-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I. BACKGROUND
phpBB is a high powered, fully scalable, and highly customizable Open
Source bulletin board package. phpBB has a user-friendly interface,
simple and straightforward administration panel, and helpful FAQ.
Based on the powerful PHP server
This looks like a new version of what was mentioned in "Follow The
Bouncing Malware, Part III"
(http://isc.sans.org/diary.php?date=2004-11-04). The main thing it
installs appears to be the 180solutions spyware.
AnthraX101
On Mon, 15 Nov 2004 13:06:22 -0500, Brandy Simon <[EMAIL PROTECTED]> wrote
Seems to be the classic buffer overflow. It's really easy to write a
little script to take advantage of this due to the -s switch for the
ftp program. I doubt that you could do anything remote with it though,
if you're able to drop a random binary file on the HD and execute a
command, there are bet
Decoding a file with repetitive XOR encryption is pretty easy. The
only way that this will be even remotely secure is if the encrypted
file is the same length or less then the length of the key file. The
danger then becomes transmitting the key file securely. This is called
a one-time pad. It is im
Best I can tell, the Norton filter looks something like this:
\xFF\xD8.*\xFF[\xE1\xE2\xED\xFE]\x00[\x00\x01].*
AnthraX101
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Interesting. It would appear to not be a JPEG worm, but rather to be
the regular old CHM exploits. The interesting thing about it is that
it simply calls a link that was posted to FD last week.
The JPG is simply HTML, which loads http://www.xf*s.com/msn/1.jpg into
the main page, with http://www.xf
The program is called BHODemon. It is available from Definitive Solutions here:
http://www.definitivesolutions.com/bhodemon.htm
On Fri, 30 Jul 2004 09:59:54 -0500, Todd Towles
<[EMAIL PROTECTED]> wrote:
> There is a free piece of software somewhere that will grab all the BHOs
> (Browser Helper Ob
Yet another 6 month old exploit, just fixed!
http://www.securityfocus.com/archive/1/351379
Gotta love the fast Microsoft responses.
AnthraX101
On Tue, 13 Jul 2004 15:02:37 -0400, Matt Ostiguy <[EMAIL PROTECTED]> wrote:
> http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx
>
> ___
ookies to track a session ID,
which could lead to a compromise of user accounts when
combined with a javascript XSS.
[EMAIL PROTECTED] notified.
Aaron Horst
=
"A bug. Every system has a bug. The more complex the system, the more bugs.
Transactions circling the earth, passing throug
Just when I thought that PayPal may actually care for
their customers, I get the following message in my
inbox:
---
Dear *,
This holiday season...
Put PayPal Visa® at the top of your list!
0% Intro APR* for purchases. PLUS:
- $5 credit the first time y
10 matches
Mail list logo
