Nick et al...
After having really suffered the thread(S) what is missing is.
Most SysAdmins do not know what it takes to run a business.
Most Business Administrators do not know what it takes to run a
network.
With that said Maarten will never understand the Business Point that
Hi List
Is there a possibility to bind /bin/bash on a socket with legacy unix
commands?
netcat ?
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
On Fri, 13 Aug 2004 06:26:28 -0700
kf_lists [EMAIL PROTECTED] wrote:
are they setuid? give us an ls -al of each binary.
Of default install on OpenBSD these binary, are not
set with setuid privileges, but this only wants to be
considered a simple bugs report, and not really security
Well, Ok this behaves as expected. Hitting "Reply All" does reply
to everyone in the to and cc lists. To me this is reasonable and
sensible, which is all well and good.
Of course this is because I have been thinking as a person who
just uses things...but now that I have been drifting back
this message is only useful for INTERLAND users and spammers.
INTERLAND is the most popular web hosting corporation online - even
bigger than VERIO - according to 3rd-party survey. INTERLAND's default
vps PROBABLY has REMOTE COMPROMISE vulnerability. PROBABLY means i
just checked the version #
On Sunday 15 August 2004 02:48, Brendan Dolan-Gavitt wrote:
On Sun, 15 Aug 2004 00:41:08 +0200, Maarten [EMAIL PROTECTED] wrote:
Hi list,
I noticed that this list (-software) unlike many others does not add a
Reply-To: field with the list address there.
Not quite correct--it doesn't
i want to create a slipstream cd with xp sp2, i was
thinking what would be best:
1. to just use xp cd and sp2
or
2. to upgrade sp1 and then sp2 and then finally
create the cd
thanks
On Sunday 15 August 2004 04:52, Nick FitzGerald wrote:
Maarten wrote:
First off: Nick, please lose that damn attitude of yours !
Why?
Because you're being rude, and anti-social. You don't score points with this.
Jeez why do I even HAVE to explain things like this. SO typical.
You're
Hi,
WS_FTP is a popular feature rich ftp client. It
makes upload/download as easy as drag drop. But
mostly peoples using this forget that it creates a log
file with name ws_ftp.log. This file holds sensitive
data such as file source/destination and file name,
date/time of upload etc., People
absolutely OT.
Gaurang.
--- Gabriel Alexadros [EMAIL PROTECTED] wrote:
i want to create a slipstream cd with xp sp2, i was
thinking what would be best:
1. to just use xp cd and sp2
or
2. to upgrade sp1 and then sp2 and then finally
create the cd
thanks
Just curious -- did you make sure to account for the fact that lots of
people backport fixes so that version numbers dont always tell
you that something is exploitable? (linux dists seem keen on this a lot).
INTERLAND is the most popular web hosting corporation online - even
bigger than
thanks for pointing out the possibility of backport. interland is
running freebsd4 instead of redhat linux, but there is also backport for
freebsd.
i got a question here:
i am the administrator of the interland VPS running apache whose
version # is 1.3.22.
how can i know if it has backport or
Ohh great.. two different versions floating around. Not sure where I
got the first one, but the second was from frauder.us.
-rwxr-xr-x1 root root 1365263 Jul 12 11:10 sshf1*
-rwxr-xr-x1 root root 1369359 Aug 1 19:24 sshf2*
[EMAIL
: Affected Packages: Corrected Packages:
OpenPKG CURRENT = rsync-2.6.2-20040706 = rsync-2.6.2-20040815
OpenPKG 2.1 = rsync-2.6.2-2.1.0 = rsync-2.6.2-2.1.1
OpenPKG 2.0 = rsync-2.6.0-2.0.1 = rsync-2.6.0-2.0.2
Dependent Packages: none
Description:
According
Oh yeah, I forgot to include this link, in case it happens to be the
case.. not that I would know, I dont use Interland...
https://www.redhat.com/advice/speaks_backport.html
On Sun, 15 Aug 2004, Liu Die Yu wrote:
this message is only useful for INTERLAND users and spammers.
