so then the bottom line is that there is a bug. When files are being
transfered they should also be identified via the content of the file
rather than the extension...
-KF
The second one is also know feature, the file type is not determinated
from the extension but from the content of the file.
On Mon, 24 Jan 2005 10:29:31 EST, KF (lists) said:
so then the bottom line is that there is a bug. When files are being
transfered they should also be identified via the content of the file
rather than the extension...
'Those who cannot remember the past, are condemned to repeat it.'
Starwars wrote:
snip
Yes, I am a criminal. My crime is that of curiosity. My crime
is that of judging people by what they say and think, not
what they look like. My crime is that of outsmarting you,
something that you will never forgive me for.
-- A hacker's manifesto, the Mentor, 1986
Well i was trying to find something in .ra format. I found something
interesting(I think)
I had an old .Ra and tryed to change some information of the file(via
an hexadecimal editor):
All my .ra files begin always with the following code:
.ra..ra4.r.+
If
Wouldn't the phone try to open the jpg file as a picture, and not execute
it. Just like on desktop PCs: if you rename a .exe (application/program) to
a jpg (picture file), and try to open the file, your image program will open
the file, thinking it is a image file. The application code will not be
Paul Kurczaba wrote:
Wouldn't the phone try to open the jpg file as a picture, and not execute
it. Just like on desktop PCs: if you rename a .exe (application/program) to
a jpg (picture file), and try to open the file, your image program will open
the file, thinking it is a image file. The
###
Luigi Auriemma
Application: W32Dasm
(was http://www.expage.com/page/w32dasm)
Versions: = 8.93 (8.94???)
Platforms:Windows
Bug: buffer-overflow
Exploitation: local
Issue: Multiple applications fd_set structure bitmap array
index overflow
Type: remote
Date: December, 12 2004
Original URL: http://www.security.nnov.ru/advisiories/sockets.asp
Author: 3APA3A
URL:http://www.security.nnov.ru/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: zhcon
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: ethereal
Advisory ID:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-35
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
I need to block SkyPE at the border of our network for many reasons.
Commercial, Off-The-Shelf:
1)Fortinet stops this and I have used it for such...for T1 speeds you can
keep the cost under $1K and can be installed in bridge/transparent/inline
mode so as not to disturb your existing
I am currently locked in a death struggle with Microsoft's server
product group. They have dropped support for the IAS (RADIUS) mmc in
server 2003 and the 2000 version won't work under XP SP2. Their solution
is to user terminal server to control the server remotely to manage
RADIUS. Naturally I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: squid
Advisory ID:
Paul Kurczaba wrote:
Wouldn't the phone try to open the jpg file as a picture, and not execute
it. Just like on desktop PCs: if you rename a .exe (application/program) to
a jpg (picture file), and try to open the file, your image program will open
the file, thinking it is a image file. The
DataRescue Interactive Disassembler Pro Buffer Overflow Vulnerability
iDEFENSE Security Advisory 01.24.05
www.idefense.com/application/poi/display?id=189type=vulnerabilities
January 24, 2005
I. BACKGROUND
DataRescue Inc.'s IDA Pro is a Windows or Linux hosted multi-processor
disassembler and
Hello list,
Thanks to all the tips and suggestions about my question on how to
block SkyPE traffic. I'll summarize and reply below:
* Brenno J.S.A.A.F. de Winter [EMAIL PROTECTED]:
You had the technical answer already. I just wanted add this: How
certain are you that Skype is really something
G'day,
I enjoy reading some of the messages in the Full Disclosure list however I opt
to receive the list as a daily digest. This has the problem (for me) that I have
to scroll thru the entire email message looking for the item(s) that I want to read.
Another list I subscribe to (Mailman-Users)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: mailman
Advisory ID:
Brian Anderson wrote:
G'day,
I enjoy reading some of the messages in the Full Disclosure list
however I opt to receive the list as a daily digest. This has the
problem (for me) that I have to scroll thru the entire email message
looking for the item(s) that I want to read.
[clip]
I have
On Tue, 25 Jan 2005 10:05:23 +0700, Alain Fauconnet said:
I would certainly not call our users a legion of techies (sometimes I wish
they'd be more techies than they are). Setting up a VPN would require
having control of a box outside of our campus, which is not likely for
the vast majority
On Tue, 25 Jan 2005 11:49:55 +0800, Brian Anderson said:
I enjoy reading some of the messages in the Full Disclosure list however I
opt
to receive the list as a daily digest. This has the problem (for me) that I
have
to scroll thru the entire email message looking for the item(s) that I
On Tue, Jan 25, 2005 at 03:22:20PM +1100, Gregh wrote:
- Original Message -
From: Alain Fauconnet [EMAIL PROTECTED]
To: full-disclosure@lists.netsys.com
Sent: Tuesday, January 25, 2005 2:05 PM
Subject: Re: [Full-Disclosure] blocking SkyPE?
Hello list,
Thanks to all the
Valdis Kletnieks to Brian Anderson:
I enjoy reading some of the messages in the Full Disclosure list however I
opt
to receive the list as a daily digest. This has the problem (for me) that I
have
to scroll thru the entire email message looking for the item(s) that I want
to read.
Original message:
Date: Mon, 24 Jan 2005 15:52:55 -0800
From: Daniel Sichel [EMAIL PROTECTED]
Subject: [Full-Disclosure] Terminal Server vulnerabilities
To: full-disclosure@lists.netsys.com
Message-ID:
[EMAIL PROTECTED]
Content-Type: text/plain; charset=us-ascii
I am currently
25 matches
Mail list logo