http://virusscan.jotti.org/
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Jeff Kell
> Sent: Thursday, February 10, 2005 1:04 PM
> To: Full-Disclosure (E-mail)
> Subject: [Full-Disclosure] Virus scanning site...
>
> I know I've seen several po
www.virustotal.com
Jeff Kell wrote:
I know I've seen several posts referring to a site where you could
submit suspected malware and have it scanned by several different A/V
products to see if it is identified, but my mind and my google search is
turning up a blank. Can someone refresh my memory
---
Fedora Legacy Update Advisory
Synopsis: Updated abiword resolves security vulnerabilities
Advisory ID: FLSA:1906
Issue date:2005-02-08
Product: Red Hat Linux
Keywords: S
I know I've seen several posts referring to a site where you could
submit suspected malware and have it scanned by several different A/V
products to see if it is identified, but my mind and my google search is
turning up a blank. Can someone refresh my memory?
Jeff
---
Fedora Legacy Update Advisory
Synopsis: Updated libpng resolves security vulnerabilities
Advisory ID: FLSA:1943
Issue date:2005-02-08
Product: Red Hat Linux
Fe
John Cartwright wrote:
...
Subscriber addresses and passwords have been compromised.
d'0h!
...
SLASH = '/'
def true_path(path):
"Ensure that the path is safe by removing .."
parts = [x for x in path.split(SLASH) if x not in ('.', '..')]
return SLASH.join(parts)[1:]
That's an improvement
Computer Associates BrightStor ARCserve Backup v11 Discovery Service
Remote Buffer Overflow Vulnerability
iDEFENSE Security Advisory 02.09.05
www.idefense.com/application/poi/display?id=194&type=vulnerabilities
February 09, 2005
I. BACKGROUND
BrightStor ARCserve Backup for Windows delivers backu
Amazingly, despite numerous reports of backdoors in these Conexant DSL
routers, they are *still* being shipped with the port 254 backdoor menu
enabled...
I've just switched ADSL provider, and the new modem they sent me was a
"Mentor MR4C/UK". It appears to be another conexant clone, and if you
Danny wrote:
>
> On Wed, 9 Feb 2005 12:24:29 -0800, Thor Larholm wrote:
> > The addressbar can by design be programmatically changed to display
> > anything you want at any time, including when you hover over a link
> > and the onmouseover event fires. Simply change the window.status
> > property
===
Ubuntu Security Notice USN-78-1 February 09, 2005
mailman vulnerabilities
CAN-2005-0202
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Wart
[EMAIL PROTECTED] wrote:
Unless we have a Schrodinger's Cat John who manifests itself twice, once
saying "Yup" and once saying "Oh shit!". :)
Hehe. Technically it doesn't work that way. At this very moment, the
certificate can be both valid and invalid. However, once we query John
about his st
On Wed, 9 Feb 2005 12:24:29 -0800, Thor Larholm <[EMAIL PROTECTED]> wrote:
> I'm guessing you are refering to the status bar which displays the
> address of a link onmouseover.
Yes, the status bar which displays the address of a hyperlink
onmouseover... can the actual hyperlink (when the user lef
On Wed, 09 Feb 2005 14:32:13 EST, Danny said:
> Can the URL displayed on a mouseover in IE, be spoofed?
Umm... use the javascript onMouseOver() handler, or are you asking if that
venerable spoofing tool is itself vulnerable to spoofing?
pgpfbfs6updwU.pgp
Description: PGP signature
__
On Wed, 09 Feb 2005 14:14:35 CST, Frank Knobbe said:
> heh... nah, having John look at the cert and say "Yup, that's mine" is
> enough of a trust-level for me. (On the other hand, if he says "Oh
> shit!" then the verification step has served its purpose :)
Unless we have a Schrodinger's Cat John
On Wed, 2005-02-09 at 15:01 -0500, [EMAIL PROTECTED] wrote:
> > To prevent getting lulled into a phishing scam, could you please confirm
> > the fingerprints of the self-signed SSL certificate that mailman is
> > running on? :)
>
> Bonus points if the fingerprint is in a mail that's digitally sig
Danny wrote:
On Tue, 8 Feb 2005 17:51:16 +0100 (CET), Feher Tamas
<[EMAIL PROTECTED]> wrote:
http://news.zdnet.com/2100-1009_22-5567529.html
GeCad RAV, GIANT and now Sybari Antivirus. Microsoft
swallows smaller anti-malware firms one by one. When the
last one is gone, MS will probably eat the la
I'm guessing you are refering to the status bar which displays the
address of a link onmouseover.
The addressbar can by design be programmatically changed to display
anything you want at any time, including when you hover over a link and
the onmouseover event fires. Simply change the window.status
On Mon, 07 Feb 2005, Len Rose wrote:
>
> I'm officially retiring from everything and no longer involved
> in Full Disclosure or netsys.com as well. I am passing the baton
> to John Cartwright my trusted associate and friend of many years
>
> It has been wonderful to have been a part of Full Dis
On Wed, 09 Feb 2005 13:37:57 CST, Frank Knobbe said:
> To prevent getting lulled into a phishing scam, could you please confirm
> the fingerprints of the self-signed SSL certificate that mailman is
> running on? :)
Bonus points if the fingerprint is in a mail that's digitally signed, so we
know
* John Cartwright:
> Subscriber addresses and passwords have been compromised. All list
> members are advised to change their password immediately. There do
> not appear to be further signs of intrusion although investigations
> continue.
