%27;cat%20/etc/shadow;%27&pingtimes=3
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
8/30/12 8:13 PM, Full Disclosure wrote:
>
>> Hi list,
>>
>> I am releasing this code due to the fact that my dev server got hacked and
>> people have been using it in the wild for bad things.
>>
>> Network admins should patch their networks appropriately
udphdr)+sizeof(payload)-1);
args.srcip = inet_addr(argv[1]);
args.filename = argv[2];
// Read file and save the IPs in a linked list.
add_snmp_s();
// Create threads
for(t=0; thttp://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
All,
Read an interesting article on "intercepting TOR users via proxies and
using the BeEF framework." today.
http://packetstormsecurity.org/files/115516/jackin-tor.txt
Any ideas on how this could be mitigated?
___
Full-Disclosure - We
DHCP requests are going onto your main network rather than (as intended)
through the tunnel. You might want to look into who is using this...
Granville Moore
Nemesys Computer Consultants
www.nemesys.com
___
Full-Disclosure - We believe in it.
Charter: http:
Hello Full-Disclosure!
I want to warn you that I dont know anything about running secure sites. As a
result it seems I have been compromised!
www.websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
, firmware version 1.30EA
Full description and POC code available here:
http://www.sourcesec.com/2010/01/09/d-link-routers-one-hack-to-own-them-all/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
is list who remotely
gets close to the political truth.
If you look back to January 2009 when "n3td3v" got banned it was exactly at the
point where I wasn't believing in cyber war. I am the only person to be banned
from this mailing list, you've got to ask yourself why. A
Why don't you go off to The Mossad's "Funsec" and post this stuff?
It was only a fake car bomb...
Original Message
From: "Ivan ."
Apparently from: full-disclosure-boun...@lists.grok.org.uk
To: full-disclosure
Subject: [Full-disclosure] Symantec
the law.
It's likely you didn't realise MI7 was an actual intelligence agency but thats
the risk you took in your mock-n3td3v emails.
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hos
-
From: RandallM
Apparently from: full-disclosure-boun...@lists.grok.org.uk
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] "funsec" as a terror cell
Date: Sat, 28 Nov 2009 09:50:12 -0600
> /me wonders how close a
> we've been outed by an MI7 mole.
i honestly don't think you actually believe jdl at mac.hush.com was anything
but an impersonation attempt.
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charte
o: n3td3v
Why do you think I posted the story there?
--
From: n3td3v
Date: Thu, Oct 16, 2008 at 6:33 PM
To: Larry Seltzer
lol
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
world/middle_east/8377746.stm
[/cut]
Are these the people Valdis.Kletnieks wants to be associated with?
Original Message
From: valdis.kletni...@vt.edu
To: full-disclos...@safe-mail.net
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] "funsec" as a t
What do you folks think about "funsec" developing into a terror cell of
security professionals?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
e
targeted monitoring of potential terrorists was proportionate, said Klein,
using similar technologies for civil infringements was unnecessary.
http://news.zdnet.co.uk/security/0,100189,39906065,00.htm
_______
Full-Disclosure - We believe in it.
Charter:
it was funny you pretending to be n3td3v LOL...
Original Message
From: "kaibelf"
Apparently from: full-disclosure-boun...@lists.grok.org.uk
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Impersonation is a against the law.
Date: Thu, 19 Nov 2009 00:2
nd of the month
16 August 2009 - Confirmation about realease day of a patched version - 05
October 2009
07 October 2009 - Releasing the vulnerability report.
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charte
>
> bob jones has invited you to open a free Gmail account.
>
Thanks bob!
account name: full.disclosure.pub...@gmail.com
password: structuredexceptionhandler
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-d
t
scams or stolen paypals. You can even cancel it before transactions
are payed. Then there's insurance companies.
Cheers.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
27;s not the years in your life that count. It's the life in your
> years." Abraham Lincoln
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>
Oh my, you both seem to have emailed your conversation to the full
disclosure mailing list by accident.
