[Full-Disclosure] Vulnerability in sourceforge.net

Vulnerability in sourceforge.net. Remote user can read any files. Example: http://btmgr.sourceforge.net/index.php3?body=../../../../../../usr/local /apache/conf/httpd.conf -- www.Maxpatrol.com - MaxPatrol is a prof

[Full-Disclosure] SHOUTcast Server 1.8.x remote heap overrun exploit binary version

http://www.securitylab.ru/42976.html (in russian!) shoutdown.01.tar.gz: SHOUTcast 1.9.2 remote heap overrun exploit. Binds rootshell on port 26112. Note: this is binary version. Compiled on Linux/x86 with gcc3.2. Source code wont be distributed. Autor: ┼D4rkGr3y┼ of m00 Security _

[Full-Disclosure] Pam-SayPass by Buggzy

Hi again! Patch for pam_unix which sends credentials of authentication attempts (su, login, ssh, x-windows) encoded into DNS query to the specified host. http://www.securitylab.ru/tools/42989.html ___ Full-Disclosure - We believe in it. Charter: ht

[Full-Disclosure] snort rules for ICQ http/https tunnels

Hi! >From KasperskyLab: 'Bizex' worm attacks ICQ users - http://www.kaspersky.com/news.html?id=4272424 Rules for snort to deny ICQ via proxy and proxy chains: (more information can be found here http://securitylab.ru/40960.html): # icq.rules # snort rules for ICQ http/https tunnels # (c)ded b

[Full-Disclosure] Authentication flaw in Web Wiz forum

Product: Web Wiz forum 7.0-7.7a www.webwizforum.com Risk: Medium Date: 02 March, 2004 Autor:Pig Killer and Michael ( www.SecurityLab.ru) When user log on forum, for his cookies identification forum using User_code value from tblAutor table from underlying database, w

[Full-Disclosure] Re: Authentication flaw in Web Wiz forum

Hi all again! This bug works only when password changes using "Forgotten your password?" future. The user code is changed when changing the password using "user profile". Sorry for my mistake. - Original Message ----- From: "Alexander" <[EMAIL PROTE

RE: [Full-Disclosure] Security Sites

http://www.securitylab.ru/forum/ > -Original Message- > From: [EMAIL PROTECTED] [mailto:full-disclosure- > [EMAIL PROTECTED] On Behalf Of Patrick Olsen > Sent: Friday, April 23, 2004 6:34 PM > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] Security Sites > > I have been looking aroun

[Full-Disclosure] Symantec Multiple Firewall DNS Response Denial-of-Service (PoC)

Symantec Multiple Firewall DNS Response Denial-of-Service (PoC) HOD-symantec-firewall-DoS-expl [-fi:str] [-tp:int] [-ti:str] [-n:int] -fi:IPFrom (sender) IP address -tp:int To (recipient) port number -ti:IPTo (recipient) IP address -n:intNumber

[Full-Disclosure] KDE was hacked

2004/05/03 13:50:28 KDE was hacked by Russian hacker More information (In Russian) http://www.securitylab.ru/45100.html Diff for /kdenetwork/kppp/connect.cpp between version 1.175 and 1.176: http://webcvs.kde.org/cgi-bin/cvsweb.cgi/kdenetwork/kppp/connect.cpp.diff?r1 =1.175&r2=1.176&f=h __

[Full-Disclosure] MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC) with Universal targets

MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC) with Universal targets (Windows XP SP0/SP1 Russian/English, Windows 2000 SP2, SP4 Russian/English): http://www.securitylab.ru/44913.html ___ Full-Disclosure - We believe in it. Charter

[Full-Disclosure] Critical bug in Web Wiz Forum

Hi all and Bruce! (B (BCtrlbrk found some critical bug in web wiz forum 7.$B'g(B (Including last (Bpublic version 7.7$B'Q(B). (B (B1. SQL Injection in (Bpop_up_ip_blocking.asp, line 113 (B (B For each laryCheckedIPAddrID in Request.Form("chkDelete") $B"+(B not (Bsanitized (B

RE: [OBORONA-SPAM] [Full-Disclosure] Critical bug in Web Wiz Forum

& (B"BanList.Ban_ID=" & laryCheckedIPAddrID & ";" (B (B (B> -Original Message- (B> From: [EMAIL PROTECTED] [mailto:full-disclosure- (B> [EMAIL PROTECTED] On Behalf Of Alexander (B> Sent: Friday, April 30, 2004 11:17 PM (B> To: [EMAIL PROT

[Full-Disclosure] CiSCO IOS 12.* source code stolen?

