited by malicious people
Julien GROSJEAN - Proxiad wrote:
A simple Google search returns that :
http://www.phpscripts-fr.net/scripts/script.php?id=933
That depends on what you mean by simple. I just put ExplorerXP into
google, which I think is about as simple as you can get. That website
doesn't show up until
Markus Jansson wrote:
3) Is there a fix available?
Considering PasswordSafe 3.0 is still in beta, I imagine they'll fix this
one before actually /releasing/ the software...
cheers,
DaveK
--
Can't think of a witty .sigline today
nocfed wrote:
Really, do you ``hackers'' really not know howto at least read the
manpage for wget?
There is no need for any script, only a few switches to wget.
Hint: -e robots=off
Wow! j00 R so 1337! Hint: -e clue=on
Seriously, I truly phj33r your 4w3s0Me!!!one!1 man-page reading
str0ke wrote:
Is it possible we can get this wget'ing artwork incorporated with the
korn shell?
/str0ke
You'll have to ask Dave Korn that question ;-P~~~
cheers,
DaveK
--
Can't think of a witty .sigline today
___
Full
[EMAIL PROTECTED] wrote:
On Thu, 23 Mar 2006 15:15:00 GMT, Dave Korn said:
difference? robots.txt is enforced (or ignored) by the client. If a
server
returns a 403 or doesn't, depending on what UserAgent you specified,
then
how could making the client ignore robots.txt somehow
Ivan . wrote:
Dave,
I couldn't get wget 'http://www.elsenot.com/frsirt-google.html' grep
-o 'href=[^]*' frsirt-google.html | cut -d '' -f 2 list.txt
to work, so I did
Just wanna point out that I had those as two separate commands on separate
lines, did you really do them on one line like
Edward Pearson wrote:
I shouldn't have to get the fucking spamfilter involved when we're
talking about a mailing list.
Yes, you fucking should. This is a NON-moderated list. There are plenty
of perfectly good moderated lists out there which you won't have to filter.
But /this/ list is a
[EMAIL PROTECTED] wrote:
So you never recursively sucked FrSIRT.com before the public exploits
section was definitively closed well we're in luck (at least for a
little while) because Google did.
This page links to Google's cache of 626 FrSIRT exploits
leToff wrote:
Christian Khark Lauf wrote :
I know the owner. And it's definetly not an open proxy.
*Yes it is:*
Received: from fred.com (nsg93-x-xx-xx-xxx-xxx.fbx.proxad.net
[xx.xx.xxx.xxx]) by new.toad.com (8.12.9/8.12.9) with SMTP id
k2GAtcn6029611
for [EMAIL PROTECTED]; Thu, 16 Mar
PERFECT.MATERIAL [EMAIL PROTECTED] wrote in message
Michel,
I highly doubt any Brazilian citizen would be involved with such
malicious behavior. Please rescind your inflammatory and racist
statement or risk gaining a reputation as a person who dislikes his
fellow brown person. It's because
Jason Coombs wrote:
Brian Eaton wrote:
I'd like to see their process
changed so that it included a more
serious check into the business
whose web site they are verifying.
This makes no sense at all, and is simply impossible within the DNS
system. Furthermore, all verification done by any
leToff wrote:
Dave Korn wrote :
I don't see how you could tell from that received header whether the
machine is a proxy, or whether it originated the traffic itself.
Simply because I sent that message myself using telnet connected to
the 1st MX of toad.com (not tested the 2nd).
Ah
Simon Smith wrote:
Who ever said I was going to issue a security advisory or warning as
you called it?
You did. Have you got amnesia or what?
---quote
From: Simon Smith [EMAIL PROTECTED]
Subject: Re: HTTP AUTH BASIC monowall.
Date: Mon, 13 Mar 2006 15:37:03 -0500
Arley Barros Leal wrote:
Hmmm...isn't that a base-10 representation?
It sure is. Please replace the word octal with the word octet
whereever you may have seen it in this thread. An awful lot of people round
here don't know the difference.
cheers,
DaveK
--
Can't think of a witty
Matthew Murphy wrote:
In case you all hadn't noticed, there's another spam run underway. This
attack also appears isolated to one host (radio.toad.com) that can be
successfully filtered until the admin can make the necessary rule change.
