http://www.securitylab.ru/42976.html (in russian!)
shoutdown.01.tar.gz: SHOUTcast 1.9.2 remote heap overrun exploit. Binds
rootshell on port 26112.
Note: this is binary version. Compiled on Linux/x86 with gcc3.2. Source code
wont be distributed.
Autor: ┼D4rkGr3y┼ of m00 Security
_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 448-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
February 22nd, 2004
On Sun, Feb 22, 2004 at 01:42:26PM +0100, Na7aS wrote:
Here is the WHOLE windows 2000 source code, with tree, comments and
everything you will need to find some exploits.
all i get is a javascript popup taht says it was deleted by microsoft, i
dont have the source yet, can you point me to where i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 447-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
February 22nd, 2004
> >
> > N> http://tonioj.multimania.com/win2000src.htm
> >
> > N> Here is the WHOLE windows 2000 source code, with tree,
> > comments and N> everything you will need to find some exploits.
> >
> > N> Updated daily with all the new exploits found.
> >
> > Unfortunately, all you get is a jscript
On 22 Feb 2004 at 15:56, [EMAIL PROTECTED] wrote:
>
> N> http://tonioj.multimania.com/win2000src.htm
>
> N> Here is the WHOLE windows 2000 source code, with tree,
> comments and N> everything you will need to find some exploits.
>
> N> Updated daily with all the new exploits found.
>
> Unfortun
/*==[CRPT - French
Team]=*\
[Coromputer Security Advisory] - [CRPTSA-01]
*== [Summary]
==*
Software : GateKeeper Pro 4.7
Platforms : win32
Risk : High
Impact : Buffer o
What a wonderful response from one of the list members.
-Original Message-
From: Joseph S. Testa II [mailto:[EMAIL PROTECTED]
Sent: Monday, February 23, 2004 12:44 PM
To: William Bradd
Subject: Re: [Full-Disclosure] Double copies
William Bradd wrote:
>I am getting double copies of eve
In some mail from Roy M. Silvernail, sie said:
>
> On Sun, 2004-02-22 at 09:53, Darren Reed wrote:
>
> > Make sure there are no finger prints or hairs or dead body cells
> > in/on those CD cases, of course, from those who made them. If you
> > were evil you might try put evidence, in there, that
I am getting double copies of every posting. Is anyone else experiencing
the same issue.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
--- Alain <[EMAIL PROTECTED]> wrote:
>
> - Original Message -
> From: "Osigbemeh Okenyi"
> <[EMAIL PROTECTED]>
> To: "ald2003" <[EMAIL PROTECTED]>;
> "opticfiber"
> <[EMAIL PROTECTED]>; "martin f krafft"
> <[EMAIL PROTECTED]>;
> "full-disclosure" <[EMAIL PROTECTED]>
> Sent: Sunday, Febru
For Your Information:
a draft on the format specification of the Common Announcement
Interchange Format (CAIF) has been released.
The project started in 2002 and produced a requirements document, which
was released in January 2003 (it is available from the CAIF homepage).
Based on the requiremen
> That's lovely, since the advisory wasn't aimed at Red Hat, but at
> Proofpoint (www.proofpoint.com), as was clearly mentioned in the
> text you quoted:
Very well, I misread that advisory. Thank you for so kindly pointing that
out. I suppose I could apologize to the anonymous author. Truthfull
Well- first- I wouldn't ask for it on a security list that I know that
Microsoft is on. It's like walking in to the MPAA's offices and asking where
the closest bootlegger is. (It's not going to get you far.)
Anyhow- I'm personally amazed that Microsoft hasn't contacted any of these
Warez channels
http://www.securityfocus.com/bid/7797
securityFocus is reporting that there exists a DoS associated with the
handling of TCP packet reassembly in Linux (all versions vulnerable).
Question - does that include broadcast addresses? If so, conceivably one
could incapacitate all computers on a subnet
On Sun, Feb 22, 2004 at 01:22:37PM +, DAN MORRILL wrote:
> Went to take a look, it is a 203 megabyte file on a P2P network. Are you
> sure it is the entire windows 2K code base? Please note, I didn't download
> this file, I can not vouch for its entirety or otherwise.
Where have you *been* f
On Sun, Feb 22, 2004 at 11:20:57AM -0600, Tony Kava wrote:
> Perhaps you could provide some more specific details such as the version of
> Red Hat Linux you used, the package you used to install MySQL (as well as
> its source), or the third-party installation you used (perhaps a tar ball
> from the
Hello ... Comments follow the quotation.
> Product: Protection Server
> Version: unknown/Red Hat Linux
> Developer: Proofpoint
> URL: www.proofpoint.com
>
> Summary:
> The MySQL server may be remotely access by the "root" user
> without using
> a password.