More information (in Russian, of course) and some little stolen code can be found here: http://www.securitylab.ru/45221.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

[Full-Disclosure] DoS in Vocaltec VoIP gateway in ASN.1/H.323/H.225 stack

More information (in Russian, of course): http://www.securitylab.ru/45401.html Exploit: http://www.securitylab.ru/_Exploits/2004/05/killvoc-small.c ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htm

[Full-Disclosure] SecurityLab.Ru Report: The Top 10 Most Critical Vulnerabilities in May 2004

SecurityLab.Ru Report: The Top 10 Most Critical Vulnerabilities in May 2004 Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability, Bugtraq ID 10291, http://www.securitylab.ru/45107.html. Multiple Vulnerabilities in Apple Mac OS X, Bugtraq ID 10271, 10268,

[Full-Disclosure] SecurityLab report: The Top 10 Most Critical Vulnerabilities in June 2004

SecurityLab report: The Top 10 Most Critical Vulnerabilities in June 2004 . Firebird Remote Pre-Authentication Database Name Buffer Overrun Vulnerability, http://www.securitylab.ru/45626.html , Bugtraq ID 10446 . Squid Proxy NTLM Authentication Buffer Overflow Vulnerability, http://www

[Full-Disclosure] Comparison of Network Security Scanners

Hi all! Comparison of Network Security Scanners: http://www.maxpatrol.com/pd_cmp2.asp In this survey the following products were tested: 1 IS - Internet Scanner 7.0 Internet Security Systems http://www.iss.net 2 LG - LanGuard 3.2 GFI http://www.gfi.com 3 Ns - Nessus

RE: [Full-Disclosure] Comparison of Network Security Scanners

caveat emptor. G On or about 2004.07.01 21:35:12 +, Anders B Jansson ([EMAIL PROTECTED]) said: > And to everyones surprise their own product came out on top! > > Wow, it has to be good, film at 11 > > // anders > > Alexander wrote: > >Hi all! > > >

[Full-Disclosure] XSS in Board Power forum

Programm: Board Power forum v2.04 PF Autor: Ivan Zhdanov CRITICAL: Low Exploit: http://target/cgi-bin/boardpower/icq.cgi?action=javascript:alert ('hello'); URL: http://www.thewebmasterforums.com .. Maxpatrol - Professional Network Security Scanner (www.maxpatrol.com). ___

[Full-Disclosure] XP SP2 WEP

Has anyone had problems with XP SP2 breaking WEP configuration? -- Alexander MacLennan PhD Student Curtin University of Technology +61 8 9266 2129 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

[Full-Disclosure] Buffer Overflow in SYS_CONTEXT() in Oracle 9i Rel.2

   Oracle9i Rel. 2 (Windows platform only)Severity Medium RiskCategory    Buffer OverflowVendor URL   http://www.oracle.comAuthor   Alexander Kornbrust (ak at red-database-security.com)Date 3 Sep 2004  (V 1.0)Advisory

[Full-Disclosure] Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i - 9i

Affected   Oracle 8i - Oracle9i (all platforms)Severity  Medium RiskCategory    Buffer Overflow/Denial of Service (Database Crash)Vendor URL   http://www.oracle.comAuthor   Alexander Kornbrust (ak at red-database-security.com)Date

[Full-Disclosure] SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i

   Oracle 8i / Oracle9i (all platforms)Severity High RiskCategory   SQL InjectionVendor URL   http://www.oracle.comAuthor   Alexander Kornbrust (ak at red-database-security.com)Date 3 Sep 2004  (V 1.0)Advisory number