I used to know hipcrumb, and let me tell you,
n3td3v group wrote:
Don't under estimate my intelligence
I don't believe it's possible to underestimate netdev's intelligence, is
it?
ba-dumm-tis!
cheers,
DaveK
--
Can't think of a witty .sigline today
___
sheeponhigh wrote:
hi there
It is very strange thing. I have done the following tries.
trying result
http://172.21.12.250success
http://2887060730 failed
http://2887060730/ failed
telent 2887060730 80
Simon Smith wrote:
List,
Does anyone else feel that using HTTP BASIC AUTH for a firewall is
a bad idea even if it is SSL'd. All basic auth does is creates a hash
string for username:password using base64. That can easily be reversed
and the real username and password extracted. Sure it's
Simon Smith wrote:
Ok,
As suspected... so I am correct; and it is a security threat. I can
compromise a network, arp poison it, MiTM, access the firewall,
distributed metastasis, presto... owned...
Utter garbage. You haven't the faintest understanding of the concepts you
are throwing
Reed Arvin wrote:
It appears that some of the characters in the previous post were not
HTML safe. The original article can be found at: a
href=http://reedarvin.thearvins.com/20060308-01.html;http://reedarvin.thearvins.com/20060308-01.html/a
If you check the list archive, you see that it's
Terminal Entry wrote:
Dave,
You need to copy and paste the full URL into your browser for the XSS
to take place. All exploit examples are still working as I just
verified.
copy
http://ws.arin.net/whois/?queryinput=%3CIMG+SRC%3D%22javascript%3Aalert%28%27XSS%27%29%3B%22%3E
/paste
Yep,
Michael Holstein wrote:
Here's a link that will probably work under both browsers
http://ws.arin.net/whois/?queryinput=%3Cscript%3Ealert('666')%3C/script%3E
(Firefox 1.5.0.1 on Linux)
No match found for scriptalert('666')/script.
Works on 1.0.x, I got the popup!
cheers,
Steven wrote:
It works in IE just fine and probably some other browsers.
Firefox does a few things:
1) It takes the liberty of converting to %3C
2) Leaves %3C as %3C and does not convert into
Nope, that's bog-standard URL encoding, IE does it too, although they may
differ in whether
Terminal Entry [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Notification
Multiple attempts to contact Arin site administrators went unanswered
Looks like someone was paying at least some attention, because none of
your examples worked when I tried them just now.
Some
GroundZero Security wrote:
Oh well...as i said its a QUICK script
and not a PERFECT solution to the problem.
The fact that you threw together this booby-trap in a few minutes does not
get you off the hook for the fact that it is a booby trap that you were
offering to other people. Given
Lance James wrote:
Dude VanWinkle wrote:
On 2/28/06, Lance James [EMAIL PROTECTED] wrote:
Our response:
http://ip.securescience.net/exploits/P1010029.JPG
lol, now thats a funny picture!
So am I to assume that normally you can go beyond 31337 on a Kinko's
card and this is a modding of
Paul Schmehl wrote:
--On Thursday, March 02, 2006 08:57:18 +1100 [EMAIL PROTECTED] wrote:
Sorry to spoil everyone's fun.
http://docs.info.apple.com/article.html?artnum=303382
Maybe, just maybe, Apple are actually better (able/positioned) to
respond quickly to vulnerabilities before the
Stef wrote:
On 2/28/06, Paul Schmehl [EMAIL PROTECTED] wrote:
snip
Still, the ignorance of Mac users, who believe their platform is
somehow magically secure will contribute to the problem.
I am sorry, Paul, but I have to take you up on this, especially with
your tendency of generalizing
[EMAIL PROTECTED] wrote:
If i remember I saw on this list a post wich was warning about faking
scam links within google.com domain.
I got this scam today:
[SCAM]http://google.com/url?sa=ppref=igpval=2q=http://wielrenneninlimburg.nl/forum/www.amazon.com/index.html[/SCAM]
wich is pretty easy
Gadi Evron wrote:
if you are not doing anything wrong, why should you worry about it?
If I'm not doing anything wrong then it's nobody's god-damn business but
mine what I'm doing at all. QED.
cheers,
DaveK
--
Can't think of a witty .sigline today
Nigel Horne wrote:
Nigel Horne wrote:
Thanks for the comments. Site has been redone ( I re-didit ) Feel
free to keep the comments coming.
http://www.iatechconsulting.com
Why does it attempt to store 2 cookies on my machine when all I do
visit your front page?
