* [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> On Mon, 08 Nov 2004 09:00:03 +0100, patryn said:
>
> > "Microsoft is concerned that this new report of a vulnerability in
> > Internet Explorer was not disclosed responsibly, potentially putting
> > computer users at risk"
>
> Is a black hat who
Dear Jason Coombs,
As far as I know US legislation, according to CAN SPAM act you can get
$250 from MPAA for each message you receive because they didn't
unsubscribe you on your request. Contact your lawyer. You can make a
business :)
--Tuesday, November 9, 2004, 8:28:52 AM, you wr
On Tue, Nov 02, 2004 at 01:41:43AM +0100, Berend-Jan Wever wrote:
> The JavaScript creates a large amount of heap-blocks filled with 0x0D byte
> nopslides followed by the shellcode. This is to make sure [0x0D0D0D0D] ==
> 0x0D0D0D0D. It's not the most efficient thing in the world but it works like
Hi all,
There's a new MyDoom variant exploiting the IFRAME issue I posted an
exploit for. It's said to use my code in a modified form. It seems to have
trouble infecting my computer even though I really tried to get it :P. If
anybody could help me get my hands on a copy (of the binary or the sourc
Hi Jason,
In the wise words of Jason Coombs, on Tuesday 09 November 2004 06:28:
> Anyone know how to convince the MPAA that they have received incorrect
> information from ARIN ?
>
> Telling them over and over again doesn't seem to work, and now their
> litigation spam is getting tiresome.
In our
Berend-Jan Wever wrote:
> There's a new MyDoom variant exploiting the IFRAME issue ...
In fact, it seems there's a reasonable chance many (most?) AV vendors
will actually (re-)name this Bofra as it is "sufficiently different"
from Mydoom as to seem worthy of a new family name. There are three
I just read this news about the first implementation :
F-Secure Virus Descriptions : MyDoom.AG
This Mydoom variant is considerably different from previous Mydooms.
In fact, it might not be a variant at all, but a totally new virus
family.
It does spread over email, like Mydooms normally do. Howe
You're right, except that it's necessary to reboot for this to start
working. Tested it on a Windows XP SP2 machine and received no warning after
setting the appropiate registry value and rebooting.
- Original Message -
From: "Fixer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Mon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 589-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 9th, 2004
> As far as I can tell, this is not exploitable to run a shellcode because
> of the fact that NULL's are inserted between charactors. But besides
This is not a problem, read phrack: unicode shellcodes are real.
In fact you can create your own unicode alphanumeric uppercase shellcode using
ALPHA2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 590-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 9th, 2004
On Wed, 10 Nov 2004 00:45:12 +1300, Nick FitzGerald
<[EMAIL PROTECTED]> wrote:
> Berend-Jan Wever wrote:
>
> > There's a new MyDoom variant exploiting the IFRAME issue ...
>
> In fact, it seems there's a reasonable chance many (most?) AV vendors
> will actually (re-)name this Bofra as it is "suff
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 591-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 9th, 2004
Hi!
New Demo version includes intelligent algorithms for detection of Cross-site
scripting, SQL-injection, PHP including, HTTP Response Splitting and similar
vulnerabilities in ANY (including custom) web-applications. (No details on
found vulnerabilities are provided)
Latest Discovered Vulnerabi
Kerio Personal Firewall Multiple IP Options Denial of Service
Release Date:
November 9, 2004
Date Reported:
October 30, 2004
Severity:
High (Remote Denial of Service)
Vendor:
Kerio
Systems Affected:
Kerio Personal Firewall 4.1.1 and prior
Overview:
eEye Digital Security has discovered a sever
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
That's peculiar as I didn't need to reboot for either OS. I was
simply able to swap the files and go. I wonder what would have caused
that to happen in your case.
-Fixer
On Tue, 9 Nov 2004 11:42:58 -0300, Jeff Donahue <[EMAIL PROTECTED]> wrote:
> You're right, except that it's necessary to reb
:Hotmail & Passport (.NET Accounts) VulnerabilityThere is a very serious and stupid vulnerability or badcoding in Hotmail / Passportâs (.NETAccounts)I tried sending emails several times to Hotmail / Passport contact addresses, but always metwith the NLP bots.I guess I donât need to go in deta
On Tue, 9 Nov 2004 11:08:26 +0100 (CET), Berend-Jan Wever
<[EMAIL PROTECTED]> wrote:
> Hi all,
>
> There's a new MyDoom variant exploiting the IFRAME issue
The worst problem with this is microsoft have not announced a patch
for the exploit which the virii exploits, so this is wild in every
descr
On Tue, 09 Nov 2004 19:40:08 +, CÃsar Renà Vega GarcÃa
<[EMAIL PROTECTED]> wrote:
>
>
>
>
> :Hotmail & Passport (.NET Accounts) Vulnerability
>
> There is a very serious and stupid vulnerability or badcoding in Hotmail /
> PassportÃââs (.NET
> Accounts)
>
> I tried sending emails several
On Tue, 9 Nov 2004 10:38:13 -0800, Marc Maiffret <[EMAIL PROTECTED]> wrote:
> Vendor:
> Kerio
>
> Systems Affected:
> Kerio Personal Firewall 4.1.1 and prior
I assume you are not aware of the history of Kerio and how alot of
consumers maybe still on "Tiny" versions of the code.
Tiny Personal Fir
The last time I called Microsoft and tryed to report a security hole I
was greeted by 1 moron, transfered to another who asked for $75 and then
when I refused and asked to speak to his supervisor, he suggested that I
use their security report web page... I wouldn't reccomend the phone
route to
On Tue, 9 Nov 2004 23:03:20 +, n3td3v <[EMAIL PROTECTED]> wrote:
> On Tue, 9 Nov 2004 23:02:15 +, n3td3v <[EMAIL PROTECTED]> wrote:
>
>
> > On Tue, 09 Nov 2004 15:17:32 -0700, John Neiberger
> >
> >
> > <[EMAIL PROTECTED]> wrote:
> > >
> > > I saw many references about this in the archive
On Tue, 9 Nov 2004 23:02:15 +, n3td3v <[EMAIL PROTECTED]> wrote:
> On Tue, 09 Nov 2004 15:17:32 -0700, John Neiberger
>
>
> <[EMAIL PROTECTED]> wrote:
> >
> > I saw many references about this in the archives but I haven't seen a
> > solution to it and we just started seeing this problem. Begi
On Tue, 09 Nov 2004 16:16:20 -0700, John Neiberger
<[EMAIL PROTECTED]> wrote:
> >Yes, yahoo had an incident with its DNS in the past week(s) with its
> >dns configuration with regards of "akadns". Yahoo! security team were
> >alerted my myself as soon as abnormal behaviour was reported by the
> >sc
On Tue, 9 Nov 2004, n3td3v wrote:
> The worst problem with this is microsoft have not announced a patch
> for the exploit which the virii exploits, so this is wild in every
> description of the word "wild".
I never had strong feelings about Microsoft; I took their side on several
occassions. Were
===
Ubuntu Security Notice USN-21-1 November 09, 2004
libgd vulnerabilities
CAN-2004-0990
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Wartho
===
Ubuntu Security Notice USN-22-1 November 10, 2004
samba vulnerability
CAN-2004-0930
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
29 matches
Mail list logo