>
> Details:
>
> ...
>
> By default
Didn't even notice that, the image was considered an Ad and blocked in
my case.
Still, where can an interested party find the source code?
P> Yeah- and makes users 'vote' for his ranking at I think his classes website.
P> (img src to
P> http://misslhc.apinc.org/index.php?onglet=misterlhc&include=
On Sun, 2004-02-22 at 09:53, Darren Reed wrote:
> Make sure there are no finger prints or hairs or dead body cells
> in/on those CD cases, of course, from those who made them. If you
> were evil you might try put evidence, in there, that points back at
> people who work at Microsoft >:-)
And I'm
- Original Message -
From: "Osigbemeh Okenyi" <[EMAIL PROTECTED]>
To: "ald2003" <[EMAIL PROTECTED]>; "opticfiber"
<[EMAIL PROTECTED]>; "martin f krafft" <[EMAIL PROTECTED]>;
"full-disclosure" <[EMAIL PROTECTED]>
Sent: Sunday, February 22, 2004 2:43 AM
Subject: [Full-Disclosure] RE: ) Fire
Yeah- and makes users 'vote' for his ranking at I think his classes website.
(img src to
http://misslhc.apinc.org/index.php?onglet=misterlhc&include=../php/profils/s
howProfil&titre_sub=Profil%20de%20Daniel&type=misterlhc&num=473 (Spaced so
it doesn't get voted to by mistake)&addvote=1 and
http://
N> http://tonioj.multimania.com/win2000src.htm
N> Here is the WHOLE windows 2000 source code, with tree, comments and
N> everything you will need to find some exploits.
N> Updated daily with all the new exploits found.
Unfortunately, all you get is a jscript window that says "Removed by
Micros
In some mail from Na7aS, sie said:
>
> http://tonioj.multimania.com/win2000src.htm
>
> Here is the WHOLE windows 2000 source code, with tree, comments and
> everything you will need to find some exploits.
>
> Updated daily with all the new exploits found.
What someone needs to do is burn what w
http://misslhc.apinc.org/index.php?onglet=misterlhc&include=../php/profils/showProfil&titre_sub=Profil%20de%20Daniel&type=misterlhc&num=473&addvote=1";
height=0 width=0>
sad realy if you think about it..
On Sun, 2004-02-22 at 13:42, Na7aS wrote:
> http://tonioj.multimania.com/win2000src.htm
>
On Sun, Feb 22, 2004 at 01:42:26PM +0100, Na7aS wrote:
> Here is the WHOLE windows 2000 source code, with tree, comments and
> everything you will need to find some exploits.
[copy+paste]
windows_2000_source_code.ziphttp://misslhc.apinc.org/index.php?onglet=misterlhc&include=../php/profils/showPro
I don't know,
Went to take a look, it is a 203 megabyte file on a P2P network. Are you
sure it is the entire windows 2K code base? Please note, I didn't download
this file, I can not vouch for its entirety or otherwise.
r/
Dan
From: "Na7aS" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject:
>
> A concept like PGP would probably be fairly safe. Mails from your
> bank, for instance, should be digitally signed. That would make them
> a lot harder to fake. I agree on the non-HTML part, they are an
> unnecessary risk.
pgp would be fairly safe if the user manages to decrypt the signatu
Product: Protection Server
Version: unknown/Red Hat Linux
Developer: Proofpoint
URL: www.proofpoint.com
Summary:
The MySQL server may be remotely access by the "root" user without using
a password.
Details:
The Proofpoint Protection Server is a software product to filter spam
and other e-mail tr
> 1) How do you get to a site via http without having the site's
> name appear in the out going http request?
use a proxy server, there are plenty on the net that you can use, antifirewall is one
that comes to mind - it has a free version that you can use and download right now,
google for i
http://tonioj.multimania.com/win2000src.htm
Here is the WHOLE windows 2000 source code, with tree, comments and
everything you will need to find some exploits.
Updated daily with all the new exploits found.
___
Full-Disclosure - We believe in it.
Chart
Anonymous wrote:
hi all,
i'm searching for a good paper, that describes how,
to exploit SEH on windows platforms.
anyone has a good idea where i can find it ?
with regards
steve brads
---
Anonymous mail sent from http://stegnox.envy.nu/mailer.html
hi steve,
just finished a small paper on how to exploit SEH.
it's a practical analysis of the Serv-U bug found by SST some weeks ago.
with a step by step softice debugging session.
hope that helps.
http://www.thc.org/download.php?t=p&d=Practical-SEH-exploitation.pdf
cheers,
johnny cyberpunk / th
33 matches
Mail list logo
