Re: [Full-disclosure] Two MSIE 6.0/7.0 NULL pointer crashes

[Jeffrey Walton]

On Thu, Jan 21, 2010 at 11:22 AM, Christian Sciberras  wrote:
> People are unreasonable, first they complain about
> lack of quick patches/fixes. Next they complain about
> fixes crashing their system.
You're right - Corporate America needs to find more folks willing to
accept unpatched software that crashes their system. Its hard to
justify big bonuses when a company is run into the ground (wait - no
its not. Disregard.)

> On Thu, Jan 21, 2010 at 5:12 PM, Dan Kaminsky  wrote:
>>
>> On Thu, Jan 21, 2010 at 1:53 AM, Michal Zalewski 
>> wrote:
>> >> Testing takes time.  That's why both Microsoft and Mozilla test.
>> >
>> > Testing almost never legitimately takes months or years, unless the
>> > process is severely broken; contrary to the popular claims,
>> > personally, I have serious doubts that QA is a major bottleneck when
>> > it comes to security response - certainly not as often as portrayed.
>>
>> There are a lot of factors that go into how long it takes to run QA.
>> Here's a few (I'll leave out the joys of multivendor for now):
>>
>> [SNIP]

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] PHC is _NOT_ DEAD !!!!

[dramacrat]

why you gotta say shit like that

my spamfilter is crying now

2010/1/22 Rohit Patnaik 

> Heh.  I agree, but only because this month has been a fairly quiet one
> regarding n3td3v drama.
>
> --Rohit Patnaik
>
>
> On Thu, Jan 21, 2010 at 10:20 AM, Christian Sciberras 
> wrote:
>
>> Vote +1 for "message of the month" award.
>>
>>
>>
>>
>>
>>
>> On Thu, Jan 21, 2010 at 2:22 PM,  wrote:
>>
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA1
>>>
>>> peep game nigga, peep game, feel us !
>>>
>>>
>>>
>>> - --Phrack High Council
>>> -BEGIN PGP SIGNATURE-
>>> Charset: UTF8
>>> Note: This signature can be verified at https://www.hushtools.com/verify
>>> Version: Hush 3.0
>>>
>>> wpwEAQMCAAYFAktYVRAACgkQPBffzoCVnANW3QP9EMxg0GLjH2DfaH7sAsH/0UsrBQz+
>>> yo+ob4Qy8hF373vHTy0GjTxLYPPYuT58xUEwdzO/vnHNJlGkWjbCucnJiQj3hAdXZ/R/
>>> fYQP1Kg978//PDBMyTUBRCwIafjELdhHgUl3a7nR7dlRsu8hRx6ebHncw0+HmfW95uhY
>>> VpjBPQ4=
>>> =AsaL
>>> -END PGP SIGNATURE-
>>>
>>> ___
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[BMF]

FREE THE HYDROXYL RADICALS

BMF

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] CVE-2010-0071 (Oracle TNS Listener) PoC

[Dennis Yurichev]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi.

CVE-2010-0071 (Oracle TNS Listener) PoC:
http://blogs.conus.info/node/38

- -- 
My PGP public key: http://yurichev.com/dennis.yurichev.asc
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAktY5I8ACgkQ1YPmFmJG++MglgCgght0YSv1uGMQg0ECDr8acXZF
ZKAAn2WPy7xRI4pFnc0CGCNs73BUfg/7
=/HtE
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Valdis . Kletnieks]

On Thu, 21 Jan 2010 19:14:44 +0200, p...@hushmail.com said:
> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 

Starting off like this...

> FREE STEPHEN WATT !!!

is unlikely to get you this. You want to get people on your side, not
piss them off.  Unless of course you're a troll who actually benefits
from Stephen Watt being stuck wherever he is, in which case carry on.


pgpNxFR2z78Fk.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Rohit Patnaik]

s/beer/hookers/g s/coffee/blow/g and then we'll see :)

On Thu, Jan 21, 2010 at 3:55 PM, Christian Sciberras wrote:

> Who cares about Tibet.
>
> Free beer and coffee! That's what we need!!
>
>
>
>
>
>
> On Thu, Jan 21, 2010 at 10:53 PM, netinfinity <
> netinfinity.security...@gmail.com> wrote:
>
>> A country. And I meant Tibet. :D
>>
>> Obvious I need to get some sleep...
>>
>> On Thu, Jan 21, 2010 at 10:51 PM, Christian Sciberras 
>> wrote:
>> > Nepal? Who's Nepal?
>> >
>> >
>> >
>> >
>> >
>> > On Thu, Jan 21, 2010 at 10:48 PM, netinfinity
>> >  wrote:
>> >>
>> >> Free nepal?
>> >>
>> >> On Thu, Jan 21, 2010 at 10:46 PM, Christian Sciberras <
>> uuf6...@gmail.com>
>> >> wrote:
>> >> > JAIL OSAMA?
>> >> >
>> >> > ...
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > On Thu, Jan 21, 2010 at 10:45 PM, netinfinity
>> >> >  wrote:
>> >> >>
>> >> >> FREE WILLY!
>> >> >>
>> >> >> On Thu, Jan 21, 2010 at 10:39 PM, Christian Sciberras
>> >> >> 
>> >> >> wrote:
>> >> >> > I think throwing "and fuck you" in a mailing list pretty much
>> affects
>> >> >> > all
>> >> >> >
>> >> >> > Just sayin'
>> >> >> >
>> >> >> > Cheers.
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God)
>> >> >> > 
>> >> >> > wrote:
>> >> >> >>
>> >> >> >> Well, if you are going to say “Fuck Kaminsky,” then throw me in
>> with
>> >> >> >> him.
>> >> >> >>  I’ll be at Defcon for anyone who would like to say it to my
>> face.
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> t
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> From: full-disclosure-boun...@lists.grok.org.uk
>> >> >> >> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of
>> Jeff
>> >> >> >> Williams
>> >> >> >> Sent: Thursday, January 21, 2010 10:12 AM
>> >> >> >> To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
>> >> >> >> Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> You just forgot kaminsky,
>> >> >> >>
>> >> >> >> 2010/1/21 
>> >> >> >>
>> >> >> >> -BEGIN PGP SIGNED MESSAGE-
>> >> >> >> Hash: SHA1
>> >> >> >>
>> >> >> >> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
>> >> >> >> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
>> >> >> >>
>> >> >> >>
>> >> >> >> FREE STEPHEN WATT !!!
>> >> >> >> -BEGIN PGP SIGNATURE-
>> >> >> >> Charset: UTF8
>> >> >> >> Version: Hush 3.0
>> >> >> >> Note: This signature can be verified at
>> >> >> >> https://www.hushtools.com/verify
>> >> >> >>
>> >> >> >>
>> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
>> >> >> >>
>> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
>> >> >> >>
>> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
>> >> >> >> ZgWJoJo=
>> >> >> >> =ftdb
>> >> >> >> -END PGP SIGNATURE-
>> >> >> >>
>> >> >> >> ___
>> >> >> >> Full-Disclosure - We believe in it.
>> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> ___
>> >> >> >> Full-Disclosure - We believe in it.
>> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >
>> >> >> >
>> >> >> > ___
>> >> >> > Full-Disclosure - We believe in it.
>> >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> > Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >
>> >> >>
>> >> >>
>> >> >>
>> >> >> --
>> >> >> http://netinfinity-sec.blogspot.com
>> >> >>
>> >> >> http://www.ubuntu-pe.tk
>> >> >>
>> >> >> ___
>> >> >> Full-Disclosure - We believe in it.
>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> http://netinfinity-sec.blogspot.com
>> >>
>> >> http://www.ubuntu-pe.tk
>> >>
>> >> ___
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >
>> >
>>
>>
>>
>> --
>> http://netinfinity-sec.blogspot.com
>>
>> http://www.ubuntu-pe.tk
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe 

Re: [Full-disclosure] PHC is _NOT_ DEAD !!!!

[Rohit Patnaik]

Heh.  I agree, but only because this month has been a fairly quiet one
regarding n3td3v drama.

--Rohit Patnaik

On Thu, Jan 21, 2010 at 10:20 AM, Christian Sciberras wrote:

> Vote +1 for "message of the month" award.
>
>
>
>
>
>
> On Thu, Jan 21, 2010 at 2:22 PM,  wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> peep game nigga, peep game, feel us !
>>
>>
>>
>> - --Phrack High Council
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Note: This signature can be verified at https://www.hushtools.com/verify
>> Version: Hush 3.0
>>
>> wpwEAQMCAAYFAktYVRAACgkQPBffzoCVnANW3QP9EMxg0GLjH2DfaH7sAsH/0UsrBQz+
>> yo+ob4Qy8hF373vHTy0GjTxLYPPYuT58xUEwdzO/vnHNJlGkWjbCucnJiQj3hAdXZ/R/
>> fYQP1Kg978//PDBMyTUBRCwIafjELdhHgUl3a7nR7dlRsu8hRx6ebHncw0+HmfW95uhY
>> VpjBPQ4=
>> =AsaL
>> -END PGP SIGNATURE-
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Two MSIE 6.0/7.0 NULL pointer crashes

[Rohit Patnaik]

Given Microsoft's already poor reputation regarding security, I'm not sure
how it'd be possible for them to degrade their reputation any more.  Very
few people use Microsoft software because of its security reputation.  The
main reasons for using Microsoft are ease of use and compatibility with
other users.  Given that, I'm not sure that Microsoft's perception will be
affected very much in the user community.

-- Rohit Patnaik

On Wed, Jan 20, 2010 at 6:17 PM, ☣ frank^2  wrote:

> On Wed, Jan 20, 2010 at 10:25 AM, Dan Kaminsky  wrote:
> > Seriously.  I mean, just look at Linux, Firefox, and OpenOffice.
> > Pristine code, not a single security vulnerability between them :)
> >
>
> That's a red herring. His point was the public perception of the
> software company-- true or not-- would be hindered because Microsoft
> is all-encompassing. Compared to the world of open-source, the risk is
> distributed by the sheer virtue of software engineering being
> distributed amongst thousands of entities. This means that the
> vulnerabilities are spread across different parties, rather than
> having all vulnerabilities encompassed by a single party-- in this
> case, Microsoft.
>
> His argument was irrelevant to corporations vs. open-source being more
> vulnerable than one another-- it was simply a commentary on
> distributed risk in software engineering.
>
> --
> "Did you and them get your degree from the same university of trolls?
> I have mistaken nothing for nothing. Fuck you."
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [USN-890-2] Python 2.5 vulnerabilities

[Jamie Strandboge]

===
Ubuntu Security Notice USN-890-2   January 21, 2010
python2.5 vulnerabilities
CVE-2009-3560, CVE-2009-3720
===

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  python2.5   2.5.2-2ubuntu6.1
  python2.5-minimal   2.5.2-2ubuntu6.1

Ubuntu 8.10:
  python2.5   2.5.2-11.1ubuntu1.1
  python2.5-minimal   2.5.2-11.1ubuntu1.1

Ubuntu 9.04:
  python2.5   2.5.4-1ubuntu4.1
  python2.5-minimal   2.5.4-1ubuntu4.1

Ubuntu 9.10:
  python2.5   2.5.4-1ubuntu6.1
  python2.5-minimal   2.5.4-1ubuntu6.1

After a standard system upgrade you need to restart any Python applications
that use the PyExpat module to effect the necessary changes.

Details follow:

USN-890-1 fixed vulnerabilities in Expat. This update provides the
corresponding updates for the PyExpat module in Python 2.5.