How embarrassing. Every body who is subscribed has received emails of
you two talking about something that ONLY CONCERNS YOU TWO.
Maybe next time when you send emails to each other you should
evel access. such attacks "could" work regardless of the
> OS or patch level.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter
>> We need to stop this back and forth fighting its making
>>>infosec look
>>>>>> bad, this isn't what infosec should be about.
>>>>>
>>>>> It's making one very small insignificant corner of infosec look
>>>bad.
>>
is also the reality of germanys new laws... I hope they find it
> soon and protect the people that need to be protected
> http://it.slashdot.org/it/08/12/09/0125201.shtml
>
> --
> http://www.astorandblack.com/
>
--
I'm your best best friend.
_____
'British intelligence service'!?
According to this:
<http://lists.grok.org.uk/full-disclosure-charter.html>
...Full Disclosure is run by secunia. And administered by one man.
Does the 'British Intelligence Service' doesn't even exist?
There's:
"The Secur
; >> --
>> >> MC
>> >
>> > There was a report earlier in the week via pcworld.com, but I don't
>> > think its connected to this conflict, maybe just a coincidence:
>> >
>> >
>> http://www.pcworld.com/businesscenter/article/154544/feud
Current status: Threat level Yellow.
>
> --
> MC
> Security Researcher
> Lead, Project Chroma.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
&
x27;t wanna!)
It's a silly idea.
Final Question:
- Are we finished? Is it over? Is it established that it's a bad idea now?
--
I'm your best best friend.
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
me, it might help me learn. Just
don't be so angry.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
ke it!
Resources should go into actually preventing crimes taking place. Not
stumbling around hoping that making it awkward for criminals to get
the tools they need will make a difference.
Simon.
___
Full-Disclosure - We believe in it.
Charter:
ndy/Interesting modbus tcp/udp links:
>
> http://jamod.sourceforge.net/development/tcp_master_howto.html
> http://jamod.sourceforge.net/kbase/protocol.html
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
zOKTX86plLcznh56NxScPGE+FJe
OsL/KQ0=
=YVi8
-END PGP SIGNATURE-
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
eleasing patches and workarounds to mitigate them (e.g.
>> http://www.cisco.com/warp/public/707/cisco-sr-20071010-
>lpd.shtml). As
>> the remaining patches or workarounds are developed, IRM will
>release
>> security advisories, which will include full technical details
>o
sybp57XQDHterOcf75fputd2rALDzDUKVfNE1rMqFdlEQOt
NKmij48=
=6Q4d
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
mzj4q+tUCPm7Sh0eKfgof/
NvZWCwVKOsaDTNZSgR7yS3QYJ3R+ekdQi/3nYz61iUFFBkbqi+F8KAQmAGtIcOQgp1EN
R093Phw=
=43if
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Se
QECAAYFAkcaWZQACgkQqTTbVuUWvbITTwQAnoA10GSOxJ1qkRoQ3YmOeCpB18F9
PbWhRC6I84iy577AjJrCW11nVgW6YlClpQWhU7jE1nUpD3Eked+nVQw9xxVIuAONfseK
RsOsAaXpWAqjmV9ybjAuGLMjuYuQKDg4qV1p+KTYxuY0077DuHGjbGnn5M7h1T622kgj
09Nnn5M=
=S3G/
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
qaK+bx6PMJ+3rPikD8+7u7jdrZyzi8Vousg17qns3801Sv4Rcl+
wGi59o4=
=h4pm
-END PGP SIGNATURE-
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
icina desde el 19/10/2007 y no volveré
>hasta el
>> > 26/10/2007.
>> >
>> > Responderé a su mensaje cuando regrese.
>Translated is:
>I take some vacations and send a mail to all my contacts. This
>maillist was
>there, so you are fucked
>PD: cuando vuelvas borranos
ensaje cuando regrese.
>
>_______
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Note: This signature can be v
SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
necessary on the full-disclosure. Please
>visit http://lists.grok.org.uk/pipermail/full-disclosure/2007-
>October/066799.html for more information. :p
-BEGIN PGP SIGNATURE-
Note: This signature can be verified at https://www.hushtools.com/verify
Char
are, you are going to do an NDA for an XSS in a
>router
>firmware web interface?
