[Full-Disclosure] Format string and other vulnerabilities on win32

Visit http://www.Generator.co.za for more information Hi, I'm wondering if anyone has discovered and successfully exploited any format string vulnerabilites on Win32? I've played around with code in DJGPP environment, and broken the code, but not been able to dedicate the time and effort to

Re: [Full-Disclosure] A WiFi security tool I would like to see developed

Log sounds like a spoofed crock of shit, but whatever.. umm, last time I heard Lance doesn't code, so that further confirms my 'crock of shit' theory. push comes to shove, I guess someone could come up with a set of patches to change the uid/gid and chroot it after it binds to the interface.

[Full-Disclosure] Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: SSH Malformed Packet Vulnerabilities Revision 1.0: INTERIM For Public Release 2002 December 19th 23:00 GMT - -- Please provide your feedback on

[Full-Disclosure] [SECURITY] [DSA 214-1] New kdentwork packages fix buffer overflows

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 214-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze December 20th, 2002

[Full-Disclosure] GLSA: wget

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - GENTOO LINUX SECURITY ANNOUNCEMENT 200212-7 - - PACKAGE : wget SUMMARY : directory traversal DATE    :

[Full-Disclosure] GLSA: canna

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - GENTOO LINUX SECURITY ANNOUNCEMENT 200212-8 - - PACKAGE : canna SUMMARY : multiple vulnerabilities in canna

Re: [Full-Disclosure] Trustworthy Computing Mini-Poll

Hi, On Fri, Dec 20, 2002 at 02:47:59AM +0100, yossarian wrote: Would you buy/use it if you had the choice? I mean, there are a lot of advantages... :-) Now you've got me interested - what advantages is TCPA offering me? We're currently talking about the (hypothetical) features of the

Re: [Full-Disclosure] Trustworthy Computing Mini-Poll

On Fri, 20 Dec 2002, Simon Richter wrote: [SNIP] I'd say protection from binary viruses and stack overflows, plus if someone breaks into your computer and you have stored your key in a safe place you can tell what she modified. So this would be a definitve must if you're builing a

Re: [Full-Disclosure] Trustworthy Computing Mini-Poll

On Fri, 20 Dec 2002, Simon Richter wrote: On Fri, Dec 20, 2002 at 02:47:59AM +0100, yossarian wrote: What features will my new computer have, that will convince me to lose certain options I have right now - playing music, copying what I like, etc?. I'd say protection from binary viruses

[Full-Disclosure] [RAZOR] Problems with mkstemp()

Common use of 'tmpwatch' utility and its counterparts triggers race conditions in many applications Michal Zalewski [EMAIL PROTECTED], 12/05/2002 Copyright (C) 2002 by Bindview Corporation 1) Scope and exposure info -- A common practice of installing

Re: [Full-Disclosure] Trustworthy Computing Mini-Poll

Bruce, I'd say protection from binary viruses and stack overflows, plus if [...] I'm sorry, maybe I was sleeping in class... can somebody explain to me how a TCPA machine (as currently hypothesized) would keep stack overflows from happening? Is this a facet of having a nub check each and