-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenLinux: Multiple vulnerabilities were discovered in the
saned daemon
Advisory number:
The truth is out
the following people blatently leaked the windows sources:
dvdman ([EMAIL PROTECTED]) leaked it
bysin ([EMAIL PROTECTED]) aka contempt (the same guy that brought you
the ssl apache worm bugtraq.c) leaked AND distributed it
bysin put the sources on his website and directly aided
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, February 19, 2004 11:20 PM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Quick Analysis of Netsky-B
Helmut Hauser wrote:
-- the IP 217.5.100.1 is a dial up
iMail 8.05 LDAP service remote exploit can be found at:
http://www.coromputer.net
Iván Rodriguez Almuiña
aka kralor
[EMAIL PROTECTED]
http://www.coromputer.net
___
Full-Disclosure - We believe in it.
Charter:
Hello List,
i fixed the Win98 systems fine, renaming the dll and there
were no problems even on production system (programming,
database etc).
Thanks Dan
But i have two benighted lusers on Win Me and the msasn1.dll
is obviously in use.
Any ideas how to secure Win Me would be appreciated.
Thanks
On Thu, 19 Feb 2004, Calum wrote:
Am I the only one to have noticed that the unzipped contents neatly fit on
a CD? Not arguing one way or the other, but it does suggest a possible
vector. Accidental? I doubt it.
If that was the way that the files were leaked, surely it would have been
Vendor Status:
The vendor has not been notified.
humour
I am horrified that you released this without working closely with the
Manufacturer.
You have caused a huge problem for the enormous number of hard-working
retailers
who are now exposed to tremendous risk as the uninitiated exploit this
Protection:
Vendors should put all Pepsi 20 OZ bottles in a vending machine,
Or fill the bottles just a *bit* more full. :-)
Actually...
Back when I was in the army we were taught to fill `em to the max. That
way they don't rattle and make noise that could potentially alert the
enemy to our
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 444-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
February 20th, 2004
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenLinux: Bind: cache poisoning BIND 8 prior to 8.3.7 and
BIND 8.4.x prior 8.4.2
Advisory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenLinux: mpg123 remote denial of service and heap-based
buffer overflow
Advisory number:
I would say that this is somewhat misleading. First of all not all VoIP
services use ASN.1 encoding for the protocol. While H.323 does SIP does
not.
Additionally I suspect that not many of the carrier deployment of H.323
are using the MS ASN.1 libs as most of them are unix based (many of
them
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenLinux: Fetchmail 6.2.4 and earlier remote dennial of
service
Advisory number:
And on that theme - I suppose we should be grateful that it's an information
leak rather than the other possibility, which would no doubt result in a
steady loss and or corruption of content (which would also be a sticky
matter no doubt).
-Original Message-
From: [EMAIL PROTECTED]
We are republishing our advisory of 02/18/2004 with an apology to
EarlyImpact software developers for missing their FIX information in
our first publication. We would like to pay tribute EarlyImpact for
their swift reaction in problems resolving.
Below is the full version of the advisory of
Andrew Aris wrote:
And on that theme - I suppose we should be grateful that it's an information
leak rather than the other possibility, which would no doubt result in a
steady loss and or corruption of content (which would also be a sticky
matter no doubt).
indeed - an overflow attack would have
Could this have been a bottling machine software code hack??
FLUID_OZ_FILL=20;
changed to
FLUID_OZ_FILL=19.5;
We may even be getting ripped off by a few fluid ounces. Maybe is this
is actually a salami attack!! Where are those extra fluid ounces really
going?
Somebody needs to start
Tom Koehler [EMAIL PROTECTED] wrote:
Any ideas how to secure Win Me would be appreciated.
Sure -- there are two basic options:
1. Unplug it's Ethernet cable, remove any WiFi and other network
interface devices. Limit its functionality to tasks that do not
involve handling sensitive or
Title: Message
Be on the lookout -
We just had an infestation of a nasty variation to the MYDOOM virus - Now
dubbed, I believe as mydoom.f. If randomly overwrites files and created
havoc on all network shares. So far we have had to delete in excess of
1500 files from one server that got
On Fri, 2004-02-20 at 14:01, Nick FitzGerald wrote:
Tom Koehler [EMAIL PROTECTED] wrote:
Any ideas how to secure Win Me would be appreciated.
Sure -- there are two basic options:
1. Unplug it's Ethernet cable, remove any WiFi and other network
interface devices. Limit its
Andrew Simmons wrote:
Andrew Aris wrote:
And on that theme - I suppose we should be grateful that it's an
information
leak rather than the other possibility, which would no doubt result in a
steady loss and or corruption of content (which would also be a sticky
matter no doubt).
One counter measure to deter future hackers would be to modify the honeypot
project and put out decoys. They could be cleverly named, such as coke or
one.
Another method would be to adapt the snort project to this, except this
might cause extreme discomfort to the nasal area.
The truly
the tips for winme security also apply to 2k and xp..:) In all
actuality put a firewall in front of any windows OS..keep it patched and
move laong...:)
Nick FitzGerald wrote:
Tom Koehler [EMAIL PROTECTED] wrote:
Any ideas how to secure Win Me would be appreciated.
Sure -- there are two
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nothing says 'infuriating' better than a publicly published report that
is seemingly rife with inaccuracies and conclusions drawn from poor data.
As attrition.org so kindly points out with historical evidence, mi2g
has a long history of lying and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenLinux: Perl Safe.pm unsafe access
Advisory number:CSSA-2004-007.0
Issue date:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, February 20, 2004 1:37 PM
This is going to hit them square in the nuts
if not now, then in the very near future.
And I'll make sure it is zero-day'd.
Way to go, you seem to be
26 matches
Mail list logo