>I fail to see a real security issue ;D
>Cheers
>Lolek
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclo
e verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcYrpsACgkQqTTbVuUWvbK7bQP+IPvLoWZejlIbkRWrTujdw3L/c+bW
aQSRaMwrU7/rB8mpnXV1e7w86DGaTEoqQWgrU7+DzH79h5u3v03kuYfsJBNQQVSGrWrn
IJBOwuBkyuib0PLgSR/t79dhe7tjF9qrRAVm+Y1PhhxI1HnnAMylXoRq6BN3SmS6r8Tn
UNaT5RI=
=1sTp
-END PGP SIGN
5sjtFS
yd8kFa0Nex1PweCkoCaGICXiCXVqA0OI5HkUsbrdG7aJkM9RFx6y8g33nMccfXkrqlyw
hPnmVyY=
=/fem
-----END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
e -> Change Option -> Arabic
>(funky chars, top item in list) -> Save
>Home -> [do this next part quickly] tap 9, tap 0 quickly twice,
>while
>char is still highlighted tap DEL.
>"Uncaught exception: java.lang.StringIndexOutOfBoundsException"
>--
>Kristian
ty.
>
>[EMAIL PROTECTED] wrote:
>> One word replies are unnecessary on the full-disclosure.
>>
>> On Thu, 18 Oct 2007 12:15:52 -0400 Nikolay Kichukov
>> <[EMAIL PROTECTED]> wrote:
>>> so?
>>
>>> -Niko
.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcYrf4ACgkQqTTbVuUWvbIx6AP9GD1CxfV7uB331wDT77hUY9WNfFu3
GX2sqs61wW1q8fKC0yKeniLOBDh3Li3y2N32rasERXzIsdSGQNVbSz5dTHULLdAgoHK7
AElY8yxu5/9Qk8KjBNOtDKMtq6PdM/b/U77BSmb1kCTryp9vLLN3dUxBcGgnjHAGX4fA
yxbAjtg=
=oOy/
-END PGP SIGNATURE-
_
;>
>
>
>
>
>
>
>--=_NextPart_001_001D_01C8119E.4B8FA830--
>
>--=_NextPart_000_001C_01C8119E.4B8B8980
>Content-Type: audio/mpeg;
>name="moreringers.mp3"
>Content-Transfer-Encoding: base64
>Content-Disposition: attachment;
>name="mo
: Hush 2.5
wpwEAQECAAYFAkcXxI8ACgkQqTTbVuUWvbI8KgP/cH3JsxfJ3axZ532sN8oJeUIcE2sq
RYU4MCVbuZ5nDszdB/8dOtqTCNJmARqBPqn/G6HyedBIY6B8hzHIMV8/giqLpx4oF99g
QAuFEEKQNP75UiVb6UAr6d5HLydiNhVh1dz8cl22H2yx8wU1TV/bA5OZja3MxxkOobYX
8xw4swE=
=DqfS
-END PGP SIGNATURE-
______
media reports, it seems the department of
>homeland
>security are thinking if we're not connected to the internet then
>we're
>safe.
>
>no, even permanently offline systems, still need to be patched
>from internet
>threats, because terrorists are actively seeking to
;
>Kind regards,
>Rembrandt (+ the friends you had)
>
>p.s.
>Greets go to t3c0 who noticed the XSS at first but had no time to
>write
>about it (and no serious interest).
>This should get mentioned as well so hopefully some archives
>update
>their "news".
>An
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
One word replies are unnecessary on the full-disclosure.
On Thu, 18 Oct 2007 12:15:52 -0400 Nikolay Kichukov
<[EMAIL PROTECTED]> wrote:
>so?