Original advisory details:

 Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did
 not properly process malformed XML. If a user or application linked against
 Expat were tricked into opening a crafted XML file, an attacker could cause
 a denial of service via application crash. (CVE-2009-2625, CVE-2009-3720)
 
 It was discovered that Expat did not properly process malformed UTF-8
 sequences. If a user or application linked against Expat were tricked into
 opening a crafted XML file, an attacker could cause a denial of service via
 application crash. (CVE-2009-3560)


Updated packages for Ubuntu 8.04 LTS:

  Source archives:


http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5_2.5.2-2ubuntu6.1.diff.gz
  Size/MD5:  2958157 26a3d3c722defa5307e76746bfd339ee

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5_2.5.2-2ubuntu6.1.dsc
  Size/MD5: 1598 a7d2cbb02b56a65b229490b13e4ffa90

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5_2.5.2.orig.tar.gz
  Size/MD5: 11577883 87619e5bf07b3506fec639b7e4d86215

  Architecture independent packages:


http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5-doc_2.5.2-2ubuntu6.1_all.deb
  Size/MD5:  3729574 42314637298e928f719bce68b225e13a

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5-examples_2.5.2-2ubuntu6.1_all.deb
  Size/MD5:   651234 214078e3764815dc7f1779a5f0cc2341

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.5/idle-python2.5_2.5.2-2ubuntu6.1_all.deb
  Size/MD5:70240 f0b956ced59898e78899e6cf66384a8d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):


http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5-dbg_2.5.2-2ubuntu6.1_amd64.deb
  Size/MD5:  7934952 d86fe41fa748a7237e2ad5bc7137a29f

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5-dev_2.5.2-2ubuntu6.1_amd64.deb
  Size/MD5:  2036646 30385ec5202cd34d0bb231b1d86c61bb

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5-minimal_2.5.2-2ubuntu6.1_amd64.deb
  Size/MD5:  1256980 97de161e0e6e41fd8fe43c94bd6782f2

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5_2.5.2-2ubuntu6.1_amd64.deb
  Size/MD5:  3018586 921d4b1ea7d0a4910591c019fda9c79c

  i386 architecture (x86 compatible Intel/AMD):


http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5-dbg_2.5.2-2ubuntu6.1_i386.deb
  Size/MD5:  7363052 6bb29d7247c3a125e42df2e8a2f83188

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5-dev_2.5.2-2ubuntu6.1_i386.deb
  Size/MD5:  1888274 a036337f6de15b85d22d0dd171fe6a4b

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5-minimal_2.5.2-2ubuntu6.1_i386.deb
  Size/MD5:  1175900 48f17a41634fcb08cb6d43e481887054

http://security.ubuntu.com/ubuntu/pool/main/p/python2.5/python2.5_2.5.2-2ubuntu6.1_i386.deb
  Size/MD5:  2899048 37f85e30f0a294e4acd806053981ab0f

  lpia architecture (Low Power Intel Architecture):


http://ports.ubuntu.com/pool/main/p/python2.5/python2.5-dbg_2.5.2-2ubuntu6.1_lpia.deb
  Size/MD5:  7468434 418fb12a1c64bf64e8fb5bd8decba29f

http://ports.ubuntu.com/pool/main/p/python2.5/python2.5-dev_2.5.2-2ubuntu6.1_lpia.deb
  Size/MD5:  1881626 e9340c68621fb70d53285853f2473d4d

http://ports.ubuntu.com/pool/main/p/python2.5/python2.5-minimal_2.5.2-2ubuntu6.1_lpia.deb
  Size/MD5:  1180478 5e9d5877b2072bb5e86b4039b84b28ac

http://ports.ubuntu.com/pool/main/p/python2.5/python2.5_2.5.2-2ubuntu6.1_lpia.deb
  Size/MD5:  2894298 54277ef80774cc7641fc2c287b507e98

  powerpc architecture (Apple Macintosh G3/G4/G5):

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[netinfinity]

That is not a bad idea :D

On Thu, Jan 21, 2010 at 10:55 PM, Christian Sciberras  wrote:
> Who cares about Tibet.
>
> Free beer and coffee! That's what we need!!
>
>
>
>
>
> On Thu, Jan 21, 2010 at 10:53 PM, netinfinity
>  wrote:
>>
>> A country. And I meant Tibet. :D
>>
>> Obvious I need to get some sleep...
>>
>> On Thu, Jan 21, 2010 at 10:51 PM, Christian Sciberras 
>> wrote:
>> > Nepal? Who's Nepal?
>> >
>> >
>> >
>> >
>> >
>> > On Thu, Jan 21, 2010 at 10:48 PM, netinfinity
>> >  wrote:
>> >>
>> >> Free nepal?
>> >>
>> >> On Thu, Jan 21, 2010 at 10:46 PM, Christian Sciberras
>> >> 
>> >> wrote:
>> >> > JAIL OSAMA?
>> >> >
>> >> > ...
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > On Thu, Jan 21, 2010 at 10:45 PM, netinfinity
>> >> >  wrote:
>> >> >>
>> >> >> FREE WILLY!
>> >> >>
>> >> >> On Thu, Jan 21, 2010 at 10:39 PM, Christian Sciberras
>> >> >> 
>> >> >> wrote:
>> >> >> > I think throwing "and fuck you" in a mailing list pretty much
>> >> >> > affects
>> >> >> > all
>> >> >> >
>> >> >> > Just sayin'
>> >> >> >
>> >> >> > Cheers.
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God)
>> >> >> > 
>> >> >> > wrote:
>> >> >> >>
>> >> >> >> Well, if you are going to say “Fuck Kaminsky,” then throw me in
>> >> >> >> with
>> >> >> >> him.
>> >> >> >>  I’ll be at Defcon for anyone who would like to say it to my
>> >> >> >> face.
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> t
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> From: full-disclosure-boun...@lists.grok.org.uk
>> >> >> >> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of
>> >> >> >> Jeff
>> >> >> >> Williams
>> >> >> >> Sent: Thursday, January 21, 2010 10:12 AM
>> >> >> >> To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
>> >> >> >> Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> You just forgot kaminsky,
>> >> >> >>
>> >> >> >> 2010/1/21 
>> >> >> >>
>> >> >> >> -BEGIN PGP SIGNED MESSAGE-
>> >> >> >> Hash: SHA1
>> >> >> >>
>> >> >> >> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
>> >> >> >> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
>> >> >> >>
>> >> >> >>
>> >> >> >> FREE STEPHEN WATT !!!
>> >> >> >> -BEGIN PGP SIGNATURE-
>> >> >> >> Charset: UTF8
>> >> >> >> Version: Hush 3.0
>> >> >> >> Note: This signature can be verified at
>> >> >> >> https://www.hushtools.com/verify
>> >> >> >>
>> >> >> >>
>> >> >> >> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
>> >> >> >>
>> >> >> >> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
>> >> >> >>
>> >> >> >> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
>> >> >> >> ZgWJoJo=
>> >> >> >> =ftdb
>> >> >> >> -END PGP SIGNATURE-
>> >> >> >>
>> >> >> >> ___
>> >> >> >> Full-Disclosure - We believe in it.
>> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> ___
>> >> >> >> Full-Disclosure - We believe in it.
>> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >
>> >> >> >
>> >> >> > ___
>> >> >> > Full-Disclosure - We believe in it.
>> >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> > Hosted and sponsored by Secunia - http://secunia.com/
>> >> >> >
>> >> >>
>> >> >>
>> >> >>
>> >> >> --
>> >> >> http://netinfinity-sec.blogspot.com
>> >> >>
>> >> >> http://www.ubuntu-pe.tk
>> >> >>
>> >> >> ___
>> >> >> Full-Disclosure - We believe in it.
>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> http://netinfinity-sec.blogspot.com
>> >>
>> >> http://www.ubuntu-pe.tk
>> >>
>> >> ___
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >
>> >
>>
>>
>>
>> --
>> http://netinfinity-sec.blogspot.com
>>
>> http://www.ubuntu-pe.tk
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>



-- 
http://netinfinity-sec.blogspot.com

http://www.ubuntu-pe.tk

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Christian Sciberras]

Who cares about Tibet.

Free beer and coffee! That's what we need!!





On Thu, Jan 21, 2010 at 10:53 PM, netinfinity <
netinfinity.security...@gmail.com> wrote:

> A country. And I meant Tibet. :D
>
> Obvious I need to get some sleep...
>
> On Thu, Jan 21, 2010 at 10:51 PM, Christian Sciberras 
> wrote:
> > Nepal? Who's Nepal?
> >
> >
> >
> >
> >
> > On Thu, Jan 21, 2010 at 10:48 PM, netinfinity
> >  wrote:
> >>
> >> Free nepal?
> >>
> >> On Thu, Jan 21, 2010 at 10:46 PM, Christian Sciberras <
> uuf6...@gmail.com>
> >> wrote:
> >> > JAIL OSAMA?
> >> >
> >> > ...
> >> >
> >> >
> >> >
> >> >
> >> > On Thu, Jan 21, 2010 at 10:45 PM, netinfinity
> >> >  wrote:
> >> >>
> >> >> FREE WILLY!
> >> >>
> >> >> On Thu, Jan 21, 2010 at 10:39 PM, Christian Sciberras
> >> >> 
> >> >> wrote:
> >> >> > I think throwing "and fuck you" in a mailing list pretty much
> affects
> >> >> > all
> >> >> >
> >> >> > Just sayin'
> >> >> >
> >> >> > Cheers.
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> > On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God)
> >> >> > 
> >> >> > wrote:
> >> >> >>
> >> >> >> Well, if you are going to say “Fuck Kaminsky,” then throw me in
> with
> >> >> >> him.
> >> >> >>  I’ll be at Defcon for anyone who would like to say it to my face.
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> t
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> From: full-disclosure-boun...@lists.grok.org.uk
> >> >> >> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of
> Jeff
> >> >> >> Williams
> >> >> >> Sent: Thursday, January 21, 2010 10:12 AM
> >> >> >> To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
> >> >> >> Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> You just forgot kaminsky,
> >> >> >>
> >> >> >> 2010/1/21 
> >> >> >>
> >> >> >> -BEGIN PGP SIGNED MESSAGE-
> >> >> >> Hash: SHA1
> >> >> >>
> >> >> >> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
> >> >> >> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
> >> >> >>
> >> >> >>
> >> >> >> FREE STEPHEN WATT !!!
> >> >> >> -BEGIN PGP SIGNATURE-
> >> >> >> Charset: UTF8
> >> >> >> Version: Hush 3.0
> >> >> >> Note: This signature can be verified at
> >> >> >> https://www.hushtools.com/verify
> >> >> >>
> >> >> >>
> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
> >> >> >>
> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
> >> >> >>
> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
> >> >> >> ZgWJoJo=
> >> >> >> =ftdb
> >> >> >> -END PGP SIGNATURE-
> >> >> >>
> >> >> >> ___
> >> >> >> Full-Disclosure - We believe in it.
> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> ___
> >> >> >> Full-Disclosure - We believe in it.
> >> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> >> Hosted and sponsored by Secunia - http://secunia.com/
> >> >> >
> >> >> >
> >> >> > ___
> >> >> > Full-Disclosure - We believe in it.
> >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> > Hosted and sponsored by Secunia - http://secunia.com/
> >> >> >
> >> >>
> >> >>
> >> >>
> >> >> --
> >> >> http://netinfinity-sec.blogspot.com
> >> >>
> >> >> http://www.ubuntu-pe.tk
> >> >>
> >> >> ___
> >> >> Full-Disclosure - We believe in it.
> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> Hosted and sponsored by Secunia - http://secunia.com/
> >> >
> >> >
> >>
> >>
> >>
> >> --
> >> http://netinfinity-sec.blogspot.com
> >>
> >> http://www.ubuntu-pe.tk
> >>
> >> ___
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>
>
>
> --
> http://netinfinity-sec.blogspot.com
>
> http://www.ubuntu-pe.tk
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[netinfinity]

A country. And I meant Tibet. :D

Obvious I need to get some sleep...

