Can anyone verify this, coz I have some installations with
Outlook 2003 and I dont seem to see any files
copied to the Local Settings\Temp when using the img tag.
On Sun, 9 May 2004, [EMAIL PROTECTED] wrote:
Date: Sun, 9 May 2004 23:31:08 -
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
To:
At 10:47 PM 5/17/2004 -0600, John Galt wrote:
Once every so often is public service. Twice in a month is SPAM.
Not when it's in response to a valid whine...er, complaint.
m5x
___
Full-Disclosure - We believe in it.
Charter:
Which part of :
i played around with ActiveState's ActivePerl for Win32
didn't you understand?
On May 17, 2004, at 7:27 PM, Troels Bay wrote:
Well, it dosen't do anything on my system (not sure if non-X86
On Tue, May 18, 2004 at 12:39:46PM +1200, Nick FitzGerald wrote:
Shane C. Hage to Bill Royds:
I agree with most of your statements below.
Well, actually, he was wrong if you consider the NT family of OSes
starting in about 1993-4 (true, OOTB they were configured to be fully
Win 3.x
Dear [EMAIL PROTECTED],
Seems not to ve Active Perl specific:
Y:\perl -e $a=A x 256; system($a)
Exception: STATUS_ACCESS_VIOLATION at eip=610760D4
eax=41004141 ebx= ecx=0022F748 edx=0022F748 esi=0A052A18 edi=
ebp=0022F730 esp=0022F5C8 program=y:\cygwin\bin\perl.exe
cs=001B
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
e-matters GmbH
www.e-matters.de
-= Security Advisory =-
Advisory: phpMyFAQ local file inclusion vulnerability
Release Date: 2004/05/18
Last Modified: 2004/05/18
http://www.theregister.co.uk/2004/05/17/phatbot_suspect_bailed/
Phatbot suspect released on bail
By John Leyden, The Register, 17 May 2004
The suspected author of the Phatbot Trojan was released on bail last
Friday after spending a week in custody. German authorities arrested
the 21-year-old
There's more evidence from this story that he's a coward than a pacifist
Do they draft 21 year-olds in Germany?
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
Emails from the suspect showed he wanted to leave Germany to avoid
military service. This, combined with the seriousness of computer
sabotage charges he faced, led police to initially oppose bail. Police
have now relented after the suspect agreed to surrender his identity
papers and report
Do they draft 21 year-olds in Germany?
Yes, they do. You can get drawn in until you're 27, but there are plenty
ways out of it as well.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Alexander Schreiber [EMAIL PROTECTED] to me:
Sorry, in a networked world, C2 ist just a bad joke. ...
Well, at least weak...
... Keep in mind, that
you do not get a blank certificate for 'this OS', but the certification
always is for the full OS/hardware combo. No, you can't purchase the
[EMAIL PROTECTED] to me:
Actually reading what C2 *required* is quite enlightening.
More worrying given that MS' focus on getting C2 certified was to be
able to bid for the more lucrative DoD and related contracts that
required C2-level systems (no matter how arbitrarily -- incredibly few
of
C:\Documents and Settings\BillPerl -v
This is perl, v5.8.0 built for MSWin32-x86-multi-thread
(with 1 registered patch, see perl -V for more detail)
Copyright 1987-2002, Larry Wall
Binary build 802 provided by ActiveState Corp. http://www.ActiveState.com
Built 00:54:02 Nov 8 2002
Perl may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 504-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
May 18th, 2004
Hi Stef.
I understood as much as this guy wanted if anyone could reproduce it.
And I understood that he himself was running an x86-system (which I
mentioned). And then I just let you know that unix doesn't seem to be
affected. Sorry if I did anything wrong.
On May 18, 2004, at 07:16, Stef
Hi,
On Tue, 2004-05-18 at 11:59, Larry Seltzer wrote:
There's more evidence from this story that he's a coward than a pacifist
Do they draft 21 year-olds in Germany?