>
>-Nikolay
>
>fabio wrote:
>> https://intranet.usip.org/d
4)
> id E6F6C22840; Thu, 18 Oct 2007 14:00:52 + (UTC)
>MIME-Version: 1.0
>Date: Thu, 18 Oct 2007 10:00:52 -0400
>To: ,<[EMAIL PROTECTED]>
>Cc:
>Subject: Re: [Full-disclosure] .aware eZine (beta edition)
>From: <[EMAIL PROTECTED]>
>Content-Type:
GjifZ2nCvkZmDF
snyTsfPKIim/l4okBQfKaRQyCR1sDtYfP/DVxRXUfQoNUT3mNRFwtzanLpzpU9yiA1Dw
31gz4KI=
=NNC7
-END PGP SIGNATURE-
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
t; wrote:
>Did people power get rid of Gadi Evron from Full-Disclosure?
>
>The security researcher and robot network expert from Israel
>hasn't been
>seen on Full-Disclosure mailing list since the "What is a 0-day?"
>fallout
>between the researcher and members of th
;> what's matter ? is for a psy profiling analysis ?
>>> anyway:
>>> http://www.youtube.com/watch?v=K2cYWfq--Nw
>>>
>>>
>>>> 5) Best browsing policies
>>>>
>>> a lot of tab (20 - 50) for collect in the day and read after.
>>>
>
AIL PROTECTED]> wrote:
>Hi,
>
>> I am currently tasked with evaluating which webbrowser is the
>most
>> secure, to be deployed across all machines at the fortune 500
>> corporation I'm currently working at. Can you, armchair
>security
>> enthusiast and full
>Zone-H.org - 10 reasons websites get hacked
>http://www.zone-h.org/content/view/14865/1/
>
>based to OWASP Top 10 list.
>
>- Juha-Matti
>
>_______
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disc
AT&T
- -Original Message-
From: <[EMAIL PROTECTED]>
Date: Wed, 17 Oct 2007 14:10:13
To:
Subject: [Full-disclosure] Most Secure Browser
- -BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear List,
I am currently tasked with evaluating which webbrowser is the most
secure, to be depl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear List,
I am currently tasked with evaluating which webbrowser is the most
secure, to be deployed across all machines at the fortune 500
corporation I'm currently working at. Can you, armchair security
enthusiast and full-disclosure r
a Firefox 2.0.0.7 codebase
>(from UA: rv:1.8.1.8pre Gecko/20071015 Firefox/2.0.0.7
>Navigator/9.0).
>
>Solution:
>Upgrade to version Netscape Navigator 9.0
>http://browser.netscape.com/downloads/
>
>- Juha-Matti
>
>___
>F
is way: Adobe's code has been doing
>the
>> wrong thing for years, and they've gotten lucky. But now, a new
>bug
>> in IE7 has come along which makes the old bug in Adobe's code
>> exploitable.
>>
>> - Eric
>>
>>
>> __
attachments.
>
>The views expressed in this email do not necessarily reflect NGS
>policy.
>NGS accepts no liability or responsibility for any onward
>transmission
>or use of emails and attachments having left the NGS domain.
>
>NGS and NGSSoftware are trading names
YLKWhjD0hK1zX/9MKPgN5oIli9qLzELLOOfsVzl5W
M4V/ZEc=
=qQcN
-----END PGP SIGNATURE-
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
reason Microsoft takes a lot of time to put patches out, after
>all. I
>don't do this for the reputation, either: I already made a U-turn
>on my
>feelings about the vulnerability, I'm not too proud to admit my
>mistakes
>(god knows how big the egos can get in FD
L1RELAY
>Sender: [EMAIL PROTECTED];
>Recipient:full-
>[EMAIL PROTECTED];[EMAIL PROTECTED];
>Subject:Re: [Full-disclosure] password hash, funny myth in the
>industry!
-BEGIN PGP SIGNATURE-
Note: This signature can be verified at https://www.hushtools.com/verify
C
2.5
>> >
>> >
>wpwEAQECAAYFAkcVAcQACgkQ+dWaEhErNvSa3gP5AXq4yJqozOQhpaJg/WtXwUcRrxz
>6
>> >
>ncYXpsrN5Lt2ZU3ehbwiTUZHuSq3JCo259u/9+KhL8fM5UBM1YScPnh6GA+dTEB4iGN
>b
>> >
>/aFymB4V26wUXV/NJLk/hcPEWKrxJ08dznUg4qJGYD2
.