On Thu, Jan 21, 2010 at 10:51 PM, Christian Sciberras  wrote:
> Nepal? Who's Nepal?
>
>
>
>
>
> On Thu, Jan 21, 2010 at 10:48 PM, netinfinity
>  wrote:
>>
>> Free nepal?
>>
>> On Thu, Jan 21, 2010 at 10:46 PM, Christian Sciberras 
>> wrote:
>> > JAIL OSAMA?
>> >
>> > ...
>> >
>> >
>> >
>> >
>> > On Thu, Jan 21, 2010 at 10:45 PM, netinfinity
>> >  wrote:
>> >>
>> >> FREE WILLY!
>> >>
>> >> On Thu, Jan 21, 2010 at 10:39 PM, Christian Sciberras
>> >> 
>> >> wrote:
>> >> > I think throwing "and fuck you" in a mailing list pretty much affects
>> >> > all
>> >> >
>> >> > Just sayin'
>> >> >
>> >> > Cheers.
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God)
>> >> > 
>> >> > wrote:
>> >> >>
>> >> >> Well, if you are going to say “Fuck Kaminsky,” then throw me in with
>> >> >> him.
>> >> >>  I’ll be at Defcon for anyone who would like to say it to my face.
>> >> >>
>> >> >>
>> >> >>
>> >> >> t
>> >> >>
>> >> >>
>> >> >>
>> >> >> From: full-disclosure-boun...@lists.grok.org.uk
>> >> >> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Jeff
>> >> >> Williams
>> >> >> Sent: Thursday, January 21, 2010 10:12 AM
>> >> >> To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
>> >> >> Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!
>> >> >>
>> >> >>
>> >> >>
>> >> >> You just forgot kaminsky,
>> >> >>
>> >> >> 2010/1/21 
>> >> >>
>> >> >> -BEGIN PGP SIGNED MESSAGE-
>> >> >> Hash: SHA1
>> >> >>
>> >> >> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
>> >> >> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
>> >> >>
>> >> >>
>> >> >> FREE STEPHEN WATT !!!
>> >> >> -BEGIN PGP SIGNATURE-
>> >> >> Charset: UTF8
>> >> >> Version: Hush 3.0
>> >> >> Note: This signature can be verified at
>> >> >> https://www.hushtools.com/verify
>> >> >>
>> >> >> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
>> >> >> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
>> >> >> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
>> >> >> ZgWJoJo=
>> >> >> =ftdb
>> >> >> -END PGP SIGNATURE-
>> >> >>
>> >> >> ___
>> >> >> Full-Disclosure - We believe in it.
>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >>
>> >> >>
>> >> >>
>> >> >> ___
>> >> >> Full-Disclosure - We believe in it.
>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >> >
>> >> >
>> >> > ___
>> >> > Full-Disclosure - We believe in it.
>> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> > Hosted and sponsored by Secunia - http://secunia.com/
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> http://netinfinity-sec.blogspot.com
>> >>
>> >> http://www.ubuntu-pe.tk
>> >>
>> >> ___
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >
>> >
>>
>>
>>
>> --
>> http://netinfinity-sec.blogspot.com
>>
>> http://www.ubuntu-pe.tk
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>



-- 
http://netinfinity-sec.blogspot.com

http://www.ubuntu-pe.tk

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Christian Sciberras]

Nepal? Who's Nepal?





On Thu, Jan 21, 2010 at 10:48 PM, netinfinity <
netinfinity.security...@gmail.com> wrote:

> Free nepal?
>
> On Thu, Jan 21, 2010 at 10:46 PM, Christian Sciberras 
> wrote:
> > JAIL OSAMA?
> >
> > ...
> >
> >
> >
> >
> > On Thu, Jan 21, 2010 at 10:45 PM, netinfinity
> >  wrote:
> >>
> >> FREE WILLY!
> >>
> >> On Thu, Jan 21, 2010 at 10:39 PM, Christian Sciberras <
> uuf6...@gmail.com>
> >> wrote:
> >> > I think throwing "and fuck you" in a mailing list pretty much affects
> >> > all
> >> >
> >> > Just sayin'
> >> >
> >> > Cheers.
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God)
> >> > 
> >> > wrote:
> >> >>
> >> >> Well, if you are going to say “Fuck Kaminsky,” then throw me in with
> >> >> him.
> >> >>  I’ll be at Defcon for anyone who would like to say it to my face.
> >> >>
> >> >>
> >> >>
> >> >> t
> >> >>
> >> >>
> >> >>
> >> >> From: full-disclosure-boun...@lists.grok.org.uk
> >> >> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Jeff
> >> >> Williams
> >> >> Sent: Thursday, January 21, 2010 10:12 AM
> >> >> To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
> >> >> Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!
> >> >>
> >> >>
> >> >>
> >> >> You just forgot kaminsky,
> >> >>
> >> >> 2010/1/21 
> >> >>
> >> >> -BEGIN PGP SIGNED MESSAGE-
> >> >> Hash: SHA1
> >> >>
> >> >> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
> >> >> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
> >> >>
> >> >>
> >> >> FREE STEPHEN WATT !!!
> >> >> -BEGIN PGP SIGNATURE-
> >> >> Charset: UTF8
> >> >> Version: Hush 3.0
> >> >> Note: This signature can be verified at
> >> >> https://www.hushtools.com/verify
> >> >>
> >> >> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
> >> >> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
> >> >> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
> >> >> ZgWJoJo=
> >> >> =ftdb
> >> >> -END PGP SIGNATURE-
> >> >>
> >> >> ___
> >> >> Full-Disclosure - We believe in it.
> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> Hosted and sponsored by Secunia - http://secunia.com/
> >> >>
> >> >>
> >> >>
> >> >> ___
> >> >> Full-Disclosure - We believe in it.
> >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> >> Hosted and sponsored by Secunia - http://secunia.com/
> >> >
> >> >
> >> > ___
> >> > Full-Disclosure - We believe in it.
> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> > Hosted and sponsored by Secunia - http://secunia.com/
> >> >
> >>
> >>
> >>
> >> --
> >> http://netinfinity-sec.blogspot.com
> >>
> >> http://www.ubuntu-pe.tk
> >>
> >> ___
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
>
>
>
> --
> http://netinfinity-sec.blogspot.com
>
> http://www.ubuntu-pe.tk
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[netinfinity]

Free nepal?

On Thu, Jan 21, 2010 at 10:46 PM, Christian Sciberras  wrote:
> JAIL OSAMA?
>
> ...
>
>
>
>
> On Thu, Jan 21, 2010 at 10:45 PM, netinfinity
>  wrote:
>>
>> FREE WILLY!
>>
>> On Thu, Jan 21, 2010 at 10:39 PM, Christian Sciberras 
>> wrote:
>> > I think throwing "and fuck you" in a mailing list pretty much affects
>> > all
>> >
>> > Just sayin'
>> >
>> > Cheers.
>> >
>> >
>> >
>> >
>> >
>> > On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God)
>> > 
>> > wrote:
>> >>
>> >> Well, if you are going to say “Fuck Kaminsky,” then throw me in with
>> >> him.
>> >>  I’ll be at Defcon for anyone who would like to say it to my face.
>> >>
>> >>
>> >>
>> >> t
>> >>
>> >>
>> >>
>> >> From: full-disclosure-boun...@lists.grok.org.uk
>> >> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Jeff
>> >> Williams
>> >> Sent: Thursday, January 21, 2010 10:12 AM
>> >> To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
>> >> Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!
>> >>
>> >>
>> >>
>> >> You just forgot kaminsky,
>> >>
>> >> 2010/1/21 
>> >>
>> >> -BEGIN PGP SIGNED MESSAGE-
>> >> Hash: SHA1
>> >>
>> >> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
>> >> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
>> >>
>> >>
>> >> FREE STEPHEN WATT !!!
>> >> -BEGIN PGP SIGNATURE-
>> >> Charset: UTF8
>> >> Version: Hush 3.0
>> >> Note: This signature can be verified at
>> >> https://www.hushtools.com/verify
>> >>
>> >> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
>> >> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
>> >> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
>> >> ZgWJoJo=
>> >> =ftdb
>> >> -END PGP SIGNATURE-
>> >>
>> >> ___
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >>
>> >>
>> >>
>> >> ___
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >
>> >
>> > ___
>> > Full-Disclosure - We believe in it.
>> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> > Hosted and sponsored by Secunia - http://secunia.com/
>> >
>>
>>
>>
>> --
>> http://netinfinity-sec.blogspot.com
>>
>> http://www.ubuntu-pe.tk
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>



-- 
http://netinfinity-sec.blogspot.com

http://www.ubuntu-pe.tk

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Christian Sciberras]

JAIL OSAMA?

...




On Thu, Jan 21, 2010 at 10:45 PM, netinfinity <
netinfinity.security...@gmail.com> wrote:

> FREE WILLY!
>
> On Thu, Jan 21, 2010 at 10:39 PM, Christian Sciberras 
> wrote:
> > I think throwing "and fuck you" in a mailing list pretty much affects
> > all
> >
> > Just sayin'
> >
> > Cheers.
> >
> >
> >
> >
> >
> > On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God) <
> t...@hammerofgod.com>
> > wrote:
> >>
> >> Well, if you are going to say “Fuck Kaminsky,” then throw me in with
> him.
> >>  I’ll be at Defcon for anyone who would like to say it to my face.
> >>
> >>
> >>
> >> t
> >>
> >>
> >>
> >> From: full-disclosure-boun...@lists.grok.org.uk
> >> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Jeff
> >> Williams
> >> Sent: Thursday, January 21, 2010 10:12 AM
> >> To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
> >> Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!
> >>
> >>
> >>
> >> You just forgot kaminsky,
> >>
> >> 2010/1/21 
> >>
> >> -BEGIN PGP SIGNED MESSAGE-
> >> Hash: SHA1
> >>
> >> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
> >> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
> >>
> >>
> >> FREE STEPHEN WATT !!!
> >> -BEGIN PGP SIGNATURE-
> >> Charset: UTF8
> >> Version: Hush 3.0
> >> Note: This signature can be verified at
> https://www.hushtools.com/verify
> >>
> >> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
> >> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
> >> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
> >> ZgWJoJo=
> >> =ftdb
> >> -END PGP SIGNATURE-
> >>
> >> ___
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >>
> >>
> >> ___
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>
>
> --
> http://netinfinity-sec.blogspot.com
>
> http://www.ubuntu-pe.tk
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[netinfinity]

FREE WILLY!