Because that's how PHP
[EMAIL PROTECTED] wrote:
whitehouse.gov MX 100 mailhub-wh2.whitehouse.gov
[EMAIL PROTECTED]:~$
[EMAIL PROTECTED]:~$ telnet mailhub-wh2.whitehouse.gov 25
Trying 63.161.169.140...
Connected to mailhub-wh2.whitehouse.gov.
Escape character is '^]'.
220 whitehouse.gov ESMTP service
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
what LOL ? what is surprising ?
Not 'lol surprising', just 'lol amusing'. I'm a happy guy, I laugh a lot,
and don't need much of a reason to!
And two hours is a fairly fast reaction time to notice a post on one of
Debasis Mohanty wrote:
Does this mean, Dave's age is inbetween 3 - 4 yrs ?? =)
- D
:-) That's so much more flattering than when people mistake me for the
grey-haired man in his 60's who used to work for AT+T!
Say, Deb, next time people ask me if I wrote the Korn Shell, can I quote
[EMAIL PROTECTED] wrote:
Things for a security company not to do in a webapp:
1. Do not auto-populate form fields on the page with customer names.
2. If you ignore rule number 1, don't use a simple, predictable id
for said auto-population.
https://download.foundstone.com/?o=^2155
LOL,
Joel R. Helgeson [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Is anyone else seeing/experiencing this?
When it scanned each system it found a Trojan called PWS.Bancos.A
(Password Stealer) - Level: Severe
When it quarantined the bug, it also rendered the Symantec Anti-Virus
Joshua Levitsky wrote:
Sorry, but explain? You mean something beyond the index of your
personal data then? Did they add something beyond that?
-Josh
It apparently stores your actual files now so you can search your desktop
on one pc from your desktop on another pc.
[ For those who are getting bored and would like to know something
interesting, there is some actual technical and security-related ON-TOPIC
content toward the end of this post! ]
Ivan . wrote:
nice personal attacks, a great display of your intellect.
I have little patience with anyone
Stan Bubrouski wrote:
Ever since Greg disagreed with me in that ZoneAlarm thread Dave and I
were arguing in, Greg has been forwarding all messages I send to the
list back to me.
Stan, it is possible you could be being manipulated by someone who's
trying to bait you and Greg into a fight by
Ivan . wrote:
Your quite a piece fo work Dave.
And you're a smug, self-satisified fool who doesn't even understand how
blinded by his own ignorance he is.
The secret server is acutally
zonelabs.com, hence the workaround to edit the hosts file and map that
domain to the loopback address. Do
Fyodor wrote:
Ethereal, Cain Abel, and Kismet. Nifty. For those
without the magazine, I have posted a pic at:
http://www.insecure.org/nmap/nmap_inthenews.html#bush
Maybe open source software really will take over the world :).
Even better, all you need to do is break into the uk2.net
Frank Knobbe wrote:
On Mon, 2006-02-06 at 14:06 +, Dave Korn wrote:
The company says it will fix the bug soon. In the meantime you can
work around it by adding:
# Block access to ZoneLabs Server
127.0.0.1 zonelabs.com
to your Windows host file.
2) You aren't the first person
Very Unprivate wrote:
LOL, it woulda been *amazing* fun to have done that while the
photo-op was taking place: just imagine it, there's Bush and all
those spooks standing there in front of the Talisker radar, trying
to look all serious and competent...
Did this a couple of days ago when
Ivan . wrote:
observed 'spyware phoning home' but who are then completely unable
to give any details about the contents or destination of the packets
read the article again Dave, you'll find that he did provide the ip
address of the destination servers to Zonelaram
There is NO ip address
[EMAIL PROTECTED] wrote:
Alright,
I've made an observation. Full Disclosure is a list where emails and
subjects evolve into new emails and subjects which are not directly
related to the first subject or email.
You must be pretty new to the internet if you've never heard of
off-topic
Ivan . wrote:
Without seeing the content of these packets, I don't see how
Cringely can claim to know whether there's anything spyware or not
about it.
It should be up to zonealarm to prove that it isn't spyware, don't you
think?