>
>Challenge-Response - DH -
>
>--
>http://secdev.zoller.lu
>Thierry Zoller
>Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-di
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi 3APAPA,
On Tue, 16 Oct 2007 15:30:56 -0400 Bipin Gautam
<[EMAIL PROTECTED]> wrote:
>hi list,
>i was reading the article, http://www.f-
>secure.com/weblog/archives/1293.html
>but just an example.
blah blah blah, this is f
gt;
>>
>wpwEAQECAAYFAkcVAcQACgkQ+dWaEhErNvSa3gP5AXq4yJqozOQhpaJg/WtXwUcRrxz
>6
>>
>ncYXpsrN5Lt2ZU3ehbwiTUZHuSq3JCo259u/9+KhL8fM5UBM1YScPnh6GA+dTEB4iGN
>b
>>
>/aFymB4V26wUXV/NJLk/hcPEWKrxJ08dznUg4qJGYD2q/mT/Voff9OKbtVc8wIBwR+T
>f
>> 9ddML2Q=
>> =VF6Y
>> -END
xploit for Adobe Acrobat
>> >
>> > Workaround:
>> >
>> > Currently unavailable.
>> >
>> > Thanks to:
>> >
>> > pdp (at) gnucitizen.org for his investigation
>> >
>>
>>
b
/aFymB4V26wUXV/NJLk/hcPEWKrxJ08dznUg4qJGYD2q/mT/Voff9OKbtVc8wIBwR+Tf
9ddML2Q=
=VF6Y
-END PGP SIGNATURE-
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
9vPFyY1huTWhecUvUVosJQG+6F+d4yBIK
1agtkIU=
=Gy76
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
edRgM81MxrF8bZ2itPpNYtyrVAC5ztWEfAVJDP01z9
>C
>> >L
>> >>
>>
>>93B9OS/IdedZSvXokQAHrtEdO6wZHarddeE772GG3RfWlY5a/SA8agWUIkGAALugJy
>v
>> >R
>> >> gPyqE40=
>> >> =sCNw
>> >> -END PGP SIGNATURE-
>> >>
>> >>
>> >>
>> -BEGIN PGP SIGNATURE-
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>> Charset: UTF8
>> Version: Hush 2.5
>>
>>
>wpwEAQECAAYFAkcU7oUACgkQ+dWaEhErNvTuzAP/bgT6FkLr1a/g4ICZ+G+vIFympNG
>2
>>
>LRHvwum/30YdR4i3SCeASVioRI7N4Cty6cH0jKjF2DMp/uRJORsdHFXv4lJnquGo2lV
>H
>>
>li1RC5L8XsJkQ15S6MlHfIGPUvQri60h8DZwEtHn5eKzi8pQmTcBR8EKq9LkbrCMrnM
>l
>> ObNbaRU=
>> =gaS9
>> -END PGP SIGNATURE-
>>
>>
>>
-BEGIN PGP SIGNATURE-
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcU8MgACgkQ+dWaEhErNvR8pQP/d3WTIy9grtZOnVXBUkIGN8PskQkY
9c/UqQwTsWYvhbH18zcwI/5KGeBRKU3EoNvSsg2fVUQMAlG+V7HkkcVB389RkrntSlsq
nLDBDy5e6Rf7lGsENwCT0RWq8nCIhO7cKjrMGaUfR/jC5c4F13JJEgqC4j20wjG9FP6Y
aoH2Qms=
=ZERQ
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
dunno but every sec researcher I know in the private sector would
>never
>release any info without it being fully authorized by his / her
>employer.
>
>Possibly we will see these idiots looking for a new job soon?
