Re: [Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001

hmm.. On Wed, Dec 24, 2003 at 08:04:59PM -0500, Bugtraq Security Systems wrote: > From: Bugtraq Security Systems <[EMAIL PROTECTED]> > To: mudge <[EMAIL PROTECTED]> > cc: [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001 > Date: Wed, 24 Dec 2003 20:04:5

Re: [Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001

With interpretive art, the names are often just placeholders. Bugtraq Security Systems requests that all the readers replace the names in this advisory, including ours, with their own. Indeed, we exhort you to feel that if you are not selling your integrity for stock options, not pretending that e

Re: [Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001

I have to admit that I'm confused. To the best of my knowledge I was never contacted with regards to anything relating squirrel mail, nor do I have any affiliation or association with the squirrelmail team or their product. Perhaps this is something OSX related? If that's so you might want to d

RE: [Full-Disclosure] FW: Visa Security Update

I just looked at it quickly... Could have sworn it was %01, but guess I'm a complete idiot ;-D Kristian Hermansen [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paulo Pereira Sent: Wednesday, December 24, 2003 2:04 AM To: Kristian Herm

Re: [Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001

At 02:52 PM 12/24/2003 -0500, Bugtraq Security Systems wrote: It should also be noted that the internet security rock-star Mudge, along with several other famed w00w00 members, uses Squirrelmail. We at Bugtraq Security Systems would expect more proactive auditing of basic infrastructure used by fa

[Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bugtraq Security Systems, Incorporated www.bugtraq.org Security Advisory Advisory Name: Command Injection Issue in Squirrelmail Release Date: 12/24/2003 Application: Squirrelma

Re: [Full-Disclosure] visa XSS?

# host dns-nac-zone.com dns-nac-zone.com has address 216.118.109.65 not sure where the 64.21.80.2 IP is coming from? but the 216.118.109.65 is coming up nac.net so back to potty mouthing Jason and the MS dork kids he hires to run his scam. A- On Tuesday 23 December 2003 09:10 pm, Brown, Jam

Re: [Full-Disclosure] FW: Visa Security Update

Secure with VisaKristian, this is no new exploit... This is just filling a url with spaces in such a way that the user cannot see the rest of the url in the status bar. User is: www.visa.com%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%2 0%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%2