On Thu, Jan 21, 2010 at 10:39 PM, Christian Sciberras  wrote:
> I think throwing "and fuck you" in a mailing list pretty much affects
> all
>
> Just sayin'
>
> Cheers.
>
>
>
>
>
> On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God) 
> wrote:
>>
>> Well, if you are going to say “Fuck Kaminsky,” then throw me in with him.
>>  I’ll be at Defcon for anyone who would like to say it to my face.
>>
>>
>>
>> t
>>
>>
>>
>> From: full-disclosure-boun...@lists.grok.org.uk
>> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Jeff
>> Williams
>> Sent: Thursday, January 21, 2010 10:12 AM
>> To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
>> Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!
>>
>>
>>
>> You just forgot kaminsky,
>>
>> 2010/1/21 
>>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
>> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
>>
>>
>> FREE STEPHEN WATT !!!
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Version: Hush 3.0
>> Note: This signature can be verified at https://www.hushtools.com/verify
>>
>> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
>> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
>> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
>> ZgWJoJo=
>> =ftdb
>> -END PGP SIGNATURE-
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://netinfinity-sec.blogspot.com

http://www.ubuntu-pe.tk

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Christian Sciberras]

I think throwing "and fuck you" in a mailing list pretty much affects
all

Just sayin'

Cheers.





On Thu, Jan 21, 2010 at 8:33 PM, Thor (Hammer of God)
wrote:

>  Well, if you are going to say “Fuck Kaminsky,” then throw me in with
> him.   I’ll be at Defcon for anyone who would like to say it to my face.
>
>
>
> t
>
>
>
> *From:* full-disclosure-boun...@lists.grok.org.uk [mailto:
> full-disclosure-boun...@lists.grok.org.uk] *On Behalf Of *Jeff Williams
> *Sent:* Thursday, January 21, 2010 10:12 AM
> *To:* p...@hushmail.com; full-disclosure@lists.grok.org.uk
> *Subject:* Re: [Full-disclosure] FREE STEPHEN WATT !!!
>
>
>
> You just forgot kaminsky,
>
>  2010/1/21 
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
>
>
> FREE STEPHEN WATT !!!
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Version: Hush 3.0
> Note: This signature can be verified at https://www.hushtools.com/verify
>
> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
> ZgWJoJo=
> =ftdb
> -END PGP SIGNATURE-
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] PHC is _NOT_ DEAD !!!!

[john hale]

(2,'larholm','larholm','ocm...@jscript.dk','','http://ocmilf.com/','blank.gif','1085693158','','','','','',0,0,'','','','3301f5262143eacd30b9e9e09478146b',10,'',0,0,0,'',0,'','',4096,0,12.0);


On Thu, Jan 21, 2010 at 4:13 PM, netinfinity <
netinfinity.security...@gmail.com> wrote:

> peep who cares :D
>
> On Thu, Jan 21, 2010 at 5:20 PM, Christian Sciberras 
> wrote:
> > Vote +1 for "message of the month" award.
> >
> >
> >
> >
> >
> > On Thu, Jan 21, 2010 at 2:22 PM,  wrote:
> >>
> >> -BEGIN PGP SIGNED MESSAGE-
> >> Hash: SHA1
> >>
> >> peep game nigga, peep game, feel us !
> >>
> >>
> >>
> >> - --Phrack High Council
> >> -BEGIN PGP SIGNATURE-
> >> Charset: UTF8
> >> Note: This signature can be verified at
> https://www.hushtools.com/verify
> >> Version: Hush 3.0
> >>
> >> wpwEAQMCAAYFAktYVRAACgkQPBffzoCVnANW3QP9EMxg0GLjH2DfaH7sAsH/0UsrBQz+
> >> yo+ob4Qy8hF373vHTy0GjTxLYPPYuT58xUEwdzO/vnHNJlGkWjbCucnJiQj3hAdXZ/R/
> >> fYQP1Kg978//PDBMyTUBRCwIafjELdhHgUl3a7nR7dlRsu8hRx6ebHncw0+HmfW95uhY
> >> VpjBPQ4=
> >> =AsaL
> >> -END PGP SIGNATURE-
> >>
> >> ___
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>
>
> --
> http://netinfinity-sec.blogspot.com
>
> http://www.ubuntu-pe.tk
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] PHC is _NOT_ DEAD !!!!

[netinfinity]

peep who cares :D

On Thu, Jan 21, 2010 at 5:20 PM, Christian Sciberras  wrote:
> Vote +1 for "message of the month" award.
>
>
>
>
>
> On Thu, Jan 21, 2010 at 2:22 PM,  wrote:
>>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> peep game nigga, peep game, feel us !
>>
>>
>>
>> - --Phrack High Council
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Note: This signature can be verified at https://www.hushtools.com/verify
>> Version: Hush 3.0
>>
>> wpwEAQMCAAYFAktYVRAACgkQPBffzoCVnANW3QP9EMxg0GLjH2DfaH7sAsH/0UsrBQz+
>> yo+ob4Qy8hF373vHTy0GjTxLYPPYuT58xUEwdzO/vnHNJlGkWjbCucnJiQj3hAdXZ/R/
>> fYQP1Kg978//PDBMyTUBRCwIafjELdhHgUl3a7nR7dlRsu8hRx6ebHncw0+HmfW95uhY
>> VpjBPQ4=
>> =AsaL
>> -END PGP SIGNATURE-
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://netinfinity-sec.blogspot.com

http://www.ubuntu-pe.tk

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote 
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-014
January 21, 2010

-- CVE ID:
CVE-2010-0248

-- Affected Vendors:
Microsoft

-- Affected Products:
Microsoft Internet Explorer

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9427. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Microsoft Internet Explorer. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.

The specific flaw exists in the handling of cloned DOM objects in
JavaScript. A specially crafted sequence of object cloning can result in
the use of a pointer after it has been freed. Successful exploitation
can lead to remote system compromise under the credentials of the
currently logged in user.

-- Vendor Response:
Microsoft has issued an update to correct this vulnerability. More
details can be found at:

http://www.microsoft.com/technet/security/Bulletin/MS10-jan.mspx

-- Disclosure Timeline:
2009-08-14 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Peter Vreugdenhil ( http://www.vreugdenhilresearch.nl )

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-013: Microsoft Internet Explorer Table Layout Reuse Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-013: Microsoft Internet Explorer Table Layout Reuse Remote Code 
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-013
January 21, 2010

-- CVE ID:
CVE-2010-0245

-- Affected Vendors:
Microsoft

-- Affected Products:
Microsoft Internet Explorer 8
Microsoft Internet Explorer 7

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Microsoft Internet Explorer. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.

The specific flaw exists when specific elements are used within a table
container. If one of these elements is removed the application will
unlink the element from the layout tree incorrectly. When this tree is
later traversed, the application will reuse the object that has been
freed which can lead to code execution under the context of the current
user.

-- Vendor Response:
Microsoft has issued an update to correct this vulnerability. More
details can be found at:

http://www.microsoft.com/technet/security/Bulletin/MS10-jan.mspx

-- Disclosure Timeline:
2009-07-14 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Sam Thomas of eshu.co.uk

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-012: Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-012: Microsoft Internet Explorer Baseline Tag Rendering Remote Code 
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-012
January 21, 2010

-- CVE ID:
CVE-2010-0246

-- Affected Vendors:
Microsoft

-- Affected Products:
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 9429. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Microsoft Internet Explorer. User
interaction is required to exploit this vulnerability in that an
attacker must coerce a victim to visit a malicious page.

The specific flaw exists due to the application rendering intertwined
strike and center tags containing an element that manipulates the font
baseline such as 'sub' or 'sup'. When this element pointer is removed
the application will later dereference it even though it has been freed.
Successful exploitation can lead to arbitrary code execution under the
context of the currently logged in user.

-- Vendor Response:
Microsoft states:
http://www.microsoft.com/technet/security/Bulletin/MS10-jan.mspx

-- Disclosure Timeline:
2009-07-16 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Sam Thomas of eshu.co.uk

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-011: Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-011: Microsoft Internet Explorer Table Layout Col Tag Cache Update 
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-011
January 21, 2010

-- CVE ID:
CVE-2010-0244

-- Affected Vendors:
Microsoft

-- Affected Products:
Microsoft Internet Explorer

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Microsoft Internet Explorer. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.

The specific flaw exists when a Col element is used within an HTML table
container. If this element is removed while the table is in use a cache
that exists of the table's cells will be used after one of it's elements
has been invalidated. This can lead to code execution under the context
of the currently logged in user.

-- Vendor Response:
Microsoft has issued an update to correct this vulnerability. More
details can be found at:

http://www.microsoft.com/technet/security/Bulletin/MS10-jan.mspx

-- Disclosure Timeline:
2009-07-14 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* wushi of team509

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Thor (Hammer of God)]

Well, if you are going to say "Fuck Kaminsky," then throw me in with him.   
I'll be at Defcon for anyone who would like to say it to my face.

t

From: full-disclosure-boun...@lists.grok.org.uk 
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Jeff Williams
Sent: Thursday, January 21, 2010 10:12 AM
To: p...@hushmail.com; full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] FREE STEPHEN WATT !!!

You just forgot kaminsky,

2010/1/21 mailto:p...@hushmail.com>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com 
kiddiotz,
Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 


FREE STEPHEN WATT !!!
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
ZgWJoJo=
=ftdb
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Benji]

and my mum.

On Thu, Jan 21, 2010 at 6:11 PM, Jeff Williams wrote:

> You just forgot kaminsky,
>
>
> 2010/1/21 
>
> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
>> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
>>
>>
>> FREE STEPHEN WATT !!!
>> -BEGIN PGP SIGNATURE-
>> Charset: UTF8
>> Version: Hush 3.0
>> Note: This signature can be verified at https://www.hushtools.com/verify
>>
>> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
>> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
>> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
>> ZgWJoJo=
>> =ftdb
>> -END PGP SIGNATURE-
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FREE STEPHEN WATT !!!

[Jeff Williams]

You just forgot kaminsky,


2010/1/21 

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
> Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 
>
>
> FREE STEPHEN WATT !!!
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Version: Hush 3.0
> Note: This signature can be verified at https://www.hushtools.com/verify
>
> wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
> 4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
> OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
> ZgWJoJo=
> =ftdb
> -END PGP SIGNATURE-
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] FREE STEPHEN WATT !!!

[phc]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Fuck Gadi Evron, Fuck #phr...@efnet, Fuck anti-sec.com kiddiotz,
Fuck romeo, Fuck Fedz, Fuck Ratz and Fuck U 


FREE STEPHEN WATT !!!
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQMCAAYFAktYi4gACgkQPBffzoCVnAMzwAP+JyFb0s/aVmr2bGbzLxll2+h956B0
4IVuQiuFnEHgC6U8KnRVa36RdhIDsNZLQe9SoDvzYEfMZEvBF/Y71f8VyGC+133Uh9Be
OVkAjRnkHKYBsmk1PGCbZ+5VdAtDl2K8Ke0EEmkyeIU//+VijDwx6JkyIn6H2KTQ9CzC
ZgWJoJo=
=ftdb
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-010
January 21, 2010

-- CVE ID:
CVE-2009-4246

-- Affected Vendors:
RealNetworks

-- Affected Products:
RealNetworks RealPlayer

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 8493. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute code on vulnerable
installations of RealNetworks RealPlayer. User interaction is required
in that a user must visit a malicious website or open a malicious file
and accept a dialog to switch player skins.

The specific flaw exists during parsing of malformed RealPlayer .RJS
skin files. While loading a skin the application copies certain variable
length fields from the extracted file named web.xmb into a statically
sized buffer. By crafting these fields appropriately an attack can cause
the process to overflow the buffer. This can be leveraged to execute
arbitrary code with the privileges of the application.