Re: [Full-Disclosure] Teen hacker controls ebay

...on Thu, Sep 09, 2004 at 12:17:59AM +1200, Nick FitzGerald wrote: > Jeffrey Denton wrote: > > $ whois -h whois.opensrs.net. ebay.de > > Registration Service Provider: > >DBMS VeriSign, [EMAIL PROTECTED] > Issuing code-signing certs in Microsoft's name to non-MS folk. > Reassiging a maj

[Full-Disclosure] [MAxpatrol Security Advisory] Multiple vulnerabilities in GoSmart Message Board

This vulnerability was discovered by Positive Technologies using MaxPatrol (www.maxpatrol.com) - intellectual professional security scanner. It is able to detect a substantial amount of vulnerabilities not published yet. MaxPatrol's intelligent algorithms are also capable to detect a lot of vulnera

[Full-Disclosure] [MAxpatrol Security Advisory] Multiple vulnerabilities in GoSmart Message Board

This vulnerability was discovered by Positive Technologies using MaxPatrol (www.maxpatrol.com) - intellectual professional security scanner. It is able to detect a substantial amount of vulnerabilities not published yet. MaxPatrol's intelligent algorithms are also capable to detect a lot of vulnera

[Full-Disclosure] Multiple vulnerabilities in w-agora forum

http://www.maxpatrol.com/mp_advisory.asp Title: Multiple vulnerabilities in w-agora forum Date: 28.09.04 Severity: Medium Application: w-agora 4.1.6a, http://www.w-agora/en/download.php Platform: PHP I. DESCRIPTION Multiple vulnerabilities were found in w-agora forum. A remote user can co

[Full-Disclosure] Multiple vulnerabilities in w-agora forum

http://www.maxpatrol.com/mp_advisory.asp Title: Multiple vulnerabilities in w-agora forum Date: 28.09.04 Severity: Medium Application: w-agora 4.1.6a, http://www.w-agora/en/download.php Platform: PHP I. DESCRIPTION Multiple vulnerabilities were found in w-agora forum. A remote user can co

[Full-Disclosure] [MAXPATROL Security Advisories] Cross site scripting in Invision Power Board

[MAXPATROL Security Advisories] Cross site scripting in Invision Power Board Date: 5.10.2004 Severity: Low Application: Invision Power Board v2.0.0 Platform: PHP I. DESCRIPTION An input validation vulnerability was found in Invision Power Board. A remote user can conduct Cross site scriptin

[Full-Disclosure] [Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal

Title: [Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal Date: 28.09.2004 Severity: Low Application: DCP-Portal, dcp-portal Platform: PHP I. DESCRIPTION -- Multiple vulnerabilities were found in DCP-Portal. A remote user can conduct cross-site scripting attacks a

[Full-Disclosure] SMC7004VB sensitive information leak

ing attack Alexander Müller Electronic Security www.Electronic-Security.de Thanks to: mo (Kryptocrew.de), Fabian Becker (Electronic Security) ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

[Full-Disclosure] Unauthorized access in Web Wiz Forum

Unauthorized access in Web Wiz Forum A vulnerability has found in Web Wiz Forum (6.34, 7.01, 7.5). Remote user (authenticated or not) can read message in private forum. Remote user can post message in private forum. Software does not compare message to forum, when "quote" mode is used. In result

Re: [Full-Disclosure] Unauthorized access in Web Wiz Forum

>; Thu, 6 Nov 2003 16:33:20 -0500 (EST) Received: from mail pickup service by mail.suretel.net with Microsoft SMTPSVC; Thu, 6 Nov 2003 15:32:18 -0600 - Original Message ----- From: "Alexander Antipov" <[EMAIL PROTECTED]> To: <[E

[Full-Disclosure] local ListBox/ComboBox exploit for Win32 (MS03-045)

Hi! local ListBox/ComboBox exploit for Win32 (MS03-045): http://www.securitylab.ru/41258.html Created by xCrZx [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

