http://www.tcs-sec.com/products/mls-web-server/mls-web-server-demo.html
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Vunerability(s):
1. Remote / Local XSS SCRIPT EXECUTION!!
Product:
super cool script by moroning_wood, my m3nt0r in teh XSS style!!
Description of product:
---
no need for description!! mornining_wood is world renowned XSS pioneer
ninja all world
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 21 Jul 2003 10:08:14 -0700 tcpdumb [EMAIL PROTECTED] wrote:
Hey DNV you 1337 H4X0R,
hey tcpDUMB
if you'd be such a leet haxor we'd know you.
Why? the best hackers are teh ones you nevver hear about all real hackers
know that!!
We at least
On Mon, 21 Jul 2003 18:56:19 +0200
tcpdumb [EMAIL PROTECTED] wrote:
Got any erectile disfunctions?
If you'd be the best hacker in denmark, we'd know you! We at least had seen at the
Chaos Communication Congress (19C3) last year december.
Go ahead and hack a tree or read a good book.
FYI
GTi
Original Message
Subject: RE: Cisco IOS exploit (44020)
Date: Mon, 21 Jul 2003 13:18:41 -0400
From: Donahue, Pat [EMAIL PROTECTED]
To: Martin Kluge [EMAIL PROTECTED], [EMAIL PROTECTED]
Here's a much simpler shell script that produces the same result:
--- BEGIN SHELL
Hi,
I have no clue if I am the only one gettin bored and annoyed by all this
immature blabla, but this certainly gets out of control.
I have not subscribed to this list to get a mailbox full of spam with
kiddies making fun of each other. if morning_wood is interested in XSS
then why not just let
P.S. Remind me never to hire you for a pen-testing gig ;)
[t]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Now, don't get me wrong, dvdman is a fun guy, but did it ever occur to you
that he might be just talking shit on IRC to wow noobs (obviously worked)
and irritate Cisco? Are you aware of how easy it is to get ops in certain
IRC channels when you are willing to give code to said noobs?
Or maybe
On Tuesday 22 July 2003 05:37 am, Daniel Berg wrote:
Hi,
I have no clue if I am the only one gettin bored and annoyed by all this
immature blabla, but this certainly gets out of control.
I have not subscribed to this list to get a mailbox full of spam with
kiddies making fun of each other.
I agree totally,
i'd hardly call dvdman a reliable source, in fact, half his code is
ripped anyway, and this from a guy who's private message logs grace
many a humor hall of fame (NSA is all I say ;) )
o rochford
Now, don't get me wrong, dvdman is a fun guy, but did it ever occur to you
that
Here is supposedly a working Cisco exploit:
http://www.elxsi.de/cisco-bug-44020.tar.gz
This is pasted from security focus:
http://www.securityfocus.com/archive/1/329765/2003-07-19/2003-07-25/0
To:
BugTraq
Subject:
Cisco IOS exploit (44020)
Date:
Jul 21 2003 4:01PM
Author:
Martin Kluge
Perhaps we should establish some criteria for this list, outlining what is
and isn't appropriate subjects to discuss here, and establish a better FAQ
explaining the matters.
Any thoughts?
---
Whitehat by day, booger at night - I'm the
Jason,
It appears your observations are correct. I have not verified that the
problem occurs with only user accounts (I don't want to continue to
break our server in order to do bug testing for Microsoft).
Additionally, the DOS is obvious.. if it can be exploited to more is not
(I have no
DuFresne - is that French? I won't expect you to be fluent in English;
nor shall I expect you to use the word email in your emails. Nice to know
however that you have national pride. Unfortunately, the pride is for
France.
In the future, I suggest you not attempt to insult my intelligence on
Title: FW: [Full-Disclosure] Cisco Bug 44020
Hey folks,
It turns out that the tar file Shanphen mentions below is empty. I found it at: http://www.k-otik.com/exploits/07.21.cisco-bug-44020.c.php
with a link to working .gz as well. It looks like a cleanup of the original exploit but still
If the packet expires in transit i.e. ttl 1 to router 2 hops away means it
never gets to that router. Not possible to fill a queue with a packet that
is dropped by the previous router. Check out Internet Core Protocols at
Oreilly.
Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security
Oh brother ... What a load of crap. I signed up to this list yesterday
looking for good insights into our industry, and am signing off today
because the only thing that comes over it is from people beating their
chests and patting there own backs.
-Original Message-
From: security snot
At 12:15 PM 7/22/03 -0700, security snot wrote:
My suggestion is to more clearly define
^
to define more clearly
Split infinitive.
;-)
m5x
___
Full-Disclosure - We believe in it.
Charter:
Yet another tool that can be used to croak a router is trusty Nmap-
nmap -sO -p 53,55,77,103 -v -ttl [ttl from ping -255] [targetIP]
when run ~13 times or with a few decoys ;-) will fill the imput queue requiring a
router reboot
I have to agree. I subscribed after hearing about this list on CNN.COM, but while
most of the post are helpful and informative, the number messages used to
insult/degrade/embarrass other posters is overwhelming. I hope that the list
moderators take some sort of action to cut down on the nasty
I request that the list bear with me this time here;
On Tue, 22 Jul 2003, security snot wrote:
DuFresne - is that French? I won't expect you to be fluent in English;
nor shall I expect you to use the word email in your emails. Nice to know
however that you have national pride.
You know, I'm not a big fan of the immature personal attacks. It kinda
seems like a waste of time.
But I have to wonder...
It's possible that this kind of behavior is just part of black hat
culture. It's possible that by trying to shut off this faucet that
we're just going to dry up a
We're being forced to send this sort of message all too often
and it's wearing thin on everyone (and for that we apologize).
