Nick Vasiliev wrote:
> I have tried to set up static arp mappings on my system however the
> new ones overwrote the old ones. Also I am not sure but does it also
> screw with switch's arp tables or just the client ones? Any feedback
> would be nice
Yes, such attack re-map port<->mac pair in "plain"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is an announcement only email list for the x86 architecture.
Turbolinux Security Announcement 31/Jan/2005
The following page
After testing the French Yahoo portal, it appears that this flaw
actually exists. Let's hope they'll fix it soon. However, the impact of
a bruteforce attempt is minimal if you have a strong password by default
...
I've submitted this bug to Yahoo for review.
===
Ubuntu Security Notice USN-76-1 February 07, 2005
emacs21 vulnerability
CAN-2005-0100
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Wartho
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200502-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
> Static arp entries are _static_ (unchangable) for Linux.
> For Windows, Windows XP is first MS system that treat static as real
> static - in previous versions "static" means that is times-out not so
> often (but could be changed)
I have tried to put some static ARP-entries under WinXP. No way
The Voice over IP Security Alliance (VOIPSA) is pleased to announce the
launch of the VOIPSEC mailing list. VOIPSEC is a moderated discussion
list focused on VoIP security issues, VoIP security technologies, and
related topics.
Everyone is welcome to subscribe at http://www.voipsa.org/lists.html
On 06/02/2005, at 00:15, Nick FitzGerald wrote:
Known virus scanning
is a far from perfect method for achieving this, but as the only
intelligent method of achieving it has been entirely disregarded by
users, AV and OS developers, scanning is pretty much what we are left
with.
To which method are y
On Mon, 07 Feb 2005 12:18:34 +0100, Thierry Haven
<[EMAIL PROTECTED]> wrote:
> After testing the French Yahoo portal, it appears that this flaw
> actually exists. Let's hope they'll fix it soon. However, the impact of
> a bruteforce attempt is minimal if you have a strong password by default
> ...
ike-scan v1.7 has been released. The new version is available at
http://www.nta-monitor.com/ike-scan/
The key changes from the previous version (v1.6) are:
a) new psk-crack program to crack IKE Aggressive Mode pre-shared keys using
either dictionary or brute-force methods.
The new --pskcrack (-
I'm officially retiring from everything and no longer involved
in Full Disclosure or netsys.com as well. I am passing the baton
to John Cartwright my trusted associate and friend of many years
It has been wonderful to have been a part of Full Disclosure
and I wish everyone the best.
My email ad
Vendor Patches are expected soon.
DMA[2005-0131a] - 'Setuid Perl PERLIO_DEBUG root owned file creation'
Author: Kevin Finisterre
Vendor: http://dev.perl.org/
Product: 'Perl 5.8.x - sperl'
References: (CAN-2005-0155)
http://www.digitalmunition.com/DMA[2005-0131a].txt
http://www.cve.mitre.org/cgi-bin
On Mon, 7 Feb 2005, Len Rose wrote:
> I'm officially retiring from everything and no longer involved
> in Full Disclosure or netsys.com as well. I am passing the baton
> to John Cartwright my trusted associate and friend of many years
>
> It has been wonderful to have been a part of Full Disclosu
===
Ubuntu Security Notice USN-77-1 February 07, 2005
squid vulnerabilities
CAN-2005-0173, CAN-2005-0174, CAN-2005-0175, CAN-2005-0211
===
A security issue affects the followin
Vendor Patches are expected soon.
DMA[2005-0131b] - 'Setuid Perl PERLIO_DEBUG buffer overflow'
Author: Kevin Finisterre
Vendor: http://dev.perl.org/
Product: 'Perl 5.8.x - sperl'
References: (CAN-2005-0156)
http://www.digitalmunition.com/DMA[2005-0131b].txt
http://www.cve.mitre.org/cgi-bin/cvename
looks like MS is NOT publicly releasing a fix for this, while they have the
means and solution at hand.
( at least under IE )
a kind reader sent this little snippet...
"... was able to get Microsoft to provide us with a DLL
to drop under IIS 6 to compare URL variable against the Host: header
varia
Len Rose wrote:
I'm officially retiring from everything and no longer involved
in Full Disclosure or netsys.com as well. I am passing the baton
to John Cartwright my trusted associate and friend of many years
It has been wonderful to have been a part of Full Disclosure
and I wish everyone the bes
Good Riddance.
