nyone was researching these.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
system.
Example, an ftp server has to sanitize filenames to prevent useage of
streams on NTFS, you don't blame the filesystem that the input gets passed
to, it's the job of the ftp server to do the sanitizing of untrusted input.
Geo.
___
- Original Message -
From: "Thierry Zoller" <[EMAIL PROTECTED]>
> Again Geo, NOBODY has said that this is a vulnerability OF IE7 ITSELF we
> said
> the handler that IE7 installs is broken.
I'm not disagreeing with that statement. I'm saying this inp
cation coded using it's powerful functionality?
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
on your
system. IE7 handles mailto links in untrusted web pages. Put the mailto link
in an untrusted html page and make it work with IE7.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
it should be that application
that is responsible for mitigation of attacks via those exposed interfaces.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
t won't damage
anything but it may scare you)
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
y basis where I
> work,
> from my home.
Kids, virus/worms, definitely not real hackers.
First rule of hacking is never hack directly from your own IP address.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-di
ey don't need an excuse.
Unless the businesses of the world stop allowing email attachments and
enforce strict browsing policies, it's not going to change. You can't patch
user exploits.
Geo.
___
Full-Disclosure - We believe in it.
The crash happens in mshtml so it could easily be version dependent. IE6 &
W2K here.
Geo.
> Printed from IE7 and FF 2.0.0.4 no problems.
>
> Larry Seltzer
> eWEEK.com Security Center Editor
> http://security.eweek.com/
> http://blogs.eweek.com/cheap_hack/
> Contrib
Found this page, click on "Accessories" then try to print the page, it seems
to crash all the browsers I have soon as I try to print. Thought someone
here might like to play with the crash.
http://www.movincool.com/portable-air-conditioner/officepro60.php#
___
So far this morning we seen 4 customers infected with what appears to be an
MS DNS RPC based worm.
Anyone seen any news on this yet?
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
educed functionality mode kicking in.
If it takes more than simply roping the computer to a fraction of the
internet then it could be any combination of things, I mean I played with it
for over a week before it went into reduced functionality mode.
Geo.
red
it quickly so that is my guess at this point. Further testing is needed. I
won't be testing it for a couple days as I need the laptop connected to
other networks to try some other software I need to test. (that tcp limit
may prove a problem for network monitoring)
Geo.
__
ut I
just didn't notice till then), tried rebooting to cure the problems, poked
around at other things, nothing helped. Then upon removing the routing and
letting it talk to the whole net it was only minutes before everything was
working again.
Geo.
tricted
internet access if you ask me.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
if MS fell off the planet we would have a pretty major problem as the bulk
of the worlds computers started shutting down, talk about a security issue?
So anyone here with a bit more technical expertise want to pick up this ball
and run with it?
Geo.
__
ing into pdf form fields.
Geo. (I'd use it if it weren't for that shortcomming)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
T4 box with netbios enabled and you should have a
copy within an hour or so.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
. Hoping someone else has already. Looks
like it's spreading pretty quick
http://isc.incidents.org/port_details.php?port=139&repax=1&tarax=2&srcax=2&p
ercent=N&days=40
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lis
take some action. They do this all the time and anyone running
anti-cache-poisoning measures then fails to resolve their dns.
Geo. (if there is anyone from chase on the list, please go smack the dns
admin who is doing this)
___
Full-Disclosure - We belie
> "hey, a valid mail address, let's forward it to my buddy Joe Spammer and
> his \/|agra pills"
>
> It almost as bad as clicking the "remove" bait some spammers post within
> their messages.
If you're replying to a spam you just received,
ail address
if you use it to any extent at all. So them knowing it's active does
nothing. OTOH, they might not want to email someone who is likely to corrupt
the data they collect.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lis
then if the
same ratio were to respond with bad information it would make a lot of work
for the folks profitting from these activities.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
s your server won't have to deal with for each spamming.
I mean to me it would seem getting 100 addresses off the spammers list is a
good thing. In fact I'd like to be able to send the same error message for
the addresses that are valid and have them removed from the
a non-existant address, the receiving server
rejects during the smtp transaction so a return address is not needed since
the sending bot gets this error message before the transaction is completed.
Geo.
___
Full-Disclosure - We believe in it
y go looking for a free AV program until they need to scan and
clean their machine so removal is an important feature.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
6-205043 to this issue.
APPENDIX A. - Vendor Information
http://www.isc.org/index.pl?/sw/bind/
APPENDIX B. - References
NONE
CONTACT:
*Geo.
[EMAIL PROTECTED]
*1-888-LOL-WHAT
*CISSP GSAE CCE CEH CSFA GREM SSP-CNSA SSP-MPA GIPS GHTQ GWAS
___
Full
packets and you have received 200K
of traffic. That's the amplification, one small udp packet, one large text
record in return.
Note, I don't have to use your local servers, but this way it makes it more fun
to troubleshoot because it looks like you are the ca
rmat is the only way to fix it. For virus writers, it's the perfect way
to trash windows machines without slowing virus propogation.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
nt sir is that a lot of us feel it's better if a few criminals go
free than if a few innocent people get locked up. You can't apply standard
security practices to a population, or you would have to lock up everyone
and then release those who a
I have an idea, how about every time there is a little noise on the list, we
generate 100X that amount of noise talking about ways to deal with the noise
and in the process drive the noise makers away because of too much noise?
Geo.
___
Full
thing
seems to still be picking up speed.
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
ls.
Why don't you contact Julian Haight over at spamcop and talk to him
explaining what you have there and see if you can work with him to automate
the way these get filed. I've found he's very smart when it comes to spam
and either he'll give you a way to do it or ex
>> and I know it doesn't run javascript or allow
executable attachments in PDF's, like Adobe's does.<<
Executable attachments? How?
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclos
Haven't any of the security firms checked out adobe pdf reader to see if
it's safe? It took 5 minutes to create this nonsense
http://www.nthelp.com/test.pdf and that's just using the standard features.
I hate to think what a real hacker could do w
I don't understand the big fuss over google talk. ICQ has had both talk and
video chat features since 2000. It started as plugins but it's been part of
icq for a while now http://www.icq.com/img/download/tutorial/tutorial.html
Geo.
-Original Message-
Article on the
>>I swore an oath never again to apply my skills in a way that helps
Microsoft.
So that means.. no forensics that show it actually was the user downloading
porn instead of the OS being exploited?
Geo.
___
Full-Disclosure - We believe in it.
C
se
http://www.eeye.com/html/research/upcoming/index.html but I guess not... 141
days and counting, and it will get released when MS hears that someone has
written and released an exploit for it, then of course all of us have 6 days
to live..
Geo.
___
Full
ly
at the quote from the 1908 congress that extended copyright law to cover
music as well, pretty interesting stuff.
http://www.theyscrewedusagain.com/copyrightact1909.htm
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.or
unnel smtp and/or http traffic thru anywhere you wanted leaving icmp
traffic passing the normal routes so that a traceroute shows nothing
suspicious. Could you ask for more?
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
7;s peers, to those
peers, etc. (please correct me if I'm wrong)
Geo.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
42 matches
Mail list logo