Hello,
I am building a web interface which will help to monitoring the
mailing list easier. The interface get the RSS feed from
seclist.org and other web site and convert them into a single
web interface. Now the web interface include full-disclosure,
bugtraq, Internet Storm Center, OSVDB, and
further testing...
c:\type test1.pl
#test1.pl
$a=A x 256; system($a);
http://[host]/test1.pl
[host - output ]
The instruction at 0x28073f63 referenced memory at 0x01c42ce0.
The memory could not be read
c:\type test2.pl
#test2.pl
$a=A x 261; system($a);
http://[host]/test2.pl
[host - output ]
wow that's nice..any chance you setting up an rss feed of your site?
vertex wrote:
Hello,
I am building a web interface which will help to monitoring the
mailing list easier. The interface get the RSS feed from
seclist.org and other web site and convert them into a single
web interface. Now the
Phriday , May 21, 2004
Several pheeble yet interesting phishing possibilities arise as
phollows:
Take one .htaccess trivially modified to suit the target
scenario:
AuthName EXCHANGE SERVER LOGIN ERROR: PLEASE TRY AGAIN
AuthType Basic
One throw-away domain which can include the target's
Actually, you can use following to get feed for full-disclosure and bugtraq on
you website,
script src=http://www.securitytrap.com/seclist.js;/script
script src=http://www.securitytrap.com/list_display.js;/script
script
var full_max = '10';
var bugtraq_max = '10';
var securitytrap_max = '4';
Don't feed the trolls...
On Thu, May 20, 2004 at 03:24:01PM -0400, [EMAIL PROTECTED] wrote:
I want to start my own web application security company using open source code so I
don't have to pay for it. That way I can get everyone else to do my work for me and
make lots of money
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenPKG Security AdvisoryThe OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
[EMAIL PROTECTED]
I'll bet he/she still drives the usenet folks buggy seeking folks to
complete his homework as well.
Thanks,
Ron DuFresne
On Fri, 21 May 2004, Sean Crawford wrote:
Ron Dufresne wrote
the harry potter and lord of the rings movies must have blinded many here
to trolls and flamebait.
As soon as I saw the C# I knew it was a troll..
On Fri, 21 May 2004, Mister Coffee wrote:
Don't feed the trolls...
On Thu, May 20, 2004 at 03:24:01PM -0400, [EMAIL PROTECTED] wrote:
I want to start my own web application security company using open source code so
I don't have to
Ron Dufresne wrote
I'll bet he/she still drives the usenet folks buggy seeking folks to
complete his homework as well.
And also older than most of the teachers at it's school!.
On Fri, 21 May 2004, Sean Crawford wrote:
Ron Dufresne wrote
the harry potter and lord of the
CVS Remote Entry Line Heap Overflow Root Exploit (Solaris)
http://www.k-otik.com/exploits/05212004.CVS_Solaris.c.php
CVS Remote Entry Line Heap Overflow Root Exploit (Linux/FreeBSD)
http://www.k-otik.com/exploits/05212004.CVS_Linux.c.php
...
Do you Yahoo!?Yahoo! Domains - Claim yours for only
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Well, concerning the German Teenager who is responsible for releasing
sasser, Mitnick states:
He was no great technical expert. There was a published vulnerability and
he took his worm and used his exploit code to be able to propagate it in the
many systems that Sasser touched.
See the following link, or the attached advisory.
http://fux0r.phathookups.com/advisory/sp-x12-advisory.txt
badpack3t
www.security-protocols.com
SP Research Labs Advisory x12
-
BNBT
Dear sir,
I just recieved
the activation email from th stormpay.com
the activation
email contains the password to the site!
sir may i know why
does the stormpay.com send the password by email with *all* the account details
to the email address in plaintext that is not encrypted ?
i
Wow, such deep insight. HELLLO, almost all the big worms had
vulnerabilities published, in some cases years before the worm was released.
There is a solution APPLY THE DARNED PATCHES
Ex
-Original Message-
From: RandallM [mailto:[EMAIL PROTECTED]
Sent: Friday, May 21, 2004
Is this necessarily worthy of a post to FD?
I have never used that site, but I would only consider it evil if:
1) I gave it a password at signup
and
2) It emailed that password back to me
or
3) The password was not changable
or
4) the
18 matches
Mail list logo
