yesterday some client were trying these exploits..freezing web
servers. also last month we faced similar problems after sctp_setsockopt() and
mremap(2) system vulnerabilities exploits were released. The frustration of
these possible attacks and even the headache of updating these kernels are
--- [EMAIL PROTECTED] wrote:
There is a history of years and years of antivirus
products
choking on funky compressed files.
We had reports of quite a few AV products crapping
out on
the invalid zip files included with our zip advisory
from 2002:
mounting. Anyone suggest an easy solution to stop executing binary but also
allowing the cgi-bin.
Not really,
but you could activate PaX which prevents the exploit!
hth...
Stefan
pgpl2JsYc4Mho.pgp
Description: PGP signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 519-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
June 15th, 2004
see attached advisory.
--
Jerome
[pgp keyid : 33D7802F http://pgp.mit.edu]
[key fingerprint : 82E6 C9C8 05D1 BEAC 9353 8ECB CEAF 6A0A 33D7 802F]
Ebat Advisory #01
-
NULL Pointer dereference Denial of Service in Thy httpd
date: 15/06/04
author: jethro
-
--- Shashank Rai [EMAIL PROTECTED] wrote:
On a Fedora Core-2 box.
Virus scanning report - 15 June 2004 @ 7:50
F-PROT ANTIVIRUS
Program version: 4.4.2
Engine version: 3.14.11
VIRUS SIGNATURE FILES
SIGN.DEF created 12 June 2004
SIGN2.DEF created 12 June 2004
MACRO.DEF created 7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Aditya, ALD [Aditya Lalit Deshmukh] wrote:
First of all this might be a social engg. attempt to find your
antivirus versions and if the allow passing of malicious code thr.. so
please santise your data before sending to the list
Who, Bipin? Are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stefan SF wrote:
Not really,
but you could activate PaX which prevents the exploit!
hth...
Stefan
The vulnerability mentioned in the topic affects PaX enabled kernels as
well.
Cheers,
- -Dave
- --
| Dave Monnier - [EMAIL PROTECTED] -
Hi list,
akamai disappeared from the internet about an hour ago.
(all their dns servers are dead, hence many companies that
use akamai are unreachable: microsoft.com/liveupdate.symantec.com
apple/some search engines)
Does anyone know if it is security-related (ddos, something else).
Regards,
Niek
Hiya,
It is nice to see my inbox today, having 100MB or storage space, 84%
remaining. Yahoo now allows up to 10MB attachment too I am not sure
about .co.uk is still allowing POP or not with 100MB, as it was with 6MB.
Regards,
S. Imran Ali
___
Hello Everyone,
I recently came across a linux based live-cd designed for virus scanning, disaster
recover, network analysis, etc.
http://www.inside-security.de/insert_en.html
I think it is very useful to scan a windows machine from viruses while having that
machine booted to linux. This
hrmm my yahoo account still shows 4.0 megs..do you have a paid account?
Syed Imran Ali wrote:
Hiya,
It is nice to see my inbox today, having 100MB or storage space, 84%
remaining. Yahoo now allows up to 10MB attachment too I am not sure
about .co.uk is still allowing POP or not with 100MB, as
Tuesday, June 12, 2004
The following courtesy of 'bitlance winter' adds an entirely new
dimension to the matter and also suggest some additional
peculiarities at play:
a href='http://quot;gt;lt;plaintextgt;.e-gold.com'foo/a
a href='http://quot;gt;lt;scriptgt;alert()lt;%
I've looked at several bootable Linux cd's and haven't found one to
remove Window's spyware. BartPE ( http://www.nu2.nu/pebuilder/ ) is a
Windows XP/2003 based bootable CD that will allow you to run Adaware.
The one limitation seems to be that it won't scan the registry on the
Windows
On Mon, June 14, 2004 3:30 pm, Curt Purdy said:
You think infosec.volubis.com was dissing us?
[...]
Quote:
has been posted onto a dull disclosure mailing list.
f and d are right next to each other on a querty keyboard. Perhaps it was
just a typo. :-?
-Eric
--
arctic bears - affordable email
Perhaps it is for users who have been with Yahoo for a really long time? I
just checked and mine has been upgraded to 100Mb.
Actually, I wasn't too worried about it because for several months now
their quota on my account has been broken! It always said 92% of capacity
even when I knew I had
This is the best phishing scam I've seen yet:
http://www.bis1bp.com/a12/index.html
I have Windows Server 2003 fully patched and this works. The program fakes an address
bar so this
would pass through most people's safety check, after all the address bar clearly has
the correct
address.
There
The real questions fellows is though, what does any of this have to do
with security, and who cares how much storage space your particular ISP or
e-mail provider supplies?
Thanks,
Ron DuFresne
On Tue, 15 Jun 2004, William Warren wrote:
hrmm my yahoo account still shows 4.0 megs..do you have
This message is automatically generated by Groupwise. Apologies for not being able to
attend to your email. I'm away and will be back on 17 June. During this period, I will
not have access to email.
If the matter is urgent, please contact the following:
Kim Chwee 6878-2640
Joke Fong
I've just been told that it was a DoS. No details.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Niek Baakman
Sent: Tuesday, June 15, 2004 09:58
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Akamai
Hi list,
akamai disappeared from
I think it is very useful to scan a windows machine
from viruses while having that machine booted to
linux. This pretty much ensures that you will find
all the virii on that system.
Not necessarily. You'll have to update the virus
signatures on your CD distribution prior to scanning,
and
On Tue, 15 Jun 2004, David Lederman wrote:
This is the best phishing scam I've seen yet:
http://www.bis1bp.com/a12/index.html
I have Windows Server 2003 fully patched and this works. The program fakes an
address bar so this
would pass through most people's safety check, after all the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
At 11:35 AM 6/15/2004 -0500, you wrote:
Perhaps it is for users who have been with Yahoo for a really long time? I
just checked and mine has been upgraded to 100Mb.
