[Full-Disclosure] DMA[2005-0103a] - 'William LeFebvre top format string vulnerability'

Moving forward my work will be released independent of any previous affiliations. Once I have a web presence I will let you folks know. -Kevin Finisterre top_ex.pl Description: Perl program DMA[2005-0103a] - 'William LeFebvre top format string vulnerability' Author: Kevin Finisterre Vendor:

Re: [Full-Disclosure] phpBB Worm writers are dumb

On Mon, 3 Jan 2005 17:40:28 +0100, EmirAga [EMAIL PROTECTED] wrote: lots has passed since releasing a phpbb worm by some stupid people, i will list my oppinion about it. - why release a worm? not sure about newer ones, but first one did not do anything, so, whats the point?. Worm will warn

[Full-Disclosure] This sums up Yahoo!s securitypolicyto a -T-

I love it when self-proclaimed luzer's claim to own anything. What do they claim to own a couple of old ladies, children's or unprotected files on some pc's. Wow daddy stand back in awe, this luzer hacked a child's pc and gets to play on their 33.4K baud connection, so impressive.8- Why

[Full-Disclosure] 3Com 3CDaemon Multiple Vulnerabilities

3Com 3CDaemon Multiple Vulnerabilities By Sowhat 04.JAN.2005 http://secway.org/advisory/ad20041011.txt [I.T.S] Security Research Team Product Affected: 3Com 3CDaemon 2.0 revision 10 Vendor: www.3Com.com (1) BACKGROUD 3CDaemon is a free popular TFTP, FTP, and Syslog daemon for Microsoft

Re: [Full-Disclosure] The Macallan mail solution 4.0.6.8 (Build 786) contains several vulnerabilities

Hello CIRT, DO you people think you digitally sign your correspondence by attaching a public key block to the end? EEEK! I prefer to stay quiet about using an insecure-unless-proven-otherwise type of MUA. Friday, December 31, 2004, 2:29:29 PM, you wrote: ... CA X-Mailer: Microsoft Outlook, Build

Re: [Full-Disclosure] Microsoft Windows BMP file buffer overflow

McAfee VirusScan Enterprise 7.0 with def's created on 12/29/04 (4417) detected the 'Exploit-LoadImgAPI' trojan. --Kendall There is nothing worse than aggressive stupidity. -- Johann Wolfgang von Goethe On Mon, 3 Jan 2005 12:20:08 -0800 (PST), Chenghuai Lu [EMAIL PROTECTED] wrote: Double click

[Full-Disclosure] Re: Bluetooth: BlueSnarf and BlueBug Full Disclusore

Adam Laurie napisa(a): Details of the attacks were disclosed at the Chaos Computer Club's annual congress in Berlin - 21C3: According to the [1], not all details were disclosed. Actually, there is no reason for keeping them secret here, while they are well known and actively exploited in the

[Full-Disclosure] Socket termination, format string and XSS in Soldner Secret Wars 30830

### Luigi Auriemma Application: SÖLDNER - Secret Wars http://www.secretwars.net Versions: = 30830 Platforms:Windows Bugs: A] silent socket termination B]

[Full-Disclosure] QWikiwiki directory traversal vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Title: QWikiwiki directory traversal vulnerability Vulnerability discovery: Madelman madelman AT iname.com Date: 01/01/2005 Severity: Critical Summary: - QwikiWiki is driven by one core design goal: simplicity. This design goal is codified

Re: [Full-Disclosure] Just a thought (from an autoreply to another thread)

On Fri, 31 Dec 2004 23:14:43 EST, Byron L. Sonne said: You know, people that set these auto-replies often give out a good amount of information (of the social engineering kind and otherwise), if someone were to apply themselves... I'm not sure which is worse, the fact that we all now know

Re: [Full-Disclosure] list noise

[EMAIL PROTECTED] wrote: I will NOT respond to this; I will NOT respond to this; I will Not respond to this; dcdave -- CSO InfoSec Group 703-626-6516 -- Original message -- From: phased [EMAIL PROTECTED] I also care about noise, and

Re: [Full-Disclosure] /bin/rm file access vulnerability

On Thu, 30 Dec 2004 12:52:23 -0400, Jerry said: I have to agree with Shane on this. The whole point of the admin a.k.a root user is to have full control over everything. What's the point of that user if it can't delete of stop a set process when required if some user orphans something and

[Full-Disclosure] [ GLSA 200501-01 ] LinPopUp: Buffer overflow in message reply

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200501-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[Full-Disclosure] [ GLSA 200501-02 ] a2ps: Insecure temporary files handling

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200501-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[Full-Disclosure] DJB's contest (repost after being moderated on BGTQ)

Hey all, DJB, Is the class on responsible disclosure next semester perhaps?Responsible disclosure is a euphemism creating by industry lobby groupslike OIS, which never had much support in the security scene in the first place. The reason that the 16 students sent their 91 reports to me

Re: [Full-Disclosure] Insecurity in Finnish parlament (computers)

Hi Olli, On 23 Dec 2004 12:43:00 +0200, Mustajärvi Olli [EMAIL PROTECTED] wrote: Mr. Jansson has expressed his false claims about the ICT security issues of the Finnish Parliament. Mr. Jansson has expressed his lies now so many times, for instance http://lists.netsys.

Re: [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow

On Wed, 22 Dec 2004 11:20:45 -0500, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: [...] Vulnerable Sizes: - 6 through 13. Other sizes may be vulnerable, but were unavailable for testing. Cursory note: The guy with the size 13s must get all the chicks. You know what they say