Re: [Full-Disclosure] Re: Use of Brutus

Well, my opinion of this group just went down a few notches. As hard as it may be to believe, there are actually some people that want to use tools like this to safeguard their applications. Grow up.starwars [EMAIL PROTECTED] wrote: Chris Sharp wrote: I've been trying for some time now to use

[Full-Disclosure] Use of Brutus

Hi all, I've been trying for some time now to use Brutus (BrutusA2.exe)to help with an internal review of the security of the user passwords for an application. I'm having some trouble getting Brutus to work with form-based authentication and am hoping to find some additional information on how I

[Full-Disclosure] XSS In mldonkey - But....

Mldonkey is an open source p2p client which supports a load of networks, it doesn't have a built in UI, you can telnet into it, or there's a web interface which can be accessed from http://127.0.0.1:4080/ (or whatever port you configure it to run on) They've done a great job at making sure

[Full-Disclosure] Bytehoard File Disclosure VUlnerability Sequel

So I'm sure this passed over your inboxes in some form or another http://www.securiteam.com/unixfocus/6L00L008KE.html Just a standard directory traversal attack in an open source, fixed rapidly like any good open source project. Except that nobody really looked too hard at the software, try

Re: [Full-Disclosure] Foundstone Labs to Present Information on New Microsoft Vulnerabilities

What the fuck is this doing on Full Disclosure? Foundstone didn't even have anything to do with the discovery of these vulnerabilities, and yet your posting this 'Briefing' to FD in the hope that someone might associate you with this and give you some PR props. Go and stand in the corner and

Re: [Full-Disclosure] Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine

Looks like it also affects the asp pages too search.asp?query=scriptalert(document.cookie)/script Chris --- Sintelli SINTRAQ [EMAIL PROTECTED] wrote: Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine 09 October 2003 PDF version:

Re: [Full-Disclosure] Foundstone DCOM Scanner

Well that's clearly not a commercial for Foundstone! They must be jealous jealous that the competitor's Microsoft vulnerability was actually interesting and exploitable. Who cares about 'up to 16 bytes of random memory leakage', I want to remotely 0wn any 'd0ze box. CS --- Jones, David H

[Full-Disclosure] Non-Lame XSS Vulnerability - Analog-X Proxy

you want to accomplish with your newfound global XSS prowess. Chris Sharp __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com ___ Full-Disclosure - We believe

[Full-Disclosure] Realistic Link Between MSBlast Power Outages

Those Cyberterrorism nuts may have something? Does anyone have any idea whether there's any weight to this anonymous post on Slashdot? http://slashdot.org/comments.pl?sid=74774cid=6701771 MS Worm Power Cuts (Score:5, Interesting) by Anonymous Coward on Thursday August 14, @17:25 (#6701771) OK