And you being able to send this here, is exactly why Len deserves a lot
of credit, you are a kiddie and an asshole and why I disagree with him.
[in not particular order]
Gadi.
___
Full-Disclosure - We believe in it.
Charter: http:
Eat a dick buddy... show some respect for the man.
-KF
Good Riddance.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
__Summary
The javascript security manager usually prevents that a javascript: URL from
one host is opened in a window displaying content from another host. But
when the link is dropped to a tab, the security manager does not kick in.
This can lead to several security problems scaling from steali
__Summary
Usually Firefox does not allow that an executable, non-image file gets
directly dragged to the desktop (e.g. by supplying malware.exe as the src of
an image tag). Instead Firefox creates a link to the file on the desktop.
If you create a hybrid of a gif image and a batch file you can t
__Summary
Using plugins like Flash and the -moz-opacity filter it is possible to
display the about:config site in a hidden frame or a new window.
By making the user double-click at a specific screen position (e.g. using a
DHTML game) you can silently toggle the status of boolean config parameter
[EMAIL PROTECTED] wrote:
> V.Workaround
>
> You can disable IDN support in mozilla products by setting
> 'network.enableIDN' to false. There is no workaround known for Opera or
> Safari.
Hello,
I use Firefox 1.0 on GNU/Linux but the workaround doesn't work if I
close the browser. No idea wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:UnixWare 7.1.3 UnixWare 7.1.1 : Vulnerabilities in
long-lived TCP connections / Rose attack
Adviso
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenServer 5.0.6 OpenServer 5.0.7 : Vulnerabilities in
long-lived TCP connections / Rose attack
Ad
For some reason, manually adding it to prefs.js with a text editor did not
work for me. However, configuring it from about:config worked for me.
Open up firefox, put about:config into the address bar, and then change
network.enableIDN to false by double clicking on it. If it is working
successf
On Mon, 07 Feb 2005 09:27:25 PST, morning_wood said:
> looks like MS is NOT publicly releasing a fix for this, while they have the
> means and solution at hand.
> ( at least under IE )
> a kind reader sent this little snippet...
>
> "... was able to get Microsoft to provide us with a DLL
> to drop
Shoshannah Forbes to me:
> > Known virus scanning
> > is a far from perfect method for achieving this, but as the only
> > intelligent method of achieving it has been entirely disregarded by
> > users, AV and OS developers, scanning is pretty much what we are left
> > with.
>
> To which method
James Eaton-Lee wrote:
Add to this the fact that implementing archive support in an antivirus
package isn't as simple as it might seem; although bz2 is released under
a BSD license, gzip isn't - it's GPL, and therefore any antivirus vendor
would have to write their gzip code totally from scratch.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200502-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
On Mon, 07 Feb 2005 11:06:18 PST, Richard Jacobsen said:
> Open up firefox, put about:config into the address bar, and then change
> network.enableIDN to false by double clicking on it. If it is working
> successfully, you should get a message "domainname.com could not be found"
> when clicking
On Sun, 2005-02-06 at 10:09 -0500, Bernie Cosell wrote:
> We're now getting hammered with the third round of ssh probes in the last
> four days [one from CA, one from Brazil and one from Virginia]. I was
> wondering: is there some virus or the like floating around now that
> leaves an ssh-hamme
James Eaton-Lee wrote:
For many SMEs, the distinction is irrelevant, as a significant number of
e-mail servers do *NOT* incorporate antivirus software designed with
gateway scanning in mind - they run desktop scanning tools on e-mail;
thus, for many companies, the distinction between 'gateway' and
> For lack of a better name -- after all, this is a technology
> that has hardly been investigated -- I refer to this as
> integrity management.
> Basically you turn known virus scanning on its head to have
> the on- access scanner only allow known good code to run,
> rather than trying to do
SquirrelMail S/MIME Plugin Command Injection Vulnerability
iDEFENSE Security Advisory 02.07.05
www.idefense.com/application/poi/display?id=191&type=vulnerabilities
February 07, 2005
I. BACKGROUND
Squirrelmail S/MIME plugin enables the viewing of S/MIME-signed messages
of the MIME "multipart/sign
e'd like to remind those of you planning to attend this year's event that
CodeCon is fast approaching.
