[Full-Disclosure] Re: Kazaa Sig2Dat Protocol Remote Integer Overflow and Denial Of Service by creating files in arbitrary locations

Temporary "Fix" : -- Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\sig2dat\shell\open\command] @="" -- -- Regards, Thierry Zoller Secure-It: http://www.sniff-em.com/secureit.shtml sig2datfix.reg

[Full-Disclosure] [USN-61-1] vim vulnerabilities

=== Ubuntu Security Notice USN-61-1January 18, 2005 vim vulnerabilities CAN-2005-0069 === A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog)

[Full-Disclosure] [USN-63-1] MySQL client vulnerability

=== Ubuntu Security Notice USN-63-1January 18, 2005 mysql-dfsg vulnerability CAN-2005-0004 === A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty War

Re[2]: [Full-Disclosure] network associates mcafee controls

Hi This is just for my personal knowledge, I just wanna run stuff without getting "not enough rights" boxes all the time. My boss would be OK, don't worry -Original Message- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Fri, 14 Jan 2005 14:28:23 -0500 Subject: Re: [Full-Disclosure]

[Full-Disclosure] [USN-62-1] imagemagick vulnerability

=== Ubuntu Security Notice USN-62-1January 18, 2005 imagemagick vulnerability CAN-2005-0005 === A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Wa

[Full-Disclosure] Security status of osCommerce?

Hi, I'm wondering if anyone can tell me about the current security status of the MS2.2 release of osCommerce? I understand that there have been XSS vulnerabilities and DOS exploits, heve these been fixed in the MS2.2 downloadable from the site? Any help appreciated. -- Joel Merrick signatur

Re: Re[2]: [Full-Disclosure] network associates mcafee controls

On Tue, 18 Jan 2005 19:14:51 +0300, [EMAIL PROTECTED] said: > This is just for my personal knowledge, I just wanna run stuff without > getting "not enough rights" boxes all the time. My boss would be OK, don't > worry Then your boss should be happy to get somebody to turn them off on your machin

Re: [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow

On Tue, 11 Jan 2005 07:05:12 -0800, stonersavant <[EMAIL PROTECTED]> wrote: > I tested this in my lab. I'm happy to report that s10.5 Ninja Tabi > boots appear to be unaffected by the vulnerability. Unfortunately, this raises more questions than it creates answers. For example, if the people of J

[Full-Disclosure] UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : chroot A known exploit can break a chroot prison.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 __ SCO Security Advisory Subject:UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : chroot A known exploit can break a chroot prison.

Re: [Full-Disclosure] Illegal mind control is coming to the USA, black helicopters

On Mon, 17 Jan 2005, Feher Tamas wrote: > http://news.bbc.co.uk/2/hi/uk_news/magazine/4169313.stm > > ... Some scientists in the US are working on more advanced > technology which might be better equipped at detecting > deception. Imagine the Pentagon equipped with a machine > which can read minds

Re: [Full-Disclosure] Illegal mind control is coming to the USA, black helicopters

On Tue, 18 Jan 2005 14:22:28 CST, Ron DuFresne said: > of course, on a semi serious note, elctromagnectic imaging scans have > proven to be pretty effective in noting the difference in a lying brain > and a truthful one. Now if they can just consolidate all that equipment > into a small handable

[Full-Disclosure] Re: Kazaa Sig2Dat Protocol Remote Integer Overflow and Denial Of Service by creating files in arbitrary locations

Short version: I looked at the "Length:9..." problem: It doesn't seem exploitable. Details: The sig2dat:// url causes Internet Explorer to run ksig.exe, ksig.exe is terminated because of an unhandled exception 0x0eedfade that is raised from 0x00403B69 in my ksig.exe. Googling for this ex

[Full-Disclosure] Re: Kazaa Sig2Dat Protocol Remote Integer Overflow and Denial Of Service by creating files in arbitrary locations

On Monday, January 17, 2005, 9:40:47 PM Rafel Ivgi, The-Insider <[EMAIL PROTECTED]> wrote: > ~~~ > Application: Kazaa > Vendors: http://www.kazaa.com > Versions: kazaa lite k++(probably all others too...) > Platfo

[Full-Disclosure] Re: [bugtraq] Novell GroupWise WebAccess error modules loading

On Monday 17 January 2005 16:42, Marc Ruef wrote: > Dear ladies and gentlemen > > We have not found any information on that issue. So I sent this information > (nearly the same posting) on 14/12/04 to [EMAIL PROTECTED] and asked for a > solution. As I haven't heard _anything_ until 23/12/04 I se

[Full-Disclosure] iDEFENSE Security Advisory 01.18.05: Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow

Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow iDEFENSE Security Advisory 01.18.05 www.idefense.com/application/poi/display?id=186&type=vulnerabilities January 18, 2005 I. BACKGROUND Xpdf is an open-source viewer for PDF files. More information is available at the following site:

[Full-Disclosure] The UPC packer

Anybody knows about this UPC Win32 packer or where to find it? I've searched the info highway and ended up to Swizzor. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] The UPC packer

> Anybody knows about this UPC Win32 packer or where to find it? I've > searched the info highway and ended up to Swizzor. > ___ UPX -- Eduardo Tongson MCSE http://i.keepsilent.net [:] propolice[a]gmail.com * Minesweeper Consultant & Solitaire Ex

[Full-Disclosure] Re: The UPC packer

It really is UPC not UPX. Try searching google with "swizzor UPC" On Wed, 19 Jan 2005 11:07:38 +0800, Juan dela Cruz <[EMAIL PROTECTED]> wrote: > Anybody knows about this UPC Win32 packer or where to find it? I've > searched the info highway and ended up to Swizzor. >