RE: [Full-Disclosure] GPRS/IP-session from Nokia/Symbian mobilephonestays up

Dude, What you see is a "feature" of the GPRS system and really up to the operators to control. It works like this: In a simplified form: in GPRS the mobile phone authenticates to the mobile network via SGSN which gets its response from the HLR/VLR. The SGSN then sets up the PDP context between

Re: [Full-Disclosure] GPRS/IP-session from Nokia/Symbian mobile phone stays up

The session you refer to is called the "PDP context". Invariably the PDP context will stay open between your mobile and the Mobile Operators network until the user ceases traffic. And yes, you will be charged for the traffic requests. Re: Pinging other mobile phones. You might be able to, but

[Full-Disclosure] help.msn.com

This is gonna be quick'n'dirty. My dinner is almost cooked... More XSS for MSN to add to the list: 1. Cross site scripting (In _javascript_ context) http://help.msn.com/en_au/DirectedHelpControls.asp 1.1 GET /en_au/DirectedHelpControls.asp?DataMarket=%27%2Balert(%27Bills

RE: [Full-Disclosure] Fw: Citibank reminder: please update your data

Neither does 211.97.248.60:-)[EMAIL PROTECTED] wrote: H. Doesn't look like citibank to me;Hualin Qianaddress: Chinese Academy of Sciencesaddress: Computer Network Centeraddress: P.O.Box 2418-26address: Beijing, 100081address: CNphone: +86 1 2569960e-mail: [EMAIL PROTECTED]nic-hdl:

[Full-Disclosure] XSS in Spyware installs with no interaction in IE on fully patchedXP SP2 box

http://themexp.org//preview.php?mid=72936type="'img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(%26quot;poo%26quot;)view=datepage=cat=name=blue+biohazard.zip Aboveis a measly example of XSS - upload any file you like

Re: [Full-Disclosure] tired of spam? time to fight back! or fightspam.nm.ru

I can't get my head around the idea that this is not a bandwidth exhaustion attack which may be misconstrued as a DoS (hi to policy makers in brussels)... In any case I do like the idea of denying the Spam mongerers their web presence. I have a question from the /about.htmlon fightspam.nm.ru

RE: [Full-Disclosure] Scandal: IT Security firm hires the author of Sasser worm

Dear ktabic, Piss off and die plz. Tnx! Bye. (Hate to spam the rest of the list but just deal with this retards inane comments any longer).ktabic [EMAIL PROTECTED] wrote: On Tue, 2004-09-21 at 05:08 -0700, Harlan Carvey wrote: It's pretty clear, then, how this particular example compares to the

Fwd: [Full-Disclosure] Where is security industry gng??

its "going" to get you if you keep asking wanker questions.. n30 [EMAIL PROTECTED] wrote: From: "n30" <[EMAIL PROTECTED]>CC: "Mailing List - Full-Disclosure" <[EMAIL PROTECTED]>Subject: [Full-Disclosure] Where is security industry gng??Date: Mon, 13 Sep 2004 08:03:33 -0700Network security -

[Full-Disclosure] automati%20clabs

This is petty, but given the context kind of amusing... http://automaticlabs.com/products/enkoderform/offers an obfuscation method for html pages. They also offer (in the advanced form) a link to attritions mirror of the Fluffi Bunni attritoin defacement. Simply add the following script:

Re: [Full-Disclosure] automati%20clabs

ww.attrition.org/mirror/attrition/2001/07/28/www.attrition.org/hbun.jpg"marqueeshit/marquee Cheers!!jamie fisher [EMAIL PROTECTED] wrote: This is petty, but given the context kind of amusing... http://automaticlabs.com/products/enkoderform/offers an obfuscation method for html pages. They also

[Full-Disclosure] Application validation on defensivethinking.com

I've noticed some issues with respect to the way some of defensivethinking's web pages handle and validate (or rather not validate) scripts. Link: http://defensivethinking.com/contact/submit.php Parameter: strFirstName=admin - strFirstName="'scriptalert('Look mummy I'm on Big Kev's web