[Full-Disclosure] ms03-049 exploit by wirepair + compiled version (Microsoft Windows XP target)

Hi again!   -- snip -- ms03-049 by wirepair, pretty sweet find, although i can only get this to work on XP. Win2k responds with likeop rng error stating it doesn't know what the hell i'm requesting. Eeye seemed to elude to the fact that 'only xp has theseundocumented api's or something, anywa

[Full-Disclosure] [securitylab.ru] EffectOffice Server 2.9 problem

Application: EffectOffice Server 2.9 Vendor: EffectOffice Vendor Site: http://www.EffectOffice.com Remote: Yes Exploitable: Yes Risk level: High Authors: D_BuG (d_bug @ bk.ru) Authors Site: http://www.securitylab.ru Description: A vulnerability identified in EffectOffice can be exploited by a m

[Full-Disclosure] Remote root exploit for mod_gzip (with debug_mode)

Hi!   / Single mode:\/  [EMAIL PROTECTED] crz]$ ./85mod_gzip -t 0 -h localhost\ /  remote exploit for mod_gzip (debug_mode) [Linux/*BSD]\   by xCrZx [EMAIL PROTECTED] / \  Using: ret_err = 0x42127480, ret = 0xbfffd8f0/ \    [!] Connecting to localhost:80/  [+] Co

Re: [Full-Disclosure] Removing ShKit Root Kit

On Sun, Dec 21, 2003 at 07:28:55PM -0500, Chris wrote: > Can anyone reccomend some links or useful information for removing the > "ShKit Rootkit". CHKROOTKIT detected this thing on a RedHat 8.0 server > owned by a client of mine. > > "Searching for ShKit rootkit default files and dirs... Possibl

Re: [Full-Disclosure] Removing ShKit Root Kit

On Mon, Dec 22, 2003 at 01:52:57PM -0600, Schmehl, Paul L wrote: > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Alexander Schreiber > > Sent: Monday, December 22, 2003 12:24 AM > > To: Chris >

Re: [Full-Disclosure] whois.crsnic.net hacked?

On Tue, Dec 30, 2003 at 02:24:29PM -0500, Brown, James (Jim) wrote: > Following up on earlier post. FreeBSD whois defaults > to whois.crsnic.net > > It appears that whois.crsnic.net is owned: It appears you have no idea what you are talking about. > whois -h whois.crsnic.net microsoft.com > >

RE: [Full-Disclosure] BZIP2 bomb question

Hi Greg, > [...] > I am wondering why, for those who HAVE to auto unpack, a > script cannot be written which, upon receipt of an > archive of any sort, inspects it for, as an example, > 100K of the same character repeated (keeping in mind > that the NULL character, chr$(7) etc have all been used

RE: [Full-Disclosure] credibility (was 'more security people')

WTF makes people think that passing a single test qualifies someone as an expert in anything? People need to realize that while tests/certifications are not worthless, they should only complement other qualifications. Tests are used in other professional fields: lawyers have to pass the bar exa

[Full-Disclosure] snort rules for ICQ http/https tunnels

Hi! >From KasperskyLab: 'Bizex' worm attacks ICQ users - http://www.kaspersky.com/news.html?id=4272424 Rules for snort to deny ICQ via proxy and proxy chains: (more information can be found here http://securitylab.ru/40960.html): # icq.rules # snort rules for ICQ http/https tunnels # (c)ded b

Re: [Full-Disclosure] Backdoor not recognized by Kaspersky

rm -rf / that should do it Nick FitzGerald wrote: Ron DuFresne <[EMAIL PROTECTED]> wrote: how about the smtp server simply rejecting mail from spoofed hosts ? as all the viruses generate spoofed hosts and it is very easy for any smtp server to do a dns lookup on the sending server, if the host

[Full-Disclosure] Meth and hacking?