CodeCon is the premier event in 2005 for application developer community.
It is a workshop for developers of real-world applications with working
code and active development projects.
Past prese
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
| On Mon, 07 Feb 2005 11:06:18 PST, Richard Jacobsen said:
|
|
|>Open up firefox, put about:config into the address bar, and then change
|>network.enableIDN to false by double clicking on it. If it is working
|>successfully, yo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:UnixWare 7.1.4 : racoon multilple security issues
Advisory number:SCOSA-2005.10
Issue date:
I like your quote. I think you're wrong about Len. Remember that "a new broom
sweeps clean." For anything you had against the old moderator the new one could
be far worse.
--
kin 186: White Self-Existing World-Bridger
--
I Define in order to Equaliz
Valdis Kletnieks wrote:
> The actual bug referenced by Gerald is that if you use about:config to set it,
> it *works* without having to restart, but at the next restart of the browser,
> the setting no longer works...
At least in the standard (binary distribution) Windows build of Mozilla
1.0 th
Markus Wernig wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
| On Mon, 07 Feb 2005 11:06:18 PST, Richard Jacobsen said:
|
|
|>Open up firefox, put about:config into the address bar, and then change
|>network.enableIDN to false by double clicking on it. If it is worki
Bye Len! Miss you already! Thanks for a few good years eh?
--
kin 186: White Self-Existing World-Bridger
--
I Define in order to Equalize
Measuring Opportunity
I seal the Store of Death
With the Self-Existing tone of Form
I am guided by the po
Stuart Fox to me:
> Isn't this similar to what MS do in Windows 2003/XP SP2 with Software
> Restriction Policies? Executables are only allowed to run provided they
> fit a prespecified pattern i.e. name (not very useful), signed or not,
> hash of the executable.
Yes, but it has to be much more t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
Tons of email addresses from mailman mailing lists are vulnerable to
be collected by spammers.
They are "protected" by obfuscation ([EMAIL PROTECTED] -> user at
example.com) and access to the subscriber list can be restricted to
subscribers. The obf
On Tue, 8 Feb 2005, White Self-Existing World-Bridger wrote:
> I like your quote.
Ahhh... I'll bet you're not a quadriplegic then :-) ?
> I think you're wrong about Len. Remember that "a new
> broom sweeps clean." For anything you had against the old moderator the
> new one could be far worse.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter Besenbruch wrote:
| Markus Wernig wrote:
|
|> Yes, it does set network.enableIDN = false, but on startup this seems to
|> get ignored. What I had to do to disable it (probably a brute hack):
|> there's a line in ~/.mozilla/firefox/whatever.default
On Mon, 2005-02-07 at 14:58 -0500, bkfsec wrote:
> James Eaton-Lee wrote:
>
> >Add to this the fact that implementing archive support in an antivirus
> >package isn't as simple as it might seem; although bz2 is released under
> >a BSD license, gzip isn't - it's GPL, and therefore any antivirus ven
IBM AIX chdev Local Format String Vulnerability
iDEFENSE Security Advisory 02.07.05
http://www.idefense.com/application/poi/display?type=vulnerabilities
February 07, 2005
I. BACKGROUND
The chdev program is a setuid root application, installed by default
under multiple versions of IBM AIX, that
First off, thanks for the e-mail! It was well argued, and you obviously
took a lot of time on it; this is much appreciated. With that, let the
reply begin..
On Mon, 2005-02-07 at 15:32 -0500, bkfsec wrote:
> James Eaton-Lee wrote:
>
> >For many SMEs, the distinction is irrelevant, as a significa
kses 0.2.2 [kses strips evil scripts!]
==
* INTRODUCTION *
kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML
elements and attributes, no matter how malformed HTML input you give it.
It also does several checks on attribute values. kses can be used to avoid
Cross
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:UnixWare 7.1.4 : vulnerability in foomatic-rip in
Foomatic before 3.0.2 allows local users or remo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SCO Security Advisory
Subject:OpenServer 5.0.6 OpenServer 5.0.7 : enable command line
buffer overflows
Advisory number:S
52 matches
Mail list logo