Actually, I wasn't too worried about it because for several months now
their quota on my account has been broken! It always said
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ATTENTION LAMERS
Speaking for myself only, something has to be done
about the quality of the information, and the standards
of netiquette on this list.
We all don't need to see mindlesS banter, and other noise
spewing back and forth. If you can, please try to not post
this spewage to the
At 09:43 AM 6/15/2004 -0700, you wrote:
I think it is very useful to scan a windows machine
from viruses while having that machine booted to
linux. This pretty much ensures that you will find
all the virii on that system.
Not necessarily. You'll have to update the virus
signatures on your CD
I've just been told that it was a DoS. No details.
Unlikely, Akamai is an overlay network the root content node is not
reachable.
Akamai can in real time spread web traffic through out their global network
of
servers, diluting a DoS to the point it is not significant. It is more
likely that
This is a slick phishing scam, I have to admit. One thing I noticed
though;
I printed the various pages of the website out with IE to use as an
example and I noticed that the real URL appeared at the bottom of each
page as opposed to the bogus one. I thought that was interesting. Has
anyone
Young called it a large scale, international attack on Internet
infrastructure. However, there was no evidence that non-Akamai
infrastructure was affected.
http://apnews.excite.com/article/20040615/D837KIU00.html
Regards,
Brent
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Akamai is saying their DNS continued to work.
http://www.theregister.co.uk/2004/06/15/akamai_goes_postal/
Akamai has got back to us to explain that the problem stemmed from what a
spokesman called a large scale international attack on the Internet's
infrastructure. Akamai said the attack was
http://www.washingtonpost.com/wp-dyn/articles/A43635-2004Jun15.html
Need to register, but it's no hassle.
I'd mirror to my server, but copyright blah blah blah.
Anyone have any more info?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
james
Young called it a large scale, international attack on Internet
infrastructure. However, there was no evidence that non-Akamai
infrastructure was affected.
http://apnews.excite.com/article/20040615/D837KIU00.html
Regards,
Brent
With an attack of this indicated size, there are always
james edwards wrote:
I've just been told that it was a DoS. No details.
Unlikely, Akamai is an overlay network the root content node is not
reachable.
Akamai can in real time spread web traffic through out their global network
of
servers, diluting a DoS to the point it is not significant. It is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Keep in mind that the term 'DOS' doesn't necessarily mean 'flood of
traffic'. A denial of service is just that..a _denial of service_
by any means, and I'd say that there was definitlely some service being
denied. Don't think so?.ask Google
Couple of notes,
First the page is not encrypted.
Second the overlay stays on top when you switch windows. At the moment it is sitting
in the middle of the email i am typing.
However a novice to computer scams could be fooled quite easily by this. Impressive.
Peter
-Original Message-
From: [EMAIL PROTECTED]
[mailto:full-disclosure-[EMAIL PROTECTED] On Behalf Of David
Lederman
Sent: Tuesday, June 15, 2004 12:30 PM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] US Bank scam
This is the best phishing scam I've seen yet:
I don't think so- yeah a DOS against the content nodes isn't gonna do
much but a DOS against their nameservers is fully workable.
Akamai seems to be saying the NS was functioning:
The spokesman denied however that it was an outage and said that the
Akamai name service continued to
All,
Just found this site: http://bugmenot.com/
It will help you bypass registration, if you would like :-)
v/r
Bob Beringer
Chris Carlson [EMAIL PROTECTED] wrote:
http://www.washingtonpost.com/wp-dyn/articles/A43635-2004Jun15.html
Need to register, but it's no hassle.
I'd mirror to my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Keep in mind that the term 'DOS' doesn't necessarily mean 'flood of
traffic'. A denial of service is just that..a _denial of service_
by any means, and I'd say that there was definitlely some service being
denied. Don't think so?.ask
This is all incorrect.
1. Any unusual characters in a file name will automatically be
converted to random digits. This has been tested and
demonstrated since 2001.
2. 'Save target' and an invoked download whether automatic or
manually cannot be the same. Simple logic right click on a
15MB
Hamby, Charles D. [EMAIL PROTECTED] wrote:
This is a slick phishing scam, I have to admit. ...
It's been around for a month or more, so it may be slick, but it's not
new... Back on 13 May Drew Copley from eEye posted the following to
Bugtraq about it:
Scott Dodson [EMAIL PROTECTED] wrote:
With XP SP2 build 2149 (RC2) it shows up immediately below the address
bar.
Yes -- XP SP2 includes a lot of fixes for IE, such as preventing it
drawing client windows over parts of the standard interface,
limitations on chromeless windows and so on...
Young called it a large scale, international attack on Internet
infrastructure. However, there was no evidence that non-Akamai
infrastructure was affected.
http://apnews.excite.com/article/20040615/D837KIU00.html
Regards,
Brent
I curious to know if organised crime was involved
james edwards wrote:
I don't think so- yeah a DOS against the content nodes isn't gonna do
much but a DOS against their nameservers is fully workable.
Akamai seems to be saying the NS was functioning:
The spokesman denied however that it was an outage and said that the
Akamai name service
-Original Message-
From: David Lederman [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 15, 2004 12:30 PM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] US Bank scam
This is the best phishing scam I've seen yet:
http://www.bis1bp.com/a12/index.html
I have Windows Server
Darren Reed said:
What's interesting is that in contrast to old-school protection
rackets, there appears to be no offering of protection from attack
by others.
IIRC the main purpose of DoS attacks ( apart from kiddie fights )
is to allow a trust exploit/MITM to succeed - e.g. session hijacking.
48 matches
Mail list logo