-- Vendor Response:
RealNetworks has issued an update to correct this vulnerability. More
details can be found at:

http://service.real.com/realplayer/security/01192010_player/en/

-- Disclosure Timeline:
2009-01-15 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Peter Vreugdenhil (secur...@petervreugdenhil.nl)

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-009: RealNetworks RealPlayer IVR Format Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-009: RealNetworks RealPlayer IVR Format Remote Code Execution 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-009
January 21, 2010

-- CVE ID:
CVE-2009-0376

-- Affected Vendors:
RealNetworks

-- Affected Products:
RealNetworks RealPlayer

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 6964. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows attackers to execute arbitrary code on
vulnerable installations of RealNetworks RealPlayer. User interaction is
required to exploit this vulnerability in that the target must visit a
malicious page or open a malicious file.

The specific flaw exists within RealPlayer's parsing of IVR files. The
process trusts size values present in the file and uses them unsafely in
various file I/O and memory allocation operations. A specially crafted
file can cause memory overflows to occur leading to arbitrary code
execution under the context of the user running the player.

-- Vendor Response:
RealNetworks has issued an update to correct this vulnerability. More
details can be found at:

http://service.real.com/realplayer/security/01192010_player/en/

-- Disclosure Timeline:
2008-04-16 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* John Rambo

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-008
January 21, 2010

-- CVE ID:
CVE-2009-4244

-- Affected Vendors:
RealNetworks

-- Affected Products:
RealNetworks RealPlayer

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 6514. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute code on vulnerable
installations of RealNetworks RealPlayer. User interaction is required
in that a user must open a malicious file or visit a malicious web
site.

The specific flaw exists during the parsing of SIPR codec fields.
Specifying a small length value can trigger an undersized heap
allocation. This buffer can then subsequently be overflowed. This
vulnerability can result in arbitrary code execution under the context
of the currently logged in user.

-- Vendor Response:
RealNetworks has issued an update to correct this vulnerability. More
details can be found at:

http://service.real.com/realplayer/security/01192010_player/en/

-- Disclosure Timeline:
2008-05-12 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Anonymous

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-007
January 21, 2010

-- CVE ID:
CVE-2009-4257

-- Affected Vendors:
RealNetworks

-- Affected Products:
RealNetworks RealPlayer

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 5907. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows attackers to execute arbitrary code on
vulnerable installations of RealNetworks RealPlayer. User interaction is
required to exploit this vulnerability in that the target must visit a
malicious page or open a malicious file.

The specific flaw exists within the smlrender.dll library responsible
for parsing SMIL files. A lack of proper string length checks can result
in the overflow of a static heap buffer. Exploitation of this overflow
can lead to arbitrary code execution under the context of the user
running the process.

-- Vendor Response:
RealNetworks has issued an update to correct this vulnerability. More
details can be found at:

http://service.real.com/realplayer/security/01192010_player/en/

-- Disclosure Timeline:
2008-02-07 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Anonymous

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-006
January 21, 2010

-- CVE ID:
CVE-2009-4242

-- Affected Vendors:
RealNetworks

-- Affected Products:
RealNetworks RealPlayer

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 0. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute code on vulnerable
installations of RealNetworks RealPlayer. User interaction is required
in that a user must open a malicious file or visit a malicious web
site.

The specific flaw exists during the parsing of GIF files with forged
chunk sizes. The player uses values from the file improperly when
allocating a buffer on the heap. An attacker can abuse this to create
and then overflow heap buffers leading to arbitrary code execution in
the context of the currently logged in user.

-- Vendor Response:
RealNetworks has issued an update to correct this vulnerability. More
details can be found at:

http://service.real.com/realplayer/security/01192010_player/en/

-- Disclosure Timeline:
2007-12-11 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Anonymous

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-005
January 21, 2010

-- CVE ID:
CVE-2009-4241

-- Affected Vendors:
RealNetworks

-- Affected Products:
RealNetworks RealPlayer

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 5783. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute code on vulnerable
installations of RealPlayer. User interaction is required in that a user
must open a malicious file or visit a malicious web site.

The specific flaw exists during the parsing of files with improperly
defined ASMRuleBook structures. A controllable memory allocation allows
for an attacker to corrupt heap  memory. Attacker controlled data from
the corrupt heap is later used as an object pointer which can be
leveraged to execute arbitrary code in the context of the currently
logged in user.

-- Vendor Response:
RealNetworks has issued an update to correct this vulnerability. More
details can be found at:

http://service.real.com/realplayer/security/01192010_player/en/

-- Disclosure Timeline:
2007-11-07 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Anonymous

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [SECURITY] [DSA-1972-2] New audiofile packages fix buffer overflow

[Stefan Fritsch]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- -
Debian Security Advisory DSA-1972-2  secur...@debian.org
http://www.debian.org/security/   Stefan Fritsch
January 21, 2010  http://www.debian.org/security/faq
- -

Package: audiofile
Vulnerability  : buffer overflow
Problem type   : local (remote)
Debian-specific: no
CVE Id : CVE-2008-5824
Debian bug : 510205

This advisory adds the packages for the old stable distribution (etch),
with the exception of the mips packages. The updates for the mips
architecture will be released when they become available.

The packages for the stable distribution (lenny) have been released
in DSA-1972-1. For reference, the advisory text is provided below.

Max Kellermann discovered a heap-based buffer overflow in the handling
of ADPCM WAV files in libaudiofile. This flaw could result in a denial
of service (application crash) or possibly execution of arbitrary code
via a crafted WAV file.

The old stable distribution (etch), this problem has been fixed in
version 0.2.6-6+etch1.

For the stable distribution (lenny), this problem has been fixed in
version 0.2.6-7+lenny1.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem has been fixed in version 0.2.6-7.1.

We recommend that you upgrade your audiofile packages.

Upgrade instructions
- 

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch (oldstable)
- ---

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, 
mipsel, powerpc, s390 and sparc.

Source archives:

  
http://security.debian.org/pool/updates/main/a/audiofile/audiofile_0.2.6-6+etch1.diff.gz
Size/MD5 checksum:   300089 dbc542c9c87880f436083facfb3ccc28
  
http://security.debian.org/pool/updates/main/a/audiofile/audiofile_0.2.6-6+etch1.dsc
Size/MD5 checksum:  629 f9f760bd11ccb13c85266ace4f87d25d
  
http://security.debian.org/pool/updates/main/a/audiofile/audiofile_0.2.6.orig.tar.gz
Size/MD5 checksum:   374688 9c1049876cd51c0f1b12c2886cce4d42

alpha architecture (DEC Alpha)

  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile-dev_0.2.6-6+etch1_alpha.deb
Size/MD5 checksum:   158070 1d27f78ba5efee6f348fdec83497f0cf
  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile0_0.2.6-6+etch1_alpha.deb
Size/MD5 checksum:89404 0c40bf5eeab7afe6b81c0ca1bc8d4add

amd64 architecture (AMD x86_64 (AMD64))

  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile-dev_0.2.6-6+etch1_amd64.deb
Size/MD5 checksum:   128468 5307500dd56e86e86236a2e8af9258fe
  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile0_0.2.6-6+etch1_amd64.deb
Size/MD5 checksum:81598 17ee5acae5158682302d9256688c272e

arm architecture (ARM)

  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile-dev_0.2.6-6+etch1_arm.deb
Size/MD5 checksum:   114782 d6ca165e6c39f2475b23b07ea84258f3
  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile0_0.2.6-6+etch1_arm.deb
Size/MD5 checksum:73324 e5a3329799553494e43586faa08c5607

hppa architecture (HP PA RISC)

  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile0_0.2.6-6+etch1_hppa.deb
Size/MD5 checksum:87046 504612c1d8b826a30d55ae7688b9a37c
  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile-dev_0.2.6-6+etch1_hppa.deb
Size/MD5 checksum:   135608 5f6809474bca61b181113fff73393c56

i386 architecture (Intel ia32)

  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile-dev_0.2.6-6+etch1_i386.deb
Size/MD5 checksum:   118410 4e3e58094cfa7314a7160d7f936baafb
  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile0_0.2.6-6+etch1_i386.deb
Size/MD5 checksum:77204 e572289bc7e52fc49f256ed6d9ccbf80

ia64 architecture (Intel ia64)

  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile0_0.2.6-6+etch1_ia64.deb
Size/MD5 checksum:   112806 dd5f834b0b56d737f2601c63c776d658
  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile-dev_0.2.6-6+etch1_ia64.deb
Size/MD5 checksum:   170280 a25c0e6fa1024322810cb29f1204e6ff

mipsel architecture (MIPS (Little Endian))

  
http://security.debian.org/pool/updates/main/a/audiofile/libaudiofile0_0.2.6-6+etch1_mipsel.deb
Size/MD5 checksum:7

Re: [Full-disclosure] Two MSIE 6.0/7.0 NULL pointer crashes

[Christian Sciberras]

People are unreasonable, first they complain about lack of quick
patches/fixes.
Next they complain about fixes crashing their system.

Regards,
Chris.






On Thu, Jan 21, 2010 at 5:12 PM, Dan Kaminsky  wrote:

> On Thu, Jan 21, 2010 at 1:53 AM, Michal Zalewski 
> wrote:
> >> Testing takes time.  That's why both Microsoft and Mozilla test.
> >
> > Testing almost never legitimately takes months or years, unless the
> > process is severely broken; contrary to the popular claims,
> > personally, I have serious doubts that QA is a major bottleneck when
> > it comes to security response - certainly not as often as portrayed.
>
> There are a lot of factors that go into how long it takes to run QA.
> Here's a few (I'll leave out the joys of multivendor for now):
>
> 1) How widespread is the deployment?  A little while ago, Google had
> an XSS on Google Maps.  An hour later, they didn't.  About a decade
> ago, AOL Instant Messenger had a remote code execution vulnerability.
> Eight hours later, they didn't.  Say what you will about
> centralization, but it *really* makes it easier and safer to deploy a
> fix, because the environment is totally known, and you have only one
> environment.  There are a couple dimensions at play here:
>
> a) How many versions do you need to patch?
> b) How many different deployment classes are there?  If your
> developers are making a bunch of enterprise assumptions (there's a
> domain, there's group policy, there's an IT guy, etc) and the fix is
> going to Grandma, let me tell you, something's not going to work
> c) What's at stake?  Your D-Link router has very different deployment
> characteristics than your Juniper router.
>
> 2) How complicated is the fix?  Throwing in a one-liner to make sure
> an integer doesn't overflow is indeed relatively straightforward.  But
> imagine an oldschool application drenched in strcpy, where you've lost
> context of the length of that buffer five functions ago.  Or imagine
> the modern browser bug, where you're going up against an attacker who
> *by design* has a Turing complete capability to manipulate your object
> tree, complete with control over time.  Or, worst of all, take a
> design flaw like Marsh Ray's TLS renegotiation bug.  People are still
> fiddling around with figuring out how to fix that bug right, months
> later.  Complexity introduces three issues:
>
> a) You have to fix the entire flaw, and related flaws.  We've all seen
> companies who deploy fixes like "if this argument contains alert(1),
> abort".  Yeah, that's not enough.
> b) You have to not introduce new flaws with your fix -- complexity
> doesn't stop increasing vulnerability just because you're doing a
> security fix.
> c) The system needs to work entirely the same after.  That means you
> don't get to significantly degrade performance, usability,
> reliability, or especially compatibility.  Particularly with design
> bugs, other systems grow to depend on their presence.  No software
> lives in a vacuum, so you have to actually _find_ these other pieces
> of code, and make sure things still work.
>
> 3) How many people do you actually expect to deploy your patch?
> There's this entire continuum between "only the other developers on
> SVN", through "the people who call to complain", to "everybody who
> clicks 'I accept the risk of patching'", to "my entire customer base
> with zero user interaction whatsoever".  A patch with problems 0.005%
> of the time is acceptable if 1000 people are deploying, but not if
> 1,000,000 people are deploying.  Note that security research is very
> strongly correlated with deployment numbers, to the point that
> vulnerability count is much more correlated with popularity than code
> quality.  So you have this interesting situation where the more your
> fix is pushed, the more scrutiny there will be upon it.
>
> Now, you can consider these all excuses.  Believe me, QA people have
> no shortage of guys who look down on them and their problems.  But
> certainly different bugs have different characteristics, and assuming
> that all things can be fixed in the same time window with the same
> output quality is just factually untrue.  You might as well be
> claiming the next version of HTML5 will include an  tag
> that will make your laptop float in the air and spin around.
>
> There is a balancing act.  Years is, of course, ridiculous.  In many
> situations, so too are a couple of weeks.  If the goal is to achieve
> the best quality patches, then you want the issue _prioritized
> heavily_, but not _on public fire_.  The latter encourages people to
> skip testing, and you know of course what happens when you skip
> testing?
>
> You end up with Gigabit Ethernet drivers that can't actually handle
> all frame lengths.  (Epic Intel find from Fabian Yamaguchi.  Wow.)
>
> Responsible disclosure has its risks.  You really can be jerked around
> by a company, *especially* one that hasn't experienced the weirdness
> of an external security disclosure befor

