On Thu, 07 Aug 2003 11:47:48 CDT, Brian Eckman <[EMAIL PROTECTED]> said:
> Pardon me if I am just plain ignorant, but where is this worm, and how
> on earth is it "more effective than Code Red ever was" already if nobody
> is talking about it? The only evidence of a worm I have seen is one
> p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 370-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003
Hi,
This is the first release of HOON, a python shellcode creator. Thing is,
it does not just creat shellcode, it parses at&t syntax assembler and
creates the shellcode from that.
HOON is basically a product of not having a decent PUBLIC shellcode
creator and it works pretty good too. Some thin
"gridrun" <[EMAIL PROTECTED]> writes:
Matthew Murphy wrote:
>Well, I find it pretty incredible that this "inherently dumb program"
>spread so well, then, if it was so worthless and buggy. Can't imagine
>what a *well-written* worm for that bug would have done, then!
>
>You can't imagine? You don
Hello all,
Just in case some other security professionals are looking at
identifying if their boxes have been exploited, I've typed up some
occurences after a successful DCOM exploit.
- Windows XP SP 0 (haven't tried it on SP 1 yet)
Generates a System Shutdown message after a disc
Matthew Murphy wrote:
As for virus/worm authors and how they find bugs to exploit, if you had any
background here, you would have realized by now that the vast majority of
self-propagating code targets vulnerabilities where working exploit code is
available. Code Red, Nimda, Slammer, and Spid
No, Bret had fears that the bug may be exploited once it was disclosed on a
List, so he emailed the customers to only let them know about the bug. In
hopes of heading off a mass-owning of the software, while making sure the
customers were informed. So that the bug would be fixed
Or that was what h
On messages that were cc'd to bugtraq and or other places this is quite
a regular problem... I always try to mail to bugtraq for example and bcc
to full-disclosure and other lists... the lists end up doubling the
posts up otherwise. I am not sure if this is the problem bit I figured I
would sug
I've heard people discusses the possibilities of useing this to execute
arbitray code before, however, I've never managed to replicate anyones
findings on this yet, however there has been quite a bit of talk on other
lists in the past, and I've been asked by people to look into it but I cant
seem t
Anyone else getting message dupes? The same messages keep coming to me, and half
the time I get the re: to the questions before I get the post
With the question… wtf? Am I the only one?
The key here is to have the paper handled by only one person and witnessed
by another and the access to that paper by only that person. Therefore the
validity of the printouts are as sound as that person. As long as that
person can not be repudiated, neither can the printouts.
That is also appli
Hi George,
Here's a few more tools/programs in addition to HFNetChk Pro
Microsoft SUS
St. Bernard Update Expert
BigFix and EMV
Total Command
Citadel's Hercules
Some of these are Automated Vulnerability Remediation tools as well as patch management tools.
Command Software has some white pap
- Forwarded message from Roy Arends <[EMAIL PROTECTED]> -
Date: Tue, 5 Aug 2003 12:30:06 +0200 (CEST)
From: Roy Arends <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: TLD nameserver time survey.
Hello,
I've done a small survey wrt tld nameserver set. Results are below.
Comments are s
13 matches
Mail list logo