Recent Mailman versions from CVS contain a script to rese
Can the URL displayed on a mouseover in IE, be spoofed?
Thank you,
...D
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
On Wed, 2005-02-09 at 18:15 +, John Cartwright wrote:
> Subscriber addresses and passwords have been compromised. All list
> members are advised to change their password immediately. There do
> not appear to be further signs of intrusion although investigations
> continue.
To prevent getting
Sorry, disregard that message ...
Even though update.exe was not running anymore ... After a minute or 2, the
prompt to reboot finally appeared...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, February 09, 2005 6:07 P
Hi
On 7th February 2005 I was notified of a number of potentially -
compromised Full-Disclosure subscriber accounts. Following an
investigation it appears that the Mailman configuration database was
obtained from lists.netsys.com on 2nd January 2005 using a remote
directory traversal exploit fo
"James Longstreet" wrote in message
news:[EMAIL PROTECTED]
> On Tue, 8 Feb 2005, Dave Korn wrote:
>
> > Why? You hoping to sell it to spammers? Obfuscating *works*; if YOU
> > break it, that makes YOU a spamming motherfucker. Why don't you go fuck
> > yourself instead?
>
> The name of the list
On Wed, 09 Feb 2005 18:01:41 +0100, "the.soylent" said:
> i wan`t to use B/tchX (a famous IRC-Client) with the abbility to decrypt
> all written with blowfish.
> OS is Debian-testing (Sarge)
>
> I have already loaded the right (?) module, with a: /loaddll blowfish.so
> output :
> B/tchX blowfish
Hi all ...
I approved the patches on a SUS server, and if I look in the windows update.log
it looks
like the clients installed it , but they we're never prompted to reboot .. When
I
installed them on my home machine I needed a reboot ? In both situations the
machines were
up to date untill then
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
everybody in the channel had updated their (most-win) clients, most of
them use http://fish.sekure.us
if i post something via ctcp in a channel in quakenet with a L-Bot, i
get a desync message and can't write to channel any longer via ctcp..
example:
-
On Wednesday 09 February 2005 18:01, the.soylent wrote:
> B/tchX blowfish encryption module v1.0
do you have a link to that script, so i may give it a try?
Greetings
Oliver Leitner
Technical Staff
http://www.shells.at
--
By reading this mail you agree to the following:
using or giving out the e
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200502-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Use of Unicode codes in the href fools older versions of IE when it parses
the hostname part.
Obviously this has been fixed in a previous patch (my bad for not checking with
a fully patched machine first! )
NOT vulnerable IE 6.0.2800.1106.xpsp2.040919-1003C0
vulnerable IE 6.0.2800.1106.xpsp2.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
the 1st mail was rejected..so.. B/tchX = B .i .t. c .h .X
- ---
Hi list,
i wan`t to use B/tchX (a famous IRC-Client) with the abbility to decrypt
all written with blowfish.
OS is Debian-testing (Sa
Just my little paper.__Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.comSolution To Red Hat PIE protection
(Fr0z3n : [EMAIL PROTECTED])
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi list,
i wan`t to use BitchX (a famous IRC-Client) with the abbility to decrypt
all written with blowfish.
OS is Debian-testing (Sarge)
I have already loaded the right (?) module, with a: /loaddll blowfish.so
output :
BitchX blowfish encryption modul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dana Hudes wrote:
| The report is good. Attaching the results in their entirety gives
| spammers who don't have your technical capability, not to mention
| script kiddies looking for victims for their viruses, a huge leg
| up. Irresponsible doesn't beg
During the build of an exploit , I have found with
the help of Dwarf, a nice call to ebx for the win2k platforms,
pro AND server, SP4's serie, ALL
languages.
This might help some people to point out
this.
0x7801B008.msvcrt.dll
Hey Majest,
Send your replies to full-disclosure@lists.netsys.com
xyberpix
On Wed, 9 February, 2005 6:34, Majest said:
> lol *^_^* How do I reply on a message in this mailing list? *shame-lame*
> -.-
> ___
> Full-Disclosure - We believe in it.
> Charte
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave Korn wrote:
|>An improved version that collects addresses that are restricted to
|>subscribers, processes more lists and works more parallelized is
|>planned.
|
|
| Why?
The addresses of mailing list subscribers are top quality to
spammers. It's ju
Simple - using Verign's plugin from http://www.idnnow.com/index.jsp
results in:
http://www.rebee.clara.net/images/ie-idn.jpg
Phil
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
OVERVIEW
The method used for Windows security zone evaluation fails when
characters in the URL are encoded in a certain way. Internet Explorer
can be tricked to think that a document belongs in "My Computer" zone
when it actually resides on an Internet server. JavaScript in such
doc
I though that I should warn you all that unfortunately Internet Explorer is not
safe from this attack.
No details until after Microsoft has been contacted and I have introduced some
anti-phishing precautions for the domains I manage.
Kevin
___
Full-Disclo
[Full-Disclosure] Mailing List Charter
John Cartwright <[EMAIL PROTECTED]> and Len Rose <[EMAIL PROTECTED]>
Introduction & Purpose
--
This document serves as a charter for the [Full-Disclosure] mailing
list hosted at lists.netsys.com.
The list was created on 9th July 2002
On Tue, Feb 08, 2005 at 07:27:54PM -0500, Danny wrote:
> Further, if Microsoft thinks acquisitions will solve all of their
> problems, why don't they acquire a company with programmers that have
> some clue about security and it's place in software that is plugged
> into a network.
imho:
1. m$ hav
43 matches
Mail list logo