[Full-disclosure] ZDI-10-004: Cisco CiscoWorks IPM GIOP getProcessName Remote Code Execution Vulnerability

[ZDI Disclosures]

ZDI-10-004: Cisco CiscoWorks IPM GIOP getProcessName Remote Code Execution 
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-004
January 21, 2010

-- CVE ID:
CVE-2010-0138

-- Affected Vendors:
Cisco

-- Affected Products:
Cisco Internetwork Performance Monitor

-- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 6790. 
For further product information on the TippingPoint IPS, visit:

http://www.tippingpoint.com

-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Cisco CiscoWorks Internetwork Performance
Monitor. Authentication is not required to exploit this vulnerability.

The specific flaw exists in the handling of CORBA GIOP requests. By
making a specially crafted getProcessName GIOP request an attacker can
corrupt memory. Successful exploitation can result in a full compromise
with SYSTEM credentials.

-- Vendor Response:
Cisco has issued an update to correct this vulnerability. More
details can be found at:

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1351d.shtml

-- Disclosure Timeline:
2008-10-15 - Vulnerability reported to vendor
2010-01-21 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
* Anonymous

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] PHC is _NOT_ DEAD !!!!

[Christian Sciberras]

Vote +1 for "message of the month" award.





On Thu, Jan 21, 2010 at 2:22 PM,  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> peep game nigga, peep game, feel us !
>
>
>
> - --Phrack High Council
> -BEGIN PGP SIGNATURE-
> Charset: UTF8
> Note: This signature can be verified at https://www.hushtools.com/verify
> Version: Hush 3.0
>
> wpwEAQMCAAYFAktYVRAACgkQPBffzoCVnANW3QP9EMxg0GLjH2DfaH7sAsH/0UsrBQz+
> yo+ob4Qy8hF373vHTy0GjTxLYPPYuT58xUEwdzO/vnHNJlGkWjbCucnJiQj3hAdXZ/R/
> fYQP1Kg978//PDBMyTUBRCwIafjELdhHgUl3a7nR7dlRsu8hRx6ebHncw0+HmfW95uhY
> VpjBPQ4=
> =AsaL
> -END PGP SIGNATURE-
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Two MSIE 6.0/7.0 NULL pointer crashes

[Dan Kaminsky]

On Thu, Jan 21, 2010 at 1:53 AM, Michal Zalewski  wrote:
>> Testing takes time.  That's why both Microsoft and Mozilla test.
>
> Testing almost never legitimately takes months or years, unless the
> process is severely broken; contrary to the popular claims,
> personally, I have serious doubts that QA is a major bottleneck when
> it comes to security response - certainly not as often as portrayed.

There are a lot of factors that go into how long it takes to run QA.
Here's a few (I'll leave out the joys of multivendor for now):

1) How widespread is the deployment?  A little while ago, Google had
an XSS on Google Maps.  An hour later, they didn't.  About a decade
ago, AOL Instant Messenger had a remote code execution vulnerability.
Eight hours later, they didn't.  Say what you will about
centralization, but it *really* makes it easier and safer to deploy a
fix, because the environment is totally known, and you have only one
environment.  There are a couple dimensions at play here:

a) How many versions do you need to patch?
b) How many different deployment classes are there?  If your
developers are making a bunch of enterprise assumptions (there's a
domain, there's group policy, there's an IT guy, etc) and the fix is
going to Grandma, let me tell you, something's not going to work
c) What's at stake?  Your D-Link router has very different deployment
characteristics than your Juniper router.

2) How complicated is the fix?  Throwing in a one-liner to make sure
an integer doesn't overflow is indeed relatively straightforward.  But
imagine an oldschool application drenched in strcpy, where you've lost
context of the length of that buffer five functions ago.  Or imagine
the modern browser bug, where you're going up against an attacker who
*by design* has a Turing complete capability to manipulate your object
tree, complete with control over time.  Or, worst of all, take a
design flaw like Marsh Ray's TLS renegotiation bug.  People are still
fiddling around with figuring out how to fix that bug right, months
later.  Complexity introduces three issues:

a) You have to fix the entire flaw, and related flaws.  We've all seen
companies who deploy fixes like "if this argument contains alert(1),
abort".  Yeah, that's not enough.
b) You have to not introduce new flaws with your fix -- complexity
doesn't stop increasing vulnerability just because you're doing a
security fix.
c) The system needs to work entirely the same after.  That means you
don't get to significantly degrade performance, usability,
reliability, or especially compatibility.  Particularly with design
bugs, other systems grow to depend on their presence.  No software
lives in a vacuum, so you have to actually _find_ these other pieces
of code, and make sure things still work.

3) How many people do you actually expect to deploy your patch?
There's this entire continuum between "only the other developers on
SVN", through "the people who call to complain", to "everybody who
clicks 'I accept the risk of patching'", to "my entire customer base
with zero user interaction whatsoever".  A patch with problems 0.005%
of the time is acceptable if 1000 people are deploying, but not if
1,000,000 people are deploying.  Note that security research is very
strongly correlated with deployment numbers, to the point that
vulnerability count is much more correlated with popularity than code
quality.  So you have this interesting situation where the more your
fix is pushed, the more scrutiny there will be upon it.

Now, you can consider these all excuses.  Believe me, QA people have
no shortage of guys who look down on them and their problems.  But
certainly different bugs have different characteristics, and assuming
that all things can be fixed in the same time window with the same
output quality is just factually untrue.  You might as well be
claiming the next version of HTML5 will include an  tag
that will make your laptop float in the air and spin around.

There is a balancing act.  Years is, of course, ridiculous.  In many
situations, so too are a couple of weeks.  If the goal is to achieve
the best quality patches, then you want the issue _prioritized
heavily_, but not _on public fire_.  The latter encourages people to
skip testing, and you know of course what happens when you skip
testing?

You end up with Gigabit Ethernet drivers that can't actually handle
all frame lengths.  (Epic Intel find from Fabian Yamaguchi.  Wow.)

Responsible disclosure has its risks.  You really can be jerked around
by a company, *especially* one that hasn't experienced the weirdness
of an external security disclosure before.  But engineering realities
don't go away just because the suits finally got out of the way.
Testing matters.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] PHC is _NOT_ DEAD !!!!

[phc]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

peep game nigga, peep game, feel us !



- --Phrack High Council
-BEGIN PGP SIGNATURE-
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAktYVRAACgkQPBffzoCVnANW3QP9EMxg0GLjH2DfaH7sAsH/0UsrBQz+
yo+ob4Qy8hF373vHTy0GjTxLYPPYuT58xUEwdzO/vnHNJlGkWjbCucnJiQj3hAdXZ/R/
fYQP1Kg978//PDBMyTUBRCwIafjELdhHgUl3a7nR7dlRsu8hRx6ebHncw0+HmfW95uhY
VpjBPQ4=
=AsaL
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [ MDVSA-2010:023 ] phpldapadmin

[security]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 ___

 Mandriva Linux Security Advisory MDVSA-2010:023
 http://www.mandriva.com/security/
 ___

 Package : phpldapadmin
 Date: January 21, 2010
 Affected: Enterprise Server 5.0
 ___

 Problem Description:

 A vulnerability has been found and corrected in phpldapadmin:
 
 Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5
 allows remote attackers to include and execute arbitrary local files
 via a .. (dot dot) in the cmd parameter (CVE-2009-4427).
 
 The updated packages have been patched to correct thies issue.
 ___

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4427
 ___

 Updated Packages:

 Mandriva Enterprise Server 5:
 04269a24be47cae01b6ad81ad46128a1  
mes5/i586/phpldapadmin-1.1.0.7-1.1mdvmes5.noarch.rpm 
 322afd2a91fb2e6c4448d3cf86de4c49  
mes5/SRPMS/phpldapadmin-1.1.0.7-1.1mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 51a833830eeaf5e5e1e8ffacd2e2fd90  
mes5/x86_64/phpldapadmin-1.1.0.7-1.1mdvmes5.noarch.rpm 
 322afd2a91fb2e6c4448d3cf86de4c49  
mes5/SRPMS/phpldapadmin-1.1.0.7-1.1mdvmes5.src.rpm
 ___

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 ___

 Type Bits/KeyID Date   User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLWEXemqjQ0CJFipgRAntXAJ94FOrq4yh3iaqozCLL8Rl3JjxoBwCfbVmt
6aGuXA3N/AEw2RgKgZGmLyU=
=BUgG
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [ MDVSA-2010:022 ] openssl

[security]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 ___

 Mandriva Linux Security Advisory MDVSA-2010:022
 http://www.mandriva.com/security/
 ___

 Package : openssl
 Date: January 21, 2010
 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Enterprise Server 5.0
 ___

 Problem Description:

 Some vulnerabilities were discovered and corrected in openssl:
 
 Memory leak in the zlib_stateful_finish function in
 crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta
 through Beta 4 allows remote attackers to cause a denial of service
 (memory consumption) via vectors that trigger incorrect calls to the
 CRYPTO_free_all_ex_data function, as demonstrated by use of SSLv3
 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678
 (CVE-2009-4355).
 
 Packages for 2008.0 are provided for Corporate Desktop 2008.0
 customers.
 