Yes. Every German male citizen can be drafted until he is 27 or in the
case that he studied medical science he can be drafted
Hmmm...compulsory national service...what a cheap way of getting a labour force.
I'm mixed on my views on this - on the one hand having this labour force is a good
thing, and a younger me could have definately done with having some discipline and
structure, but then again reports of what used to
Hi!
Am Mon, May 17, 2004 at 10:23:56PM +0200, [EMAIL PROTECTED] schrieb:
i played around with ActiveState's ActivePerl for Win32, and crashed
Perl.exe with the following command:
perl -e $a=A x 256; system($a)
I wonder if this bug isnt known?!? Because system() is a very common
Hi,
On Tue, 2004-05-18 at 13:58, Jos Osborne wrote:
Hmmm...compulsory national service...what a cheap way of getting a labour force.
I'm mixed on my views on this - on the one hand having this labour force is a good
thing, and a younger me could have definately done with having some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 18 May 2004 [EMAIL PROTECTED] wrote:
well, i just donated $10 USD long live the criminals
May Roger Ebert spit on you for eternity...
(google for Boulder Pledge)
- Original Message -
From: John Galt [EMAIL PROTECTED]
To: Kurt
I think we found what to do with this guy. You always need another hand to dig latrines
and clean them out.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
[EMAIL PROTECTED]
___
Guys,
I did a snoop from our
tech sandbox (xx) to port 389 using the
following command:
'snoop -v port 389' (without the quotes). The attached
file shows a segment
of the results. Notice the line:
ETHER:
Destination = 0:0:5e:0:1:1, U.S.
Department of Defense
(IANA)
Why
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
i played around with ActiveState's ActivePerl for Win32, and crashed
Perl.exe with the following command:
perl -e $a=A x 256; system($a)
Ditto -- v5.8.0 built for MSWin32-x86-multi-thread on Win2K SP4 plus
all but last week's security patch:
Does anyone know what's causing the port 5000 scans yet?
http://isc.incidents.org/port_details.php?isc=b4827221b7f45feeb0c12bc5040cab
c9port=5000repax=1tarax=2srcax=2percent=Ndays=10Redraw=Submit+Query
Geo.
___
Full-Disclosure - We believe in it.
Ondrej Krajicek wrote:
PS: [1] ...netstat wouldn't do, it does not display pid (or something).
netstat -AnO will display PIDs, and tasklist will display filenames + PIDs
(on WXP and W2k3).
___
Full-Disclosure - We believe in it.
Charter:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lead to unexpected behavior? That is definately not the candor and
honesty the world expects from what may be the leading Linux
distribution, or any open source project. It reeks of proprietary
vendor risk whitewashing. Either you don't understand the
Hi..
Volker Tanger wrote:
Your command line parameters for perl.exe are probably:
1.) -e
2.) $a=
3.) A
4.) x 256; system($a)
Thus are you sure you get $A set with 256 As?
In short: He doesn't.. Perl will just issue a syntax error ;)
Besides:
The
This is probably the new mail notification service used by Exchange. See
http://support.microsoft.com/default.aspx?scid=kb;EN-US;264035
Thank you, I've missed this. Nevertheless, I've tried what the article
suggests with _no_ success. Moreover, it seems that other Office
(2003) suite
Geo. wrote:
Does anyone know what's causing the port 5000 scans yet?
http://isc.incidents.org/port_details.php?isc=b4827221b7f45feeb0c12bc5040cab
c9port=5000repax=1tarax=2srcax=2percent=Ndays=10Redraw=Submit+Query
Supposedly...
http://isc.sans.org/diary.php?date=2004-05-17
--
Dave
[EMAIL PROTECTED] wrote:
Do they draft 21 year-olds in Germany?
Yes, they do. You can get drawn in until you're 27, but there are plenty
ways out of it as well.
No, that has been changed in the past. If you're 23 years old or above
you are not even longer needed by the military. Also they
Guys,
I did a snoop from our tech sandbox (xx) to port 389 using
the following command: 'snoop -v port 389' (without the quotes).