Have you stopped beating your wife yet? (It should be up
Ivan . wrote:
http://www.infoworld.com/article/06/01/13/73792_03OPcringley_1.html
Sadly lacking in any details whatsoever, that article.
I have once in the past noticed ZA doing a check-for-updates despite
having configured it off, so I know there is at the very least a bug there,
but I
Nic Werner wrote in
news:[EMAIL PROTECTED]
On 1/17/06, Greg [EMAIL PROTECTED] wrote:
-Original Message-
From: full-disclosure-bounces@ On Behalf Of Nic Werner
Sent: Wednesday, 18 January 2006 10:05 AM
ZoneAlarm - gets in the way, and hard to diagnose problems.
You end up turning it
Jason Coombs wrote in news:[EMAIL PROTECTED]
Dave Korn wrote:
Nice thinking, Donnie. This must be the new class of vulnerability
that was hinted at by Microserfs a few months ago... The attacks are
launched by way of source code distributions rather than binary code.
Why
Paul Schmehl wrote in news:[EMAIL PROTECTED]
This is incorrect. The privilege exists *and* functions on the
Workstation operating systems Win2000 SP4 *and* WinXP. I have verified
this through testing.
Yes, there's nothing new about impersonation, it's been there all the way
back to NT.
Paul Schmehl wrote in news:[EMAIL PROTECTED]
Oh, alright, just one more, then I'll leave it until I've finished my
essay.
The spyware has to bring the credentials with it. The user doesn't *have*
the credentials. It *gets* them from the process in question. That's a
bit different. The
Paul Schmehl wrote in news:[EMAIL PROTECTED]
This is how I understand the process:
1) Joe, who is a User, launches the custom installer (through a login
script)
2) The install process begins running under Joe's credentials (User)
3) At some point in the install process, elevated privileges
Stan Bubrouski wrote in
news:[EMAIL PROTECTED]
On 1/19/06, Dave Korn [EMAIL PROTECTED] wrote:
I'd like to second what Greg says.
I've used ZA for years, through many changes of version.
It's never forgotten its settings for me.
It's never blocked anything it shouldn't or not blocked
GroundZero Security wrote in
news:[EMAIL PROTECTED]
New version of GroundZero Secure Delete which also supports securely
wiping of Free Space on a Device, has been released!
A free trial can be downloaded here:
Don't waste your time with this unknown program. Without seeing the
source or
Jason Coombs wrote in news:[EMAIL PROTECTED]
Morning Wood wrote:
- EXPL-A-2006-002 exploitlabs.com Advisory 048 -
- MSVC 6.0 run file bug -
Nice
Thierry Zoller wrote in news:[EMAIL PROTECTED]
Dear List,
Small blurp I came around; when Wehntrust creates the autostart key
it forgets to correctly quote the string in the key and thus may
trigger an autostart of c:\program.bat|exe|com up-on reboot... [2]
Heh. I _always_ leave copies
Dave Korn wrote in news:[EMAIL PROTECTED]
Thierry Zoller wrote in news:[EMAIL PROTECTED]
Dear List,
Small blurp I came around; when Wehntrust creates the autostart key
it forgets to correctly quote the string in the key and thus may
trigger an autostart of c:\program.bat|exe|com up
[EMAIL PROTECTED] wrote in
news:[EMAIL PROTECTED]
On Wed, 11 Jan 2006 19:01:09 GMT, Dave Korn said:
George A. Theall wrote in news:[EMAIL PROTECTED]
At least the original poster didn't offer up any hostnames.
Well, apart from this one:
Original-Received: from p3fed1.frb.org (p3fed1
Mark Senior wrote in
news:[EMAIL PROTECTED]
This must be an unintentional repost, surely?
From the description of CAN-2004-0431:
Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1
allows attackers to execute arbitrary code
That's a totally different issue, the bug described
Frank Knobbe wrote in news:[EMAIL PROTECTED]
These type of bugs stem from bad program design. (BTW: I wouldn't call
it session data pollution... your not polluting anything).
Yes he is. He's polluting sanitized data with tainted data. It's a
fairly reasonable description if you ask me.
The
George A. Theall wrote in news:[EMAIL PROTECTED]
At least the original poster didn't offer up any hostnames.
