Re: [Full-Disclosure] RE: Windows XP explorer.exe heap overflow.

win2k profesional and win2k advanced server, with all patch aplied, also takes 100% of the cpu with that file. - Original Message - From: "Otero, Hernan (EDS)" <[EMAIL PROTECTED]> To: "Michael Wojcik" <[EMAIL PROTECTED]> Cc: "Chris Calabrese" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMA

Re: [Full-Disclosure] 13 NASA Servers Hacked

Bill Royds wrote: Of course the Americans know that the Iraqis had WMD. They gave them to Saddam in the 1980's. It was some guy called Donald Rumsfield that arranged for Iraq to have 8 cultures of biological weapons so that they could attack Iran. That is why they were so sure that Iraq had WMD.

Re: [Full-Disclosure] About my last posts ( in reply of morning_wood@singapore.net ) : Excuses

Dear Lorenzo: Forget me!!! It's sufficient demostrated that you are (windows) kiddie Yes, if you want, you are the best... All we, are kiddies... You are Sherlock Holmes (I like your hard investigations)... But, please, forget us all !!! Leave that list and join [not-security-adolescents], ple

Re: [Full-Disclosure] RE: Yahoo Instant Messenger YAUTO.DLL buffer overflow

madsaxon wrote: You bet. 18 USC 871(a): Whoever knowingly and willfully deposits for conveyance in the mail or for a delivery from any post office or by any letter carrier any letter, paper, writing, print, missive, or document containing any threat to take the life of, to kidnap, or to inflict

Re: [Full-Disclosure] "The Rotten File" ( XFTeam IRC Chat log - script kiddies - just for fun )

Lorenzo Hernandez Garcia-Hierro wrote: Here you can find a chat log between Daniel Barttlet ( NSRG-Security Research member and my friend ) with the "staff" of the XFteam hax0rs ( xD ) They are kiddies... I was looking the files and there are only high-risk-rated exploits downloaded from packet

Re: [Full-Disclosure] file inclusion (les visiteurs)

If you analize the url and the msg send by Evert, it's only a extract of his apache (or webserver) log. I understand that it is only an advise of what has find on his webserver, warning others of a possible atack if they have 'les visiteurs' installed. The exploiting, injections and webscan in goog

Re: [Full-Disclosure] file inclusion (les visiteurs)

Hi Lorenzo, First there isn't *their server*. It's other stuff server (c2r.canalforbid.org). Second, they use this server to serve an include file (hax.gif), a php include to *inject* in the buggy 'les visiteurs' (web statistics program) remotely and execute shell commands. And I don't thing the