> I have work to do..and to tell you the true, CWS isn't a problem
> for me? Why because we have real network security. Desktop security is the
> last line of defense. Multi-tier security will stop most spyware at the gate
> and it will never get to you.
to DO THIS you still need to know the a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 535-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
August 2nd, 2004
Might i recommend Subdreamer(http://www.subdreamer.com).
Its not free, but a $40 price tag isn't all that hard to swallow either.
bryce
> > Hi,
> >
> > > Any recommendations on site hosting services / Portal framewroks
/
> > > site builders...
> >
> > I've heard PHPNuke is pretty solid.
> >
>
> VIII. DISCLOSURE TIMELINE
>
> 01/17/2004 Exploit acquired by iDEFENSE.
> 03/05/2004 Bug sent to Netscape Security Bug form at
> http://cgi.netscape.com/cgi-bin/bug-security.cgi
> 03/05/2004 Bug entered into bugzilla.mozilla.org
> http://bugzilla.mozilla.org/show_bu
On Mon, Aug 02, 2004 at 02:50:39PM -0400, [EMAIL PROTECTED] wrote:
> Netscape 7.1 is the latest version of Netscape available. Netscape have
> not released any information indicating they are intending to release
> future versions of the Netscape browser, and no longer have any
> developers working
The D-Link AirPlus ExtremeG pcmcia card works beautifully with the
Auditor (moser-informatik) livecd. Auditor also allows you to simply
set the card as an AP.
Will handle adhoc, managed, monitor and master.
On Fri, 30 Jul 2004 18:01:38 -0500, Todd Towles
<[EMAIL PROTECTED]> wrote:
> Grab a cop
On Mon, 2 Aug 2004, Vic Vandal wrote:
> There's a new .ZIP attachment that mimics some of the recent ones
> in arriving as something like [EMAIL PROTECTED], extracting to
> [EMAIL PROTECTED], which is a Windows command file.
>
[SNIP]
Nothing new about this, virus attachments have been do
Netscape/Mozilla SOAPParameter Constructor Integer Overflow
Vulnerability
www.idefense.com/application/poi/display?id=117&type=vulnerabilities
August 2, 2004
iDEFENSE Security Advisory 08.02.04:
I. BACKGROUND
SOAP is an XML-based messaging protocol which defines a set of rules for
structuring me
>Subject: [Full-Disclosure] Fortinet Firewalls Anyone had any experience
>with these - they claim to be able to offer content filtering and there
>by detect malicious content embedded into HTML, as well as the usual
>deliver systems.
>
>Sounds interesting my only concern is how you would stay o
Got that bit..
A lot of these recent vulnerabilites seem quite complex to set up
content filtering rules for - does the audience really feel that you
could really get that far on top of the problem...? Hard enough writing
snort rules without trying to commercially distrubute it...?
All of the a
>Subject: [Full-Disclosure] Fortinet Firewalls
>Anyone had any experience with these -
>they claim to be able to offer content
>filtering and there by detect malicious
>content embedded into HTML, as well as
>the usual deliver systems.
>
>Sounds interesting my only concern is how you would st
There's a new .ZIP attachment that mimics some of the recent ones
in arriving as something like [EMAIL PROTECTED], extracting to
[EMAIL PROTECTED], which is a Windows command file.
I've only just started looking at the payload, and see it does some
reg key checks on WOW (looking for itself...no ti
On Monday 02 August 2004 08:16 am, Phuong Nguyen wrote:
> Hello guys,
>
> It's now available at http://www.ecqurity.com/defaced6e.zip
>
> Have fun,
> Phuong
>
> At 08:42 AM 8/2/2004, Random wrote:
> >Hi,
> >
> >Care to share with the rest of the group? All of the links below are now
> >404s.
> >
>
Not anymore :)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Phuong Nguyen
Sent: lundi 2 août 2004 7:17
To: Random
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] 0xdefaced[6]
Hello guys,
It's now available at http://www.ecqurity.com/defaced6e.zip
--On Monday, August 02, 2004 04:56:42 PM +0100 Ben
<[EMAIL PROTECTED]> wrote:
Anyone had any experience with these - they claim to be able to offer
content filtering and there by detect malicious content embedded into
HTML, as well as the usual deliver systems.