The attached file shows a segment of the results. Notice the line:
ETHER: Destination = 0:0:5e:0:1:1, U.S. Department of Defense
(IANA)
Why
On Tue, 2004-05-18 at 08:16, Geo. wrote:
Does anyone know what's causing the port 5000 scans yet?
http://isc.incidents.org/port_details.php?isc=b4827221b7f45feeb0c12bc5040cab
c9port=5000repax=1tarax=2srcax=2percent=Ndays=10Redraw=Submit+Query
Why yes. http://isc.sans.org/index.php?on=diary
I've spend some time with this topic. Thinking about it, that is. Here
we are, in a free country. Hypothetically, each of us, as a citizen
needs to participate in the framework structure of our country. As of
now, the general citizen does that through taxes. Officially, we still
have a
Not working at all with ActivePerl 5.8.x (up to 5.8.4) and Windows 2000
Prof. SP3, german edition.
Besides I couldn't see any Perl version in his advisory.. or maybe I'm
just too blind to see it..
*getsmorecoffeetostartwakingup*
Reproduced with 5.6.1/win95.
On Mon, 17 May 2004, [EMAIL
Not having any grant permissions. I went into the mysql/user table and
edited the Grant from N to Y. Logged out and logged back in, and I had
full privs including Grant. I shouldn't be able to do this...
Joel
___
Full-Disclosure - We believe in it.
perl, v5.8.2 MSWin32-x86-multi-thread suffer the same.
Tuesday, May 18, 2004, 7:14:41 PM, you wrote:
NF [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
i played around with ActiveState's ActivePerl for Win32, and crashed
Perl.exe with the following command:
perl -e $a=A x 256; system($a)
NF
On Tue, 2004-05-18 at 06:58, Jos Osborne wrote:
Hmmm...compulsory national service...what a cheap way of getting a labour force.
I'm mixed on my views on this - on the one hand having this labour force is a good
thing, and a younger me could have definately done with having some discipline and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
What permissions DID you have prior to editing your grants. How did you
edit the grant (i.e. update user set Grant_priv = 'Y' where user =
'floobie' ). What version of mysql? Did you log in as yourself to edit
the grants, or as another user? Also,
Geo. wrote:
Does anyone know what's causing the port 5000 scans yet?
http://isc.incidents.org/port_details.php?isc=b4827221b7f45feeb0c12bc5040cab
c9port=5000repax=1tarax=2srcax=2percent=Ndays=10Redraw=Submit+Query
Geo.
___ Full-Disclosure - We
What were your other privileges. If you did not have any grants then why
in the heck did you have any access rights to the mysql database (not
product) tables? Seems that you had a DBA error, not a product error.
Jim
On Tuesday 18 May 2004 9:02 am, Esler, Joel - Contractor wrote:
Not having
What do other people think?
Other people think things like why the fuck am I reading this?, I thought I signed up
to a computer security list?
Would anyone like a recipe for apple pie while I'm here?
Maybe a transcript or a classic fawlty towers episode?
yes, I know, and yes I'm going to
Vendor : WEBCT
URL : http://webct.com/
Version : WebCT Campus Edition Version 4.1
Risk : Cross site scripting
Description: WebCT is the world's leading provider of e-learning systems for
educational
institutions.
WebCT's vision is to deliver innovative e-learning solutions to help
institutions
I did not have the grant priv, I had select, insert on mysql db. (I did
log in as a different user --i.e. not root) Using MysqlCC I changed the
Grant field from N to Y, and then could grand myself all privs to every
database.
Of course, I did have select, insert on mysql.. probably why huh?
Am I the only one who thinks that this list is slowly descending into
complete worthlessness? It's amazing. The kiddies tried to destroy it
early on and failed. So then the members of the list did the job for them.