Well, apart from this one:
Original-Received: from p3fed1.frb.org (p3fed1.frb.org [199.169.208.132])
cheers,
DaveK
--
Can't think of a witty .sigline today
Jason Coombs wrote in
news:[EMAIL PROTECTED]
Where do you want the United States to go today?
Guantanamo Bay!
ba-dum-tish!
cheers,
DaveK
--
Can't think of a witty .sigline today
___
Full-Disclosure - We believe in it.
Charter:
VeNoMouS wrote in news:[EMAIL PROTECTED]
it reminds you of #teen or something from irc, ure a dick , no your a
dick
I believe you're thinking of
http://uninteresting.myby.co.uk/noeffort/romjul.htm
;-)
cheers,
DaveK
--
Can't think of a witty .sigline today
[EMAIL PROTECTED] wrote in
news:[EMAIL PROTECTED]
Yes, it would make it only marginally more difficult, but instead of
getting 50 emails calling a troll immature (the actual feedback they are
looking to get) They get no feedback, just Vote to remove netdev or
what ever based on a certain
n3td3v wrote in
news:[EMAIL PROTECTED]
On 12/15/05, Todd Towles [EMAIL PROTECTED] wrote:
You are dreaming, you have what 5 e-mail address? Websense has hundreds
all over the world, just like internet protection company. I myself
never stated it is over all the news.
Are you saying if I and
DAN MORRILL wrote in news:[EMAIL PROTECTED]
Ran across a very nice phishing scam from amazon this morning. Technical
details follow as suggested black list for this domain. It was really
nice, very authentic looking, and would suck in a lot of folks because it
really looked very good. It has
[EMAIL PROTECTED] wrote in
news:[EMAIL PROTECTED]
On Wed, 14 Dec 2005 16:27:57 PST, Geoff Shively said:
In the attacks, Paller said, the perpetrators were in and out with no
keystroke errors and left no fingerprints, and created a backdoor in less
than 30 minutes. How can this be done by
Paul Schmehl wrote in
news:[EMAIL PROTECTED]
--On December 14, 2005 3:59:23 AM +0200 Jei [EMAIL PROTECTED] wrote:
Harris revealed that a program patch titled rob-georgia.zip was left on
My bs detector just went off.
Your bs detector is generating false positives, you need to
Joshua Russel wrote in
news:[EMAIL PROTECTED]
It is a local vulnerability, then how does Retina claims to scan it
remotely?
Well, at a guess
On 12/13/05, Advisories [EMAIL PROTECTED] wrote:
Systems Affected:
Windows NT 4.0
Windows 2000
Beginning with Windows XP, KeFlushQueueApc
Blue Boar wrote in news:[EMAIL PROTECTED]
Shannon Johnston wrote:
Hi All,
I'm looking for input on what you all believe the most common keystroke
loggers are. I've been challenged to write an authentication method (for
a web site) that can be secure while using a compromised system.
I don't
pagvac wrote in
news:[EMAIL PROTECTED]
Google Talk stores all user credentials (username and password) in
clear-text in the process memory. Such vulnerability was found on
August 25, 2005 (two days after the release of Google Talk) and has
already been patched by Google.
It was noticed that
Marek Isalski wrote in news:[EMAIL PROTECTED]
create an folder on deskop and name it as notepad.
open internet explorer go to view source code this will open the
contents of notepad folder!!
Even better: rename any exe to notepad.exe ;)
Is this IE being so stupid as to run with a CWD
shenanigans wrote in
news:[EMAIL PROTECTED]
I was interested in getting feedback from current mail group users.
We have mirrored your mail list in a new application that provides a more
aggregated and safe environment which utilizes the power of broadband.
Utilizes the power of broadband?
-Message d'origine-
De : full-disclosure-bounces De la part de Greg
Envoyé : mardi 1 novembre 2005 21:32
- Original Message -
From: [EMAIL PROTECTED]
Sent: Wednesday, November 02, 2005 4:00 AM
I think I have found by chance this weekend a security bug,while
browsing the
Original Message
From: Volker Tanger
Message-Id: [EMAIL PROTECTED]
Greetings!