Sounds interesting my only concern i
Fortinets firewalls are the most unreliable in the business. Stay as far away as you
can if you want to keep you job.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Anyone had any experience with these - they claim to be able to offer
content filtering and there by detect malicious content embedded into
HTML, as well as the usual deliver systems.
Sounds interesting my only concern is how you would stay on top of each
new threat...
Many thanks
> > Hi,
> >
> > > Any recommendations on site hosting services / Portal framewroks /
> > > site builders...
> >
> > I've heard PHPNuke is pretty solid.
> >
> >Simon
> >
> I believe PHPNuke is the most vulnerable/exploited content management system
> out there.
>
Simon's reply was not a joke
What I did was find a forum which had user auth, posting and so on pre
coded, then wrote addons to it to integrate with my site.
If you can tell me what your "concept" is and how you would go about it
I might be able to help more, which could include my time and/or
hosting, dependingon what it is
I am intrested in knowning if anyone has used eithert Key loggers or
Anti Key loggers
Which ones, do they work?
Lan Guy
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> [EMAIL PROTECTED]
> Sent: Friday, July 30, 2004 4:23 PM
> To: n30
> Cc: [EMAIL PROTECTED]
> Subject: Re: [Full-Disclosure] Security Web Site Hosting
>
> Hi,
>
> > Any recommendations on site hostin
You don't seriously think that one person that has a real job to do can sit
around all today (not do his job) and write an automatic tool to remove Cool
Web Search do you?
I have work to do..and to tell you the true, CWS isn't a problem for me? Why
because we have real network security. Desktop se
Donato Ferrante
Application: Webbsyte Chat
http://sourceforge.net/projects/wchat/
Version: 0.9.0
Bug: Denial Of Service
Date: 02-Aug-2004
Author: Donato Ferrante
e-mail: [EMAIL PROTECTED]
web:
Hi,
* Dirk Pirschel wrote on Tue, 27 Jul 2004 at 01:57 +0200:
> It is possible to retrieve *any* directory by replacing $HOME/files or
> $HOME/html with a symlink.
Even worse: A user might use the restore funktion to change the
ownership of target files to his own. Under special circumstances,
::
:Application: MailEnable Professional HTTPMail
:Vendors: http://www.mailenable.com/
:Version: 1.19
:Platforms: Windows
:Bug: D.O.S
:Date: 2004-07-30
:Author:CoolICE
:E_mail:C
A Sensecurity Announcement for Security Professionals in the AsiaPac
region:
--
BlackOps: (noun) covert military action involving, but not limited to,
assassination, counter-guerrilla warfare, psychological-operations,
insurgency, deep-raid reconnaissance and other politica
From anywhere with in either Windows XP and Windows 2003 -
at the logon screen if you want - holding down WinKey + U will, with time, slow
the machine down to a craw eventually causing the machine to lock.
If remote desktop is enabled - at the login screen,
the aforementioned key sequence can
Hello all,
First of all, I'm in no way associate with Johny Knoxvilles. Some guys on
the list requested if I could somehow share the file, so did I. Second, I
found some information in there is nice, and I have not specifically said
which and which. Certainly, there are some nice technical stuff
hi there,
try this to read any file on IBM Directory Server <= 4.1
http://myserver/ldap/cgi-bin/ldacgi.exe?Action=Substitute&Template=../../../../../boot.ini&Sub=LocalePath&LocalePath=enus1252
PS:
This vuln is already known to IBM and a fix is available.
But since i did not found any inform
evilninja wrote:
>i was not able to reproduce it in "Gecko/20040719 Firefox/0.9.1" either.
>all i get is the real https:// site and this in the JS log:
>Error: unterminated string literal
>Source File:
>Line: 1, Column: 17
>Source Code:
>document.writeln('
The original PoC contains an invalid JS c
Subject:
Benchmark Designs' WHM Autopilot (Probably all versions up to 2.4.5) vulerable to
plain-text
credential leakage via backdoor.
Preamble:
Benchmark Designs' WHM Autopilot is a client management system made for webhosts, in
order to
simplify webhosting business management. It manages CP
Hello guys,
It's now available at http://www.ecqurity.com/defaced6e.zip
Have fun,
Phuong
At 08:42 AM 8/2/2004, Random wrote:
Hi,
Care to share with the rest of the group? All of the links below are now
404s.
Thanks,
Scott
On Sun, 2004-08-01 at 23:34, Phuong Nguyen wrote:
> I was able to get the fil
32 matches
Mail list logo