>
>_______
>Full-Disclo
PW5ZEoWuEht/XJLrpITVORFppLEMGUPneBrJOYDWlKL+qga5n0wNqkwQAQEpSY
ggdFtRM5+mzULv5V4+L85uAM+X6SUXWgFLO9VqD//EggDpc+1Uv0D5HIKSXToJBh0jPw
jYqXjjA=
=GOkK
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.
gjXfSS6mmSEcNXCngEnJAXf
8p8i57pby3KmK6Os29OeesSIedRgM81MxrF8bZ2itPpNYtyrVAC5ztWEfAVJDP01z9CL
93B9OS/IdedZSvXokQAHrtEdO6wZHarddeE772GG3RfWlY5a/SA8agWUIkGAALugJyvR
gPyqE40=
=sCNw
-END PGP SIGNATURE-
_______
Full-Disclosure - We believe in it.
Ch
t;>
>>>> To pdp architect: incest isnt natural no matter how good it
>feels.
>>>> [4]
>>>>
>>>> ps: many lulz @ [5]
>>>>
>>>> [1] http://seclists.org/fulldisclosure/2007/Sep/0705.html
>>>> [2] http://drraid.blogspot.com/200
gnZRGj745TNUyEsdc4om3V/JA76v4fccRFFxXSS
+GO2CiL9eSjz5oJ+RLWNLQgXFg4rJMQ+qaR891QzKSCtkV1rUOTtw9oqi5mDJyn4XN48
8HnvRck=
=uuXv
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcS2CQACgkQ+dWaEhErNvQpvwP+P1RDr9QqRNFPSbxv/BHcLZlW9Ux1
1HPdWMZcsQoFfaFMCMj8l2b3GYjE6bcKc8jd9hxGc0OFfxpsTeVehlnCnhattgz8i1hQ
9/JP/nFpp1NIsLgGhCBwTlh0WTSCBYqvOau4dmLAGn80qwlzb8EThDP1KDY8UPvlTlfq
5ezUoIE=
=YTfZ
-END PGP SIGNATURE-----
__
<[EMAIL PROTECTED]>
>wrote:
>> > On 10/13/07, Richard Golodner <[EMAIL PROTECTED] >
>wrote:
>> > >
>> > >
>> > >
>> > >
>> > > Why don't you keep this offline between you and full-
>disclosure? I
>
CTVzvA=
=htMU
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
AETdpTSg9hlsI81JcF9RpxaVDMJbmVpL4P3Q
JLjfW5xhoOVZvKnd3DdpgnOPHqeYZTnZ91QLXcnLlyiwbB+oSX2+HqOo639S2zkEEKnX
aJLxHdw=
=TSRq
-END PGP SIGNATURE-
_______
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
IGzq
p6+OGGjYI8aD9iDFCaSzrQ6k3IzURM7uV+1lZ1n412bg/2b3tZ/SG9sOVDe01Xk+uER2
5kTiusE=
=iUnm
-----END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
/full-disclosure/2007-
October/066616.html
On Sat, 13 Oct 2007 11:14:26 -0400 [EMAIL PROTECTED] wrote:
>On Sat, 13 Oct 2007 10:25:46 EDT, [EMAIL PROTECTED]
>said:
>
>> No idea you got an idea big guy?
>
>No, merely pointing out a under-specification of the problem.
>There
f4iRrwYRZ7IvwZcgNUhasurDrZNtcxJCOoEws+/peVgB+N
XLRvMFFN/eHOTptpTtRv6KUbzy2T5dStwIzlhJWULqcYxDrLaYz45sSAQcmWIFiH7drG
cbff8mI=
=lWu2
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
g
>>> on port 80 because it doesn't have https: enabled?
>>>
>>> https://www.cnn.com just sorta sits there for me.
