Re: [Full-disclosure] 0xHACK - Oxford Info-Sec Group

2009-09-11 Thread Lolek of TK53
On Fri, Sep 11, 2009 at 2:40 PM, James Whayman wrote: > http://0xhack.org didn't your profs tell you that K is no valid hexadecimal character? scnr ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html H

Re: [Full-disclosure] apache and squid dos

2009-06-20 Thread Lolek of TK53
On Fri, Jun 19, 2009 at 8:00 PM, evilrabbi wrote: > Exploit for new apache and squid dos mentioned on sans.. > > /* >     DOS for the vulnerbility at http://isc.sans.org/diary.html?storyid=6601 > > >     I wrote it in PHP because I find it funny to make PHP attack apache... >     I set it at 200 p

Re: [Full-disclosure] Multiple Vendor DNS Cache Poisoning issue

2008-07-10 Thread Lolek of TK53
On 7/10/08, Chandrashekhar B <[EMAIL PROTECTED]> wrote: > We have a detailed advisory here, > > > http://www.secpod.org/advisories/Multiple_Vendor_DNS_Spoofing_Vulnerability_MS08_037.html FAIL even http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 is better. Your logo is shitty as well! ___

[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

2007-12-30 Thread Lolek of TK53
TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 <[EMAIL PROTECTED]>, Lo

[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

2007-12-30 Thread Lolek of TK53
TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 <[EMAIL PROTECTED]>, Lo

[Full-disclosure] TK53 Advisory #2: Multiple vulnerabilities in ClamAV

2007-12-30 Thread Lolek of TK53
TK53 Advisory #2 12/29/2007 - Multiple vulnerabilities in ClamAV * Authors: Roflek of TK53 <[EMAIL PROTECTED]>, Lo

Re: [Full-disclosure] Netgear SSL312 XSS vulnerability

2007-10-18 Thread Lolek of TK53
Yoyo, On 10/17/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Dear SkyOut, dear Packetstorm team (tedd :)) and dear List. > > The author brocke a NDA during the releasing of this "uber"-Advisory. > > Skyout: What the fuck is wrong with u? Even ignoring our mails... wow? > We provided the Router

Re: [Full-disclosure] screen 4.0.3 local Authentication Bypass

2007-06-05 Thread Lolek of TK53
Hi, On 6/4/07, Christian Khark Lauf <[EMAIL PROTECTED]> wrote: > >> Screen asks for a Password to unlock the screen. > >> Just press ctrl+c and it displays "Getpass error". > >> 2 seconds later the screen is unlocked and you`ve access. > > I can't reproduce this on either Mac OS X (screen 4.00.03)

Re: [Full-disclosure] screen 4.0.3 local Authentication Bypass

2007-06-04 Thread Lolek of TK53
reen I can see no vulnerability in this context. Can you show some code that proves your claim? If not I suggest to get a better operating system distributor ;) Cheers Lolek of TK53 P.S. It's ctrl-a x not ctrl-x ___ Full-Disclosure - We believe

Re: [Full-disclosure] Knorr.de SQL Injection and XSS Vulnerabilities

2007-03-04 Thread Lolek of TK53
Hi, On 3/2/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Author: Sebastian Bauer > Web: http://blog.gjl-network.net > Date: 01/12/07 > > Vuln. website: http://www.knorr.de > Vulnerability: SQL Injection (mainly login authentication bypass + any > other SQL inj. > possibility), XSS > Significan