Re: [Full-disclosure] Pentagon Email Servers Hacked (with the URL this time)

2007-07-06 Thread David Taylor
ced... you are now enlightening us a whole week and a half later.. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- David Taylor Unive

Re: [Full-disclosure] Solaris telnet vulnberability - how many onyour network?

2007-02-14 Thread David Taylor
A patch has been released. http://sunsolve.sun.com/search/document.do?assetkey=1-26-102802-1 == David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http

Re: [Full-disclosure] Nmap Online

2006-12-01 Thread David Taylor
How do you plan on dealing with all the abuse complaints you get hit with when people use your server to perform unauthorized scans of their networks? == David Taylor //Sr. Information Security Specialist University of Pennsylvania Information

Re: [Full-disclosure] Windows Command Processor CMD.EXE Buffer Overflow

2006-10-23 Thread David Taylor
; Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > ___ > Full-Disclosure - We believe in it. > Charter: http

Re: [Full-disclosure] NT4 worm

2006-08-31 Thread David Taylor
losure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ == David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Sec

Re: [Full-disclosure] Wireless hacks

2006-08-17 Thread David Taylor
tive? Who the manufacturer is, > what drivers are at risk, anything? > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ =

Re: [Full-disclosure] Exploit for MS06-040 Out?

2006-08-10 Thread David Taylor
nescape()-ready string. > > The next 3.0 beta should be ready sometime next week. If I get over my > fear of being owned via subversion, the actual source code respository > for 3.0 will also become public. > > Enjoy! > > -HD > >

Re: [Full-disclosure] Re: Google Malware Search

2006-07-17 Thread David Taylor
rter.html Hosted and sponsored by Secunia - http://secunia.com/ ========== David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.upenn.edu/computing/security/ =

[Full-disclosure] Linux Privilege Escalation exploits

2006-07-14 Thread David Taylor
e big picture when they rate these vulnerabilities. ====== David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.upenn.edu/computing/security/ =

Re: [Full-disclosure] Debian Development Machine "Gluck" Hacked - UPDATE

2006-07-13 Thread David Taylor
___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ == David Taylor //Sr. Information Security Specialist University o

Re: [Full-disclosure] Amazon, MSN vulns and.. Yes, we know! Mostsites have vulnerabilities

2006-06-24 Thread David Taylor
isclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ == David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia

Re: [Full-disclosure] Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities

2006-06-24 Thread David Taylor
I guess our disconnect on this is my lack of knowledge on how the actual exploits get submitted. I think I just assumed it was the person that discovered the vulnerability and/or developed the exploit that submits it to places like Milw0rm. On 6/24/06 9:11 AM, "Gadi Evron" <[EMAIL PROTECTED]> w

Re: [Full-disclosure] Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities

2006-06-24 Thread David Taylor
er years of trying (look at the dates), finally made a small >>> release about MSN and Amazon (although other interesting sites are listed >>> there. >>> >>> http://blogs.hackerscenter.com/dcrab/?p=19 >>> >>> Noam Rathaus recently wrote about a similar issue ("From Flaw to >>> E

Re: [Full-disclosure] Amazon, MSN vulns and.. Yes, we know! Most sites have vulnerabilities

2006-06-23 Thread David Taylor
a similar issue ("From Flaw to > Exploit"): > http://blogs.securiteam.com/index.php/archives/449 > > I contacted both Amazon and MS, but this is out there and once it's out > there - it's, well; out there. Full disclosure, y'know. > > Gadi E

Re: [Full-disclosure] Call for moderation

2006-05-19 Thread David Taylor
y Secunia - http://secunia.com/ ====== David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.upenn.edu/computing/security/ == Penn Information Security RSS feed

Re: [Full-disclosure] MS06-019 - How long before this develops into a self propagating email worm

2006-05-10 Thread David Taylor
grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ == David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.up

Re: [Full-disclosure] Who Do I Contact?

2006-04-24 Thread David Taylor
University > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ == David Taylor