http://www.msnbc.msn.com/id/4460349/ "The drugs and the crime fit neatly together; addicts strung out on meth can stay awake and focused for days at a time, making them expert hackers and mailbox thieves. And ID theft is easy money, the perfect income for drug addicts who have no other way to fund

Re: [Full-Disclosure] Book of unreleased exploits?

so slightly humorous? Isn't it considered to be an oxymoron to publish a ton of text and then claim it to be unreleased? > David > mvh, A -- Alexander Hoogerhuis | [EMAIL PROTECTED] CCNP - CCDP - MCNE - CCSE | +4

Re: [Full-Disclosure] a secure base system

Tobias Weisserth wrote: > /tmp should always be mounted noexec. Add /home as well with noexec. > [...] This may be a trade-off, but the result is more security. On typical Linux distributions noexec is pointless. It does not prevent the execution of dynamically linked ELF images. $ readelf -l /bi

Re: [Full-Disclosure] Ancient Trivia: +++ath0

Hi, ...on Thu, Mar 18, 2004 at 08:48:59AM -0500, Luke Scharf wrote: > But, still, isn't a string of characters that the modem won't transfer > something that the communications system on a PC should handle? Why should it? After all, the escape sequence is configurable with the S2 register on

Re: [Full-Disclosure] Destroying PCs remotely?

[EMAIL PROTECTED] wrote .. Hi, > What was that? It was the US constitution saying bye-bye... Thats nonsense. Maybe they will find a way to destroy a pcs hardware by remote, deleting the bios or demage the processor (overheating by excessive using of one single unit). But thats only theory. I r

Re: [Full-Disclosure] Announcement: New Security Vulnerability List

On Fri, Jul 11, 2003 at 11:32:48PM +0100, SINTRAQ wrote: > SINTRAQ, is a security mailing list which informs subscribers about > the > latest security vulnerabilities 24x7x365. Subscription to SINTRAQ is > completely free. > > Sintelli collates and consolidates information from hundreds of > sour

Re: [Full-Disclosure] jdbgmgr.exe hoax virus?

>Does anyone have info on this? Is this a hoax? Try this: http://www.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoax.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

RE: [Full-Disclosure] Idea

> only problem is ...i dont know of anything service > wise that requires little to no modification on a > regular basis > Getting rid of the shell would break any call to system() in any program. ___ Full-Disclosure - We believe in it. Charter: htt

RE: [Full-Disclosure] CERT Employee Gets Owned

Technically speaking, "pedophile" refers to a person who is sexually attracted to pre-pubescent kids. A person who has sex with or is attracted to someone who is pubescent but underage may be considered perverse but is not technically a pedophile. -steven > -Original Message- > From: Tim

Re: [Full-Disclosure] Telnet Sniff Problems

On Mon, Mar 22, 2004 at 08:51:23PM +0100, Nico Golde wrote: > Hallo IndianZ, > realname is welcome. > * IndianZ <[EMAIL PROTECTED]> [2004-03-22 14:08]: > > Have a problem while auditing a network. > > I will capture telnet-passwords, but tcpdump > > and dsniff only show a single empty frame > > in

RE: [Full-Disclosure] Re: Microsoft Coding / National Security Risk

/me pulls hair out. It is true that security is partly a function of the measures taken by the people responsible for securing a machine or network. However, an insecure operating system will remain insecure even if managed by smart, responsible security-conscious people. The security track

Re: [Full-Disclosure] Cronning Update Jobs

On Saturday 27 March 2004 10:47, Luke Norman wrote: > I can update all the installed packages on the box by typing 'emerge sync && > emerge -u world'. I tend to do this when I can, but sometimes im away for a > few days, and so am unable to do this manually. > My question is this - are there any

Re: [Full-Disclosure] Fighting useless notification mails

-warnings.cf Cool! You made my day, thanks! - Alexander ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] erase with magnet

Am Samstag, 3. April 2004 15:36 schrieb B$H: Hi, > I'm interested in the original question about erasing a harddrive using a > magnet. Is it possible to erase data on a hard disk drive with a powerful > magnet, but then be able to use the drive and the PC again? That depends. Some harddrives ar