INTERLAND is the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200408-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200408-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
your serious??
this issue has been arround for about 10 years...
try googling ws_ftp.ini where you can simply drop the
ini in your ws_ftp folder, convert the hashes or import into your
favorite ftp client that supports ws_ftp.ini style format.
m.wood
- Original Message -
From: Gaurang
On Sunday 15 August 2004 00:32, Gabriele Galadini wrote:
Hi all,
i've found some packages on obsd current version
(3.5) on arch x86, give me return problems.
I explain:
[EMAIL PROTECTED] export HOME=`perl -e 'print A x 4387'`
[EMAIL PROTECTED] dpsinfo
Segmentation fault
[EMAIL
i got a question here:
i am the administrator of the interland VPS running apache whose
version # is 1.3.22.
how can i know if it has backport or not?
You can very easily test whether it's susceptible to the chunked encoding issue
or not. If it's not, chances are it's been backported.
After looking around a bit more (should have researched a bit before
posting), the second sshf that currently resides at frauder.us is
infected with RST-variant.
More info at:
http://www.lockeddown.net/rst-expl.txt
Bill
-Original Message-
From: Bill Roemhild
Sent: Sunday, August
hi wlecome to 1998
On Sun, 15 Aug 2004 05:19:02 -0700 (PDT), Gaurang Pandya
[EMAIL PROTECTED] wrote:
Hi,
WS_FTP is a popular feature rich ftp client. It
makes upload/download as easy as drag drop. But
mostly peoples using this forget that it creates a log
file with name ws_ftp.log.
Giggle! I remember when I was first recovering from a serious
illness and I had been off line for two years. It was pretty gloomy
and I wasn't expected to make it. When I did recover lots of my
life had that "whee! I am alive and this is interesting, and that is
interesting and the girls are
As SP2 contains SP1 (2) seems redundant to me but
hey it's your money...
You should also consider those components that are not
part of the OS too. .Net Framework. Mdac etc...
Alan Melia
Melmac Solutions
Ltd.
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gabriel
Really? What a narrow view of security you have.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gaurang Pandya
Sent: Sunday, August 15, 2004 8:49 AM
To: Gabriel Alexadros; Full Disclosure
Subject: Re: [Full-Disclosure] Slipstreamed Windows XP CD Using
I think Ice-T said it best.
Freedom of speech.. Just watch what you say.
So should we propose an amendment to the US amendment? Maybe something
like
Freedom of speech. As long you say what we want hear.
Concerned about your privacy? Follow this link to get
secure FREE
On 15 Aug 2004, at 05:49, Noam Rathaus wrote:
On Sunday 15 August 2004 00:32, Gabriele Galadini wrote:
Hi all,
i've found some packages on obsd current version
(3.5) on arch x86, give me return problems.
I explain:
[EMAIL PROTECTED] export HOME=`perl -e 'print A x 4387'`
[EMAIL PROTECTED]
Moderator: I am not subscribed, but this is probably useful info...
I've tested the link on a WinXP SP2 box (P3 500mhz w/ 256MB) and she
froze pretty much instantly (no scrolling or user interaction at all)
and after about 20 seconds the machine rebooted. No BSOD, no warning,
just a reboot and a
On Sun, 15 Aug 2004, Noam Rathaus wrote:
#ll -l /usr/bin/X11/dpsinfo
-rwxr-xr-x1 root root 6456 Jul 7 18:07 /usr/bin/X11/dpsinfo
symbols found)...(no debugging symbols found)...(no debugging symbols
found)...
Program received signal SIGSEGV, Segmentation fault.
0x41414141
While this off topic, if you are really interested here is a link for
exactly what you want
http://www.windows-help.net/WindowsXP/winxp-sp2-bootcd.html
There have been many articles on how to create a slipstream
version of an OS, as was brought up here you can also roll things like
MDAC,
On Fri, 13 Aug 2004, neL esoR wrote:
I am surprised this hasn't engendered a lively
discussion, everything else seems to.
In neL's book, this paper ranks as one of the best.
What, and risk Dan Geer's fate? In this economy? I have a wife,
a cat and two kids that depend on me.
Not to put to
Hack In The Box Security Conference 2004 : Kuala
Lumpur, Malaysia
Greetings,
This is the second round of our Call For Papers for
HITBSecConf2004. The conference will run over a 2-day
period (October 6th 7th). Our current speaker
line-up includes:
Theo De Raadt [Keynote Speaker]
Captain
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 537-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 16th, 2004
33 matches
Mail list logo
