That is *sweet* nice find.
On Sun, 2004-12-19 at 19:40, Troubles Troubles wrote:
== the fucking bugtraq moderators don't let me post this! ==
.st has this bug too. you can transfer the whole domain. their whois server
also doesn't have any time-out!
try this:
dig @a.root-servers.net.
== the fucking bugtraq moderators don't let me post this! ==
.st has this bug too. you can transfer the whole domain. their whois server
also doesn't have any time-out!
try this:
dig @a.root-servers.net. st. ns
dig @auth61.ns.uu.net. st. axfr
(sleep 3600; perl -e 'print
As posted in http://www.securitytracker.com/alerts/2004/Oct/1011984.html
the open_basedirbypassstill exists in
the php 4.3.10 andcurl-7.12.2,anyone seen a patch or anything to get
solve this issue?
___
Full-Disclosure - We believe in it.
Charter:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- Original Message -
From: Scott Renna [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, December 14, 2004 5:23 AM
Subject: Re: [Full-Disclosure] HOW TO BREAK XP SP2 POPUP BLOCKER: kick it inthe
nut !
I'd speculate for several reasons.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory [UPDATE] GLSA 200410-12:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
== the fucking bugtraq moderators don't let me post this! ==
.st has this bug too. you can transfer the whole domain. their whois server
also doesn't have any time-out!
try this:
dig @a.root-servers.net. st. ns
dig @auth61.ns.uu.net. st. axfr
(sleep 3600; perl -e 'print
Product:Tlen.pl (= 5.23.4.1)
Vendor: o2.pl Sp. z o.o. (http://www.tlen.pl/)
Impact: Remote script execution
Severity: High
Authors:Blazej Miga [EMAIL PROTECTED],
Jaroslaw Sajko [EMAIL PROTECTED]
Date: 20/12/04
[ISSUE]
Tlen.pl is
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security AdvisoryGLSA 200412-18:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Name: NetBSD kernel local vulnerabilities
Date: Dec 18, 2004
Author:Evgeny Demidov
Description:
There exists multiple vulnerabilities in NetBSD binary compatibility code.
They can be approximately divided into two parts:
1) signal number validation problems in
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
===
Ubuntu Security Notice USN-42-1 December 20, 2004
xine-lib vulnerabilities
https://sourceforge.net/project/shownotes.php?group_id=9655release_id=290099
===
A security
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
When you open Python for Windows v 2.3 and enter for the command
Control+Z then Control+I and press enter, the program crashes.
Problem:
Seems harmless right? Well, if someone was to send a request of
\x1a\x09 or with \x1a\x09 at the end to a server/client running on
a Python 2.3 platform, it
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
I dont know about stories, but you can find defacements at hxxp://www.zone-h.org
-- Martin
On Tue, 14 Dec 2004 15:44:41 -0800, n30 [EMAIL PROTECTED] wrote:
Guys,
Looking for few interesting security breach stories...
Any database / sites that capture these??
Help appreciated
-n
Beware, this bug is being already exploited in the wild. I have just
received the following message from WWW to GG gateway (gg# 7021349):
I recomend all Gadu-Gadu users to turn on the option that does not show
messages from unknown users.
This option appeared in version 6.0 build 151 or so (at
On 17 Dec 2004, at 19:49, Carlos de Oliveira wrote:
I am going to install OpenSSH in one of my servers, but I want to make
sure it is secure.
Does anybody know about vulnerabilites on OpenSSH, if yes, would you
like to suggest me another remote secure shell ?
There are no current open
Tested on win2ksp4, IE6.0sp1 fully patched (hmmm... not really fully
obviously ;))
It's a DoS, nothing exploitable. Explorer let's IE do the rendering in
thumbnail previes mode. IE creates a HTML page and crashes while creating or
rendering it. Same bug can be triggered easier with following
I thought it looked familiar:
http://lists.netsys.com/pipermail/full-disclosure/2004-May/021272.html
It'll probably never get fixed.
Berend-Jan Wever
[EMAIL PROTECTED]
http://www.edup.tudelft.nl/~bjwever
SkyLined in #SkyLined on EFNET
PGP key ID: 0x48479882
- Original Message -
From:
Thank you all for you attention!
This helps me a lot. :-)
On Mon, 20 Dec 2004 18:12:21 -0600, Kevin [EMAIL PROTECTED] wrote:
Nobody sitting on exploits for the current version of OpenSSH will
share them in public.
Of the available SSH servers, OpenSSH (if you deploy the latest
version,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: ethereal
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: aspell
Advisory ID:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Living two thousand miles away from my hardware, a
sworn refusal to fly under the current police-state
conditions, and other responsibilities(like in the
middle of selling my installation and moving to a new
location) caused an inexcusable delay in bringing
things back up.
Things are still
Or you could go buy some of these and link them together to reach over a
distance.
The First Commercial Quantum Cryptography solution - encryption per
photon =)
http://www.magiqtech.com/index.php
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of
26 matches
Mail list logo