Dave Korn [EMAIL PROTECTED] wrote:
From: Alex Krycek
Äîáðûé âå÷åð...looking for an in-line coax monitoring device that
will give me the ability to monitor/capture and decode all traffic
The device you
Original Message
From: Simon Josefsson
Message-Id: [EMAIL PROTECTED]
Hi everyone! I was looking at the code for a TLS implementation, an
open source implementation SecureW2 by Alfa Ariss, see:
http://www.securew2.com/uk/index.htm
I found that it uses weak random numbers when
Original Message
From: Luc Stroobant
Message-Id: [EMAIL PROTECTED]
The abusers also try to track sucessfull attempts. In a number of
cases a bcc to an aol email address ([EMAIL PROTECTED]) was inserted
into the message as well. Other internet users reported such abuse as
Original Message
From: VeNoMouS
Message-Id: [EMAIL PROTECTED]
Nah I'm sorry, But I gotta agree with Enrico, this list has way to many
kids on it now, fuck i dont even bother opening my full-disclosure folder
half the time now cause i know its full of crap.
Then you should
Original Message
From: Enrico Kern
Message-Id: [EMAIL PROTECTED]
list. Hello? there is no need to fight each other her, nor todo useless
posts (AND REPLYS TO STUPID POSTS).
Well, how about we start with you practicing what you preach, eh?
cheers,
DaveK
--
Can't think of a
Original Message
From: Frederic Charpentier
Message-Id: [EMAIL PROTECTED]
Hi list,
I haven't seen any information about this new local exploit for
Microsoft Windows :
It's not really new. It's just YA variation of the same old shatter
attack technique.
cheers,
DaveK
--
- Original Message -
From: y0himba
Sent: Monday, September 05, 2005 4:33 PM
Yes I am a noob. I have a question though. Google searches and a
few other things can tell me nothing about shell32.dll.124.config. I
am on WindowsXP SP2, and keep seeing this file show up in antivirus
Original Message
From: Paul
Message-Id: [EMAIL PROTECTED]
Not to mention this is hardly even assembly. This is like really ghetto
assembly. In REAL assembly, there would be no .if statements. It's all
cmp blah blah, jz, jnz, etc. Lot's more work. Also, there is no such
thing as
Original Message
From: Ratnakumar C H
Message-Id: [EMAIL PROTECTED]
Hi guys,
i am using windowsXP-sp2 .and running apache web server.
netstat gives me the following results
inetinfo.exe LISTENING on port 80
Apache.exe LISTENING on port 80
any comments??...
Original Message
From: Josh Zlatin-Amishav
Message-Id: [EMAIL PROTECTED]
On Wed, 17 Aug 2005 howard.lee wrote:
I discovered that an svchost.exe start when the server start.
This svchost.exe try to sync_sent to random http host when I view from
netstat, active port, and pviewer.
Original Message
From: J. Oquendo
Message-Id: [EMAIL PROTECTED]
Would be interesting to see where the
majority of sloppy coders, whose projects have been exploited, come from.
Seattle. HTH.
Wonderful though it would be if it was all someone else's fault, it's
wishful thinking.
Original Message
From: [EMAIL PROTECTED]
Message-Id:
[EMAIL PROTECTED]
I will be out of the office starting 29/06/2005 and will not return until
04/07/2005.
Hi, I'm away from the office for a couple of days.
If there is something urgent, please contact me on 0419853875 otherwise I
Original Message
From: Jason Coombs
Message-Id: [EMAIL PROTECTED]
So, upon finding a way to circumvent the no-fly list that requires extra
passenger screening at security prior to boarding a flight in the U.S.,
who exactly does one report the vulnerability to?
OBL!
cheers,
Dave Aitel wrote in message news:[EMAIL PROTECTED]
Hahah. Well, we released an exploit for mqsvc a few minutes after the
advisories came out. . .
Is it passing an overly-long search string to MQLocateBegin? It would be
amusing if that one had regressed!
cheers,
DaveK
--
Can't
From: class 101 Date: Wed, 9 Mar 2005 10:01:57 +0100
Hi there class 101!
Here is the result of comparing some huge list of pop/pop/ret of XP SP1,
SP1a, SP2 ENGLISH
I got 2 universal offsets accross those 3 Os
SP2 ENGLISH
0x71ABE325 pop esi - pop - retbis - WS2_32.DLL
0x77E7F69E pop ebx - pop -
100 matches
Mail list logo
