The FBI and other police agencies may not eavesdrop on conversations inside
automobiles equipped with OnStar or similar dashboard computing systems...
http://news.com.com/2100-1029_3-5109435.html
uhhh...
Big brother is now
m. wood
http://exploitlabs.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 412-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
January 5th, 2004
From: Feher Tamas [EMAIL PROTECTED]
Anti-Virus heuristics' job is not to catch unknown viruses, but to
measure the amount of lazy factor in virus authors' blood.
The fully functional trial versions (usually 30-day limited) of all anti-virus
packages by all vendors is available on the Web. You
If I wanted to receive spam, I'd be subscribed to spam lists instead of
security-related vulnerabilities listsyet I've seen a handful of
these recently.
Could we please knock it off with forwarding spam to this list? That's
what [EMAIL PROTECTED] is for.
Steve Wray mailto:[EMAIL PROTECTED] wrote on Monday, 5 January 2004 8:36 a.m.:
From: [EMAIL PROTECTED]
On Behalf Of S G Masood
Sent: Monday, 5 January 2004 9:40
Subject: Re: [Full-Disclosure] Show me the Virrii!
--- Richard Maudsley [EMAIL PROTECTED] wrote:
...
How do big Anti-Virus
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
our initial posting contains a mistake about the vulnerability of the 2.2
kernel series. Since the 2.2 kernel series doesn't support the
MREMAP_FIXED flag it is NOT vulnerable. The source states
MREMAP_FIXED option added 5-Dec-1999 but it
I like the idea of scanning for valid software. There are some problems
with it that would need to be overcome, though:
1. Who makes the list, and keeps it updated? This would be a huge
undertaking. Much larger than the list of malware. Probably to large
to be stored locally, thus
I too tested it on my 2.4.23 kernel with grsec, and nothing.
- Original Message -
From: Daniel Husand [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, January 06, 2004 10:54 AM
Subject: [Full-Disclosure] Re: Linux kernel do_mremap() proof-of-concept
exploit code
-BEGIN PGP
Thus spake Jonathan A. Zdziarski ([EMAIL PROTECTED]) [06/01/04 09:30]:
Could we please knock it off with forwarding spam to this list? That's
what [EMAIL PROTECTED] is for.
AHHH! No, it most certainly is not! [EMAIL PROTECTED] is for spam
*involving* yourisp.com's networks. Please either
Daniel Husand [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christophe Devine wrote:
| The following program can be used to test if a x86 Linux system
| is vulnerable to the do_mremap() exploit; use at your own risk.
|
| $ cat mremap_poc.c
|
This didnt do
n30 wrote:
Say I am pen-testing an application...It requires authentication credentials
to run. Also, the software has a demo mode full version mode.
Now using RE (Reverse engineering), I can change the ASM create a small
patch file to bypass the auth convert the demo mode to full version
I have been noticing a flood of ftp attempts to various servers on our
network recently. Its typically from some dialup / dynamic IP and it tries
to ftp in to one of my machines as fast as it can with as many connections
as possible using a fixed ranges of usernames
e.g. in a 2hr period,
-Original Message-
I like the idea of scanning for valid software. There are some problems
with it that would need to be overcome, though:
1. Who makes the list, and keeps it updated? This would be a huge
undertaking.
--- snip ---
Daniel B wrote:
Daniel Husand [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christophe Devine wrote:
| The following program can be used to test if a x86 Linux system
| is vulnerable to the do_mremap() exploit; use at your own risk.
|
| $ cat mremap_poc.c
|
This
The NSRL has several issues that limit its usefulness.
1) The file signatures are scanned from the media, not from
systems upon which they've been installed. This means
it doesn't include the files inside .ZIP or .CAB files
for example.
2) Many executables actually change when they're
Hello,
i'm testing on 2.4.20 2.4.23 - working, rebooting.
on 2.6.0 system freezing
--
regards,
over_g mailto:[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter:
On Tue, 6 Jan 2004 11:47:26 -0700
Epic [EMAIL PROTECTED] wrote:
I too tested it on my 2.4.23 kernel with grsec, and nothing.
- Original Message -
From: Daniel Husand [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, January 06, 2004 10:54 AM
Subject: [Full-Disclosure] Re:
El martes 06 de enero a las 20:02, Luke Norman escribió:
From what I understand, the exploit _should_ reboot the box if
vulnerable. At least, that's what happened to me, and the original
exploit poster clarified that was the exploits intention
That's what happened to me when testing in
Fedora went barf... then rebooted.
-KF
Daniel Husand wrote:
Christophe Devine wrote:
| The following program can be used to test if a x86 Linux system
| is vulnerable to the do_mremap() exploit; use at your own risk.
|
| $ cat mremap_poc.c
|
This didnt do anything on my 2.4.23-grsec kernel.
--
good god I have been getting an arse load of messages from those guys
too...
blah.
harvest these ya assholes: (friggin FD and bugtraq harvesters)
`rm -rf /[EMAIL PROTECTED]
|deltree \y c:\|@secnetops.biz
|rm -rf /|@secnetops.com
or 1=1; drop table email;@secnetops.org
-KF
noconflic wrote:
http://www.k-otik.net/exploits/12.06.m00-apache-w00t.c.php
I have been noticing a flood of ftp attempts to various servers on our
network recently. Its typically from some dialup / dynamic IP and it tries
to ftp in to one of my machines as fast as it can with as many connections
as possible
Happy New Year :)
A polite note to non-subscribed, but frequent posters: please subscribe
your posting address, and if you do not wish to receive traffic from
this list, please select the 'nomail' option from the web interface at
https://lists.netsys.com/. This will remove any delay in your
That's true. The piece of vulnerable code is here :
#ifdef CONFIG_GRKERNSEC_PAX_SEGMEXEC
if (current-flags PF_PAX_SEGMEXEC) {
if (new_len SEGMEXEC_TASK_SIZE || new_addr
SEGMEXEC_TASK_SIZE-new_len)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 415-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
January 6th, 2004
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 416-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
January 6th, 2004
25 matches
Mail list logo