On 21 Sep 2011, at 17:14, Thor (Hammer of God) wrote:
FYI
Yep, he already told us.
Don't run as admin, you're fine. And change the permissions of the dscl binary
to 0100 root:wheel if you can't trust yourself not to run malicious code. It
wants fixing, though.
Cheers,
Sabahattin
On 2 Aug 2011, at 22:02, Tony Oller wrote:
On Sat, 23 Jul 2011 03:12:56 +0300
Sabahattin Gucukoglu m...@sabahattin-gucukoglu.com wrote:
What have mail-archive.com done to you that you must block them in
DNS, by setting up an empty authority zone for it?
There is plenty of material on mail
What have mail-archive.com done to you that you must block them in DNS, by
setting up an empty authority zone for it?
Sabahattin-Gucukoglus-MacBook-Air:~ sgucukoglu$ host -v -t a
www.mail-archive.com.
Trying www.mail-archive.com
;; -HEADER- opcode: QUERY, status: NOERROR, id: 21593
;; flags: qr
On 10 Jun 2011, at 01:11, Ben wrote:
While email filters are there for the using, me and a buddy created a
website for this exact purpose. I have not advertised it because it is still
a work in progress (very much so), however it is mostly functional. There
are still several features I wish to
Is there any way to get full-disclosure without all the XSS, CSRF, IAA, binary
planting, PHP, and other non-vulnerabilities?
Cheers,
Sabahattin
PS: Happy World IPv6 Day!
___
Full-Disclosure - We believe in it.
Charter:
From the release notes:
Password protected login
BrailleNote Apex can be password protected. In case you forget your
password, you can contact our Technical Support services to obtain a password
unlock file. User identification and device serial number will be required.
For security
Honourable mention for a strong and swift [PS] response to security
announcements. Apple has released fixes for various problems with Airport
firmware, whose vulnerabilities date back to 2008. You can read the full
announcement at:
http://support.apple.com/kb/HT4298
My unsanitised FTP PORT
Just FYI, Apple responds to my concerns:
After examining your report we do not see any actual security implications.
Mac OS X can locate missing intermediate certificates by finding them in a
keychain or by using the CA Issuers field of the Certificate Authority
Information Access
I'm getting a bit panicky here.
I just upgraded to a CA-issued certificate. They require an intermediate CA
not in OS roots. I installed it on all my services, but my SMTP proxy only
advertises the primary (server) certificate. I noticed this when verifying
several services a short while
On 5 Oct 2010, at 14:24, Shawn Merdinger wrote:
FYI,
HumanWare is tracking this as CASE:12632
Thank you. Here is the workaround for now. Telnet into the device one last
time and do:
services unregister ftpd
services unregister telnetd
softreset
That reboots the device without telnet or
BrailleNote Apex offers telnet and FTP access on the standard ports, with
read/write privilege on the entire file system, to all comers. No
authentication is required. BrailleNote is unsafe on any network whose devices
you are not in full charge of, and which (by NAT or firewall) does not
On 1 Oct 2010, at 22:57, Thor (Hammer of God) wrote:
⠠⠊⠋ ⠃⠁⠙ ⠛⠥⠽⠎ ⠁⠗⠑ ⠕⠝ ⠽⠕⠥⠗ ⠝⠑⠞⠺⠕⠗⠅, ⠽⠕⠥ ⠼⠚⠼⠉⠼⠊;⠗⠑ ⠎⠉⠗⠑⠺⠑⠙ ⠁⠝⠽⠺⠁⠽
(If a bad guy is on your network, you're screwed anyway)
With those services closed, it doesn't take a five-second run of nmap and wget
to ransack the owner's device, though. And
On 5 Aug 2010, at 10:13, Ryan Sears wrote:
Well I'm no expert but I'm going to see if I can reverse engineer the PDFs used
for jailbreaking (obviously I'd need an ARM assembly book or someone who knows
it :-P) and figure out exactly what they're doing. I agree with was said
earlier, I'm not
On 16 May 2010, at 04:06, Thor (Hammer of God) wrote:
Oh, one last thing - your dear Pegasus 4.51 Windows-based program that you
hypocritically hold on to while demonizing Windows and .NET was... wait for
it wait for it written with Visual Studio 2008 C++ - a proud
Microsoft
On 6 Mar 2010, at 02:12, drstrangep...@hushmail.com wrote:
Do you have firmware information on which products it affects.
Tested with firmware 7.5 on the latest-generation units. Should work just fine
with 7.4.2, on the previous generation. These are the latest versions. I
don't know about
The FTP proxy used in Apple's Airport Express, Airport Extreme, Time Capsule
and possibly elsewhere doesn't check the client provided address and port given
by the FTP PORT command against the IP address of the connecting client, or
against the use of privileged ports. (The FTP PORT command is
16 matches
Mail list logo