Worthless topic after worthless topic until the real purpose of the list
has
and we seem to get control of EIP. Coincidence? Try yet two more:
C:\perl -e $a=A x 261; system($a)
C:\perl -V
Characteristics of this binary (from libperl):
Compile-time options: MULTIPLICITY USE_ITHREADS PERL_IMPLICIT_
LICIT_SYS
Locally applied patches:
ActivePerl Build 635
Understood, but why would this system be trying to make a connection there? I has no
reason to be connecting and we just noticed it which raised a few questions.
This mailbox protected from junk email by MailFrontier Desktop
from
On Tue, 2004-05-18 at 09:41, Paul Schmehl wrote:
Am I the only one who thinks that this list is slowly descending into
complete worthlessness? [...] (And *this* will devolve into
another 250 post thread about nothing.)
Yeah, yeah, yeah. Sorry, I shouldn't have cc'ed FD on it, and pollute
the
On Tue, 2004-05-18 at 10:02, Esler, Joel - Contractor wrote:
Not having any grant permissions. I went into the mysql/user table and
edited the Grant from N to Y. Logged out and logged back in, and I had
full privs including Grant. I shouldn't be able to do this...
Joel
but does your user
On Tue, May 18, 2004 at 11:01:32PM +1200, Nick FitzGerald wrote:
Alexander Schreiber [EMAIL PROTECTED] to me:
Sorry, in a networked world, C2 ist just a bad joke. ...
Well, at least weak...
... Keep in mind, that
you do not get a blank certificate for 'this OS', but the
Hey Joel,
Comments inline...
-Oorspronkelijk bericht-
Verzonden: dinsdag 18 mei 2004 16:02
Aan: [EMAIL PROTECTED]
Onderwerp: [Full-Disclosure] User bypass privs for Mysql??
J Not having any grant permissions. I went into the mysql/user table and
J edited the Grant from N to Y. Logged
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Esler, Joel - Contractor wrote:
| I did not have the grant priv, I had select, insert on mysql db. (I did
| log in as a different user --i.e. not root) Using MysqlCC I changed the
| Grant field from N to Y, and then could grand myself all privs to
Could be. I didn't check, just was weird when I did it.
-Original Message-
From: Michael Gargiullo [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 18, 2004 12:35 PM
To: Esler, Joel - Contractor
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] User bypass privs for Mysql??
On Tue,
Am I the only one who thinks that this list is slowly descending into
complete worthlessness? It's amazing. The kiddies tried to
destroy it
early on and failed. So then the members of the list did the
job for them.
Worthless topic after worthless topic until the real purpose
of the
On Tuesday 18 May 2004 18:24, Esler, Joel - Contractor wrote:
I did not have the grant priv, I had select, insert on mysql db. (I did
log in as a different user --i.e. not root) Using MysqlCC I changed the
Grant field from N to Y, and then could grand myself all privs to every
database.
Of
Bobax and Kibuv worms
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Frank
Knobbe
Sent: Tuesday, May 18, 2004 9:46 AM
To: Geo.
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Port 5000
On Tue, 2004-05-18 at 08:16, Geo. wrote:
Does anyone know
On Tue, 18 May 2004 15:15:56 +0200, Soderland, Craig [EMAIL PROTECTED] said:
I did a snoop from our tech sandbox (xx) to port 389 using the
following command: 'snoop -v port 389' (without the quotes). The attached
file shows a segment of the results. Notice the line:
I don't see an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[EMAIL PROTECTED] wrote:
hi folks,
i played around with ActiveState's ActivePerl for Win32, and crashed
Perl.exe with the following command:
perl -e $a=A x 256; system($a)
I wonder if this bug isnt known?!? Because system() is a very common
command
Can anybody reproduce this?
I put
Does anyone know what's causing the port 5000 scans yet?
This seems to be it:
Port 5000 Traffic Indicates Kibuv.b Worm At Work
Nope, it's not Kibuv.b, that uses other ports as well and traffic on those
is normal. Probably bobax worm or something new.
Geo.