>> -BEGIN PGP SIGNATURE-
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>> Charset: UTF8
>&
et: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcQJ40ACgkQ+dWaEhErNvQjfAQAhvRta2YldG0s+RPwOOYQJhmavq4c
uo/dTsCd3EQy6yQru6oGcmWR7CdCo8EvwoTpB0EwLgVW4z7/lujiayEMECV4zejTNztw
NSabygNoko5I8wh5trmqvoSb4RfPW79qEWLgTosECR1dsCu5FfXuKZhgQwbweWpi09gh
zDPTvGg=
=jxe7
-END PGP SIGNATURE-
_______
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
THIS IS A REALLY GOOD ARTICLE FROM SECURITYFOCUS.
http://www.securityfocus.com/columnists/454
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com
y initially reported 9
>months
>MN> ago), then you really should not use this software.
>
>--
>~/ZARAZA http://securityvulns.com/
>Человек это тайна... я занимаюсь этой тайной чтобы быть человеком.
>(Достоевский)
>
>___
&g
R69v5rwOy8tEPkb/tApXT172BmH2qqMUmPgnlF+V9EmzOOfumePnvrqZX
5QvPaws=
=NO9u
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcOjs0ACgkQ+dWaEhErNvTnyAP+LVuOuLLcwGgWAqUlRcTWNoHqqARv
iCP7lKBIrdOIOjvxMU36VmONsPm5DWeUtWfVolnv9SNIvUcc00E7GCZr3HUVnnLIqAt6
qpEzW8PJFHh1985VDN41wbjzJgSmyATWM7LWLtY7xTmSlDJLWQAqXpCUDmsvM1C0nCEq
Wd9HcVc=
=QWSq
-END PGP SIGNATURE-
42FDMo0bW/pZd0CBOUlM4uvV0OR00O/k
bl8g9M0HKSncAq7y0IMQh3jZCjX2MYXFhfRlb2QuCGWGGjzykfGZXryFA31tRJAwNJSi
xhU6bw==
=pdA7
-END PGP SIGNATURE-----
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcOMFIACgkQ+dWaEhErNvSA6gP/Tgggjw8KZNPI9M33XtjfyvBS5URq
kRafaMsPfvDcKsRcaNB30zhou3Me1VVG2LuwchOhh1vIss0aPzT8Bq7lgULZiKqOxX19
/L8xfYgHptayeqrNqSYMg4lsl2J/Q1gQTvWf4EPkk+WcakChTuCJdzA/zZfuAIsTTihY
bjtJ+Yg=
=fqcX
-END PGP
;http://www.example.com/drupal/?_menu[callbacks][1][callback]=drupal
>_eval&_menu[items][][type]=-1&-312030023=1&q=1/
>Original message (in Russian):
>http://securityvulns.ru/Sdocument137.html
>
>13. ShAnKaR reports PHP injection vulnerability in TikiWiki 1.9.8.
>
>Example: http://www.example.com/tikiwiki/tiki-
>graph_formula.php?w=1
ate. Give some time for
>the
>folks at CITRIX to react. Currently, I am not aware of any remedy
>against the attack. Given CITRIX's popularity among corporations
>and
>big organizations, it is highly recommended to take this warning
>with
>extra caution.
>
>--
>
his
>attack. Because I don't want to spam people with tones of text, I
>just
>included a link which you can follow. Hope that this is useful and
>at
>the same time eye opening, not that it is something completely
>amazing. But it does work and it works well.
>
>cheers.
>
a5C7h81GEBGjHgm
DKizFsqOxdrKbORuAi4dvpDrmw/3r+iLZBoWHNn86BbdDCbfyaZjOxI06V+h5vuNzdVI
rgOwzOj58hY0PDsg8RzQMIXE4Bfj8QgqitjQVq0gCh3+sPKJNp2ULmJ12KqAET1COdos
zEicxSk=
=QeXe
-END PGP SIGNATURE-
_______
Full-Disclosure - We believe in it.
Charter: http://lists.gr
bvl7IKwqT27icP9E1VcPWkFyyEPdm9+UzIkHsjDj7gTbuyqb3E/
fEHOMaI5pwqsp6yBWRwFn0kpWq9tEP2ASa9sNCw+6P/U87nxPur8nLaEgLFbUAeZ
epj806g=
=+6eB
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
1 - 100 of 138 matches
Mail list logo