Re: [Full-Disclosure] erase with magnet

Am Samstag, 3. April 2004 17:09 schrieb Michael Cecil: Hi, > If you want to sanitize a drive and then reuse it, use a overwriting tool > such as Autoclave or > Eraser and use the overwriting setting > recommended by G

[Fwd: Re: [Full-Disclosure] MCSE training question]

A certificate is not just like a degree. A degree should give you a thorough grounding in the foundations of a particular field of study and the ability to learn. A certificate is intended to give you the skills to operate a particular product or suite of products. The certificate may or may no

Re: [Full-Disclosure] Core Internet Vulnerable - News at 11:00

...on Tue, Apr 20, 2004 at 07:03:01PM -0500, Jade E. Deane wrote: > When a BGP speaker loses a peer, said peer's routes are withdrawn. And then there's flap dampening... Alex. > On Tue, 2004-04-20 at 16:20 -0500, Alerta Redsegura wrote: > > If I recall well, a BGP speaker only sends/receives

[Fwd: Re: [Full-Disclosure] Wireless ISPs]

-Forwarded Message- > From: Maarten <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] Wireless ISPs > Date: Wed, 12 May 2004 02:27:41 +0200 > > On Wednesday 12 May 2004 00:08, Jeff Workman wrote: > > --On Tuesday, May 11, 2004 4:16 PM -0400 Sean Milheim <[EMAIL P

Re: [Full-Disclosure] Calcuating Loss

On Tue, May 11, 2004 at 03:02:30PM -0700, Schmidt, Michael R. wrote: > I think that part of the evolution is to lock people who create these > things up for a *very* long time. It will deter the script kittens > when they start to find that their computers are confiscated and their > parents home

Re: [Full-Disclosure] Calcuating Loss

robably best, public terminals can be a bad choice (think cameras)). Regards, Alex. > -Original Message- > From: Alexander Schreiber [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 11, 2004 10:34 PM > To: Schmidt, Michael R. > Cc: 'Frank Knobbe'; [EMAI

Re: [Full-Disclosure] leaking

On Wednesday 12 May 2004 17:01, Alerta Redsegura wrote: > Are you going to tell me you didn't see this ad in your MUA? > Then, it doesn´t render HTML! In fact yes I will tell you that. My MUA renders HTML (if you tell it to render it globally or if you tell it exokicitly for a specific mail). but

[Fwd: [Full-Disclosure] Support the Sasser-author fund started]

Are you on crack? or are you trolling? Free burglars because they exposed the open back door of a house -Forwarded Message- > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] Support the Sasser-author fund started > Date: Wed, 12 May 2004 12:55:29 -0700 > > --

RE: [Full-Disclosure] programming

Title: Message Learn C.  Unix and Linux are written in C, as is most software for those platforms.  Windows is written in C and C++.  Most exploits are written in C.  Almost all of the buffer overflow exploits and papers available are for C or C++ programs (with C++ being the minority).  For

Re: [Full-Disclosure] Support the Sasser-author fund started

On Tue, May 18, 2004 at 12:39:46PM +1200, Nick FitzGerald wrote: > "Shane C. Hage" to Bill Royds: > > > I agree with most of your statements below. > > Well, actually, he was wrong if you consider the NT family of OSes > starting in about 1993-4 (true, OOTB they were configured to be "fully >

Re: [Full-Disclosure] Support the Sasser-author fund started

On Tue, May 18, 2004 at 11:01:32PM +1200, Nick FitzGerald wrote: > Alexander Schreiber <[EMAIL PROTECTED]> to me: > > > Sorry, in a networked world, C2 ist just a bad joke. ... > > Well, at least "weak"... > > > ... Keep in mind, that > > you

[Full-Disclosure] [Fwd: Re: CST160201426ID - RE:Microsoft.Com ContactUS]

You may find this one amusing Each time I post to the list I receive a message from Microsoft about why I shouldn't send email to one of their addresses -Forwarded Message- > From: Alexander MacLennan <[EMAIL PROTECTED]> > To: MSDN Online Contact Us <[EMAIL PROTE