Soderland, Craig wrote:
ETHER: Destination = 0:0:5e:0:1:1, U.S. Department of Defense
This mac looks familiar for me,isn't it the mac address used by vrrp ID
1? Isn't your default gateway a nokia firewall (or was,in which case you
should reconfigure some device in order to remove
Sorry, Jelmer, but you're WAY off base on this one. IMHO, spyware is
already larger than netsky and sobig, and will probably be larger than
nimda before the end of the year. But that's my opinion, you want
evidence, so here are some cold, hard facts.
Check out these http proxy log entries:
On Tue, 18 May 2004 18:54:36 +0200, Soderland, Craig [EMAIL PROTECTED] said:
Understood, but why would this system be trying to make a connection there? I
has no reason to be connecting and we just noticed it which raised a few
questions.
You're missing the point - if another machine on the
Hi!
I'm just playing around with my wireless LAN config in Windows 2000
Professional. There is some security dialog where you can enter your
WEP key in 26 hex digits. You may enter them but not read them because
they are masked with ***. I have a tool which reads the plaintext of
such password
On Fri, 2004-05-14 at 06:22, Yan Doldonov wrote:
After all, nobody forces anyone to purchase and use MS Products. MS has been
selling imperfect products for years and people still continue to use them.
Intresting, I seem to recall a minor anti-trust case in the US that
kinda decided that M$
Can anyone give me the source code to a good web application security scanner written
in C# so I can start my own company? Drop me an email with a link or code off of
the list please.
___
Full-Disclosure - We believe in it.
Charter:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: kdelibs
Advisory ID:
Skid, I am sorry that you misunderstood my post. I am by no means
downplaying the fact that spyware is a menace and that many unscrupulous
website owners use IE vulnerabilities to install spy / add ware on
unsuspecting user's pc. Based on how often I encounter these kind of pages I
imagine it's a
Don't have too much experience with ldap or how you're using it, but my
money would be on prisoner.iana.org
Check google for more info
p34ce
Steele
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Soderland, Craig
Sent: Tuesday, May 18, 2004 9:16 AM
To:
Hi Joel,
can u submit your mysql `users` table.
Tuesday, May 18, 2004, 10:17:03 PM, you wrote:
EJC Could be. I didn't check, just was weird when I did it.
EJC -Original Message-
EJC From: Michael Gargiullo [mailto:[EMAIL PROTECTED]
EJC Sent: Tuesday, May 18, 2004 12:35 PM
EJC To:
Reproduced with 5.6.1/win95.
On Mon, 17 May 2004, [EMAIL PROTECTED] wrote:
Date: Mon, 17 May 2004 22:23:56 +0200
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Buffer Overflow in ActivePerl ?
hi folks,
i played around with ActiveState's
http://isc.sans.org/diary.php
J
On Tue, 2004-05-18 at 15:16, Geo. wrote:
Does anyone know what's causing the port 5000 scans yet?
http://isc.incidents.org/port_details.php?isc=b4827221b7f45feeb0c12bc5040cab
c9port=5000repax=1tarax=2srcax=2percent=Ndays=10Redraw=Submit+Query
Geo.
Seems to be working fine in version 5.8.1. No errors or crash on my system (Win2K all
patches - that 04011 -patch)
P:\perl -v
This is perl, v5.8.1 built for MSWin32-x86-multi-thread
(with 1 registered patch, see perl -V for more detail)
Copyright 1987-2003, Larry Wall
Binary build 807
Hello all,
Frank Knobbe wrote:
Not really a topic for Full-Disclosure. But since you asked...
I will only answer once on this list for Tobias offered an off-topic
discussion before.
I think more countries should have that. Not so much for the military
service, but for the civil service. I
Oliver,
Quickly testing the below string at the command
line does crash perl.exe. I have ActivePerl 5.8.0 Build 805 install on a
Windows 2000 machine.
perl -e "$a="A" x 256; system($a)"
-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, May 17, 2004
74 matches
Mail list logo