 The updated packages have been patched to correct thies issue.
 ___

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355
 ___

 Updated Packages:

 Mandriva Linux 2008.0:
 a9a898f4dadf680f4332bfddfc525700  
2008.0/i586/libopenssl0.9.8-0.9.8e-8.5mdv2008.0.i586.rpm
 5365fe9fc3b8b48fc039f73a6e4aacc2  
2008.0/i586/libopenssl0.9.8-devel-0.9.8e-8.5mdv2008.0.i586.rpm
 f5de1c555b80b503f4c135ca1a05f525  
2008.0/i586/libopenssl0.9.8-static-devel-0.9.8e-8.5mdv2008.0.i586.rpm
 98d375a9df19e136a1874203e36e1f77  
2008.0/i586/openssl-0.9.8e-8.5mdv2008.0.i586.rpm 
 66ca48de65b3b7b79a675a5dd58f66bb  
2008.0/SRPMS/openssl-0.9.8e-8.5mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 8d695fc8e1d9b887040b2f04045a044c  
2008.0/x86_64/lib64openssl0.9.8-0.9.8e-8.5mdv2008.0.x86_64.rpm
 e8421d7082bccc3ca65884356cd4ec3a  
2008.0/x86_64/lib64openssl0.9.8-devel-0.9.8e-8.5mdv2008.0.x86_64.rpm
 d44773cfa42eebadc1fabedda4d09b5a  
2008.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8e-8.5mdv2008.0.x86_64.rpm
 83b8e090dde48aae539074b0c5bd5368  
2008.0/x86_64/openssl-0.9.8e-8.5mdv2008.0.x86_64.rpm 
 66ca48de65b3b7b79a675a5dd58f66bb  
2008.0/SRPMS/openssl-0.9.8e-8.5mdv2008.0.src.rpm

 Mandriva Linux 2009.0:
 4909b82f6a8542d6c2c9a149e162b026  
2009.0/i586/libopenssl0.9.8-0.9.8h-3.6mdv2009.0.i586.rpm
 9db39d348be788066c18b4c79a780708  
2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.6mdv2009.0.i586.rpm
 731627e4d05b6be2d7677c8a3046c503  
2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.6mdv2009.0.i586.rpm
 6ddcae79036144522d305c3b4a8ca65a  
2009.0/i586/openssl-0.9.8h-3.6mdv2009.0.i586.rpm 
 67f542f557fa92711427da2f95627512  
2009.0/SRPMS/openssl-0.9.8h-3.6mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 8217f398c7ac610c802f985df7ef7ae5  
2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.6mdv2009.0.x86_64.rpm
 a71c716897f07f0a4076ee14b2ced952  
2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.6mdv2009.0.x86_64.rpm
 f6e83931027ee725f7c2b5cb3e5a45ba  
2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.6mdv2009.0.x86_64.rpm
 3f42139761e11ce8e2e80a3b88c03c55  
2009.0/x86_64/openssl-0.9.8h-3.6mdv2009.0.x86_64.rpm 
 67f542f557fa92711427da2f95627512  
2009.0/SRPMS/openssl-0.9.8h-3.6mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 986a9920a5e8d89fca5d29f5c44c22ea  
2009.1/i586/libopenssl0.9.8-0.9.8k-1.4mdv2009.1.i586.rpm
 f99f88c47670dc818eabf9dcf59755ce  
2009.1/i586/libopenssl0.9.8-devel-0.9.8k-1.4mdv2009.1.i586.rpm
 d6897c50cdac2690537345dec4eaabb5  
2009.1/i586/libopenssl0.9.8-static-devel-0.9.8k-1.4mdv2009.1.i586.rpm
 05b1c396ff92151cf1b65dd6351ce0a3  
2009.1/i586/openssl-0.9.8k-1.4mdv2009.1.i586.rpm 
 a747a26f98d79c52d7bdc290c0c39fdf  
2009.1/SRPMS/openssl-0.9.8k-1.4mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 f8a6ce5af5b0542e3c67473a4343b047  
2009.1/x86_64/lib64openssl0.9.8-0.9.8k-1.4mdv2009.1.x86_64.rpm
 bfb459b88345420630af971914ac28fc  
2009.1/x86_64/lib64openssl0.9.8-devel-0.9.8k-1.4mdv2009.1.x86_64.rpm
 f39d2fe28b1f3832fefc16793b92d31d  
2009.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-1.4mdv2009.1.x86_64.rpm
 8284232eed28cc67c5f03165775684c1  
2009.1/x86_64/openssl-0.9.8k-1.4mdv2009.1.x86_64.rpm 
 a747a26f98d79c52d7bdc290c0c39fdf  
2009.1/SRPMS/openssl-0.9.8k-1.4mdv2009.1.src.rpm

 Mandriva Linux 2010.0:
 f22f4dd656bae99ba9919e386f96f854  
2010.0/i586/libopenssl0.9.8-0.9.8k-5.1mdv2010.0.i586.rpm
 3f8249525866e2ea9654d6980d70c268  
2010.0/i586/libopenssl0.9.8-devel-0.9.8k-5.1mdv2010.0.i586.rpm
 0611b2c8434d2b775fc9bb9cdb166707  
2010.0/i586/libopenssl0.9.8-static-devel-0.9.8k-5.1mdv2010.0.i586.rpm
 40cb74b266f75d4a661777f55b6dade7  
2010.0/i586/openssl-0.9.8k-5.1mdv2010.0.i586.rpm 
 aaf56bf93ad0162cabfc9c1e79c032e1  
2010.0/SRPMS/openssl-0.9.8k-5.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 b6ba70ce57f80b5beb65c0993a25bf97  
2010.0/

Re: [Full-disclosure] NSOADV-2010-002: Google Wave Design Bugs

[dramacrat]

inb4 front page news

2010/1/21 

> > Well, that's exactly what I'm saying.  Pretending that this is some kind
> new
> > exploit class simply because Google Wave is used is stupid.  This is the
> > logical extension of e-mail and instant message and social network
> attacks
> > to the next potential platform.
>
> Following in the history of the security community, we should coin a
> buzzword on this old issue with a new spin.
> WaveJacking sounds like a perfect fit.
> 
>
>
> > On Tue, Jan 19, 2010 at 8:10 PM,  wrote:
> >
> > > On Tue, 19 Jan 2010 19:01:36 CST, Rohit Patnaik said:
> > > > Yeah, no kidding.  Surprise! Untrusted files can be malicious.  If
> you
> > > > accept files from those whom you do not trust, whether its via
> e-mail,
> > > > instant message, Google Wave, or physical media, you well and truly
> > > deserve
> > > > the virus that'll eventually infect your machine.
> > >
> > > Let's see.. *HOW* many years ago did we first see e-mail based viruses
> that
> > > depended on people opening them because they came from people they
> already
> > > knew?  'CHRISTMA EXEC' in 1984 comes to mind.
> > >
> > > The problem here is that Google Wave is for *collaboration* - which
> means
> > > that you're communicating with people you already know, and presumably
> > > trust to some degree or other. "Hey Joe, look at this PDF and tell me
> > > what you think" is something reasonable when the request comes from
> > > somebody
> > > who Joe knows and who has sent Joe PDF's in the past.
> > >
> > > I guarantee that if every time you receive a document that appears to
> be
> > > from
> > > your boss, you call back and ask if they really intended to send a
> document
> > > or
> > > if it's a virus, your boss will get very cranky with you very fast.
> > >
> > > Let's look at that original advisory again:
> > >
> > > >> An attacker could upload his malware to a wave and share it to his
> > > >> Google Wave contacts.
> > >
> > > Now change that to "An attacker could trick/pwn some poor victim into
> > > uploading
> > > the malware to a wave"  Hilarity ensues.
> > >
> > >
> > >
> > >
> >
> > --000e0cd2e002580025047da0b22e
> > Content-Type: text/html; charset=ISO-8859-1
> > Content-Transfer-Encoding: quoted-printable
> >
> > Well, that's exactly what I'm saying.=A0 Pretending that this is
> so=
> > me kind new exploit class simply because Google Wave is used is
> stupid.=A0 =
> > This is the logical extension of e-mail and instant message and social
> netw=
> > ork attacks to the next potential platform.
> > -- Rohit PatnaikOn Tue, Jan 19,
> 2010=
> >  at 8:10 PM,  < valdis.kletni...@vt.e=
> > du">valdis.kletni...@vt.edu> wrote: class=3D"g=
> > mail_quote" style=3D"border-left: 1px solid rgb(204, 204, 204); margin:
> 0pt=
> >  0pt 0pt 0.8ex; padding-left: 1ex;">
> > On Tue, 19 Jan 2010 19:01:36 CST, Rohit Patnaik
> said:
> > > Yeah, no kidding. =A0Surprise! Untrusted files can be malicious.
> =A0If=
> >  you
> > > accept files from those whom you do not trust, whether its via
> e-mail,=
> > 
> > > instant message, Google Wave, or physical media, you well and truly
> de=
> > serve
> > > the virus that'll eventually infect your machine.
> > 
> > Let's see.. *HOW* many years ago did we first see e-mail based
> vi=
> > ruses that
> > depended on people opening them because they came from people they
> already<=
> > br>
> > knew? =A0'CHRISTMA EXEC' in 1984 comes to mind.
> > 
> > The problem here is that Google Wave is for *collaboration* - which
> means > r>
> > that you're communicating with people you already know, and
> presumably<=
> > br>
> > trust to some degree or other. "Hey Joe, look at this PDF and tell
> me<=
> > br>
> > what you think" is something reasonable when the request comes from
> so=
> > mebody
> > who Joe knows and who has sent Joe PDF's in the past.
> > 
> > I guarantee that if every time you receive a document that appears to be
> fr=
> > om
> > your boss, you call back and ask if they really intended to send a
> document=
> >  or
> > if it's a virus, your boss will get very cranky with you very
> fast.
> > 
> > Let's look at that original advisory again:
> > 
> > >> An attacker could upload his malware to a wave and share it to
> his=
> > 
> > >> Google Wave contacts.
> > 
> > Now change that to "An attacker could trick/pwn some poor
> victim=
> >  into uploading
> > the malware to a wave" =A0Hilarity ensues.
> > 
> > 
> > 
> > 
> >
> > --000e0cd2e002580025047da0b22e--
> >
> >
> > --===1022691582==
> > Content-Type: text/plain; charset="us-ascii"
> > MIME-Version: 1.0
> > Content-Transfer-Encoding: 7bit
> > Content-Disposition: inline
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> > --===1022691582==--
> >
> >
> http://www.cgisecurity.com/
>
> _

[Full-disclosure] [SECURITY] [DSA-1975-1] Security Support for Debian 4.0 to be discontinued on February 15th

[Stefan Fritsch]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- 
Debian Security Advisory DSA-1975-1  secur...@debian.org
http://www.debian.org/security/   Stefan Fritsch
January 20, 2010  http://www.debian.org/security/faq
- 

Security Support for Debian GNU/Linux 4.0 to be discontinued on
February 15th

One year after the release of Debian GNU/Linux 5.0 alias 'lenny' and
nearly three years after the release of Debian GNU/Linux 4.0 alias
'etch' the security support for the old distribution (4.0 alias
'etch') is coming to an end next month.  The Debian project is proud
to be able to support its old distribution for such a long time and
even for one year after a new version has been released.

The Debian project has released Debian GNU/Linux 5.0 alias 'lenny' on
the 14th of February 2009.  Users and Distributors have been given a
one-year timeframe to upgrade their old installations to the current
stable release.  Hence, the security support for the old release of
4.0 is going to end in February 2010 as previously announced.

Previously announced security updates for the old release will continue
to be available on security.debian.org.


Security Updates
- 

The Debian Security Team provides security updates for the current
distribution via .  Security updates for the
old distribution are also provided for one year after the new
distribution has been released or until the current distribution is
superseded, whatever happens first.

- 
-
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security 
dists/stable/updates/main
Mailing list: debian-security-annou...@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFLV2xsbxelr8HyTqQRAhEEAKChPIqF2VfvHVQoKOZNyB3UqObdkgCcDWb4
17tJ0nC2y8INc7y2h66+Vx8=
=CcLt
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] NSOADV-2010-002: Google Wave Design Bugs

[bugtraq]

> Well, that's exactly what I'm saying.  Pretending that this is some kind new
> exploit class simply because Google Wave is used is stupid.  This is the
> logical extension of e-mail and instant message and social network attacks
> to the next potential platform.