Re: [Full-Disclosure] [Fwd: Caveat Lector: Beastie Boys Evil]

Would this boil down to: If I can listen to it, I can copy it ? On Wed, 2004-06-23 at 17:01, Szilveszter Adam wrote: > Fetch, Brandon wrote: > > > Similarly - what's to keep someone from using their digital out form their > > home audio equipment to send the bits to their digital in on their comp

RE: [Full-Disclosure] previledge password in cisco routers

Title: Message Do a whois on the domain that the router belongs to and email the contact with:   "i ar3 ty1ng to h4ck yur b0x.  pl33z3 h3lp."   That should take care of everything. -Original Message-From: john morris [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 24, 20

Re: [Full-Disclosure] Virus scanning site...

www.virustotal.com Jeff Kell wrote: I know I've seen several posts referring to a site where you could submit suspected malware and have it scanned by several different A/V products to see if it is identified, but my mind and my google search is turning up a blank. Can someone refresh my memory

[Full-Disclosure] unsubscribe 1wingara1

___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] Please post to the list

Schmehl, Paul L wrote: > [...] So why should I, as a guy who is concerned about the > security of my network, care what blackhats have to say? > Why should I support anything the blackhats are trying > to convince me I should support? "You cannot have a science without measurement." -- R. W. Hammi

RE: [Full-Disclosure] Australia becomes a police state [serious]

Schmehl, Paul L wrote: > [...] In the end it comes down to who do you fear more? > The government (your government) that may exceed its > constitutionally proscribed powers in the pursuit of terrorists? > Or the terrorist, who knows no law and has only one goal in mind > - to kill you and as many o

RE: [Full-Disclosure] FW: The U.S. should not invade Iraq at this time

Simon Lorentsen wrote: > Is this a security list or a war opinion list ? The charter is quite clear on that: # Politics should be avoided at all costs. http://lists.netsys.com/full-disclosure-charter.html > [...] I can't see the relevance of your mail in regards to > anything remotely to do with

Re: [Full-Disclosure] [RHSA-2003:088-01] New kernel 2.2 packages fix vulnerabilities

[EMAIL PROTECTED] wrote: > [...] I choose other distro's that doesn't expire their products as soon as the > next best thing has arrived. > [...] I have a Solaris 2.6 box (even if 9 is out already, and can be downloaded > for free for that matter) just because it is not possible to upgrade those m

[Full-Disclosure] Re: fedora.org compromised

Hugo Vazquez Carapez wrote: The main website of the FEDORA linux distro (www.fedora.org) was compromised and defaced yesterday by Infohacking (www.infohacking.com). Isn't that fake? The main site is: http://fedora.redhat.com/ -- Alexander E. Pat

[Full-Disclosure] Re: yet another OpenBSD kernel hole ...

On Mon, Nov 17, 2003 at 20:23:12 -0500 (EST), [EMAIL PROTECTED] wrote: noir> attached exploit will get you uid=0 and break any possible chroot jail noir> your parent process might be in, works on all 2.x and 3.x upto 3.3. noir> noir> priv seperation, chroot jail, systrace yeah yeah right ;P theo an

[Full-Disclosure] Re: yet another OpenBSD kernel hole ...

On Tue, Nov 18, 2003 at 04:13:24PM -0500, [EMAIL PROTECTED] wrote: > > Your code does: > > if((fd = open("./ibcs2own", O_CREAT^O_RDWR, 0755)) < 0) { > > How on earth is this going to work against privilege separation ? In each > > sane setup, a server process is chrooted to a directory with no writ

[Full-Disclosure] Bypassing "smart" IDSes with misdirected frames?

On Thu, May 27, 2004 at 01:49:54PM, Michal Zalewski wrote: > A potential attack scenario involves attacker A, who happens to be on a > logical network (VLAN) local to the IDS system (just a LAN workstation > within an enterprise), If the attacker is on the same LAN as your IDS, you have many proble