For those who have recently joined the list, please make sure
that you actually read the List Charter located here:
Did the same thing (i.e. subscribed) just about two weeks ago, but only now I
realized how low these so-called professionals could go ... wondering
sometimes if we are all part of the same community ?!?
Stef
On Tuesday 22 July 2003 02:59 pm, Steve Postma wrote:
Oh brother ... What a load of
My apologies for posting my first e-mail to this group in HTML. Its not
hard to tell who the newbies are... As it turns out we have a slight issue
here on outbound e-mail but I found a way to overcome temporarily.
As for the list, Steve, please give it a chance. I did the same as you. I
Title: RE: [Full-Disclosure] Immature blabla / cisco exploit
I hope that the list moderators take some sort of action to cut down on the nasty postings so that we can focus on the REALLY important issues concerning our industry.
AFAIK the list is currently unmoderated. I would like to see
At 02:27 PM 7/22/03 -0700, Dan Stromberg wrote:
It's possible that this kind of behavior is just part of black hat
culture.
That's just a rationalization. I've known 'black hats' for
over 20 years (both hackers and phreakers), and apart from
a differently enabled sense of morality they're just
- Original Message -
From: security snot
To: Steve
Cc: [EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 3:46 AM
Subject: Re: [Full-Disclosure] Immature blabla / cisco exploit
Perhaps we should establish some criteria for this list, outlining what is
and isn't appropriate
stick throught it if you can, also contributing , it seems to be of some
benifit despite some here. Generally this is the place to be for the
latest in security releases and issues anywhere known or public on the
net. You could always try [EMAIL PROTECTED]
http://nothackers.org/about.php
i know there's a lot of stupid jokes about XSS vulns right now, but I was wondering if
there is any firewall or IDS software that can look for suspicious GET requests ... ie.
GET /vulnerablewebapp/?XSS SHZNIT
I'm sure there's a program out there ... and I'm stupid, please don't kill me...
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Rapid7, Inc. Security Advisory
Visit http://www.rapid7.com/ to download NeXpose,
the world's most advanced vulnerability scanner.
Linux
Title: Virii that can exploit email server?
Is anyone aware of a virus, transmitted via email, that is able to exploit the email server it resides on?
Eg:
User A is infected by virus
User A sends email to friend
Virus follows email and is stored on Email Server A
Virus exploits Email
of course there was this fiasco.. http://www.netsys.com/cgi-bin/poll but i
think were past that now, and until recently have had a very nice list (
what 2 weeks no flames ? ) so we as an unmoderated community are certainly
capable of being on the frontline so to speak while maintaining some sense
Actually that's really easy to implement in Apache's mod_rewrite,
look at External Program.
I did one a while back where I basically dumped Nikto into
a precompiled regexp map - it does catch quite a bit, I also use
that agains PIX syslog messages.
/JE
Justin Shin wrote:
i know there's a lot of
On Tue, 22 Jul 2003 21:33:00 EDT, Justin Shin [EMAIL PROTECTED] said:
i know there's a lot of stupid jokes about XSS vulns right now, but I was
wondering if there is any firewall or IDS software that can look for suspicious
GET requests ... ie.
GET /vulnerablewebapp/?XSS SHZNIT
I'm sure
security snot writes:
How are denial of service attacks against a media server security issues?
It looks great and all, in an advisory format, but how are those issues
security related?
Performance != security
I respectfully disagree. Security is about making sure systems operate
see theres a gazillion xss exploits just sitting out there that no-one knows of, and
no admin can keep up with all the new exploits for xss. I am just looking for
suggestions, that's all. I swear, when I said was stupid, I didn't mean I was THAT
stupid :)
-- Justin Shin
-Original
On Tue, 22 Jul 2003 19:36:09 PDT, security snot said:
How are denial of service attacks against a media server security issues?
If somebody can send you a packet that takes out your server, and then do it
again 5 mins later when the server reboots, lather, rinse, repeat, it's a
security issue.
some random text about mod_security I forget where it came from maybe a
security focus article...
*Defending against CSS and SQL Injection attacks*
The last step of securing the server is implementing the logging of the
GET and POST payloads, and implementing protection against
On Tue, 22 Jul 2003 23:10:12 EDT, Justin Shin said:
see theres a gazillion xss exploits just sitting out there that no-one
knows of, and no admin can keep up with all the new exploits for xss. I am
just looking for suggestions, that's all. I swear, when I said was stupid, I
didn't mean I was
Hmmm ... disabling the ' characters completely ... not good, considering that many
users may need to use a PHP webmail form with quotes. lt is the same thing as ,
right, so if a kiddie wanted to exploit with XSS, he could simply use ltSCRIPTgt ,
etc. no???
-- Justin Shin
-Original
You can't compare VIM and Windows, that is comparing two things with
entirely different reaches and purposes.
No. Comparison with Windows is reserved for Emacs, and other operating
systems.
___
Full-Disclosure - We believe in it.
Charter:
If somebody can send you a low-bandwidth stream of packets that make your
server work WAY too hard, so that the expensive server that's supposed to be
handling 500 simultaneous clients is dropping users at 75, it's a security
issue.
Yeh. I actually wrote an exploit for a condition similar to
On Tue, 22 Jul 2003 23:55:24 EDT, KF [EMAIL PROTECTED] said:
SecFilter (.|\n)+
the JavaScript language can be used on the client side, which should
replace the prohibited characters with special tags, e.g. lt; gt;
quot; etc.
What's wrong with this picture? :)
The basic problem here
44 matches
Mail list logo
