[Full-Disclosure] How to reproduce the IIS Host Header DOS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - From the screenshots and descriptions given in , it's not clear *exactly* how to reproduce the IIS Host header DoS. A POST request like the following (between the [begin] and [end] lines) will manually rep

[Full-Disclosure] Security Update: [CSSA-2002-SCO.39] OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries

To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] __ SCO Security Advisory Subject:OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS

[Full-Disclosure] hushmail spam/abuse/mailbombing vulnerability demonstrated by Mr. Gobbles

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hushmail should thank Mr. Gobbles for so ably demonstrating their spam vulnerability. Perhaps he could share his mailbombing code or methodology with the list? /daynil -BEGIN PGP SIGNATURE- Version: Hush 2.2 (Java) Note: This signature can

[Full-Disclosure] help

--- [EMAIL PROTECTED] a écrit : > Send Full-Disclosure mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, > visit > > http://lists.netsys.com/mailman/listinfo/full-disclosure > or, via email, send a message with subject or body > 'help'

RE: [Full-Disclosure] 60 Poot ze-a cheekee in de-a oofee!

On Fri, 11 Oct 2002, David Vincent wrote: > >Even an unmoderated list requires some filtering > >of abusers. Otherwise, what good is a list charter? > > my point exactly. At first, I thought the "Poot" messages were just spam. But the "GOBBLES" identity possesses a certain amount of credibil

[Full-Disclosure] Administrivia - (Un)subscription requests

Hi There seems to be some confusion over how to manage your subscription to the list. For the record: [EMAIL PROTECTED] -> for mailing list postings [EMAIL PROTECTED] -> for subscriptions etc [EMAIL PROTECTED] -> to contact Len and I. Send 'help' to the -request address for instructions, or vi

RE: [Full-Disclosure] 60 Poot ze-a cheekee in de-a oofee!

>Even an unmoderated list requires some filtering >of abusers. Otherwise, what good is a list charter? my point exactly. -d ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

[Full-Disclosure] (no subject)

unsubscribe [EMAIL PROTECTED]

[Full-Disclosure] unsubscribe

unsubscribe - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 10, 2002 5:01 PM Subject: Full-Disclosure digest, Vol 1 #289 - 15 msgs > Send Full-Disclosure mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the

[Full-Disclosure] Administrivia - Regarding bulk mail

Hi The recent deluge of spam deserves some discussion, I believe. Firstly, to clarify, this bulk mail is *not* from [EMAIL PROTECTED] The PGP signature is invalid, and the mail is spoofed. This appears to be an attempt to cause a DoS to the mailing list administration at the price of safeguardin

Re: [Full-Disclosure] 60 Poot ze-a cheekee in de-a oofee!

Spake David Vincent on 10/10/2002, 13:41:25 -0700: > i'm a patient person, but surely the 25+ copies of this spam being sent to > the list is enough to get this address banned/bumped for at least a few > days? > > spam sucks. It's not actually gobbles sending out the message. Check the validity o

Re: [Full-Disclosure] 60 Poot ze-a cheekee in de-a oofee!

On Thu, 10 Oct 2002, Damian Gerow wrote: > Spake David Vincent on 10/10/2002, 13:41:25 -0700: > > i'm a patient person, but surely the 25+ copies of this spam being sent to > > the list is enough to get this address banned/bumped for at least a few > > days? > > > > spam sucks. > > It's not actual

Re: [Full-Disclosure] 60 Poot ze-a cheekee in de-a oofee!

> As discussed to death in the past couple of weeks, if you don't like > the messages, see procmail(1) and procmailrc(5). >From http://lists.netsys.com/full-disclosure-charter.html : "It is expected that the list will be largely self-policing, however in special circumstances (eg spamming, misapp

[Full-Disclosure] Security Update: [CSSA-2002-SCO.40] OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access vulnerability

To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] __ SCO Security Advisory Subject:OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access vulnera

Re: [Full-Disclosure] 60 yada yada *yawn*

Set Killfiles to u. Kill, Mr Sulu ;-) (Especially when the signature seems to fail) Cheers. - Original Message - From: "David Vincent" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 10, 2002 9:41 PM Subject: RE: [Full-Disclosure] 60 Poot ze-a cheekee in de

[Full-Disclosure] [RHSA-2002:207-14] Updated packages fix PostScript and PDF security issue

- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated packages fix PostScript and PDF security issue Advisory ID: RHSA-2002:207-14 Issue date:2002-09-23 Updated on:2002-10-09

Re: [Full-Disclosure] 10 Poot ze-a cheekee in de-a oofee!

[EMAIL PROTECTED] wrote: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > >++ >++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+ >ALERT! ALERT! MULTIPLATFORM REMOTE ROOT! ALERT! ALERT! >++

Re: [Full-Disclosure] 3 Poot ze-a cheekee in de-a oofee!

i know this message contradicts itself, but I would simply like to pledge to everyone NOT TO REPLY to this bullshit. apparently someone is getting bored. thanks. -- martin; (greetings from the heart of the sun.) \ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck joan of

RE: [Full-Disclosure] Outlook Express Remote Code Execution in Pr eview Pane (S/MIME)

On a related note, does anyone know why IE6 SP1 has become a "critical" update for Windows 2000? Is there something else about IE6 SP1 that Microsoft isn't letting on about? - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bak

[Full-Disclosure] [RHSA-2002:204-10] Updated squirrelmail packages close cross-site scripting vulnerabilities

- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated squirrelmail packages close cross-site scripting vulnerabilities Advisory ID: RHSA-2002:204-10 Issue date:2002-09-20 Updated o

Re: [Full-Disclosure] 12 Poot ze-a cheekee in de-a oofee!

[EMAIL PROTECTED] wrote: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > >++ >++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+ >ALERT! ALERT! MULTIPLATFORM REMOTE ROOT! ALERT! ALERT! >++

Re: [Full-Disclosure] 8 Poot ze-a cheekee in de-a oofee!

[EMAIL PROTECTED] wrote: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > >++ >++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+ >ALERT! ALERT! MULTIPLATFORM REMOTE ROOT! ALERT! ALERT! >++

[Full-Disclosure] 280 Poot ze-a cheekee in de-a oofee!

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ++ ++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+ ALERT! ALERT! MULTIPLATFORM REMOTE ROOT! ALERT! ALERT! +++

[Full-Disclosure] 261 Poot ze-a cheekee in de-a oofee!

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ++ ++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+ ALERT! ALERT! MULTIPLATFORM REMOTE ROOT! ALERT! ALERT! +++

[Full-Disclosure] 256 Poot ze-a cheekee in de-a oofee!

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ++ ++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+ ALERT! ALERT! MULTIPLATFORM REMOTE ROOT! ALERT! ALERT! +++