Re: [Full-Disclosure] question regarding CAN-2004-0930
On Wed, 17 Nov 2004 17:49:12 -0600, Paul Schmehl wrote When you do an ls, you are making a call that the *os* has to respond to. The os is *not* vulnerable, so it (properly) rejects the request as malformed. i think i get it now. as someone else explained is wildcard expansion also an issue here. so the (linux) os responds, before the smbd could even notice the call. Hopefully that makes more sense to you. yes, thank you. Christian. -- BOFH excuse #433: error: one bad user found in front of screen ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] USB autorun function
I want to say how flattered I am to have generated so much discussion from my little 2600 article. I welcome all corrections and additions. Information should be free! =;^) -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Wrangler - hijacking a connection, near you!, One day closer to a Microsoft-free world! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] The Meth Connection to Identity Theft
Excuse me, but I take exception to the phrase ...making them expert hackers and mailbox thieves in the above cited story. Either you or your editor has insulted the security community, whether you realize it or not. Probably not the smartest thing to do for a journalist. Either you have never been around hackers or you have never been around meth addicts. As a long time hacker, I can seriously tell you that drugs and hacking do not go together. Also people who are dumb enough to do meth are not smart enough to figure out how to write code to obtain unauthorized access to computers. Knock over mailboxes, yes. Hack, not without serious rehab and a lot more clue than your average doper can muster. You might consider publishing a retraction before someone posts one on your site for you =;^) -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Wrangler - dumping out cleartext passwords, near you!, One day closer to a Microsoft-free world! -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html