Following in the history of the security community, we should coin a buzzword 
on this old issue with a new spin. 
WaveJacking sounds like a perfect fit.



> On Tue, Jan 19, 2010 at 8:10 PM,  wrote:
> 
> > On Tue, 19 Jan 2010 19:01:36 CST, Rohit Patnaik said:
> > > Yeah, no kidding.  Surprise! Untrusted files can be malicious.  If you
> > > accept files from those whom you do not trust, whether its via e-mail,
> > > instant message, Google Wave, or physical media, you well and truly
> > deserve
> > > the virus that'll eventually infect your machine.
> >
> > Let's see.. *HOW* many years ago did we first see e-mail based viruses that
> > depended on people opening them because they came from people they already
> > knew?  'CHRISTMA EXEC' in 1984 comes to mind.
> >
> > The problem here is that Google Wave is for *collaboration* - which means
> > that you're communicating with people you already know, and presumably
> > trust to some degree or other. "Hey Joe, look at this PDF and tell me
> > what you think" is something reasonable when the request comes from
> > somebody
> > who Joe knows and who has sent Joe PDF's in the past.
> >
> > I guarantee that if every time you receive a document that appears to be
> > from
> > your boss, you call back and ask if they really intended to send a document
> > or
> > if it's a virus, your boss will get very cranky with you very fast.
> >
> > Let's look at that original advisory again:
> >
> > >> An attacker could upload his malware to a wave and share it to his
> > >> Google Wave contacts.
> >
> > Now change that to "An attacker could trick/pwn some poor victim into
> > uploading
> > the malware to a wave"  Hilarity ensues.
> >
> >
> >
> >
> 
> --000e0cd2e002580025047da0b22e
> Content-Type: text/html; charset=ISO-8859-1
> Content-Transfer-Encoding: quoted-printable
> 
> Well, that's exactly what I'm saying.=A0 Pretending that this is so=
> me kind new exploit class simply because Google Wave is used is stupid.=A0 =
> This is the logical extension of e-mail and instant message and social netw=
> ork attacks to the next potential platform.
> -- Rohit PatnaikOn Tue, Jan 19, 2010=
>  at 8:10 PM,   du">valdis.kletni...@vt.edu> wrote: mail_quote" style=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0pt=
>  0pt 0pt 0.8ex; padding-left: 1ex;">
> On Tue, 19 Jan 2010 19:01:36 CST, Rohit Patnaik said:
> > Yeah, no kidding. =A0Surprise! Untrusted files can be malicious. =A0If=
>  you
> > accept files from those whom you do not trust, whether its via e-mail,=
> 
> > instant message, Google Wave, or physical media, you well and truly de=
> serve
> > the virus that'll eventually infect your machine.
> 
> Let's see.. *HOW* many years ago did we first see e-mail based vi=
> ruses that
> depended on people opening them because they came from people they already<=
> br>
> knew? =A0'CHRISTMA EXEC' in 1984 comes to mind.
> 
> The problem here is that Google Wave is for *collaboration* - which means r>
> that you're communicating with people you already know, and presumably<=
> br>
> trust to some degree or other. "Hey Joe, look at this PDF and tell me<=
> br>
> what you think" is something reasonable when the request comes from so=
> mebody
> who Joe knows and who has sent Joe PDF's in the past.
> 
> I guarantee that if every time you receive a document that appears to be fr=
> om
> your boss, you call back and ask if they really intended to send a document=
>  or
> if it's a virus, your boss will get very cranky with you very fast.
> 
> Let's look at that original advisory again:
> 
> >> An attacker could upload his malware to a wave and share it to his=
> 
> >> Google Wave contacts.
> 
> Now change that to "An attacker could trick/pwn some poor victim=
>  into uploading
> the malware to a wave" =A0Hilarity ensues.
> 
> 
> 
> 
> 
> --000e0cd2e002580025047da0b22e--
> 
> 
> --===1022691582==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> --===1022691582==--
> 
> 
http://www.cgisecurity.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Insufficient User Input Validation in VP-ASP 6.50 Demo Code

[CodeScan Labs Advisories]

= CodeScan Advisory, codescan.com 
=
= Insufficient User Input Validation in VP-ASP 6.50 Demo Code
=
= Vendor Website:
= http://www.vpasp.com/
=
= Affected Version:
=VP-ASP Shopping Cart 6.50 Demo Code And Earlier
=
= Researched By
=CodeScan Labs 
=
= Public disclosure on January 21st, 2010



 
== Overview ==

CodeScan Labs (http://www.codescan.com), has recently released a new source
code scanning tool, CodeScan. CodeScan is an advanced auditing tool
designed to check web application source code for security vulnerabilities.
CodeScan utilises an intelligent source code parsing engine, traversing
execution paths and tracking the flow of user supplied input.

During the ongoing testing of CodeScan ASP, VP-ASP was selected as one of 
the test applications. We downloaded a demo of VP-ASP from the VP-ASP
website http://www.vpasp.com/virtprog/paypal.htm.

 This advisory is the result of research into the security of VP-ASP,
based on the report generated by the CodeScan tool.

== Vulnerability Details ==

* SQL Injection *

An SQL Injection vulnerability is caused by assigning a variable from client 
data, for example in file shopsessionsubs.asp in Function Getwebsess:

userid=cleanchars(request("websess"))
and:
userid = Request.Cookies(cookiename)

In Sub ResponseCookies variable userid is assigned to variable websess by a 
call to Getwebsess and variable websess is concatenated with other data to 
construct an SQL statement: 

cookiesql="Select * from sitesessions where sessionkey='" & websess & 
"'"

This SQL statement is used in a call to ADODB.Connection.Execute:

set cookiers=cookiedbc.execute(cookiesql)

The function cleanchars makes a security check on the input, but this check is 
based on a blacklist of bad characters that could be used in SQL statements; 
it is better to use a whitelist of allowed characters, as it is easy to 
overlook possible bad characters.

* Cross Site Scripting and Arbitrary File Access *

Cross Site Scripting and Arbitrary File Access vulnerabilities are caused by 
assigning a variable from client data in file shopsessionsubs.asp, in 
Sub CookielessGenerateFilename:

ipaddress = Request.Servervariables("REMOTE_HOST") 

Variable ipaddress is concatenated with other data in 
Sub CookielessGenerateFilename to construct a variable filename:

tempname=prefix & "_" & mm & dd & yy & "_" & Ipaddress
tempname=tempname & ".txt"
tempname=xsavesessionfilefolder & "\" & tempname
filename=tempname

Variable filename is used in calls to Scripting.FileSystemObject.OpenTextFile 
and Response.Write in Sub CookielessReadFile:

Set Myfile = fso.OpenTextFile(filename, 1, false)
and: 
response.write "" &  "unable to open file" & filename  & "" & 
err.description & ""

These vulnerabilities do not depend on direct user input, but a hacker could 
tamper with the REMOTE_HOST server variable or with cookies to supply malicious 
input.
 
== Credit ==

Discovered and advised to the vendor by CodeScan Labs

== About CodeScan Labs Ltd ==

CodeScan Labs is a specialist security research and development
organisation, that has developed the cornerstone application, CodeScan.
CodeScan Labs helps organisations secure their web services through the
automated scanning of the web application source code for security
vulnerabilities.  The CodeScan product is currently available for ASP, ASP.NET 
C#
and PHP

CodeScan Labs operates with Responsible Disclosure where appropriate. As a 
result,
any published advisories will contain information around problems
identified by CodeScan, that have been resolved by the vendor. Additional
code problems which may be identified by CodeScan or its staff which are
not resolved by the vendor may not be made publicly available.
-- 
This message has been scanned for viruses and
dangerous content by Bizo EmailFilter, and is
believed to be clean.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Two MSIE 6.0/7.0 NULL pointer crashes

[mrx]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Michal Zalewski wrote:
>> Testing takes time.  That's why both Microsoft and Mozilla test.
> 
> Testing almost never legitimately takes months or years, unless the
> process is severely broken; contrary to the popular claims,
> personally, I have serious doubts that QA is a major bottleneck when
> it comes to security response - certainly not as often as portrayed.
> 
> The generalization made earlier in this thread - that closed source
> projects are always bad when it comes to security response, while the
> open source community is inherently responsive - does not even deserve
> a proper rebuttal. I am cc:ed on quite a few open security bugs in
> major open source software - and when a problem is kept under wraps,
> it is not unheard of to wait 6-12 months for a fix.
> 
> Both in the open source and in the closed source world, the real story
> is almost always that the security issues you report need to be
> prioritized against hundreds of other internally discovered security
> problems; and thousands of high-priority but non-security bugs that
> affect market adoption or annoy key customers. On top of this, many
> security changes may require significant rewrites that the vendor is
> hesitant to implement because of having no resources or no long-term
> plan to do so.
> 
> In other words, in many cases, most of the waiting period is a
> prolonged no-op that may serves no legitimate function, and may be
> putting users at an unreasonable risk.
> 
> Even without assuming malice on the side of the vendor, this
> demonstrates an inherent weakness of the "responsible disclosure"
> process (understood as accepting arbitrary vendor-provided disclosure
> timelines): while some vendors are quite willing to give security
> issues top priority, and will actually work to get things done -
> others may exploit the rhetoric to mask staffing problems or the
> inability to drive engineering decisions effectively.
> 
> Cheers,
> /mz
> 

Thank you for the insights Michal.
I accept my comment was a little glib, however it has been my experience
that open source vulnerabilities of this magnitude that are in the wild
are usually fixed in a day or two by the OS community whereas large closed
source developers can take weeks or longer to release a fix for such
flaws.

Perhaps this is due, at least in part, to the modularity and separation of
function in OSS and being able to a personally identify the developer of a
vulnerable OS project. Also a single person or small team can act more
efficiently on known code. Where as in a large corporate closed software
development environment where an application carries so many dependencies
on evolving and legacy code, where the person responsible for introducing
the vulnerability is not publicly identifiable can lead to all kinds of
denial, excuses and buck passing.

Perhaps I am a little naive, after all I am a novice in this field which I
am not afraid to admit. But it seems to me with large closed source projects
developed in commercial corporate environments the object of the exercise is
to get product out first regardless of the quality of the released code.
And only if a vulnerability is a threat to adoption of a product is that
vulnerability dealt with in a timely fashion.


regards
mrx


- --
Mankind's systems are white sticks tapping walls.
Thanks Roy
http://www.propergander.org.uk
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBS1ge1rIvn8UFHWSmAQIJyQf+KXxLSS1/UOi0oRlFE3+5O9tMifKUMDMu
qasl2DPQVxV3gj81D2J8Skzmv7ixgQpL7/kSprrX48XdhQjKvohEzaR32mJVrtba
t3njHWaf0fEUWBkTajGmpVtDvn+dnC86Y6cFNs3W8bWeKFX1d5uBdlPDeoNQrtSL
TPIqQPWX2zaEHDwZe2AD8Qi7RccBP5SQUy+ilmQJ/USiWI9DlFcXTf7OYT/Y4RGD
t9a5w420YJQyrbCHWWd8WI0vrMGAYPb9oWJphrPrxaw7AvWqkwcQSA4EdMpEaPww
YIrcH5XriNFy//A6Fpc6/4r9OUWEeEy3sZmG54gXahFWRl1rjc62aw==
=eMUR
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/